aiden-runtime 4.9.1 → 4.9.2

package/dist/cli/v4/aidenPrompt.js

@@ -291,6 +291,18 @@ exports.default = (0, core_1.createPrompt)((config, done) => {
         line = `${message} ${theme.style.answer(value)}`;
     }
     else {
+        // v4.9.2 Slice 2 (commit 0d0668f1) attempted to fix cursor
+        // misalignment by post-pending cursorBackward(ghost.length).
+        // Live-REPL diagnostic proved the fix is structurally inert:
+        // @inquirer/core's screen-manager.js:56 appends an ABSOLUTE
+        // cursorTo(this.cursorPos.cols) AFTER our content, overriding
+        // any cursor-positioning escape we emit inline. The real fix
+        // requires either rendering the ghost via a side-channel post-
+        // render write or moving it out of the inline line entirely —
+        // both need the proper save/restore refactor scheduled for v4.10
+        // once the prompt has a real screen-manager-aware test harness.
+        // Reverted here so the shipped v4.9.2 doesn't carry a "fix" that
+        // doesn't fix anything. Bug D status: known, deferred.
         const ghostStr = ghost ? dim(ghost) : '';
         line = `${prefix} ${message}${value}${ghostStr}`;
     }

package/dist/cli/v4/chatSession.js

@@ -82,6 +82,7 @@ const progressBar_1 = require("./display/progressBar");
 const uiBuild_1 = require("./uiBuild");
 const sessionSummaryGate_1 = require("./sessionSummaryGate");
 const aidenPrompt_1 = __importDefault(require("./aidenPrompt"));
+const confirmPrompt_1 = require("./confirmPrompt");
 const historyStore_1 = require("./historyStore");
 const modelMetadata_1 = require("../../core/v4/modelMetadata");
 // v4.1.3-prebump: classify provider errors so the catch path can show
@@ -496,17 +497,21 @@ class ChatSession {
                         agent: this.opts.agent,
                         pluginLoader: this.opts.pluginLoader,
                         channelManager: this.opts.channelManager,
-                        confirm: async (msg) => {
-                            // Phase 17.1: bug — was reading `this.opts.promptApi?` which is
-                            // undefined when no override is passed; the chain silently
-                            // resolved to undefined → returned false → "Grant cancelled"
-                            // before the user could type anything. Use the resolved local
-                            // promptApi (which falls back to readline-default) instead.
-                            const r = await promptApi.readLine(msg);
-                            if (typeof r !== 'string')
-                                return false;
-                            return /^(y|yes)$/i.test(r.trim());
-                        },
+                        // v4.9.2 Slice 3 — UX-rebuilt confirmation primitive.
+                        // The stdin/keypress mechanics worked correctly all along;
+                        // users simply couldn't see the prompt was open. The
+                        // extracted `runConfirm` helper now owns the canonical
+                        // y/N hint, the warn-tinted '?' glyph, the
+                        // suggestionsDisabled flag (so confirmations skip ghost-
+                        // match against outer chat history), and the per-input
+                        // honest cancellation message.
+                        //
+                        // Phase 17.1 anchor: the previous primitive read
+                        // `this.opts.promptApi?` (undefined → silently returned
+                        // false → "Grant cancelled" before user could type) —
+                        // fixed by routing through the resolved local `promptApi`.
+                        // That fix stands; Slice 3 adds the UX layer on top.
+                        confirm: (msg) => (0, confirmPrompt_1.runConfirm)(msg, promptApi, this.opts.display),
                         // Phase 18: raw text prompt for /auth login OAuth code paste.
                         prompt: (msg) => promptApi.readLine(msg),
                     });
@@ -2085,9 +2090,15 @@ function createDefaultPromptApi(opts = {}) {
     // aidenPrompt component (ghost text + slash dropdown + history nav).
     const useLegacyPrompt = (0, uiBuild_1.isNoUiMode)() || !opts.commands;
     return {
-        async readLine(prompt) {
+        async readLine(prompt, readOpts) {
             try {
-                if (useLegacyPrompt) {
+                // v4.9.2 Slice 3 — confirmation prompts (suggestionsDisabled)
+                // always route through the legacy inquirer input path. No
+                // ghost-text (would autocomplete from outer chat history —
+                // wrong context for a y/n question), no slash dropdown
+                // (irrelevant for confirmations). Inquirer's plain input is
+                // the well-tested baseline for single-shot questions.
+                if (readOpts?.suggestionsDisabled || useLegacyPrompt) {
                     return (await inq.input({ message: prompt, theme: promptTheme })) ?? '';
                 }
                 // Fetch history just-in-time so each read sees the latest

package/dist/cli/v4/commands/channel.js

@@ -255,10 +255,9 @@ async function telegramRemove(ctx) {
         return;
     }
     const proceed = await confirm('Remove the Telegram bot token? This stops polling.');
-    if (!proceed) {
-        display.dim('  Cancelled.');
+    // v4.9.2 Slice 3 — confirm() now owns the rejection message.
+    if (!proceed)
         return;
-    }
     // Stop the live adapter first so polling actually halts even if the
     // .env write fails for some reason.
     const manager = ctx.channelManager;
@@ -297,10 +296,9 @@ async function telegramTakeover(ctx) {
     const proceed = confirm
         ? await confirm('Take over Telegram polling? This will boot any other Aiden instance off the bot.')
         : true;
-    if (!proceed) {
-        display.dim('  Cancelled.');
+    // v4.9.2 Slice 3 — confirm() now owns the rejection message.
+    if (!proceed)
         return;
-    }
     const spinner = display.startSpinner('Reclaiming Telegram polling…');
     let result;
     try {

package/dist/cli/v4/commands/cron.js

@@ -327,8 +327,13 @@ async function cmdRemove(ctx, args) {
     else if (ctx.confirm) {
         ok = await ctx.confirm(question);
     }
+    // v4.9.2 Slice 3 — when ctx.confirm was the source, the primitive
+    // already printed a per-input rejection message. The ctx.prompt
+    // branch above does its own y/N parsing, so it still owns its own
+    // "Cancelled." line.
     if (!ok) {
-        ctx.display.dim('Cancelled.');
+        if (ctx.prompt)
+            ctx.display.dim('Cancelled.');
         return;
     }
     if ((0, cronManager_1.deleteJob)(job.id)) {

package/dist/cli/v4/commands/daemonDoctor.js

@@ -85,7 +85,7 @@ function collectDoctorChecks(rootDir) {
             detail: `current=${ver} latest=${migrations_1.LATEST_SCHEMA_VERSION}`,
             fixable: false });
         // 3. Recent incarnation
-        const inc = db.prepare(`SELECT incarnation_id, started_at, ended_at, exit_reason FROM daemon_incarnations
+        const inc = db.prepare(`SELECT incarnation_id, started_at, ended_at, exit_reason FROM daemon_incarnations
         ORDER BY started_at DESC LIMIT 1`).get();
         if (!inc) {
             checks.push({ name: 'recent incarnation', status: 'warn',
@@ -100,7 +100,7 @@ function collectDoctorChecks(rootDir) {
         }
         // 4. Recent crashes (24h)
         const sinceIso = new Date(Date.now() - TWENTY_FOUR_HOURS_MS).toISOString();
-        const crashes = db.prepare(`SELECT COUNT(*) AS c FROM daemon_incarnations
+        const crashes = db.prepare(`SELECT COUNT(*) AS c FROM daemon_incarnations
         WHERE exit_reason = 'crash' AND started_at > ?`).get(sinceIso);
         checks.push({ name: 'recent crashes (24h)',
             status: crashes.c === 0 ? 'ok' : crashes.c > 3 ? 'warn' : 'ok',
@@ -111,7 +111,7 @@ function collectDoctorChecks(rootDir) {
         if (tableExists(db, 'run_attempts')) {
             const currentInc = inc?.incarnation_id ?? '';
             const cutoffIso = new Date(Date.now() - 30 * 60 * 1000).toISOString();
-            stuckAttempts = db.prepare(`SELECT COUNT(*) AS c FROM run_attempts
+            stuckAttempts = db.prepare(`SELECT COUNT(*) AS c FROM run_attempts
           WHERE status='running' AND incarnation_id != ? AND started_at < ?`).get(currentInc, cutoffIso).c;
         }
         checks.push({ name: 'stuck attempts',
@@ -125,7 +125,7 @@ function collectDoctorChecks(rootDir) {
         let orphanSpans = 0;
         if (tableExists(db, 'spans')) {
             const currentInc = inc?.incarnation_id ?? '';
-            orphanSpans = db.prepare(`SELECT COUNT(*) AS c FROM spans
+            orphanSpans = db.prepare(`SELECT COUNT(*) AS c FROM spans
           WHERE status IS NULL AND ended_at IS NULL AND incarnation_id != ?`).get(currentInc).c;
         }
         checks.push({ name: 'orphan spans',
@@ -147,7 +147,7 @@ function collectDoctorChecks(rootDir) {
         // 8. Stale-claimed trigger events
         let staleClaimed = 0;
         if (tableExists(db, 'trigger_events')) {
-            staleClaimed = db.prepare(`SELECT COUNT(*) AS c FROM trigger_events
+            staleClaimed = db.prepare(`SELECT COUNT(*) AS c FROM trigger_events
           WHERE status='claimed' AND claim_expires_at IS NOT NULL AND claim_expires_at < ?`).get(Date.now()).c;
         }
         checks.push({ name: 'stale-claimed trigger events',

package/dist/cli/v4/commands/daemonStatus.js

@@ -150,7 +150,7 @@ function readSnapshot() {
     // Recent runs (last 3).
     const recentRuns = (() => {
         try {
-            const rows = db.prepare(`SELECT id, status, finish_reason, started_at, completed_at FROM runs
+            const rows = db.prepare(`SELECT id, status, finish_reason, started_at, completed_at FROM runs
           ORDER BY id DESC LIMIT 3`).all();
             return rows.map((r) => ({
                 id: r.id,

package/dist/cli/v4/commands/mcp.js

@@ -266,8 +266,8 @@ async function wireSubagentFanout(opts) {
     // WAL-coexistence model as REPL — connection.ts caches per-path.
     const mcpInstanceId = `mcp-${(0, node_crypto_1.randomUUID)().slice(0, 8)}`;
     const mcpDb = (0, daemon_1.openDaemonDb)((0, daemon_1.daemonDbPath)(opts.paths.root));
-    mcpDb.prepare(`INSERT OR IGNORE INTO daemon_instances
-       (instance_id, pid, hostname, started_at, last_heartbeat, version)
+    mcpDb.prepare(`INSERT OR IGNORE INTO daemon_instances
+       (instance_id, pid, hostname, started_at, last_heartbeat, version)
      VALUES (?, ?, ?, ?, ?, ?)`).run(mcpInstanceId, process.pid, node_os_1.default.hostname(), Date.now(), Date.now(), version_1.VERSION);
     const mcpRunStore = (0, daemon_1.createRunStore)({ db: mcpDb });
     // v4.6 Phase 3b — self-improvement loop singleton against the

package/dist/cli/v4/commands/plugins.js

@@ -161,10 +161,9 @@ exports.plugins = {
             ctx.display.write('\n');
             const confirmFn = ctx.confirm ?? (async () => false);
             const allow = await confirmFn(`Install ${manifest.name} with the listed permissions? [y/N] `);
-            if (!allow) {
-                ctx.display.dim('Install cancelled.');
+            // v4.9.2 Slice 3 — confirm() now owns the rejection message.
+            if (!allow)
                 return {};
-            }
             // Copy into the user plugins dir.
             const dst = node_path_1.default.join(ctx.paths.pluginsDir, manifest.name);
             try {
@@ -258,10 +257,9 @@ exports.plugins = {
             const allow = await confirmFn(isUpgrade
                 ? `Grant the listed permissions (including ${newPerms.length} new)? [y/N] `
                 : `Grant the listed permissions? [y/N] `);
-            if (!allow) {
-                ctx.display.dim('Grant cancelled.');
+            // v4.9.2 Slice 3 — confirm() now owns the rejection message.
+            if (!allow)
                 return {};
-            }
             await (0, plugins_1.saveGrantedPermissions)(dir, entry.manifest.permissions);
             // Reload so the new state takes effect.
             await ctx.pluginLoader.teardown();

package/dist/cli/v4/commands/trigger.js

@@ -79,9 +79,9 @@ async function runTriggerSubcommand(action, args, argv, opts = {}) {
             spec.paths = spec.paths.map((p) => node_path_1.default.resolve(p));
             const id = (0, node_crypto_1.randomUUID)();
             const now = Date.now();
-            db.prepare(`INSERT INTO triggers
-           (id, source, name, spec_json, enabled, prompt_template, deliver_only,
-            created_at, updated_at)
+            db.prepare(`INSERT INTO triggers
+           (id, source, name, spec_json, enabled, prompt_template, deliver_only,
+            created_at, updated_at)
          VALUES (?, 'file', ?, ?, ?, ?, 0, ?, ?)`).run(id, a.name, JSON.stringify(spec), a.disabled ? 0 : 1, spec.promptTemplate ?? null, now, now);
             out(`trigger added: ${id} (${a.name})\n`);
             out('Restart the daemon to activate the watcher.\n');
@@ -182,11 +182,11 @@ async function runTriggerSubcommand(action, args, argv, opts = {}) {
                 return 1;
             }
             const prefix = `trigger:${trig.source}:${id}:`;
-            const rows = db.prepare(`SELECT re.ts, re.kind, re.payload, r.id AS run_id
-           FROM run_events re
-           JOIN runs r ON re.run_id = r.id
-          WHERE r.session_id LIKE ?
-          ORDER BY re.ts DESC
+            const rows = db.prepare(`SELECT re.ts, re.kind, re.payload, r.id AS run_id
+           FROM run_events re
+           JOIN runs r ON re.run_id = r.id
+          WHERE r.session_id LIKE ?
+          ORDER BY re.ts DESC
           LIMIT 50`).all(`${prefix}%`);
             if (rows.length === 0) {
                 out(`No run events recorded for trigger ${id} (${trig.name}).\n`);
@@ -213,10 +213,10 @@ async function runTriggerSubcommand(action, args, argv, opts = {}) {
                 return 1;
             }
             const prefix = `trigger:${trig.source}:${id}:`;
-            const rows = db.prepare(`SELECT id, status, finish_reason, started_at, completed_at
-           FROM runs
-          WHERE session_id LIKE ?
-          ORDER BY started_at DESC
+            const rows = db.prepare(`SELECT id, status, finish_reason, started_at, completed_at
+           FROM runs
+          WHERE session_id LIKE ?
+          ORDER BY started_at DESC
           LIMIT 50`).all(`${prefix}%`);
             if (rows.length === 0) {
                 out(`No runs recorded for trigger ${id} (${trig.name}).\n`);
@@ -261,9 +261,9 @@ function runAddWebhook(db, argv, out, err) {
     });
     const id = (0, node_crypto_1.randomUUID)();
     const now = Date.now();
-    db.prepare(`INSERT INTO triggers
-       (id, source, name, spec_json, enabled, prompt_template, deliver_only,
-        created_at, updated_at)
+    db.prepare(`INSERT INTO triggers
+       (id, source, name, spec_json, enabled, prompt_template, deliver_only,
+        created_at, updated_at)
      VALUES (?, 'webhook', ?, ?, ?, ?, ?, ?, ?)`).run(id, a.name, JSON.stringify(spec), a.disabled ? 0 : 1, spec.promptTemplate ?? null, spec.deliverOnly ? 1 : 0, now, now);
     const cfg = (0, daemon_1.getDaemonConfig)();
     const host = process.env.AIDEN_DAEMON_BIND ?? '127.0.0.1';
@@ -359,9 +359,9 @@ async function runAddEmail(db, argv, out, err) {
     }
     const id = (0, node_crypto_1.randomUUID)();
     const now = Date.now();
-    db.prepare(`INSERT INTO triggers
-       (id, source, name, spec_json, enabled, prompt_template, deliver_only,
-        created_at, updated_at)
+    db.prepare(`INSERT INTO triggers
+       (id, source, name, spec_json, enabled, prompt_template, deliver_only,
+        created_at, updated_at)
      VALUES (?, 'email', ?, ?, ?, ?, ?, ?, ?)`).run(id, a.name, JSON.stringify(spec), a.disabled ? 0 : 1, spec.promptTemplate ?? null, spec.deliverOnly ? 1 : 0, now, now);
     out(`trigger added: ${id} (${a.name})\n`);
     out(`imap host:     ${spec.imap.host}:${spec.imap.port}${spec.imap.tls ? ' (TLS)' : ''}\n`);

package/dist/cli/v4/confirmPrompt.js

@@ -0,0 +1,67 @@
+"use strict";
+/**
+ * Copyright (c) 2026 Shiva Deore (Taracod).
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ *
+ * Aiden — local-first agent.
+ */
+/**
+ * cli/v4/confirmPrompt.ts — v4.9.2 SLICE 3.
+ *
+ * The slash-command `ctx.confirm()` primitive, extracted from the
+ * chatSession closure so it has one source of truth + is unit-testable
+ * without spinning up a full REPL.
+ *
+ * Behaviour:
+ *   - Canonicalises the y/n hint: strips any caller-appended ` (y/N) `
+ *     / ` [y/N] ` / ` (Y/n) ` so the primitive can append exactly one
+ *     ` (y/N) ` in canonical lowercase-y / capital-N form.
+ *   - Prefixes with a warn-tinted `?` glyph so the confirmation chrome
+ *     is visually distinct from the main ▲ chat prompt (Slice 3 root
+ *     cause: users couldn't tell a prompt was open).
+ *   - Routes through `promptApi.readLine` with `suggestionsDisabled:true`
+ *     so the inquirer-input path runs (no ghost-text from outer chat
+ *     history, no slash dropdown — irrelevant for y/n).
+ *   - Emits a per-input cancellation reason:
+ *       empty / Enter alone   → "Cancelled (press 'y' to confirm; …)"
+ *       'n' / 'no'            → "Cancelled."  (deliberate decline)
+ *       other non-y           → `Cancelled ("<x>" not recognized — …)`
+ *       null / non-string     → "Cancelled (no input)."
+ *     Callers no longer print their own "Cancelled." line — the
+ *     primitive owns the rejection message.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runConfirm = runConfirm;
+/** Strip any caller-appended `(y/N)` / `[y/N]` / `(Y/n)` so we can
+ *  re-append the canonical hint without duplication. */
+const TRAILING_YN_HINT_RE = /\s*[\[(](y\/[nN]|Y\/n)[\])]\s*$/i;
+/**
+ * Run a single confirmation prompt. Resolves to `true` on `y` / `yes`
+ * (case insensitive, trimmed); `false` on anything else, with a
+ * specific cancellation line written to `display.dim()`.
+ *
+ * Never throws — readLine errors and non-string returns degrade to
+ * `false` with an honest "no input" reason.
+ */
+async function runConfirm(msg, promptApi, display) {
+    const stripped = msg.replace(TRAILING_YN_HINT_RE, '').trimEnd();
+    const decorated = `${display.paint('?', 'warn')} ${stripped} (y/N) `;
+    const r = await promptApi.readLine(decorated, { suggestionsDisabled: true });
+    if (typeof r !== 'string') {
+        display.dim('Cancelled (no input).');
+        return false;
+    }
+    const trimmed = r.trim();
+    if (/^(y|yes)$/i.test(trimmed))
+        return true;
+    if (trimmed === '') {
+        display.dim(`Cancelled (press 'y' to confirm; Enter alone = no).`);
+    }
+    else if (/^(n|no)$/i.test(trimmed)) {
+        display.dim('Cancelled.');
+    }
+    else {
+        display.dim(`Cancelled ("${trimmed}" not recognized — expected y/yes/n/no).`);
+    }
+    return false;
+}