acpx 0.6.1 → 0.8.0

package/dist/{prompt-turn-BY5SwU1F.js → live-checkpoint-B9ctAuqV.js}

@@ -1,5 +1,3 @@
-import { B as PermissionDeniedError, C as isAcpResourceNotFoundError, F as AgentStartupError, G as SessionModeReplayError, I as AuthPolicyError, J as SessionResolutionError, K as SessionModelReplayError, L as ClaudeAcpSessionCreateTimeoutError, M as SESSION_RECORD_SCHEMA, N as AgentDisconnectedError, P as AgentSpawnError, R as CopilotAcpUnsupportedError, S as extractAcpError, V as PermissionPromptUnavailableError, W as SessionConfigOptionReplayError, Y as SessionResumeRequiredError, g as textPrompt, i as measurePerf, l as extractRuntimeSessionId, q as SessionNotFoundError, r as incrementPerfCounter, u as normalizeRuntimeSessionId, v as formatErrorMessage, y as isAcpQueryClosedBeforeResponseError, z as GeminiAcpStartupTimeoutError } from "./perf-metrics-C2pXfxvR.js";
-import { r as isSessionUpdateNotification } from "./jsonrpc-DSxh2w5R.js";
 import fs, { statSync } from "node:fs";
 import { fileURLToPath } from "node:url";
 import path from "node:path";
@@ -11,6 +9,397 @@ import { ClientSideConnection, PROTOCOL_VERSION } from "@agentclientprotocol/sdk
 import readline from "node:readline/promises";
 import { promisify } from "node:util";
 import { randomUUID } from "node:crypto";
+//#region src/errors.ts
+var AcpxOperationalError = class extends Error {
+	outputCode;
+	detailCode;
+	origin;
+	retryable;
+	acp;
+	outputAlreadyEmitted;
+	constructor(message, options) {
+		super(message, options);
+		this.name = new.target.name;
+		this.outputCode = options?.outputCode;
+		this.detailCode = options?.detailCode;
+		this.origin = options?.origin;
+		this.retryable = options?.retryable;
+		this.acp = options?.acp;
+		this.outputAlreadyEmitted = options?.outputAlreadyEmitted;
+	}
+};
+var SessionNotFoundError = class extends AcpxOperationalError {
+	sessionId;
+	constructor(sessionId) {
+		super(`Session not found: ${sessionId}`);
+		this.sessionId = sessionId;
+	}
+};
+var SessionResolutionError = class extends AcpxOperationalError {};
+var AgentSpawnError = class extends AcpxOperationalError {
+	agentCommand;
+	constructor(agentCommand, cause) {
+		super(`Failed to spawn agent command: ${agentCommand}`, { cause: cause instanceof Error ? cause : void 0 });
+		this.agentCommand = agentCommand;
+	}
+};
+var AgentStartupError = class extends AcpxOperationalError {
+	agentCommand;
+	exitCode;
+	signal;
+	stderrSummary;
+	constructor(params) {
+		const exitSummary = `exit=${params.exitCode ?? "null"}, signal=${params.signal ?? "null"}`;
+		const stderrSuffix = typeof params.stderrSummary === "string" && params.stderrSummary.trim().length > 0 ? `: ${params.stderrSummary.trim()}` : "";
+		super(`ACP agent exited before initialize completed (${exitSummary})${stderrSuffix}`, {
+			cause: params.cause instanceof Error ? params.cause : void 0,
+			outputCode: "RUNTIME",
+			detailCode: "AGENT_STARTUP_FAILED",
+			origin: "acp"
+		});
+		this.agentCommand = params.agentCommand;
+		this.exitCode = params.exitCode;
+		this.signal = params.signal;
+		this.stderrSummary = params.stderrSummary?.trim() || void 0;
+	}
+};
+var AgentDisconnectedError = class extends AcpxOperationalError {
+	reason;
+	exitCode;
+	signal;
+	constructor(reason, exitCode, signal, options) {
+		super(`ACP agent disconnected during request (${reason}, exit=${exitCode ?? "null"}, signal=${signal ?? "null"})`, {
+			outputCode: "RUNTIME",
+			detailCode: "AGENT_DISCONNECTED",
+			origin: "acp",
+			...options
+		});
+		this.reason = reason;
+		this.exitCode = exitCode;
+		this.signal = signal;
+	}
+};
+var SessionResumeRequiredError = class extends AcpxOperationalError {
+	constructor(message, options) {
+		super(message, {
+			outputCode: "RUNTIME",
+			detailCode: "SESSION_RESUME_REQUIRED",
+			origin: "acp",
+			retryable: true,
+			...options
+		});
+	}
+};
+var GeminiAcpStartupTimeoutError = class extends AcpxOperationalError {
+	constructor(message, options) {
+		super(message, {
+			outputCode: "TIMEOUT",
+			detailCode: "GEMINI_ACP_STARTUP_TIMEOUT",
+			origin: "acp",
+			...options
+		});
+	}
+};
+var SessionModeReplayError = class extends AcpxOperationalError {
+	constructor(message, options) {
+		super(message, {
+			outputCode: "RUNTIME",
+			detailCode: "SESSION_MODE_REPLAY_FAILED",
+			origin: "acp",
+			...options
+		});
+	}
+};
+var SessionModelReplayError = class extends AcpxOperationalError {
+	constructor(message, options) {
+		super(message, {
+			outputCode: "RUNTIME",
+			detailCode: "SESSION_MODEL_REPLAY_FAILED",
+			origin: "acp",
+			...options
+		});
+	}
+};
+var SessionConfigOptionReplayError = class extends AcpxOperationalError {
+	constructor(message, options) {
+		super(message, {
+			outputCode: "RUNTIME",
+			detailCode: "SESSION_CONFIG_OPTION_REPLAY_FAILED",
+			origin: "acp",
+			...options
+		});
+	}
+};
+var ClaudeAcpSessionCreateTimeoutError = class extends AcpxOperationalError {
+	constructor(message, options) {
+		super(message, {
+			outputCode: "TIMEOUT",
+			detailCode: "CLAUDE_ACP_SESSION_CREATE_TIMEOUT",
+			origin: "acp",
+			...options
+		});
+	}
+};
+var CopilotAcpUnsupportedError = class extends AcpxOperationalError {
+	constructor(message, options) {
+		super(message, {
+			outputCode: "RUNTIME",
+			detailCode: "COPILOT_ACP_UNSUPPORTED",
+			origin: "acp",
+			...options
+		});
+	}
+};
+var AuthPolicyError = class extends AcpxOperationalError {
+	constructor(message, options) {
+		super(message, {
+			outputCode: "RUNTIME",
+			detailCode: "AUTH_REQUIRED",
+			origin: "acp",
+			...options
+		});
+	}
+};
+var QueueConnectionError = class extends AcpxOperationalError {};
+var QueueProtocolError = class extends AcpxOperationalError {};
+var PermissionDeniedError = class extends AcpxOperationalError {};
+var PermissionPromptUnavailableError = class extends AcpxOperationalError {
+	constructor() {
+		super("Permission prompt unavailable in non-interactive mode");
+	}
+};
+//#endregion
+//#region src/types.ts
+const EXIT_CODES = {
+	SUCCESS: 0,
+	ERROR: 1,
+	USAGE: 2,
+	TIMEOUT: 3,
+	NO_SESSION: 4,
+	PERMISSION_DENIED: 5,
+	INTERRUPTED: 130
+};
+const OUTPUT_FORMATS = [
+	"text",
+	"json",
+	"quiet"
+];
+const PERMISSION_MODES = [
+	"approve-all",
+	"approve-reads",
+	"deny-all"
+];
+const AUTH_POLICIES = ["skip", "fail"];
+const NON_INTERACTIVE_PERMISSION_POLICIES = ["deny", "fail"];
+const PERMISSION_POLICY_ACTIONS = [
+	"approve",
+	"deny",
+	"escalate"
+];
+const OUTPUT_ERROR_CODES = [
+	"NO_SESSION",
+	"TIMEOUT",
+	"PERMISSION_DENIED",
+	"PERMISSION_PROMPT_UNAVAILABLE",
+	"RUNTIME",
+	"USAGE"
+];
+const OUTPUT_ERROR_ORIGINS = [
+	"cli",
+	"runtime",
+	"queue",
+	"acp"
+];
+const SESSION_RECORD_SCHEMA = "acpx.session.v1";
+//#endregion
+//#region src/acp/error-shapes.ts
+const RESOURCE_NOT_FOUND_ACP_CODES = new Set([-32001, -32002]);
+function asRecord$7(value) {
+	if (!value || typeof value !== "object" || Array.isArray(value)) return;
+	return value;
+}
+function toAcpErrorPayload(value) {
+	const record = asRecord$7(value);
+	if (!record) return;
+	if (typeof record.code !== "number" || !Number.isFinite(record.code)) return;
+	if (typeof record.message !== "string" || record.message.length === 0) return;
+	return {
+		code: record.code,
+		message: record.message,
+		data: record.data
+	};
+}
+function extractAcpErrorInternal(value, depth) {
+	if (depth > 5) return;
+	const direct = toAcpErrorPayload(value);
+	if (direct) return direct;
+	const record = asRecord$7(value);
+	if (!record) return;
+	if ("error" in record) {
+		const nested = extractAcpErrorInternal(record.error, depth + 1);
+		if (nested) return nested;
+	}
+	if ("acp" in record) {
+		const nested = extractAcpErrorInternal(record.acp, depth + 1);
+		if (nested) return nested;
+	}
+	if ("cause" in record) {
+		const nested = extractAcpErrorInternal(record.cause, depth + 1);
+		if (nested) return nested;
+	}
+}
+function formatUnknownErrorMessage(error) {
+	if (error instanceof Error) return error.message;
+	if (error && typeof error === "object") {
+		const maybeMessage = error.message;
+		if (typeof maybeMessage === "string" && maybeMessage.length > 0) return maybeMessage;
+		try {
+			return JSON.stringify(error);
+		} catch {}
+	}
+	return String(error);
+}
+const SESSION_NOT_FOUND_PATTERN = /session\s+["'\w-]+\s+not found/i;
+function isSessionNotFoundText(value) {
+	if (typeof value !== "string") return false;
+	const normalized = value.toLowerCase();
+	return normalized.includes("resource_not_found") || normalized.includes("resource not found") || normalized.includes("session not found") || normalized.includes("unknown session") || normalized.includes("invalid session identifier") || SESSION_NOT_FOUND_PATTERN.test(value);
+}
+function hasSessionNotFoundHint(value, depth = 0) {
+	if (depth > 4) return false;
+	if (isSessionNotFoundText(value)) return true;
+	if (Array.isArray(value)) return value.some((entry) => hasSessionNotFoundHint(entry, depth + 1));
+	const record = asRecord$7(value);
+	if (!record) return false;
+	return Object.values(record).some((entry) => hasSessionNotFoundHint(entry, depth + 1));
+}
+function extractAcpError(error) {
+	return extractAcpErrorInternal(error, 0);
+}
+function isAcpResourceNotFoundError(error) {
+	const acp = extractAcpError(error);
+	if (acp && RESOURCE_NOT_FOUND_ACP_CODES.has(acp.code)) return true;
+	if (acp) {
+		if (isSessionNotFoundText(acp.message)) return true;
+		if (hasSessionNotFoundHint(acp.data)) return true;
+	}
+	return isSessionNotFoundText(formatUnknownErrorMessage(error));
+}
+//#endregion
+//#region src/acp/error-normalization.ts
+const AUTH_REQUIRED_ACP_CODES = new Set([-32e3]);
+const QUERY_CLOSED_BEFORE_RESPONSE_DETAIL = "query closed before response received";
+function asRecord$6(value) {
+	if (!value || typeof value !== "object" || Array.isArray(value)) return;
+	return value;
+}
+function isAuthRequiredMessage(value) {
+	if (!value) return false;
+	const normalized = value.toLowerCase();
+	return normalized.includes("auth required") || normalized.includes("authentication required") || normalized.includes("authorization required") || normalized.includes("credential required") || normalized.includes("credentials required") || normalized.includes("token required") || normalized.includes("login required");
+}
+function isAcpAuthRequiredPayload(acp) {
+	if (!acp) return false;
+	if (!AUTH_REQUIRED_ACP_CODES.has(acp.code)) return false;
+	if (isAuthRequiredMessage(acp.message)) return true;
+	const data = asRecord$6(acp.data);
+	if (!data) return false;
+	if (data.authRequired === true) return true;
+	const methodId = data.methodId;
+	if (typeof methodId === "string" && methodId.trim().length > 0) return true;
+	const methods = data.methods;
+	if (Array.isArray(methods) && methods.length > 0) return true;
+	return false;
+}
+function isOutputErrorCode(value) {
+	return typeof value === "string" && OUTPUT_ERROR_CODES.includes(value);
+}
+function isOutputErrorOrigin(value) {
+	return typeof value === "string" && OUTPUT_ERROR_ORIGINS.includes(value);
+}
+function readOutputErrorMeta(error) {
+	const record = asRecord$6(error);
+	if (!record) return {};
+	return {
+		outputCode: isOutputErrorCode(record.outputCode) ? record.outputCode : void 0,
+		detailCode: typeof record.detailCode === "string" && record.detailCode.trim().length > 0 ? record.detailCode : void 0,
+		origin: isOutputErrorOrigin(record.origin) ? record.origin : void 0,
+		retryable: typeof record.retryable === "boolean" ? record.retryable : void 0,
+		acp: extractAcpError(record.acp)
+	};
+}
+function isTimeoutLike(error) {
+	return error instanceof Error && error.name === "TimeoutError";
+}
+function isNoSessionLike(error) {
+	return error instanceof Error && error.name === "NoSessionError";
+}
+function isUsageLike(error) {
+	if (!(error instanceof Error)) return false;
+	return error.name === "CommanderError" || error.name === "InvalidArgumentError" || asRecord$6(error)?.code === "commander.invalidArgument";
+}
+function formatErrorMessage(error) {
+	return formatUnknownErrorMessage(error);
+}
+function isAcpQueryClosedBeforeResponseError(error) {
+	const acp = extractAcpError(error);
+	if (!acp || acp.code !== -32603) return false;
+	const details = asRecord$6(acp.data)?.details;
+	if (typeof details !== "string") return false;
+	return details.toLowerCase().includes(QUERY_CLOSED_BEFORE_RESPONSE_DETAIL);
+}
+function mapErrorCode(error) {
+	if (error instanceof PermissionPromptUnavailableError) return "PERMISSION_PROMPT_UNAVAILABLE";
+	if (error instanceof PermissionDeniedError) return "PERMISSION_DENIED";
+	if (isTimeoutLike(error)) return "TIMEOUT";
+	if (isNoSessionLike(error) || isAcpResourceNotFoundError(error)) return "NO_SESSION";
+	if (isUsageLike(error)) return "USAGE";
+}
+function normalizeOutputError(error, options = {}) {
+	const meta = readOutputErrorMeta(error);
+	let code = mapErrorCode(error) ?? options.defaultCode ?? "RUNTIME";
+	if (meta.outputCode) code = meta.outputCode;
+	if (code === "RUNTIME" && isAcpResourceNotFoundError(error)) code = "NO_SESSION";
+	const acp = options.acp ?? meta.acp ?? extractAcpError(error);
+	const detailCode = meta.detailCode ?? options.detailCode ?? (error instanceof AuthPolicyError || isAcpAuthRequiredPayload(acp) ? "AUTH_REQUIRED" : void 0);
+	return {
+		code,
+		message: formatErrorMessage(error),
+		detailCode,
+		origin: meta.origin ?? options.origin,
+		retryable: meta.retryable ?? options.retryable,
+		acp
+	};
+}
+/**
+* Returns true when an error from `client.prompt()` looks transient and
+* can reasonably be retried (e.g. model-API 400/500, network hiccups that
+* surface as ACP internal errors).
+*
+* Errors that are definitively non-recoverable (auth, missing session,
+* invalid params, timeout, permission) return false.
+*/
+function isRetryablePromptError(error) {
+	if (error instanceof PermissionDeniedError || error instanceof PermissionPromptUnavailableError) return false;
+	if (isTimeoutLike(error) || isNoSessionLike(error) || isUsageLike(error)) return false;
+	const acp = extractAcpError(error);
+	if (!acp) return false;
+	if (acp.code === -32001 || acp.code === -32002) return false;
+	if (isAcpAuthRequiredPayload(acp)) return false;
+	if (acp.code === -32601 || acp.code === -32602) return false;
+	return acp.code === -32603 || acp.code === -32700;
+}
+function exitCodeForOutputErrorCode(code) {
+	switch (code) {
+		case "USAGE": return EXIT_CODES.USAGE;
+		case "TIMEOUT": return EXIT_CODES.TIMEOUT;
+		case "NO_SESSION": return EXIT_CODES.NO_SESSION;
+		case "PERMISSION_DENIED":
+		case "PERMISSION_PROMPT_UNAVAILABLE": return EXIT_CODES.PERMISSION_DENIED;
+		default: return EXIT_CODES.ERROR;
+	}
+}
+//#endregion
 //#region src/agent-registry.ts
 const ACP_ADAPTER_PACKAGE_RANGES = {
 	pi: "^0.0.26",
@@ -223,6 +612,149 @@ async function withInterrupt(run, onInterrupt) {
 	});
 }
 //#endregion
+//#region src/prompt-content.ts
+var PromptInputValidationError = class extends Error {
+	constructor(message) {
+		super(message);
+		this.name = "PromptInputValidationError";
+	}
+};
+function asRecord$5(value) {
+	if (!value || typeof value !== "object" || Array.isArray(value)) return;
+	return value;
+}
+function isNonEmptyString(value) {
+	return typeof value === "string" && value.trim().length > 0;
+}
+function isBase64Data(value) {
+	if (value.length === 0 || value.length % 4 !== 0) return false;
+	return /^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$/.test(value);
+}
+function isImageMimeType(value) {
+	return /^image\/[A-Za-z0-9.+-]+$/i.test(value);
+}
+function isTextBlock(value) {
+	const record = asRecord$5(value);
+	return record?.type === "text" && typeof record.text === "string";
+}
+function isImageBlock(value) {
+	const record = asRecord$5(value);
+	return record?.type === "image" && isNonEmptyString(record.mimeType) && isImageMimeType(record.mimeType) && typeof record.data === "string" && isBase64Data(record.data);
+}
+function isResourceLinkBlock(value) {
+	const record = asRecord$5(value);
+	return record?.type === "resource_link" && isNonEmptyString(record.uri) && (record.title === void 0 || typeof record.title === "string") && (record.name === void 0 || typeof record.name === "string");
+}
+function isResourcePayload(value) {
+	const record = asRecord$5(value);
+	if (!record || !isNonEmptyString(record.uri)) return false;
+	return record.text === void 0 || typeof record.text === "string";
+}
+function isResourceBlock(value) {
+	const record = asRecord$5(value);
+	return record?.type === "resource" && isResourcePayload(record.resource);
+}
+function isContentBlock(value) {
+	return isTextBlock(value) || isImageBlock(value) || isResourceLinkBlock(value) || isResourceBlock(value);
+}
+function getContentBlockValidationError(value, index) {
+	const record = asRecord$5(value);
+	if (!record || typeof record.type !== "string") return `prompt[${index}] must be an ACP content block object`;
+	switch (record.type) {
+		case "text": return typeof record.text === "string" ? void 0 : `prompt[${index}] text block must include a string text field`;
+		case "image":
+			if (!isNonEmptyString(record.mimeType)) return `prompt[${index}] image block must include a non-empty mimeType`;
+			if (!isImageMimeType(record.mimeType)) return `prompt[${index}] image block mimeType must start with image/`;
+			if (typeof record.data !== "string" || record.data.length === 0) return `prompt[${index}] image block must include non-empty base64 data`;
+			if (!isBase64Data(record.data)) return `prompt[${index}] image block data must be valid base64`;
+			return;
+		case "resource_link":
+			if (!isNonEmptyString(record.uri)) return `prompt[${index}] resource_link block must include a non-empty uri`;
+			if (record.title !== void 0 && typeof record.title !== "string") return `prompt[${index}] resource_link block title must be a string when present`;
+			if (record.name !== void 0 && typeof record.name !== "string") return `prompt[${index}] resource_link block name must be a string when present`;
+			return;
+		case "resource":
+			if (!asRecord$5(record.resource)) return `prompt[${index}] resource block must include a resource object`;
+			if (!isResourcePayload(record.resource)) return `prompt[${index}] resource block resource must include a non-empty uri and optional text`;
+			return;
+		default: return `prompt[${index}] has unsupported content block type ${JSON.stringify(record.type)}`;
+	}
+}
+function isPromptInput(value) {
+	return Array.isArray(value) && value.every((entry) => isContentBlock(entry));
+}
+function textPrompt(text) {
+	return [{
+		type: "text",
+		text
+	}];
+}
+function parseStructuredPrompt(source) {
+	if (!source.startsWith("[")) return;
+	try {
+		const parsed = JSON.parse(source);
+		if (isPromptInput(parsed)) return parsed;
+		if (Array.isArray(parsed)) throw new PromptInputValidationError(parsed.map((entry, index) => getContentBlockValidationError(entry, index)).find((message) => message !== void 0) ?? "Structured prompt JSON must be an array of valid ACP content blocks");
+		return;
+	} catch (error) {
+		if (error instanceof PromptInputValidationError) throw error;
+		return;
+	}
+}
+function parsePromptSource(source) {
+	const trimmed = source.trim();
+	const structured = parseStructuredPrompt(trimmed);
+	if (structured) return structured;
+	if (!trimmed) return [];
+	return textPrompt(trimmed);
+}
+function mergePromptSourceWithText(source, suffixText) {
+	const prompt = parsePromptSource(source);
+	const appended = suffixText.trim();
+	if (!appended) return prompt;
+	if (prompt.length === 0) return textPrompt(appended);
+	return [...prompt, ...textPrompt(appended)];
+}
+function promptToDisplayText(prompt) {
+	return prompt.map((block) => {
+		switch (block.type) {
+			case "text": return block.text;
+			case "resource_link": return block.title ?? block.name ?? block.uri;
+			case "resource": return "text" in block.resource && typeof block.resource.text === "string" ? block.resource.text : block.resource.uri;
+			case "image": return `[image] ${block.mimeType}`;
+			default: return "";
+		}
+	}).filter((entry) => entry.trim().length > 0).join("\n\n").trim();
+}
+//#endregion
+//#region src/acp/agent-session-id.ts
+const AGENT_SESSION_ID_META_KEYS = ["agentSessionId", "sessionId"];
+function normalizeAgentSessionId(value) {
+	if (typeof value !== "string") return;
+	const trimmed = value.trim();
+	return trimmed.length > 0 ? trimmed : void 0;
+}
+function asMetaRecord(meta) {
+	if (!meta || typeof meta !== "object" || Array.isArray(meta)) return;
+	return meta;
+}
+function extractAgentSessionId(meta) {
+	const record = asMetaRecord(meta);
+	if (!record) return;
+	for (const key of AGENT_SESSION_ID_META_KEYS) {
+		const normalized = normalizeAgentSessionId(record[key]);
+		if (normalized) return normalized;
+	}
+}
+//#endregion
+//#region src/session/runtime-session-id.ts
+function normalizeRuntimeSessionId(value) {
+	return normalizeAgentSessionId(value);
+}
+function extractRuntimeSessionId(meta) {
+	return extractAgentSessionId(meta);
+}
+//#endregion
 //#region src/session/persistence/serialize.ts
 function serializeSessionRecordForDisk(record) {
 	const canonical = {
@@ -262,6 +794,72 @@ function serializeSessionRecordForDisk(record) {
 	};
 }
 //#endregion
+//#region src/perf-metrics.ts
+const counters = /* @__PURE__ */ new Map();
+const gauges = /* @__PURE__ */ new Map();
+const timings = /* @__PURE__ */ new Map();
+function hrNow() {
+	return process.hrtime.bigint();
+}
+function durationMs(start) {
+	return Number(process.hrtime.bigint() - start) / 1e6;
+}
+function roundMetric(value) {
+	return Number(value.toFixed(3));
+}
+function incrementPerfCounter(name, delta = 1) {
+	counters.set(name, (counters.get(name) ?? 0) + delta);
+}
+function setPerfGauge(name, value) {
+	gauges.set(name, value);
+}
+function recordPerfDuration(name, durationMsValue) {
+	const next = timings.get(name) ?? {
+		count: 0,
+		totalMs: 0,
+		maxMs: 0
+	};
+	next.count += 1;
+	next.totalMs += durationMsValue;
+	next.maxMs = Math.max(next.maxMs, durationMsValue);
+	timings.set(name, next);
+}
+async function measurePerf(name, run) {
+	const startedAt = hrNow();
+	try {
+		return await run();
+	} finally {
+		recordPerfDuration(name, durationMs(startedAt));
+	}
+}
+function startPerfTimer(name) {
+	const startedAt = hrNow();
+	return () => {
+		const elapsedMs = durationMs(startedAt);
+		recordPerfDuration(name, elapsedMs);
+		return elapsedMs;
+	};
+}
+function getPerfMetricsSnapshot() {
+	return {
+		counters: Object.fromEntries(counters.entries()),
+		gauges: Object.fromEntries(gauges.entries()),
+		timings: Object.fromEntries([...timings.entries()].map(([name, bucket]) => [name, {
+			count: bucket.count,
+			totalMs: roundMetric(bucket.totalMs),
+			maxMs: roundMetric(bucket.maxMs)
+		}]))
+	};
+}
+function resetPerfMetrics() {
+	counters.clear();
+	gauges.clear();
+	timings.clear();
+}
+function formatPerfMetric(name, durationMsValue) {
+	return `${name}=${roundMetric(durationMsValue)}ms`;
+}
+//#endregion
 //#region src/persisted-key-policy.ts
 const SNAKE_CASE_KEY = /^[a-z][a-z0-9_]*$/;
 const ZED_TAG_KEYS = new Set([
@@ -358,7 +956,7 @@ function defaultSessionEventLog(sessionId) {
 }
 //#endregion
 //#region src/session/persistence/parse.ts
-function asRecord$3(value) {
+function asRecord$4(value) {
 	if (!value || typeof value !== "object" || Array.isArray(value)) return;
 	return value;
 }
@@ -370,7 +968,7 @@ function isStringArray(value) {
 }
 function parseTokenUsage(raw) {
 	if (raw === void 0 || raw === null) return;
-	const record = asRecord$3(raw);
+	const record = asRecord$4(raw);
 	if (!record) return null;
 	const usage = {};
 	for (const field of [
@@ -388,7 +986,7 @@ function parseTokenUsage(raw) {
 }
 function parseRequestTokenUsage(raw) {
 	if (raw === void 0 || raw === null) return;
-	const record = asRecord$3(raw);
+	const record = asRecord$4(raw);
 	if (!record) return null;
 	const usage = {};
 	for (const [key, value] of Object.entries(record)) {
@@ -399,44 +997,44 @@ function parseRequestTokenUsage(raw) {
 	return usage;
 }
 function isSessionMessageImage(raw) {
-	const record = asRecord$3(raw);
+	const record = asRecord$4(raw);
 	if (!record || typeof record.source !== "string") return false;
 	if (record.size === void 0 || record.size === null) return true;
-	const size = asRecord$3(record.size);
+	const size = asRecord$4(record.size);
 	return !!size && typeof size.width === "number" && Number.isFinite(size.width) && typeof size.height === "number" && Number.isFinite(size.height);
 }
 function isUserContent(raw) {
-	const record = asRecord$3(raw);
+	const record = asRecord$4(raw);
 	if (!record) return false;
 	if (typeof record.Text === "string") return true;
 	if (record.Mention !== void 0) {
-		const mention = asRecord$3(record.Mention);
+		const mention = asRecord$4(record.Mention);
 		return !!mention && typeof mention.uri === "string" && typeof mention.content === "string";
 	}
 	if (record.Image !== void 0) return isSessionMessageImage(record.Image);
 	return false;
 }
 function isToolUse(raw) {
-	const record = asRecord$3(raw);
+	const record = asRecord$4(raw);
 	return !!record && typeof record.id === "string" && typeof record.name === "string" && typeof record.raw_input === "string" && hasOwn$1(record, "input") && typeof record.is_input_complete === "boolean" && (record.thought_signature === void 0 || record.thought_signature === null || typeof record.thought_signature === "string");
 }
 function isToolResultContent(raw) {
-	const record = asRecord$3(raw);
+	const record = asRecord$4(raw);
 	if (!record) return false;
 	if (typeof record.Text === "string") return true;
 	if (record.Image !== void 0) return isSessionMessageImage(record.Image);
 	return false;
 }
 function isToolResult(raw) {
-	const record = asRecord$3(raw);
+	const record = asRecord$4(raw);
 	return !!record && typeof record.tool_use_id === "string" && typeof record.tool_name === "string" && typeof record.is_error === "boolean" && isToolResultContent(record.content);
 }
 function isAgentContent(raw) {
-	const record = asRecord$3(raw);
+	const record = asRecord$4(raw);
 	if (!record) return false;
 	if (typeof record.Text === "string") return true;
 	if (record.Thinking !== void 0) {
-		const thinking = asRecord$3(record.Thinking);
+		const thinking = asRecord$4(record.Thinking);
 		return !!thinking && typeof thinking.text === "string" && (thinking.signature === void 0 || thinking.signature === null || typeof thinking.signature === "string");
 	}
 	if (typeof record.RedactedThinking === "string") return true;
@@ -444,17 +1042,17 @@ function isAgentContent(raw) {
 	return false;
 }
 function isUserMessage$1(raw) {
-	const record = asRecord$3(raw);
+	const record = asRecord$4(raw);
 	if (!record || record.User === void 0) return false;
-	const user = asRecord$3(record.User);
+	const user = asRecord$4(record.User);
 	return !!user && typeof user.id === "string" && Array.isArray(user.content) && user.content.every((entry) => isUserContent(entry));
 }
 function isAgentMessage$1(raw) {
-	const record = asRecord$3(raw);
+	const record = asRecord$4(raw);
 	if (!record || record.Agent === void 0) return false;
-	const agent = asRecord$3(record.Agent);
+	const agent = asRecord$4(record.Agent);
 	if (!agent || !Array.isArray(agent.content) || !agent.content.every(isAgentContent)) return false;
-	const toolResults = asRecord$3(agent.tool_results);
+	const toolResults = asRecord$4(agent.tool_results);
 	if (!toolResults) return false;
 	return Object.values(toolResults).every(isToolResult);
 }
@@ -476,13 +1074,13 @@ function parseConversationRecord(record) {
 	};
 }
 function parseAcpxState(raw) {
-	const record = asRecord$3(raw);
+	const record = asRecord$4(raw);
 	if (!record) return;
 	const state = {};
 	if (record.reset_on_next_ensure === true) state.reset_on_next_ensure = true;
 	if (typeof record.current_mode_id === "string") state.current_mode_id = record.current_mode_id;
 	if (typeof record.desired_mode_id === "string") state.desired_mode_id = record.desired_mode_id;
-	const desiredConfigOptions = asRecord$3(record.desired_config_options);
+	const desiredConfigOptions = asRecord$4(record.desired_config_options);
 	if (desiredConfigOptions) {
 		const parsed = {};
 		for (const [key, value] of Object.entries(desiredConfigOptions)) if (typeof key === "string" && typeof value === "string") parsed[key] = value;
@@ -492,7 +1090,7 @@ function parseAcpxState(raw) {
 	if (isStringArray(record.available_models)) state.available_models = [...record.available_models];
 	if (isStringArray(record.available_commands)) state.available_commands = [...record.available_commands];
 	if (Array.isArray(record.config_options)) state.config_options = record.config_options;
-	const sessionOptions = asRecord$3(record.session_options);
+	const sessionOptions = asRecord$4(record.session_options);
 	if (sessionOptions) {
 		const parsedSessionOptions = {};
 		if (typeof sessionOptions.model === "string") parsedSessionOptions.model = sessionOptions.model;
@@ -501,7 +1099,7 @@ function parseAcpxState(raw) {
 		const rawSystemPrompt = sessionOptions.system_prompt;
 		if (typeof rawSystemPrompt === "string" && rawSystemPrompt.length > 0) parsedSessionOptions.system_prompt = rawSystemPrompt;
 		else {
-			const appendRecord = asRecord$3(rawSystemPrompt);
+			const appendRecord = asRecord$4(rawSystemPrompt);
 			if (appendRecord && typeof appendRecord.append === "string" && appendRecord.append.length > 0) parsedSessionOptions.system_prompt = { append: appendRecord.append };
 		}
 		if (Object.keys(parsedSessionOptions).length > 0) state.session_options = parsedSessionOptions;
@@ -509,7 +1107,7 @@ function parseAcpxState(raw) {
 	return state;
 }
 function parseEventLog(raw, sessionId) {
-	const record = asRecord$3(raw);
+	const record = asRecord$4(raw);
 	if (!record) return defaultSessionEventLog(sessionId);
 	if (typeof record.active_path !== "string" || typeof record.segment_count !== "number" || !Number.isInteger(record.segment_count) || record.segment_count < 1 || typeof record.max_segment_bytes !== "number" || !Number.isInteger(record.max_segment_bytes) || record.max_segment_bytes < 1 || typeof record.max_segments !== "number" || !Number.isInteger(record.max_segments) || record.max_segments < 1) return defaultSessionEventLog(sessionId);
 	return {
@@ -553,7 +1151,7 @@ function normalizeOptionalSignal(value) {
 	return Symbol("invalid");
 }
 function parseSessionRecord(raw) {
-	const record = asRecord$3(raw);
+	const record = asRecord$4(raw);
 	if (!record) return null;
 	if (record.schema !== "acpx.session.v1") return null;
 	const name = normalizeOptionalName(record.name);
@@ -595,7 +1193,7 @@ function parseSessionRecord(raw) {
 		lastAgentExitAt,
 		lastAgentDisconnectReason,
 		protocolVersion: typeof record.protocol_version === "number" ? record.protocol_version : void 0,
-		agentCapabilities: asRecord$3(record.agent_capabilities),
+		agentCapabilities: asRecord$4(record.agent_capabilities),
 		title: conversation.title,
 		messages: conversation.messages,
 		updated_at: conversation.updated_at,
@@ -607,12 +1205,12 @@ function parseSessionRecord(raw) {
 //#endregion
 //#region src/session/persistence/index.ts
 const SESSION_INDEX_SCHEMA = "acpx.session-index.v1";
-function asRecord$2(value) {
+function asRecord$3(value) {
 	if (!value || typeof value !== "object" || Array.isArray(value)) return;
 	return value;
 }
 function parseIndexEntry(raw) {
-	const record = asRecord$2(raw);
+	const record = asRecord$3(raw);
 	if (!record) return;
 	if (typeof record.file !== "string" || typeof record.acpxRecordId !== "string" || typeof record.acpSessionId !== "string" || typeof record.agentCommand !== "string" || typeof record.cwd !== "string" || typeof record.lastUsedAt !== "string" || typeof record.closed !== "boolean") return;
 	if (record.name !== void 0 && typeof record.name !== "string") return;
@@ -646,7 +1244,7 @@ async function readSessionIndex(sessionDir) {
 	const filePath = sessionIndexPath(sessionDir);
 	try {
 		const payload = await fs$1.readFile(filePath, "utf8");
-		const record = asRecord$2(JSON.parse(payload));
+		const record = asRecord$3(JSON.parse(payload));
 		if (!record || record.schema !== SESSION_INDEX_SCHEMA || !Array.isArray(record.files)) return;
 		const files = record.files.filter((entry) => typeof entry === "string");
 		if (files.length !== record.files.length || !Array.isArray(record.entries)) return;
@@ -1076,6 +1674,18 @@ function selected(optionId) {
 function cancelled() {
 	return { outcome: { outcome: "cancelled" } };
 }
+function withEscalationMetadata(response, event) {
+	return {
+		...response,
+		_meta: {
+			...response._meta,
+			acpx: {
+				...response._meta?.acpx && typeof response._meta.acpx === "object" && !Array.isArray(response._meta.acpx) ? response._meta.acpx : {},
+				permissionEscalation: event
+			}
+		}
+	};
+}
 function pickOption(options, kinds) {
 	for (const kind of kinds) {
 		const match = options.find((option) => option.kind === kind);
@@ -1107,32 +1717,149 @@ async function promptForToolPermission(params) {
 function canPromptForPermission$1() {
 	return process.stdin.isTTY && process.stderr.isTTY;
 }
+function readStringProperty(value, keys) {
+	if (!value || typeof value !== "object" || Array.isArray(value)) return;
+	const record = value;
+	for (const key of keys) {
+		const entry = record[key];
+		if (typeof entry === "string" && entry.trim().length > 0) return entry.trim();
+	}
+}
+function readToolName(params) {
+	const rawInputName = readStringProperty(params.toolCall.rawInput, [
+		"name",
+		"tool",
+		"toolName"
+	]);
+	if (rawInputName) return rawInputName;
+	const head = (params.toolCall.title?.trim())?.split(/[:\s]/, 1)[0]?.trim();
+	return head && head.length > 0 ? head : void 0;
+}
+function normalizeMatcher(value) {
+	return value.trim().toLowerCase();
+}
+function permissionMatchTokens(params) {
+	const tokens = /* @__PURE__ */ new Set();
+	const kind = inferToolKind(params);
+	const rawKind = params.toolCall.kind;
+	const title = params.toolCall.title?.trim();
+	const toolName = readToolName(params);
+	for (const value of [
+		kind,
+		rawKind,
+		title,
+		toolName
+	]) if (typeof value === "string" && value.trim().length > 0) tokens.add(normalizeMatcher(value));
+	if (title) {
+		const head = title.split(/[:\s]/, 1)[0]?.trim();
+		if (head) tokens.add(normalizeMatcher(head));
+	}
+	return [...tokens];
+}
+function findPolicyRule(rules, params) {
+	if (!rules || rules.length === 0) return;
+	const tokens = permissionMatchTokens(params);
+	for (const rule of rules) {
+		const normalized = normalizeMatcher(rule);
+		if (normalized === "*" || tokens.includes(normalized)) return rule;
+	}
+}
+function matchPermissionPolicy(params, policy) {
+	if (!policy) return;
+	const denyRule = findPolicyRule(policy.autoDeny, params);
+	if (denyRule) return {
+		action: "deny",
+		matchedRule: denyRule
+	};
+	const approveRule = findPolicyRule(policy.autoApprove, params);
+	if (approveRule) return {
+		action: "approve",
+		matchedRule: approveRule
+	};
+	const escalateRule = findPolicyRule(policy.escalate, params);
+	if (escalateRule) return {
+		action: "escalate",
+		matchedRule: escalateRule
+	};
+	return policy.defaultAction ? { action: policy.defaultAction } : void 0;
+}
+function buildEscalationEvent(params, matchedRule) {
+	const toolKind = inferToolKind(params);
+	const toolTitle = params.toolCall.title?.trim() || "tool";
+	const toolName = readToolName(params);
+	return {
+		type: "permission_escalation",
+		sessionId: params.sessionId,
+		toolCallId: params.toolCall.toolCallId,
+		...toolName ? { toolName } : {},
+		toolTitle,
+		...params.toolCall.rawInput !== void 0 ? { toolInput: params.toolCall.rawInput } : {},
+		...toolKind ? { toolKind } : {},
+		action: "escalate",
+		...matchedRule ? { matchedRule } : {},
+		message: `Permission escalation required for ${toolTitle}`,
+		timestamp: (/* @__PURE__ */ new Date()).toISOString()
+	};
+}
 function permissionModeSatisfies(actual, required) {
 	return PERMISSION_MODE_RANK[actual] >= PERMISSION_MODE_RANK[required];
 }
-async function resolvePermissionRequest(params, mode, nonInteractivePolicy = "deny") {
+async function resolvePermissionRequestWithDetails(params, mode, nonInteractivePolicy = "deny", policy) {
 	const options = params.options ?? [];
-	if (options.length === 0) return cancelled();
+	if (options.length === 0) return { response: cancelled() };
 	const allowOption = pickOption(options, ["allow_once", "allow_always"]);
 	const rejectOption = pickOption(options, ["reject_once", "reject_always"]);
+	const policyMatch = matchPermissionPolicy(params, policy);
+	if (policyMatch?.action === "approve") {
+		if (allowOption) return { response: selected(allowOption.optionId) };
+		return { response: selected(options[0].optionId) };
+	}
+	if (policyMatch?.action === "deny") {
+		if (rejectOption) return { response: selected(rejectOption.optionId) };
+		return { response: cancelled() };
+	}
+	if (policyMatch?.action === "escalate") {
+		if (canPromptForPermission$1()) {
+			const approved = await promptForToolPermission(params);
+			if (approved && allowOption) return { response: selected(allowOption.optionId) };
+			if (!approved && rejectOption) return { response: selected(rejectOption.optionId) };
+			return { response: cancelled() };
+		}
+		const escalation = buildEscalationEvent(params, policyMatch.matchedRule);
+		return {
+			response: withEscalationMetadata(rejectOption ? selected(rejectOption.optionId) : cancelled(), escalation),
+			escalation
+		};
+	}
 	if (mode === "approve-all") {
-		if (allowOption) return selected(allowOption.optionId);
-		return selected(options[0].optionId);
+		if (allowOption) return { response: selected(allowOption.optionId) };
+		return { response: selected(options[0].optionId) };
 	}
 	if (mode === "deny-all") {
-		if (rejectOption) return selected(rejectOption.optionId);
-		return cancelled();
+		if (rejectOption) return { response: selected(rejectOption.optionId) };
+		return { response: cancelled() };
 	}
-	if (isAutoApprovedReadKind(inferToolKind(params)) && allowOption) return selected(allowOption.optionId);
+	if (isAutoApprovedReadKind(inferToolKind(params)) && allowOption) return { response: selected(allowOption.optionId) };
 	if (!canPromptForPermission$1()) {
 		if (nonInteractivePolicy === "fail") throw new PermissionPromptUnavailableError();
-		if (rejectOption) return selected(rejectOption.optionId);
-		return cancelled();
+		if (rejectOption) return { response: selected(rejectOption.optionId) };
+		return { response: cancelled() };
 	}
 	const approved = await promptForToolPermission(params);
-	if (approved && allowOption) return selected(allowOption.optionId);
-	if (!approved && rejectOption) return selected(rejectOption.optionId);
-	return cancelled();
+	if (approved && allowOption) return { response: selected(allowOption.optionId) };
+	if (!approved && rejectOption) return { response: selected(rejectOption.optionId) };
+	return { response: cancelled() };
+}
+const DECISION_FALLBACK_ORDER = {
+	allow_once: ["allow_once", "allow_always"],
+	allow_always: ["allow_always", "allow_once"],
+	reject_once: ["reject_once", "reject_always"],
+	reject_always: ["reject_always", "reject_once"]
+};
+function decisionToResponse(params, decision) {
+	if (decision.outcome === "cancel") return cancelled();
+	const matched = pickOption(params.options ?? [], DECISION_FALLBACK_ORDER[decision.outcome]);
+	return matched ? selected(matched.optionId) : cancelled();
 }
 function classifyPermissionDecision(params, response) {
 	if (response.outcome.outcome !== "selected") return "cancelled";
@@ -1176,6 +1903,30 @@ function buildSpawnCommandOptions(command, options, platform = process.platform,
 		shell: true
 	};
 }
+function buildTerminalSpawnCommand(command, args) {
+	return {
+		command,
+		args: args ?? [],
+		killProcessGroup: false
+	};
+}
+function buildTerminalShellSpawnCommand(command, platform = process.platform) {
+	if (platform === "win32") return {
+		command: "cmd.exe",
+		args: [
+			"/d",
+			"/s",
+			"/c",
+			command
+		],
+		killProcessGroup: true
+	};
+	return {
+		command: "/bin/sh",
+		args: ["-c", command],
+		killProcessGroup: true
+	};
+}
 //#endregion
 //#region src/acp/client-process.ts
 const execFileAsync = promisify(execFile);
@@ -1290,9 +2041,10 @@ function isWsl(options) {
 	if ((options.platform ?? process.platform) !== "linux") return false;
 	return (options.existsSync ?? fs.existsSync)("/proc/sys/fs/binfmt_misc/WSLInterop");
 }
+const WINDOWS_EXECUTABLE_EXTENSION_RE = /\.(?:exe|cmd|bat)$/u;
 function isWindowsExecutableCommand(command) {
-	const normalized = command.replace(/\\/g, "/").toLowerCase();
-	return normalized.endsWith(".exe") || normalized.startsWith("/mnt/c/");
+	const normalized = command.toLowerCase();
+	return WINDOWS_EXECUTABLE_EXTENSION_RE.test(normalized);
 }
 async function runWslpath(cwd) {
 	const { stdout } = await execFileAsync("wslpath", ["-w", cwd], { encoding: "utf8" });
@@ -1490,6 +2242,13 @@ function buildClaudeCodeOptionsMeta(options) {
 	if (Object.keys(meta).length === 0) return;
 	return meta;
 }
+function resolveClaudeCodeExecutable(platform = process.platform, env = process.env) {
+	if (platform !== "win32") return;
+	if (readWindowsEnvValue(env, "CLAUDE_CODE_EXECUTABLE")) return;
+	const resolved = resolveWindowsCommand("claude", env);
+	if (!resolved) return;
+	return path.resolve(resolved);
+}
 //#endregion
 //#region src/acp/auth-env.ts
 const AUTH_ENV_PREFIX = "ACPX_AUTH_";
@@ -1556,6 +2315,71 @@ function buildAgentSpawnOptions(cwd, authCredentials) {
 	};
 }
 //#endregion
+//#region src/acp/jsonrpc.ts
+function asRecord$2(value) {
+	if (!value || typeof value !== "object" || Array.isArray(value)) return null;
+	return value;
+}
+function hasValidId(value) {
+	return value === null || typeof value === "string" || typeof value === "number" && Number.isFinite(value);
+}
+function isErrorObject(value) {
+	const record = asRecord$2(value);
+	return !!record && typeof record.code === "number" && Number.isFinite(record.code) && typeof record.message === "string";
+}
+function hasResultOrError(value) {
+	const hasResult = Object.hasOwn(value, "result");
+	const hasError = Object.hasOwn(value, "error");
+	if (hasResult && hasError) return false;
+	if (!hasResult && !hasError) return false;
+	if (hasError && !isErrorObject(value.error)) return false;
+	return true;
+}
+function isAcpJsonRpcMessage(value) {
+	const record = asRecord$2(value);
+	if (!record || record.jsonrpc !== "2.0") return false;
+	const hasMethod = typeof record.method === "string" && record.method.length > 0;
+	const hasId = Object.hasOwn(record, "id");
+	if (hasMethod && !hasId) return true;
+	if (hasMethod && hasId) return hasValidId(record.id);
+	if (!hasMethod && hasId) {
+		if (!hasValidId(record.id)) return false;
+		return hasResultOrError(record);
+	}
+	return false;
+}
+function isJsonRpcNotification(message) {
+	return Object.hasOwn(message, "method") && typeof message.method === "string" && !Object.hasOwn(message, "id");
+}
+function isSessionUpdateNotification(message) {
+	return isJsonRpcNotification(message) && message.method === "session/update";
+}
+function extractSessionUpdateNotification(message) {
+	if (!isSessionUpdateNotification(message)) return;
+	const params = asRecord$2(message.params);
+	if (!params) return;
+	const sessionId = typeof params.sessionId === "string" ? params.sessionId : null;
+	if (!sessionId) return;
+	const update = asRecord$2(params.update);
+	if (!update || typeof update.sessionUpdate !== "string") return;
+	return {
+		sessionId,
+		update
+	};
+}
+function parsePromptStopReason(message) {
+	if (!Object.hasOwn(message, "id") || !Object.hasOwn(message, "result")) return;
+	const record = asRecord$2(message.result);
+	if (!record) return;
+	return typeof record.stopReason === "string" ? record.stopReason : void 0;
+}
+function parseJsonRpcErrorMessage(message) {
+	if (!Object.hasOwn(message, "error")) return;
+	const errorRecord = asRecord$2(message.error);
+	if (!errorRecord || typeof errorRecord.message !== "string") return;
+	return errorRecord.message;
+}
+//#endregion
 //#region src/acp/session-control-errors.ts
 const SESSION_CONTROL_UNSUPPORTED_ACP_CODES = new Set([-32601, -32602]);
 function asRecord$1(value) {
@@ -1679,14 +2503,15 @@ var TerminalManager = class {
 		try {
 			if (!await this.isExecuteApproved(commandLine)) throw new PermissionDeniedError("Permission denied for terminal/create");
 			const outputByteLimit = Math.max(0, Math.round(params.outputByteLimit ?? DEFAULT_TERMINAL_OUTPUT_LIMIT_BYTES));
-			const proc = spawn(params.command, params.args ?? [], buildTerminalSpawnOptions(params.command, params.cwd ?? this.cwd, params.env));
-			await waitForSpawn(proc);
+			const { proc, spawnCommand } = await spawnTerminalProcess(params, this.cwd);
 			let resolveExit = () => {};
 			const exitPromise = new Promise((resolve) => {
 				resolveExit = resolve;
 			});
 			const terminal = {
 				process: proc,
+				killProcessGroup: spawnCommand.killProcessGroup,
+				descendantPids: /* @__PURE__ */ new Set(),
 				output: Buffer.alloc(0),
 				truncated: false,
 				outputByteLimit,
@@ -1709,10 +2534,14 @@ var TerminalManager = class {
 			proc.once("exit", (exitCode, signal) => {
 				terminal.exitCode = exitCode;
 				terminal.signal = signal;
-				terminal.resolveExit({
-					exitCode: exitCode ?? null,
-					signal: signal ?? null
-				});
+				terminal.processGroupSnapshotPromise = rememberProcessGroupPids(terminal);
+				(async () => {
+					await terminal.processGroupSnapshotPromise;
+					terminal.resolveExit({
+						exitCode: exitCode ?? null,
+						signal: signal ?? null
+					});
+				})();
 			});
 			const terminalId = randomUUID();
 			this.terminals.set(terminalId, terminal);
@@ -1864,21 +2693,284 @@ var TerminalManager = class {
 		return terminal.exitCode === void 0 && terminal.signal === void 0;
 	}
 	async killProcess(terminal) {
-		if (!this.isRunning(terminal)) return;
+		if (!this.isRunning(terminal) && !terminal.killProcessGroup) return;
 		try {
-			terminal.process.kill("SIGTERM");
+			await this.signalProcess(terminal, "SIGTERM");
 		} catch {
 			return;
 		}
-		if (await Promise.race([terminal.exitPromise.then(() => true), waitMs(this.killGraceMs).then(() => false)]) || !this.isRunning(terminal)) return;
+		if (await this.waitForCleanupAfterSignal(terminal) && !terminal.killProcessGroup) return;
 		try {
-			terminal.process.kill("SIGKILL");
+			await this.signalProcess(terminal, "SIGKILL");
 		} catch {
 			return;
 		}
-		await Promise.race([terminal.exitPromise.then(() => void 0), waitMs(this.killGraceMs)]);
+		await this.waitForCleanupAfterSignal(terminal);
+	}
+	async signalProcess(terminal, signal) {
+		const pid = terminal.process.pid;
+		if (terminal.killProcessGroup && pid && process.platform === "win32") {
+			if (!this.isRunning(terminal)) await terminal.processGroupSnapshotPromise?.catch(() => {});
+			for (const descendantPid of await listDescendantPids(pid)) terminal.descendantPids.add(descendantPid);
+			if (this.isRunning(terminal)) {
+				await killWindowsProcessTree(pid, signal);
+				return;
+			}
+			for (const descendantPid of terminal.descendantPids) await killWindowsProcessTree(descendantPid, signal);
+			return;
+		}
+		if (terminal.killProcessGroup && pid) {
+			if (!this.isRunning(terminal)) await terminal.processGroupSnapshotPromise?.catch(() => {});
+			for (const descendantPid of await listDescendantPids(pid)) terminal.descendantPids.add(descendantPid);
+			if (process.platform !== "win32" && hasLiveProcessGroup(pid)) {
+				sendSignal(-pid, signal);
+				return;
+			}
+			for (const descendantPid of terminal.descendantPids) sendSignal(descendantPid, signal);
+			return;
+		}
+		terminal.process.kill(signal);
+	}
+	async waitForCleanupAfterSignal(terminal) {
+		return await Promise.race([this.waitForTerminalAndTrackedDescendants(terminal).then(() => true), waitMs(this.killGraceMs).then(() => false)]);
+	}
+	async waitForTerminalAndTrackedDescendants(terminal) {
+		await terminal.exitPromise;
+		while (hasLiveTerminalProcessGroup(terminal)) await waitMs(25);
+		while (hasLivePid(terminal.descendantPids)) await waitMs(25);
 	}
 };
+async function spawnTerminalProcess(params, defaultCwd) {
+	const directCommand = buildTerminalSpawnCommand(params.command, params.args);
+	try {
+		return {
+			proc: await spawnAndWait(directCommand, params, defaultCwd),
+			spawnCommand: directCommand
+		};
+	} catch (error) {
+		const fallbackCommand = params.args === void 0 && isNotFoundSpawnError(error) ? buildTerminalFallbackSpawnCommand(params.command, params.cwd ?? defaultCwd) : void 0;
+		if (!fallbackCommand) throw error;
+		return {
+			proc: await spawnAndWait(fallbackCommand, params, defaultCwd),
+			spawnCommand: fallbackCommand
+		};
+	}
+}
+async function spawnAndWait(spawnCommand, params, defaultCwd) {
+	const spawnOptions = buildTerminalSpawnOptions(spawnCommand.command, params.cwd ?? defaultCwd, params.env);
+	if (spawnCommand.killProcessGroup) spawnOptions.detached = true;
+	const proc = spawn(spawnCommand.command, spawnCommand.args, spawnOptions);
+	await waitForSpawn(proc);
+	return proc;
+}
+function isNotFoundSpawnError(error) {
+	return error instanceof Error && error.code === "ENOENT";
+}
+function buildTerminalFallbackSpawnCommand(command, cwd, platform = process.platform) {
+	if (commandPathExists(command, cwd)) return;
+	if (platform === "win32") return hasWindowsShellSyntax(command) || /\s/u.test(command) ? buildTerminalShellSpawnCommand(command, platform) : void 0;
+	if (hasShellSyntax(command) || /\s/u.test(command)) return buildTerminalShellSpawnCommand(command, platform);
+}
+function hasShellSyntax(command) {
+	return /[|&;<>()>$`*?[\]{}'"\\\r\n]/u.test(command);
+}
+function hasWindowsShellSyntax(command) {
+	return /[|&;<>()>$`*?[\]{}'"\r\n]/u.test(command);
+}
+function commandPathExists(command, cwd) {
+	if (!/[\\/]/u.test(command)) return false;
+	const resolvedPath = path.isAbsolute(command) ? command : path.resolve(cwd, command);
+	return fs.existsSync(resolvedPath);
+}
+async function listDescendantPids(rootPid) {
+	let output;
+	try {
+		output = await runProcessListCommand();
+	} catch {
+		return [];
+	}
+	const childrenByParent = /* @__PURE__ */ new Map();
+	for (const line of output.split("\n")) {
+		const match = line.trim().match(/^(\d+)\s+(\d+)$/);
+		if (!match) continue;
+		const pid = Number(match[1]);
+		const parentPid = Number(match[2]);
+		if (!Number.isInteger(pid) || !Number.isInteger(parentPid) || pid <= 0 || parentPid <= 0) continue;
+		const children = childrenByParent.get(parentPid);
+		if (children) children.push(pid);
+		else childrenByParent.set(parentPid, [pid]);
+	}
+	const descendants = [];
+	const queue = [...childrenByParent.get(rootPid) ?? []];
+	for (let index = 0; index < queue.length; index += 1) {
+		const pid = queue[index];
+		descendants.push(pid);
+		queue.push(...childrenByParent.get(pid) ?? []);
+	}
+	return descendants;
+}
+async function runProcessListCommand() {
+	if (process.platform === "win32") return await runWindowsProcessListCommand();
+	return await new Promise((resolve, reject) => {
+		const child = spawn("ps", ["-eo", "pid=,ppid="], { stdio: [
+			"ignore",
+			"pipe",
+			"pipe"
+		] });
+		let stdout = "";
+		let stderr = "";
+		child.stdout.setEncoding("utf8");
+		child.stderr.setEncoding("utf8");
+		child.stdout.on("data", (chunk) => {
+			stdout += chunk;
+		});
+		child.stderr.on("data", (chunk) => {
+			stderr += chunk;
+		});
+		child.once("error", reject);
+		child.once("close", (code, signal) => {
+			if (code === 0) {
+				resolve(stdout);
+				return;
+			}
+			reject(/* @__PURE__ */ new Error(`ps exited with code ${code ?? "null"} signal ${signal ?? "null"}: ${stderr}`));
+		});
+	});
+}
+async function rememberProcessGroupPids(terminal) {
+	const processGroupId = terminal.process.pid;
+	if (!terminal.killProcessGroup || !processGroupId) return;
+	if (process.platform === "win32") {
+		for (const pid of await listDescendantPids(processGroupId)) terminal.descendantPids.add(pid);
+		return;
+	}
+	for (const pid of await listProcessGroupPids(processGroupId)) if (pid !== processGroupId) terminal.descendantPids.add(pid);
+}
+async function listProcessGroupPids(processGroupId) {
+	let output;
+	try {
+		output = await runProcessGroupListCommand();
+	} catch {
+		return [];
+	}
+	const pids = [];
+	for (const line of output.split("\n")) {
+		const match = line.trim().match(/^(\d+)\s+(\d+)$/);
+		if (!match) continue;
+		const pid = Number(match[1]);
+		const pgid = Number(match[2]);
+		if (Number.isInteger(pid) && Number.isInteger(pgid) && pid > 0 && pgid === processGroupId) pids.push(pid);
+	}
+	return pids;
+}
+async function runProcessGroupListCommand() {
+	return await new Promise((resolve, reject) => {
+		const child = spawn("ps", ["-eo", "pid=,pgid="], { stdio: [
+			"ignore",
+			"pipe",
+			"pipe"
+		] });
+		let stdout = "";
+		let stderr = "";
+		child.stdout.setEncoding("utf8");
+		child.stderr.setEncoding("utf8");
+		child.stdout.on("data", (chunk) => {
+			stdout += chunk;
+		});
+		child.stderr.on("data", (chunk) => {
+			stderr += chunk;
+		});
+		child.once("error", reject);
+		child.once("close", (code, signal) => {
+			if (code === 0) {
+				resolve(stdout);
+				return;
+			}
+			reject(/* @__PURE__ */ new Error(`ps exited with code ${code ?? "null"} signal ${signal ?? "null"}: ${stderr}`));
+		});
+	});
+}
+async function runWindowsProcessListCommand() {
+	return await new Promise((resolve, reject) => {
+		const child = spawn("powershell.exe", [
+			"-NoProfile",
+			"-NonInteractive",
+			"-Command",
+			["Get-CimInstance Win32_Process |", "ForEach-Object { \"$($_.ProcessId) $($_.ParentProcessId)\" }"].join(" ")
+		], {
+			stdio: [
+				"ignore",
+				"pipe",
+				"pipe"
+			],
+			windowsHide: true
+		});
+		let stdout = "";
+		let stderr = "";
+		child.stdout.setEncoding("utf8");
+		child.stderr.setEncoding("utf8");
+		child.stdout.on("data", (chunk) => {
+			stdout += chunk;
+		});
+		child.stderr.on("data", (chunk) => {
+			stderr += chunk;
+		});
+		child.once("error", reject);
+		child.once("close", (code, signal) => {
+			if (code === 0) {
+				resolve(stdout);
+				return;
+			}
+			reject(/* @__PURE__ */ new Error(`powershell process list exited with code ${code ?? "null"} signal ${signal ?? "null"}: ${stderr}`));
+		});
+	});
+}
+async function killWindowsProcessTree(pid, signal) {
+	const args = [
+		"/pid",
+		String(pid),
+		"/t"
+	];
+	if (signal === "SIGKILL") args.push("/f");
+	await new Promise((resolve) => {
+		const child = spawn("taskkill", args, {
+			stdio: [
+				"ignore",
+				"ignore",
+				"ignore"
+			],
+			windowsHide: true
+		});
+		child.once("error", () => resolve());
+		child.once("close", () => resolve());
+	});
+}
+function sendSignal(pid, signal) {
+	try {
+		process.kill(pid, signal);
+	} catch {}
+}
+function hasLiveProcessGroup(processGroupId) {
+	try {
+		process.kill(-processGroupId, 0);
+		return true;
+	} catch {
+		return false;
+	}
+}
+function hasLiveTerminalProcessGroup(terminal) {
+	const pid = terminal.process.pid;
+	return Boolean(terminal.killProcessGroup && pid && process.platform !== "win32" && hasLiveProcessGroup(pid));
+}
+function hasLivePid(pids) {
+	for (const pid of pids) try {
+		process.kill(pid, 0);
+		return true;
+	} catch {
+		pids.delete(pid);
+	}
+	return false;
+}
 //#endregion
 //#region src/acp/client.ts
 const REPLAY_IDLE_MS = 80;
@@ -1965,6 +3057,7 @@ var AcpClient = class {
 	suppressReplaySessionUpdateMessages = false;
 	activePrompt;
 	cancellingSessionIds = /* @__PURE__ */ new Set();
+	permissionAbortControllers = /* @__PURE__ */ new Map();
 	closing = false;
 	agentStartedAt;
 	lastAgentExit;
@@ -1981,7 +3074,8 @@ var AcpClient = class {
 			onAcpMessage: this.options.onAcpMessage,
 			onAcpOutputMessage: this.options.onAcpOutputMessage,
 			onSessionUpdate: this.options.onSessionUpdate,
-			onClientOperation: this.options.onClientOperation
+			onClientOperation: this.options.onClientOperation,
+			onPermissionEscalation: this.options.onPermissionEscalation
 		};
 		this.filesystem = new FileSystemHandlers({
 			cwd: this.options.cwd,
@@ -2034,6 +3128,7 @@ var AcpClient = class {
 	updateRuntimeOptions(options) {
 		if (options.permissionMode) this.options.permissionMode = options.permissionMode;
 		if (options.nonInteractivePermissions !== void 0) this.options.nonInteractivePermissions = options.nonInteractivePermissions;
+		if (Object.prototype.hasOwnProperty.call(options, "permissionPolicy")) this.options.permissionPolicy = options.permissionPolicy;
 		if (options.terminal !== void 0) this.options.terminal = options.terminal;
 		if (options.permissionMode || options.nonInteractivePermissions !== void 0) {
 			this.filesystem.updatePermissionPolicy(this.options.permissionMode, this.options.nonInteractivePermissions);
@@ -2064,7 +3159,15 @@ var AcpClient = class {
 		else this.log(`spawning agent: ${spawnCommand} ${args.join(" ")}`);
 		const geminiAcp = isGeminiAcpCommand(spawnCommand, args);
 		if (isCopilotAcpCommand(spawnCommand, args)) await ensureCopilotAcpSupport(spawnCommand);
-		const spawnedChild = spawn(spawnCommand, args, buildSpawnCommandOptions(spawnCommand, buildAgentSpawnOptions(this.options.cwd, this.options.authCredentials)));
+		const agentSpawnOptions = buildAgentSpawnOptions(this.options.cwd, this.options.authCredentials);
+		if (isClaudeAcpCommand(spawnCommand, args)) {
+			const claudeExe = resolveClaudeCodeExecutable(process.platform, agentSpawnOptions.env);
+			if (claudeExe) {
+				agentSpawnOptions.env.CLAUDE_CODE_EXECUTABLE = claudeExe;
+				this.log(`resolved system Claude Code executable: ${claudeExe}`);
+			}
+		}
+		const spawnedChild = spawn(spawnCommand, args, buildSpawnCommandOptions(spawnCommand, agentSpawnOptions));
 		try {
 			await waitForSpawn$1(spawnedChild);
 		} catch (error) {
@@ -2216,6 +3319,7 @@ var AcpClient = class {
 		return {
 			sessionId: result.sessionId,
 			agentSessionId: extractRuntimeSessionId(result._meta),
+			configOptions: result.configOptions ?? void 0,
 			models: result.models ?? void 0
 		};
 	}
@@ -2245,6 +3349,7 @@ var AcpClient = class {
 		this.loadedSessionId = sessionId;
 		return {
 			agentSessionId: extractRuntimeSessionId(response?._meta),
+			configOptions: response?.configOptions ?? void 0,
 			models: response?.models ?? void 0
 		};
 	}
@@ -2278,6 +3383,7 @@ var AcpClient = class {
 			restoreConsoleError?.();
 			if (this.activePrompt?.promise === promptPromise) this.activePrompt = void 0;
 			this.cancellingSessionIds.delete(sessionId);
+			this.abortAndDropPermissionSignal(sessionId);
 			this.promptPermissionFailures.delete(sessionId);
 		}
 	}
@@ -2323,11 +3429,12 @@ var AcpClient = class {
 	async cancel(sessionId) {
 		const connection = this.getConnection();
 		this.cancellingSessionIds.add(sessionId);
+		this.abortAndDropPermissionSignal(sessionId);
 		await this.runConnectionRequest(() => connection.cancel({ sessionId }));
 	}
 	async closeSession(sessionId) {
 		const connection = this.getConnection();
-		await this.runConnectionRequest(() => connection.unstable_closeNes({ sessionId }));
+		await this.runConnectionRequest(() => connection.closeSession({ sessionId }));
 		if (this.loadedSessionId === sessionId) this.loadedSessionId = void 0;
 	}
 	async requestCancelActivePrompt() {
@@ -2369,6 +3476,8 @@ var AcpClient = class {
 		this.suppressReplaySessionUpdateMessages = false;
 		this.activePrompt = void 0;
 		this.cancellingSessionIds.clear();
+		for (const controller of this.permissionAbortControllers.values()) controller.abort();
+		this.permissionAbortControllers.clear();
 		this.promptPermissionFailures.clear();
 		this.loadedSessionId = void 0;
 		this.initResult = void 0;
@@ -2517,9 +3626,36 @@ var AcpClient = class {
 	}
 	async handlePermissionRequest(params) {
 		if (this.cancellingSessionIds.has(params.sessionId)) return { outcome: { outcome: "cancelled" } };
+		if (this.options.onPermissionRequest) {
+			const signal = this.cancellationSignalForSession(params.sessionId);
+			try {
+				const decision = await this.options.onPermissionRequest({
+					sessionId: params.sessionId,
+					raw: params,
+					inferredKind: inferToolKind(params)
+				}, { signal });
+				if (signal.aborted || this.cancellingSessionIds.has(params.sessionId)) {
+					this.recordPermissionDecision("cancelled");
+					return { outcome: { outcome: "cancelled" } };
+				}
+				if (decision) {
+					const response = decisionToResponse(params, decision);
+					this.recordPermissionDecision(classifyPermissionDecision(params, response));
+					return response;
+				}
+			} catch (error) {
+				if (signal.aborted || this.cancellingSessionIds.has(params.sessionId)) {
+					this.recordPermissionDecision("cancelled");
+					return { outcome: { outcome: "cancelled" } };
+				}
+				this.log(`onPermissionRequest threw, falling through to mode-based resolver: ${error instanceof Error ? error.message : String(error)}`);
+			}
+		}
 		let response;
 		try {
-			response = await resolvePermissionRequest(params, this.options.permissionMode, this.options.nonInteractivePermissions ?? "deny");
+			const result = await resolvePermissionRequestWithDetails(params, this.options.permissionMode, this.options.nonInteractivePermissions ?? "deny", this.options.permissionPolicy);
+			response = result.response;
+			if (result.escalation) this.eventHandlers.onPermissionEscalation?.(result.escalation);
 		} catch (error) {
 			if (error instanceof PermissionPromptUnavailableError) {
 				this.notePromptPermissionFailure(params.sessionId, error);
@@ -2625,6 +3761,21 @@ var AcpClient = class {
 	async handleReleaseTerminal(params) {
 		return await this.terminalManager.releaseTerminal(params);
 	}
+	cancellationSignalForSession(sessionId) {
+		let controller = this.permissionAbortControllers.get(sessionId);
+		if (!controller) {
+			controller = new AbortController();
+			this.permissionAbortControllers.set(sessionId, controller);
+		}
+		return controller.signal;
+	}
+	abortAndDropPermissionSignal(sessionId) {
+		const controller = this.permissionAbortControllers.get(sessionId);
+		if (controller) {
+			controller.abort();
+			this.permissionAbortControllers.delete(sessionId);
+		}
+	}
 	recordPermissionDecision(decision) {
 		this.permissionStats.requested += 1;
 		if (decision === "approved") {
@@ -2686,6 +3837,47 @@ var AcpClient = class {
 	}
 };
 //#endregion
+//#region src/runtime/engine/session-options.ts
+function mergeSessionOptions(preferred, fallback) {
+	const merged = { ...fallback };
+	if (preferred?.model !== void 0) merged.model = preferred.model;
+	if (preferred?.allowedTools !== void 0) merged.allowedTools = preferred.allowedTools;
+	if (preferred?.maxTurns !== void 0) merged.maxTurns = preferred.maxTurns;
+	if (preferred?.systemPrompt !== void 0) merged.systemPrompt = preferred.systemPrompt;
+	return Object.keys(merged).length > 0 ? merged : void 0;
+}
+function persistSessionOptions(record, options) {
+	const systemPromptOption = options?.systemPrompt;
+	const normalizedSystemPrompt = typeof systemPromptOption === "string" && systemPromptOption.length > 0 ? systemPromptOption : systemPromptOption && typeof systemPromptOption === "object" && typeof systemPromptOption.append === "string" && systemPromptOption.append.length > 0 ? { append: systemPromptOption.append } : void 0;
+	const next = options && {
+		model: typeof options.model === "string" ? options.model : void 0,
+		allowed_tools: Array.isArray(options.allowedTools) ? [...options.allowedTools] : void 0,
+		max_turns: typeof options.maxTurns === "number" ? options.maxTurns : void 0,
+		system_prompt: normalizedSystemPrompt
+	};
+	if (Boolean(next && (typeof next.model === "string" && next.model.trim().length > 0 || Array.isArray(next.allowed_tools) || typeof next.max_turns === "number" || next.system_prompt !== void 0)) && next) {
+		record.acpx = {
+			...record.acpx,
+			session_options: next
+		};
+		return;
+	}
+	if (!record.acpx) return;
+	delete record.acpx.session_options;
+}
+function sessionOptionsFromRecord(record) {
+	const stored = record.acpx?.session_options;
+	if (!stored) return;
+	const sessionOptions = {};
+	if (typeof stored.model === "string" && stored.model.trim().length > 0) sessionOptions.model = stored.model;
+	if (Array.isArray(stored.allowed_tools)) sessionOptions.allowedTools = [...stored.allowed_tools];
+	if (typeof stored.max_turns === "number") sessionOptions.maxTurns = stored.max_turns;
+	const storedSystemPrompt = stored.system_prompt;
+	if (typeof storedSystemPrompt === "string" && storedSystemPrompt.length > 0) sessionOptions.systemPrompt = storedSystemPrompt;
+	else if (storedSystemPrompt && typeof storedSystemPrompt === "object" && typeof storedSystemPrompt.append === "string" && storedSystemPrompt.append.length > 0) sessionOptions.systemPrompt = { append: storedSystemPrompt.append };
+	return Object.keys(sessionOptions).length > 0 ? sessionOptions : void 0;
+}
+//#endregion
 //#region src/session/conversation-model.ts
 const MAX_RUNTIME_MESSAGES = 200;
 const MAX_RUNTIME_AGENT_TEXT_CHARS = 8e3;
@@ -3061,6 +4253,15 @@ function trimConversationForRuntime(conversation) {
 	if (requestUsageEntries.length > MAX_RUNTIME_REQUEST_TOKEN_USAGE) conversation.request_token_usage = Object.fromEntries(requestUsageEntries.slice(-MAX_RUNTIME_REQUEST_TOKEN_USAGE));
 }
 //#endregion
+//#region src/session/config-options.ts
+function applyConfigOptionsToRecord(record, result) {
+	const configOptions = result?.configOptions;
+	if (!configOptions) return;
+	const acpxState = cloneSessionAcpxState(record.acpx) ?? {};
+	acpxState.config_options = structuredClone(configOptions);
+	record.acpx = acpxState;
+}
+//#endregion
 //#region src/session/mode-preference.ts
 function ensureAcpxState(state) {
 	return state ?? {};
@@ -3156,6 +4357,22 @@ function assertRequestedModelSupported(params) {
 	if (!new Set(params.models.availableModels.map((model) => model.modelId)).has(params.requestedModel)) throw new RequestedModelUnsupportedError(`Cannot ${params.context === "replay" ? "replay saved model" : "apply --model"} "${params.requestedModel}": the ACP agent did not advertise that model. Available models: ${formatAvailableModelIds(params.models)}.`);
 }
 //#endregion
+//#region src/session/model-application.ts
+async function applyRequestedModelIfAdvertised(params) {
+	const requestedModel = typeof params.requestedModel === "string" ? params.requestedModel.trim() : "";
+	if (!requestedModel) return false;
+	assertRequestedModelSupported({
+		requestedModel,
+		models: params.models,
+		agentCommand: params.agentCommand,
+		context: "apply"
+	});
+	if (!params.models) return false;
+	if (params.models.currentModelId === requestedModel) return true;
+	await withTimeout(params.client.setSessionModel(params.sessionId, requestedModel), params.timeoutMs);
+	return true;
+}
+//#endregion
 //#region src/runtime/engine/lifecycle.ts
 function applyLifecycleSnapshotToRecord(record, snapshot) {
 	if (!snapshot) return;
@@ -3296,6 +4513,7 @@ async function connectAndLoadSession(options) {
 	else if (client.supportsLoadSession()) try {
 		const loadResult = await withTimeout(client.loadSessionWithOptions(record.acpSessionId, record.cwd, { suppressReplayUpdates: true }), options.timeoutMs);
 		reconcileAgentSessionId(record, loadResult.agentSessionId);
+		applyConfigOptionsToRecord(record, loadResult);
 		sessionModels = loadResult.models;
 		resumed = true;
 	} catch (error) {
@@ -3310,6 +4528,7 @@ async function connectAndLoadSession(options) {
 		sessionId = createdSession.sessionId;
 		createdFreshSession = true;
 		pendingAgentSessionId = createdSession.agentSessionId;
+		applyConfigOptionsToRecord(record, createdSession);
 		sessionModels = createdSession.models;
 	}
 	else {
@@ -3321,6 +4540,7 @@ async function connectAndLoadSession(options) {
 		sessionId = createdSession.sessionId;
 		createdFreshSession = true;
 		pendingAgentSessionId = createdSession.agentSessionId;
+		applyConfigOptionsToRecord(record, createdSession);
 		sessionModels = createdSession.models;
 	}
 	if (createdFreshSession) {
@@ -3374,28 +4594,6 @@ async function connectAndLoadSession(options) {
 	};
 }
 //#endregion
-//#region src/runtime/engine/session-options.ts
-function mergeSessionOptions(preferred, fallback) {
-	const merged = { ...fallback };
-	if (preferred?.model !== void 0) merged.model = preferred.model;
-	if (preferred?.allowedTools !== void 0) merged.allowedTools = preferred.allowedTools;
-	if (preferred?.maxTurns !== void 0) merged.maxTurns = preferred.maxTurns;
-	if (preferred?.systemPrompt !== void 0) merged.systemPrompt = preferred.systemPrompt;
-	return Object.keys(merged).length > 0 ? merged : void 0;
-}
-function sessionOptionsFromRecord(record) {
-	const stored = record.acpx?.session_options;
-	if (!stored) return;
-	const sessionOptions = {};
-	if (typeof stored.model === "string" && stored.model.trim().length > 0) sessionOptions.model = stored.model;
-	if (Array.isArray(stored.allowed_tools)) sessionOptions.allowedTools = [...stored.allowed_tools];
-	if (typeof stored.max_turns === "number") sessionOptions.maxTurns = stored.max_turns;
-	const storedSystemPrompt = stored.system_prompt;
-	if (typeof storedSystemPrompt === "string" && storedSystemPrompt.length > 0) sessionOptions.systemPrompt = storedSystemPrompt;
-	else if (storedSystemPrompt && typeof storedSystemPrompt === "object" && typeof storedSystemPrompt.append === "string" && storedSystemPrompt.append.length > 0) sessionOptions.systemPrompt = { append: storedSystemPrompt.append };
-	return Object.keys(sessionOptions).length > 0 ? sessionOptions : void 0;
-}
-//#endregion
 //#region src/runtime/engine/connected-session.ts
 function createActiveSessionController(params) {
 	const getActiveSessionId = () => params.getActiveSessionId();
@@ -3421,6 +4619,7 @@ async function withConnectedSession(options) {
 		mcpServers: options.mcpServers,
 		permissionMode: options.permissionMode ?? "approve-reads",
 		nonInteractivePermissions: options.nonInteractivePermissions,
+		onPermissionRequest: options.onPermissionRequest,
 		authCredentials: options.authCredentials,
 		authPolicy: options.authPolicy,
 		terminal: options.terminal,
@@ -3432,6 +4631,7 @@ async function withConnectedSession(options) {
 		mcpServers: options.mcpServers,
 		permissionMode: options.permissionMode ?? "approve-reads",
 		nonInteractivePermissions: options.nonInteractivePermissions,
+		onPermissionRequest: options.onPermissionRequest,
 		authCredentials: options.authCredentials,
 		authPolicy: options.authPolicy,
 		terminal: options.terminal,
@@ -3532,6 +4732,59 @@ async function runPromptTurn(params) {
 	}
 }
 //#endregion
-export { listSessions as A, sessionEventActivePath as B, permissionModeSatisfies as C, findSession as D, findGitRepositoryRoot as E, writeSessionRecord as F, InterruptedError as G, sessionEventSegmentPath as H, parseSessionRecord as I, withTimeout as J, TimeoutError as K, DEFAULT_EVENT_SEGMENT_MAX_BYTES as L, normalizeName as M, pruneSessions as N, findSessionByDirectoryWalk as O, resolveSessionRecord as P, resolveAgentCommand as Q, defaultSessionEventLog as R, AcpClient as S, absolutePath as T, assertPersistedKeyPolicy as U, sessionEventLockPath as V, serializeSessionRecordForDisk as W, listBuiltInAgents as X, DEFAULT_AGENT_NAME as Y, normalizeAgentName$1 as Z, createSessionConversation as _, connectAndLoadSession as a, recordSessionUpdate as b, reconcileAgentSessionId as c, setDesiredConfigOption as d, setDesiredModeId as f, cloneSessionConversation as g, cloneSessionAcpxState as h, sessionOptionsFromRecord as i, listSessionsForAgent as j, isoNow$2 as k, assertRequestedModelSupported as l, syncAdvertisedModelState as m, withConnectedSession as n, applyConversation as o, setDesiredModelId as p, withInterrupt as q, mergeSessionOptions as r, applyLifecycleSnapshotToRecord as s, runPromptTurn as t, setCurrentModelId as u, recordClientOperation as v, DEFAULT_HISTORY_LIMIT as w, trimConversationForRuntime as x, recordPromptSubmission as y, sessionBaseDir$1 as z };
+//#region src/session/live-checkpoint.ts
+const DEFAULT_LIVE_CHECKPOINT_INTERVAL_MS = 500;
+var LiveSessionCheckpoint = class {
+	save;
+	intervalMs;
+	onError;
+	dirty = false;
+	flushing;
+	timer;
+	constructor(options) {
+		this.save = options.save;
+		this.intervalMs = options.intervalMs ?? DEFAULT_LIVE_CHECKPOINT_INTERVAL_MS;
+		this.onError = options.onError;
+	}
+	request() {
+		this.dirty = true;
+		if (this.timer) return;
+		this.timer = setTimeout(() => {
+			this.timer = void 0;
+			this.flush().catch((error) => {
+				this.onError?.(error);
+			});
+		}, this.intervalMs);
+		this.timer.unref?.();
+	}
+	async checkpoint() {
+		this.dirty = true;
+		await this.flush();
+	}
+	async flush() {
+		if (this.timer) {
+			clearTimeout(this.timer);
+			this.timer = void 0;
+		}
+		if (this.flushing) {
+			await this.flushing;
+			if (!this.dirty) return;
+		}
+		this.flushing = this.flushDirty();
+		try {
+			await this.flushing;
+		} finally {
+			this.flushing = void 0;
+		}
+	}
+	async flushDirty() {
+		while (this.dirty) {
+			this.dirty = false;
+			await this.save();
+		}
+	}
+};
+//#endregion
+export { getPerfMetricsSnapshot as $, parsePromptStopReason as A, EXIT_CODES as At, normalizeName as B, mergeSessionOptions as C, formatErrorMessage as Ct, extractSessionUpdateNotification as D, isAcpResourceNotFoundError as Dt, AcpClient as E, extractAcpError as Et, findSession as F, PERMISSION_MODES as Ft, DEFAULT_EVENT_SEGMENT_MAX_BYTES as G, resolveSessionRecord as H, findSessionByDirectoryWalk as I, PERMISSION_POLICY_ACTIONS as It, sessionEventActivePath as J, defaultSessionEventLog as K, isoNow$2 as L, SESSION_RECORD_SCHEMA as Lt, DEFAULT_HISTORY_LIMIT as M, OUTPUT_ERROR_CODES as Mt, absolutePath as N, OUTPUT_ERROR_ORIGINS as Nt, isAcpJsonRpcMessage as O, toAcpErrorPayload as Ot, findGitRepositoryRoot as P, OUTPUT_FORMATS as Pt, formatPerfMetric as Q, listSessions as R, QueueConnectionError as Rt, trimConversationForRuntime as S, exitCodeForOutputErrorCode as St, sessionOptionsFromRecord as T, normalizeOutputError as Tt, writeSessionRecord as U, pruneSessions as V, parseSessionRecord as W, sessionEventSegmentPath as X, sessionEventLockPath as Y, assertPersistedKeyPolicy as Z, cloneSessionConversation as _, withTimeout as _t, applyConversation as a, startPerfTimer as at, recordPromptSubmission as b, normalizeAgentName$1 as bt, applyRequestedModelIfAdvertised as c, PromptInputValidationError as ct, setDesiredConfigOption as d, parsePromptSource as dt, incrementPerfCounter as et, setDesiredModeId as f, promptToDisplayText as ft, cloneSessionAcpxState as g, withInterrupt as gt, applyConfigOptionsToRecord as h, TimeoutError as ht, connectAndLoadSession as i, setPerfGauge as it, permissionModeSatisfies as j, NON_INTERACTIVE_PERMISSION_POLICIES as jt, parseJsonRpcErrorMessage as k, AUTH_POLICIES as kt, assertRequestedModelSupported as l, isPromptInput as lt, syncAdvertisedModelState as m, InterruptedError as mt, runPromptTurn as n, recordPerfDuration as nt, applyLifecycleSnapshotToRecord as o, serializeSessionRecordForDisk as ot, setDesiredModelId as p, textPrompt as pt, sessionBaseDir$1 as q, withConnectedSession as r, resetPerfMetrics as rt, reconcileAgentSessionId as s, normalizeRuntimeSessionId as st, LiveSessionCheckpoint as t, measurePerf as tt, setCurrentModelId as u, mergePromptSourceWithText as ut, createSessionConversation as v, DEFAULT_AGENT_NAME as vt, persistSessionOptions as w, isRetryablePromptError as wt, recordSessionUpdate as x, resolveAgentCommand as xt, recordClientOperation as y, listBuiltInAgents as yt, listSessionsForAgent as z, QueueProtocolError as zt };
 
-//# sourceMappingURL=prompt-turn-BY5SwU1F.js.map
+//# sourceMappingURL=live-checkpoint-B9ctAuqV.js.map