npm - airaknit - Versions diffs - 1.1.2-rc.9 - Mend

airaknit 1.1.2-rc.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (440) hide show

package/LICENSE +84 -0
package/README.md +202 -0
package/bin/airaknit +9 -0
package/bin/airaknit-project +14 -0
package/bin/kanna +9 -0
package/dist/client/assets/CompactSummaryMessage-Yw0BDWEJ.js +1 -0
package/dist/client/assets/ExitPlanModeMessage-DIdkQ4uF.js +1 -0
package/dist/client/assets/LocalFilePreviewDialog-DQx2eiCc.js +3 -0
package/dist/client/assets/LocalProjectsSection-C4xlWkgS.js +1 -0
package/dist/client/assets/TextMessage-B5G39DEJ.js +1 -0
package/dist/client/assets/UserMessage-CIkWk-0L.js +1 -0
package/dist/client/assets/_basePickBy-CVrAFfnZ.js +1 -0
package/dist/client/assets/_baseUniq-JL-aaF4P.js +1 -0
package/dist/client/assets/arc-B07zg7ol.js +1 -0
package/dist/client/assets/architecture-YZFGNWBL-PSLVJL3p.js +1 -0
package/dist/client/assets/architectureDiagram-Q4EWVU46-DfWIF1G_.js +36 -0
package/dist/client/assets/array-BGFCBI0e.js +1 -0
package/dist/client/assets/blockDiagram-DXYQGD6D-CzwIeo_B.js +132 -0
package/dist/client/assets/bundle-mjs-BDE2gWbQ.js +1 -0
package/dist/client/assets/button-DO50qOGv.js +1 -0
package/dist/client/assets/c4Diagram-AHTNJAMY-CR8DCQRE.js +10 -0
package/dist/client/assets/channel-Dj-UUfaF.js +1 -0
package/dist/client/assets/chunk-2KRD3SAO-dznP-cn8.js +1 -0
package/dist/client/assets/chunk-336JU56O-Dqss5Vu6.js +2 -0
package/dist/client/assets/chunk-426QAEUC-CEKis_0_.js +1 -0
package/dist/client/assets/chunk-4BX2VUAB-BYOv0Gm1.js +1 -0
package/dist/client/assets/chunk-4TB4RGXK-BxzubH5S.js +206 -0
package/dist/client/assets/chunk-55IACEB6-BSlTj03a.js +1 -0
package/dist/client/assets/chunk-5FUZZQ4R-9Au93Bi1.js +62 -0
package/dist/client/assets/chunk-5PVQY5BW-BhksHFEZ.js +2 -0
package/dist/client/assets/chunk-67CJDMHE-BFwhz-8t.js +1 -0
package/dist/client/assets/chunk-7N4EOEYR-BDUPds87.js +1 -0
package/dist/client/assets/chunk-AA7GKIK3-CEWTdyXO.js +1 -0
package/dist/client/assets/chunk-BO2N2NFS-D0LvxnhU.js +103 -0
package/dist/client/assets/chunk-BSJP7CBP-BNJnK6sq.js +1 -0
package/dist/client/assets/chunk-Bj-mKKzh.js +1 -0
package/dist/client/assets/chunk-CIAEETIT-CYhfoCeN.js +1 -0
package/dist/client/assets/chunk-EDXVE4YY-C5ovJLc0.js +1 -0
package/dist/client/assets/chunk-ENJZ2VHE-HOhYaeGr.js +10 -0
package/dist/client/assets/chunk-FMBD7UC4-BLCiKcAQ.js +15 -0
package/dist/client/assets/chunk-FOC6F5B3-B6GtY2ek.js +1 -0
package/dist/client/assets/chunk-ICPOFSXX-DPoIZoC5.js +122 -0
package/dist/client/assets/chunk-K5T4RW27-BsKN63rv.js +94 -0
package/dist/client/assets/chunk-KGLVRYIC-BUGn9uuY.js +1 -0
package/dist/client/assets/chunk-LIHQZDEY-DhaZyo03.js +1 -0
package/dist/client/assets/chunk-ORNJ4GCN-DlpeeJyi.js +1 -0
package/dist/client/assets/chunk-OYMX7WX6-Dc9q7aYA.js +231 -0
package/dist/client/assets/chunk-QZHKN3VN-BEdrPoSb.js +1 -0
package/dist/client/assets/chunk-U2HBQHQK-CIB3Bjjd.js +70 -0
package/dist/client/assets/chunk-X2U36JSP-CtB-o8Yp.js +1 -0
package/dist/client/assets/chunk-XPW4576I-C6iHhX_8.js +32 -0
package/dist/client/assets/chunk-YZCP3GAM-CTmKr6ZH.js +1 -0
package/dist/client/assets/chunk-ZZ45TVLE-BgU8A2RF.js +1 -0
package/dist/client/assets/classDiagram-6PBFFD2Q-Bqk5e679.js +1 -0
package/dist/client/assets/classDiagram-v2-HSJHXN6E-6pSaZOkC.js +1 -0
package/dist/client/assets/client-BrKWI4CM.js +1 -0
package/dist/client/assets/client-CGgNRU9w.js +1 -0
package/dist/client/assets/client-DMSLRzg9.js +6 -0
package/dist/client/assets/clone-DWcL7whJ.js +1 -0
package/dist/client/assets/cose-bilkent-S5V4N54A-CrV5wsV_.js +1 -0
package/dist/client/assets/cytoscape.esm--aLzKuep.js +321 -0
package/dist/client/assets/dagre-CuRxWcrj.js +1 -0
package/dist/client/assets/dagre-KV5264BT-BIDiVnkA.js +4 -0
package/dist/client/assets/defaultLocale-CRZydyG6.js +1 -0
package/dist/client/assets/diagram-5BDNPKRD-i1kjKRCB.js +10 -0
package/dist/client/assets/diagram-G4DWMVQ6-9ZSLuhbl.js +24 -0
package/dist/client/assets/diagram-MMDJMWI5-B4_CUjgv.js +43 -0
package/dist/client/assets/diagram-TYMM5635-Ct5eTGS8.js +24 -0
package/dist/client/assets/dist-CuB4kiSK.js +1 -0
package/dist/client/assets/erDiagram-SMLLAGMA-Cy38ercc.js +85 -0
package/dist/client/assets/flowDiagram-DWJPFMVM-CZKuYl0V.js +162 -0
package/dist/client/assets/ganttDiagram-T4ZO3ILL-DLPjCh7a.js +292 -0
package/dist/client/assets/gitGraph-7Q5UKJZL-DqbrtEp9.js +1 -0
package/dist/client/assets/gitGraphDiagram-UUTBAWPF-BoRBkDhQ.js +106 -0
package/dist/client/assets/graphlib-BcQ6qlQh.js +1 -0
package/dist/client/assets/highlighted-body-OFNGDK62-BEpBVDTX.js +1 -0
package/dist/client/assets/index-CetCiuqP.js +105 -0
package/dist/client/assets/index-N29Mip7A.css +1 -0
package/dist/client/assets/info-OMHHGYJF-D98DRBJX.js +1 -0
package/dist/client/assets/infoDiagram-42DDH7IO-BAcdTWbt.js +2 -0
package/dist/client/assets/init-B8gtcn7T.js +1 -0
package/dist/client/assets/isArrayLikeObject-D8SJFmkN.js +1 -0
package/dist/client/assets/isEmpty-BF3YX5Jk.js +1 -0
package/dist/client/assets/ishikawaDiagram-UXIWVN3A-Ynu2VKdC.js +70 -0
package/dist/client/assets/journeyDiagram-VCZTEJTY-BjfhQaN3.js +139 -0
package/dist/client/assets/jsx-runtime-CyI9ICYU.js +1 -0
package/dist/client/assets/kanban-definition-6JOO6SKY-JLXH9zUJ.js +89 -0
package/dist/client/assets/katex-B94qP8b6.js +265 -0
package/dist/client/assets/lib--QVjyxmL.js +29 -0
package/dist/client/assets/lib-B6rgJiZ9.js +1 -0
package/dist/client/assets/line-DCrYfLBn.js +1 -0
package/dist/client/assets/linear-_4upLmeo.js +1 -0
package/dist/client/assets/mermaid-GHXKKRXX-rwJHYUmW.js +1 -0
package/dist/client/assets/mermaid-parser.core-KZinfW8o.js +4 -0
package/dist/client/assets/mermaid.core-QqY9gSNe.js +11 -0
package/dist/client/assets/mindmap-definition-QFDTVHPH-TWgHDAzp.js +96 -0
package/dist/client/assets/ordinal-CCj7PWgZ.js +1 -0
package/dist/client/assets/packet-4T2RLAQJ-DEvfkn3F.js +1 -0
package/dist/client/assets/path-DZF-JdEe.js +1 -0
package/dist/client/assets/pie-ZZUOXDRM-72e6WVjb.js +1 -0
package/dist/client/assets/pieDiagram-DEJITSTG-Cl8PCsoj.js +30 -0
package/dist/client/assets/preload-helper-rov5CBGT.js +1 -0
package/dist/client/assets/pty-client-DZ27IS00.js +1 -0
package/dist/client/assets/ptyInstancesStore-D9ag7SYd.js +1 -0
package/dist/client/assets/quadrantDiagram-34T5L4WZ-CHyVGp9E.js +7 -0
package/dist/client/assets/radar-PYXPWWZC-Cp7xd_EY.js +1 -0
package/dist/client/assets/react-CClhXMB2.js +1 -0
package/dist/client/assets/react-Dd6D81m0.js +1 -0
package/dist/client/assets/react-dom--G6_6fQ_.js +1 -0
package/dist/client/assets/requirementDiagram-MS252O5E-DaanG2iM.js +84 -0
package/dist/client/assets/rough.esm-BsmKo2S5.js +1 -0
package/dist/client/assets/sankeyDiagram-XADWPNL6-B_fhLY36.js +10 -0
package/dist/client/assets/sequenceDiagram-FGHM5R23-C5FNrveI.js +157 -0
package/dist/client/assets/src-DeTlMJAU.js +1 -0
package/dist/client/assets/stateDiagram-FHFEXIEX-nTTcdjjQ.js +1 -0
package/dist/client/assets/stateDiagram-v2-QKLJ7IA2-Dw0632j_.js +1 -0
package/dist/client/assets/timeline-definition-GMOUNBTQ-DkQV1yP8.js +120 -0
package/dist/client/assets/treeView-SZITEDCU-ZLIgC7_K.js +1 -0
package/dist/client/assets/treemap-W4RFUUIX-BqaMbB6N.js +1 -0
package/dist/client/assets/uiIdentityOverlay-Ba7GNj7m.js +1 -0
package/dist/client/assets/vennDiagram-DHZGUBPP-DbZ2xgs6.js +34 -0
package/dist/client/assets/wardley-RL74JXVD-DXQS8zf4.js +1 -0
package/dist/client/assets/wardleyDiagram-NUSXRM2D-BzCJ6MAu.js +20 -0
package/dist/client/assets/xychartDiagram-5P7HB3ND-BSlFecop.js +7 -0
package/dist/client/favicon.png +0 -0
package/dist/client/favicon.svg +15 -0
package/dist/client/fonts/body-medium.woff2 +0 -0
package/dist/client/fonts/body-regular-italic.woff2 +0 -0
package/dist/client/fonts/body-regular.woff2 +0 -0
package/dist/client/fonts/body-semibold.woff2 +0 -0
package/dist/client/index.html +31 -0
package/dist/client/manifest.webmanifest +12 -0
package/dist/client/sw.js +32 -0
package/package.json +122 -0
package/src/nats/auth-callout/callout-config.test.ts +93 -0
package/src/nats/auth-callout/callout-config.ts +109 -0
package/src/nats/auth-callout/callout.integration.test.ts +332 -0
package/src/nats/auth-callout/keys.ts +103 -0
package/src/nats/auth-callout/responder.ts +241 -0
package/src/nats/auth-callout/scope-policy.test.ts +159 -0
package/src/nats/auth-callout/scope-policy.ts +210 -0
package/src/nats/auth-callout/token.test.ts +163 -0
package/src/nats/auth-callout/token.ts +157 -0
package/src/nats/nats-daemon-callout.ts +194 -0
package/src/nats/nats-daemon.test.ts +77 -0
package/src/nats/nats-daemon.ts +50 -0
package/src/nats/nats-token.test.ts +61 -0
package/src/nats/nats-token.ts +59 -0
package/src/runner/coordination-mcp-integration.test.ts +134 -0
package/src/runner/nats-coordination-client.test.ts +49 -0
package/src/runner/nats-coordination-client.ts +94 -0
package/src/runner/runner-agent.test.ts +469 -0
package/src/runner/runner-agent.ts +453 -0
package/src/runner/runner-credential.test.ts +93 -0
package/src/runner/runner-credential.ts +82 -0
package/src/runner/runner-nats.test.ts +495 -0
package/src/runner/runner-nats.ts +323 -0
package/src/runner/runner-pair.test.ts +107 -0
package/src/runner/runner-pair.ts +81 -0
package/src/runner/runner.test.ts +135 -0
package/src/runner/runner.ts +212 -0
package/src/runner/turn-factories.test.ts +97 -0
package/src/runner/turn-factories.ts +475 -0
package/src/server/agent-config-journey.test.ts +106 -0
package/src/server/agent.ts +8 -0
package/src/server/auto-continue/auth-error-detector.ts +66 -0
package/src/server/auto-continue/limit-detector.ts +194 -0
package/src/server/bm25.test.ts +92 -0
package/src/server/bm25.ts +101 -0
package/src/server/chat-events-jetstream.test.ts +135 -0
package/src/server/claude-harness.ts +360 -0
package/src/server/claude-pty/agent-normalizers.ts +309 -0
package/src/server/claude-pty/auth.test.ts +38 -0
package/src/server/claude-pty/auth.ts +32 -0
package/src/server/claude-pty/claude-session-registry.adapter.ts +81 -0
package/src/server/claude-pty/claude-session-registry.test.ts +149 -0
package/src/server/claude-pty/driver.test.ts +902 -0
package/src/server/claude-pty/driver.ts +807 -0
package/src/server/claude-pty/jsonl-path.adapter.ts +57 -0
package/src/server/claude-pty/jsonl-path.test.ts +114 -0
package/src/server/claude-pty/jsonl-to-event.test.ts +241 -0
package/src/server/claude-pty/jsonl-to-event.ts +174 -0
package/src/server/claude-pty/output-ring.test.ts +35 -0
package/src/server/claude-pty/output-ring.ts +25 -0
package/src/server/claude-pty/parity-matrix.test.ts +227 -0
package/src/server/claude-pty/pid-registry.adapter.ts +135 -0
package/src/server/claude-pty/pid-registry.test.ts +122 -0
package/src/server/claude-pty/preflight/binary-fingerprint.adapter.ts +20 -0
package/src/server/claude-pty/preflight/binary-fingerprint.test.ts +32 -0
package/src/server/claude-pty/pty-instance-registry.test.ts +177 -0
package/src/server/claude-pty/pty-instance-registry.ts +166 -0
package/src/server/claude-pty/pty-memory-sampler.adapter.test.ts +103 -0
package/src/server/claude-pty/pty-memory-sampler.adapter.ts +85 -0
package/src/server/claude-pty/pty-process.adapter.ts +66 -0
package/src/server/claude-pty/pty-process.test.ts +49 -0
package/src/server/claude-pty/resolve-binary.adapter.ts +106 -0
package/src/server/claude-pty/resolve-binary.test.ts +118 -0
package/src/server/claude-pty/runtime-dir.adapter.ts +19 -0
package/src/server/claude-pty/settings-writer.adapter.ts +27 -0
package/src/server/claude-pty/settings-writer.test.ts +22 -0
package/src/server/claude-pty/smoke-test-io.adapter.ts +28 -0
package/src/server/claude-pty/smoke-test.test.ts +191 -0
package/src/server/claude-pty/smoke-test.ts +185 -0
package/src/server/claude-pty/subagent-orchestrator.ts +887 -0
package/src/server/claude-pty/tool-callback.ts +274 -0
package/src/server/claude-pty/tui-control.test.ts +272 -0
package/src/server/claude-pty/tui-control.ts +182 -0
package/src/server/claude-pty/tui-source.adapter.test.ts +360 -0
package/src/server/claude-pty/tui-source.adapter.ts +343 -0
package/src/server/claude-pty/tunnel-gateway.ts +12 -0
package/src/server/claude-pty-mcp/canonical-args.ts +15 -0
package/src/server/claude-pty-mcp/fs-stat.adapter.ts +8 -0
package/src/server/claude-pty-mcp/history-primer.ts +90 -0
package/src/server/claude-pty-mcp/http-server.adapter.ts +33 -0
package/src/server/claude-pty-mcp/mcp-http.ts +177 -0
package/src/server/claude-pty-mcp/mcp.ts +412 -0
package/src/server/claude-pty-mcp/mention-parser.ts +25 -0
package/src/server/claude-pty-mcp/paths.ts +24 -0
package/src/server/claude-pty-mcp/permission-gate.ts +243 -0
package/src/server/claude-pty-mcp/terminal-pid-registry.adapter.ts +107 -0
package/src/server/claude-pty-mcp/tools/ask-user-question.test.ts +119 -0
package/src/server/claude-pty-mcp/tools/ask-user-question.ts +61 -0
package/src/server/claude-pty-mcp/tools/bash.adapter.ts +76 -0
package/src/server/claude-pty-mcp/tools/bash.test.ts +56 -0
package/src/server/claude-pty-mcp/tools/delegate-subagent.test.ts +155 -0
package/src/server/claude-pty-mcp/tools/delegate-subagent.ts +111 -0
package/src/server/claude-pty-mcp/tools/edit.adapter.ts +95 -0
package/src/server/claude-pty-mcp/tools/edit.test.ts +93 -0
package/src/server/claude-pty-mcp/tools/exit-plan-mode.test.ts +61 -0
package/src/server/claude-pty-mcp/tools/exit-plan-mode.ts +50 -0
package/src/server/claude-pty-mcp/tools/glob.adapter.ts +86 -0
package/src/server/claude-pty-mcp/tools/glob.test.ts +61 -0
package/src/server/claude-pty-mcp/tools/grep.adapter.ts +126 -0
package/src/server/claude-pty-mcp/tools/grep.test.ts +62 -0
package/src/server/claude-pty-mcp/tools/read.adapter.ts +58 -0
package/src/server/claude-pty-mcp/tools/read.test.ts +62 -0
package/src/server/claude-pty-mcp/tools/tool-callback-shim.ts +42 -0
package/src/server/claude-pty-mcp/tools/webfetch.test.ts +81 -0
package/src/server/claude-pty-mcp/tools/webfetch.ts +82 -0
package/src/server/claude-pty-mcp/tools/websearch.test.ts +40 -0
package/src/server/claude-pty-mcp/tools/websearch.ts +42 -0
package/src/server/claude-pty-mcp/tools/write.adapter.ts +60 -0
package/src/server/claude-pty-mcp/tools/write.test.ts +52 -0
package/src/server/claude-pty-mcp/uploads.adapter.ts +98 -0
package/src/server/claude-pty-mcp/uploads.ts +38 -0
package/src/server/claude-turn.test.ts +176 -0
package/src/server/cli-runtime.test.ts +456 -0
package/src/server/cli-runtime.ts +374 -0
package/src/server/cli-supervisor.ts +81 -0
package/src/server/cli.ts +78 -0
package/src/server/client-log-forwarder.test.ts +74 -0
package/src/server/client-log-forwarder.ts +75 -0
package/src/server/codex-app-server-protocol.ts +449 -0
package/src/server/codex-app-server.test.ts +2990 -0
package/src/server/codex-app-server.ts +1713 -0
package/src/server/coordination-integration.test.ts +63 -0
package/src/server/coordination-mcp.test.ts +149 -0
package/src/server/coordination-mcp.ts +197 -0
package/src/server/delegation-coordinator.test.ts +675 -0
package/src/server/delegation-coordinator.ts +454 -0
package/src/server/discovery.test.ts +211 -0
package/src/server/discovery.ts +301 -0
package/src/server/event-store-agent-config.test.ts +124 -0
package/src/server/event-store-coordination.test.ts +149 -0
package/src/server/event-store-profile.test.ts +132 -0
package/src/server/event-store-repo.test.ts +154 -0
package/src/server/event-store-runner-team.test.ts +104 -0
package/src/server/event-store.test.ts +342 -0
package/src/server/event-store.ts +2208 -0
package/src/server/events.ts +379 -0
package/src/server/extension-router.test.ts +183 -0
package/src/server/extension-router.ts +114 -0
package/src/server/extensions/agents/server.test.ts +191 -0
package/src/server/extensions/agents/server.ts +108 -0
package/src/server/extensions/c3/server.test.ts +284 -0
package/src/server/extensions/c3/server.ts +212 -0
package/src/server/extensions/code/server.test.ts +200 -0
package/src/server/extensions/code/server.ts +150 -0
package/src/server/extensions.config.ts +10 -0
package/src/server/external-open.ts +69 -0
package/src/server/generate-fork-context.ts +58 -0
package/src/server/generate-merge-context.test.ts +290 -0
package/src/server/generate-merge-context.ts +141 -0
package/src/server/generate-title.ts +36 -0
package/src/server/git-clone-policy.test.ts +138 -0
package/src/server/git-clone-policy.ts +27 -0
package/src/server/harness-types.ts +1 -0
package/src/server/journey-verification.test.ts +640 -0
package/src/server/journey-verification.ts +195 -0
package/src/server/machine-name.ts +22 -0
package/src/server/nats-auth.test.ts +92 -0
package/src/server/nats-auth.ts +6 -0
package/src/server/nats-bind-guard.test.ts +71 -0
package/src/server/nats-bind-guard.ts +42 -0
package/src/server/nats-bridge.test.ts +141 -0
package/src/server/nats-bridge.ts +111 -0
package/src/server/nats-connector.test.ts +56 -0
package/src/server/nats-connector.ts +71 -0
package/src/server/nats-daemon-manager.test.ts +76 -0
package/src/server/nats-daemon-manager.ts +174 -0
package/src/server/nats-publisher.test.ts +356 -0
package/src/server/nats-publisher.ts +271 -0
package/src/server/nats-responders.test.ts +1018 -0
package/src/server/nats-responders.ts +925 -0
package/src/server/nats-streams.test.ts +112 -0
package/src/server/nats-streams.ts +129 -0
package/src/server/oauth-pool/oauth-responders.ts +185 -0
package/src/server/oauth-pool/oauth-settings-store.ts +173 -0
package/src/server/oauth-pool/oauth-token-pool.ts +303 -0
package/src/server/orchestration.test.ts +1063 -0
package/src/server/orchestration.ts +716 -0
package/src/server/pairing-endpoints.test.ts +171 -0
package/src/server/pairing-store.test.ts +154 -0
package/src/server/pairing-store.ts +124 -0
package/src/server/paths.ts +27 -0
package/src/server/pr3-liveness.test.ts +252 -0
package/src/server/process-utils.ts +10 -0
package/src/server/project-cli.ts +180 -0
package/src/server/provider-catalog.test.ts +177 -0
package/src/server/provider-catalog.ts +146 -0
package/src/server/pty-responders.ts +345 -0
package/src/server/push-notifications.test.ts +234 -0
package/src/server/push-notifications.ts +188 -0
package/src/server/quick-response.test.ts +196 -0
package/src/server/quick-response.ts +154 -0
package/src/server/read-models-agent-config.test.ts +59 -0
package/src/server/read-models-coordination.test.ts +69 -0
package/src/server/read-models.test.ts +332 -0
package/src/server/read-models.ts +258 -0
package/src/server/repo-journey.test.ts +96 -0
package/src/server/repo-manager.test.ts +118 -0
package/src/server/repo-manager.ts +97 -0
package/src/server/repo-status.test.ts +54 -0
package/src/server/repo-status.ts +82 -0
package/src/server/restart.test.ts +27 -0
package/src/server/restart.ts +30 -0
package/src/server/runner-incompatible-gate.test.ts +383 -0
package/src/server/runner-manager.test.ts +72 -0
package/src/server/runner-manager.ts +312 -0
package/src/server/runner-pairing-urls.test.ts +59 -0
package/src/server/runner-pairing-urls.ts +67 -0
package/src/server/runner-proxy.test.ts +456 -0
package/src/server/runner-proxy.ts +494 -0
package/src/server/runner-router.test.ts +429 -0
package/src/server/runner-router.ts +212 -0
package/src/server/runner-routing.test.ts +584 -0
package/src/server/runtime-registry.test.ts +436 -0
package/src/server/runtime-registry.ts +307 -0
package/src/server/sandbox-health.test.ts +127 -0
package/src/server/sandbox-health.ts +94 -0
package/src/server/sandbox-journey.test.ts +232 -0
package/src/server/sandbox-manager.test.ts +146 -0
package/src/server/sandbox-manager.ts +159 -0
package/src/server/server.test.ts +287 -0
package/src/server/server.ts +1108 -0
package/src/server/session-discovery.test.ts +129 -0
package/src/server/session-discovery.ts +475 -0
package/src/server/session-index.test.ts +362 -0
package/src/server/session-index.ts +119 -0
package/src/server/session-seed.ts +288 -0
package/src/server/share.test.ts +108 -0
package/src/server/share.ts +113 -0
package/src/server/skill-discovery.test.ts +201 -0
package/src/server/skill-discovery.ts +77 -0
package/src/server/storage/test-helpers.ts +67 -0
package/src/server/terminal-manager.test.ts +309 -0
package/src/server/terminal-manager.ts +354 -0
package/src/server/transcript-consumer.test.ts +339 -0
package/src/server/transcript-consumer.ts +162 -0
package/src/server/transcript-search.test.ts +193 -0
package/src/server/transcript-search.ts +83 -0
package/src/server/transcript-utils.ts +52 -0
package/src/server/update-manager.test.ts +107 -0
package/src/server/update-manager.ts +230 -0
package/src/server/workflow-engine.test.ts +251 -0
package/src/server/workflow-engine.ts +169 -0
package/src/server/workflow-mcp.ts +49 -0
package/src/server/workflow-store.test.ts +155 -0
package/src/server/workflow-store.ts +139 -0
package/src/server/workspace-agent-integration.test.ts +167 -0
package/src/server/workspace-agent-routes.test.ts +127 -0
package/src/server/workspace-agent-routes.ts +89 -0
package/src/server/workspace-agent.test.ts +103 -0
package/src/server/workspace-agent.ts +102 -0
package/src/server/workspace-cli.test.ts +79 -0
package/src/server/workspace-config-manager.test.ts +109 -0
package/src/server/workspace-config-manager.ts +83 -0
package/src/server/workspace-directory-policy.test.ts +109 -0
package/src/server/workspace-directory-policy.ts +56 -0
package/src/shared/agent-config-types.ts +25 -0
package/src/shared/branding.test.ts +42 -0
package/src/shared/branding.ts +54 -0
package/src/shared/compression.test.ts +85 -0
package/src/shared/compression.ts +42 -0
package/src/shared/coordination-store.test.ts +24 -0
package/src/shared/coordination-store.ts +26 -0
package/src/shared/dev-ports.test.ts +84 -0
package/src/shared/dev-ports.ts +100 -0
package/src/shared/extension-types.ts +45 -0
package/src/shared/fork-presets.ts +54 -0
package/src/shared/harness-types.test.ts +15 -0
package/src/shared/harness-types.ts +21 -0
package/src/shared/log-sink.test.ts +112 -0
package/src/shared/log-sink.ts +185 -0
package/src/shared/mention-pattern.ts +7 -0
package/src/shared/merge-presets.ts +41 -0
package/src/shared/nats-subjects.test.ts +61 -0
package/src/shared/nats-subjects.ts +131 -0
package/src/shared/permission-policy.ts +136 -0
package/src/shared/ports.ts +3 -0
package/src/shared/preset-types.ts +15 -0
package/src/shared/profile-types.ts +49 -0
package/src/shared/projectFileUrl.ts +36 -0
package/src/shared/protocol.ts +153 -0
package/src/shared/pty-instance.ts +43 -0
package/src/shared/puggy/diagnostics/result.ts +18 -0
package/src/shared/puggy/expressions/evaluate.ts +292 -0
package/src/shared/puggy/index.test.ts +101 -0
package/src/shared/puggy/index.ts +69 -0
package/src/shared/puggy/parser/ast.ts +110 -0
package/src/shared/puggy/parser/parser.ts +624 -0
package/src/shared/puggy/renderer/html.ts +447 -0
package/src/shared/runner-protocol.test.ts +277 -0
package/src/shared/runner-protocol.ts +210 -0
package/src/shared/runner-team-types.ts +73 -0
package/src/shared/runtime-types.ts +48 -0
package/src/shared/sandbox-types.ts +53 -0
package/src/shared/tailwind-build.test.ts +12 -0
package/src/shared/tinkaria-system-prompt.ts +101 -0
package/src/shared/tools.test.ts +335 -0
package/src/shared/tools.ts +397 -0
package/src/shared/transcript-entries.ts +27 -0
package/src/shared/transcript-render.test.ts +225 -0
package/src/shared/transcript-render.ts +467 -0
package/src/shared/types.ts +1031 -0
package/src/shared/vite-config.test.ts +47 -0
package/src/shared/web-context.test.ts +110 -0
package/src/shared/web-context.ts +76 -0
package/src/shared/workflow-types.ts +51 -0
package/src/shared/workspace-types.ts +100 -0

package/src/server/claude-pty/tool-callback.ts ADDED Viewed

@@ -0,0 +1,274 @@
+import { createHmac } from "node:crypto"
+import type {
+  ChatPermissionPolicy,
+  ToolRequest,
+  ToolRequestDecision,
+  ToolRequestStatus,
+} from "../../shared/permission-policy"
+import { POLICY_TERMINAL_STATUSES } from "../../shared/permission-policy"
+import { policy } from "../claude-pty-mcp/permission-gate"
+import { canonicalArgsHash } from "../claude-pty-mcp/canonical-args"
+import type { EventStore } from "../event-store"
+export interface ToolCallbackServiceArgs {
+  store: EventStore
+  serverSecret: string
+  now: () => number
+  timeoutMs: number
+}
+export interface ToolCallbackSubmitArgs {
+  chatId: string
+  sessionId: string
+  toolUseId: string
+  toolName: string
+  args: Record<string, unknown>
+  chatPolicy: ChatPermissionPolicy
+  cwd: string
+}
+export interface ToolCallbackResult {
+  status: ToolRequestStatus
+  decision: ToolRequestDecision
+  mismatchReason?: string
+}
+export interface ToolCallbackService {
+  submit(args: ToolCallbackSubmitArgs): Promise<ToolCallbackResult>
+  answer(id: string, decision: ToolRequestDecision): Promise<void>
+  cancel(id: string, reason: string): Promise<void>
+  cancelAllForChat(chatId: string, reason: string): Promise<void>
+  cancelAllForSession(sessionId: string, reason: string): Promise<void>
+  recoverOnStartup(): Promise<void>
+  tickTimeouts(): Promise<void>
+}
+export function createToolCallbackService(opts: ToolCallbackServiceArgs): ToolCallbackService {
+  interface PendingWaiter {
+    resolve: (r: ToolCallbackResult) => void
+    expiresAt: number
+  }
+  const waiters = new Map<string, PendingWaiter[]>()
+  // Tracks the canonical (toolName, canonicalArgsHash) per (chatId, sessionId,
+  // toolUseId) so we detect mismatched retries. toolUseId is generated by the
+  // claude CLI per-session and restarts at "1" for each new spawn, so keying
+  // by toolUseId alone collides across chats / restarts.
+  const seenToolUseIds = new Map<string, { id: string; toolName: string; canonicalArgsHash: string }>()
+  function seenKey(s: { chatId: string; sessionId: string; toolUseId: string }): string {
+    return `${s.chatId}|${s.sessionId}|${s.toolUseId}`
+  }
+  // In-memory mirror of persisted records keyed by id — lets submit() check
+  // existing state synchronously (before the first await) so that concurrent
+  // calls within the same event-loop turn see the correct state.
+  const inMemory = new Map<string, ToolRequest>()
+  function hmacId(s: ToolCallbackSubmitArgs, hash: string): string {
+    const h = createHmac("sha256", opts.serverSecret)
+    h.update(`${s.chatId}|${s.sessionId}|${s.toolUseId}|${s.toolName}|${hash}`)
+    return h.digest("hex")
+  }
+  function resolveWaiters(id: string, result: ToolCallbackResult) {
+    const ws = waiters.get(id) ?? []
+    waiters.delete(id)
+    for (const w of ws) w.resolve(result)
+  }
+  async function persistPut(req: ToolRequest): Promise<void> {
+    inMemory.set(req.id, { ...req })
+    await opts.store.putToolRequest(req)
+  }
+  async function persistResolve(
+    id: string,
+    update: { status: ToolRequestStatus; decision: ToolRequestDecision; resolvedAt: number; mismatchReason?: string },
+  ): Promise<void> {
+    const existing = inMemory.get(id)
+    if (existing) {
+      inMemory.set(id, { ...existing, ...update })
+    }
+    await opts.store.resolveToolRequest(id, update)
+  }
+  const svc: ToolCallbackService = {
+    submit(args) {
+      const hash = canonicalArgsHash(args.args)
+      const id = hmacId(args, hash)
+      // ── Arg-mismatch check (synchronous, no I/O) ──────────────────────────
+      const seen = seenToolUseIds.get(seenKey(args))
+      if (seen && (seen.toolName !== args.toolName || seen.canonicalArgsHash !== hash)) {
+        const reason = `argument_mismatch: canonicalArgsHash differs from prior submission for toolUseId=${args.toolUseId}`
+        const decision: ToolRequestDecision = { kind: "deny", reason }
+        const now = opts.now()
+        const mismatchReq: ToolRequest = {
+          id,
+          chatId: args.chatId,
+          sessionId: args.sessionId,
+          toolUseId: args.toolUseId,
+          toolName: args.toolName,
+          arguments: args.args,
+          canonicalArgsHash: hash,
+          policyVerdict: "auto-deny",
+          status: "arg_mismatch",
+          decision,
+          mismatchReason: reason,
+          createdAt: now,
+          resolvedAt: now,
+          expiresAt: now,
+        }
+        // Await persistence so a caller scanning the store after submit() sees the record.
+        return persistPut(mismatchReq).then(() => ({ status: "arg_mismatch" as const, decision, mismatchReason: reason }))
+      }
+      // ── Idempotency: check in-memory mirror (synchronous) ─────────────────
+      const existing = inMemory.get(id)
+      if (existing && POLICY_TERMINAL_STATUSES.has(existing.status)) {
+        return Promise.resolve({
+          status: existing.status,
+          decision: existing.decision ?? { kind: "deny", reason: "unknown" },
+          mismatchReason: existing.mismatchReason,
+        })
+      }
+      if (existing) {
+        // Already pending — attach a new waiter.
+        return new Promise<ToolCallbackResult>((resolve) => {
+          const list = waiters.get(id) ?? []
+          list.push({ resolve, expiresAt: existing.expiresAt })
+          waiters.set(id, list)
+        })
+      }
+      // ── New request ───────────────────────────────────────────────────────
+      const verdict = policy.evaluate({
+        toolName: args.toolName,
+        args: args.args,
+        chatPolicy: args.chatPolicy,
+        cwd: args.cwd,
+      })
+      const now = opts.now()
+      const expiresAt = now + opts.timeoutMs
+      const req: ToolRequest = {
+        id,
+        chatId: args.chatId,
+        sessionId: args.sessionId,
+        toolUseId: args.toolUseId,
+        toolName: args.toolName,
+        arguments: args.args,
+        canonicalArgsHash: hash,
+        policyVerdict: verdict.verdict,
+        status: "pending",
+        createdAt: now,
+        expiresAt,
+      }
+      // Register synchronously so subsequent calls within the same tick see it.
+      inMemory.set(id, { ...req })
+      seenToolUseIds.set(seenKey(args), { id, toolName: args.toolName, canonicalArgsHash: hash })
+      if (verdict.verdict === "auto-allow" || verdict.verdict === "auto-deny") {
+        const decision: ToolRequestDecision = verdict.verdict === "auto-allow"
+          ? { kind: "allow", reason: verdict.reason }
+          : { kind: "deny", reason: verdict.reason }
+        const resolvedReq: ToolRequest = { ...req, status: "answered", decision, resolvedAt: now }
+        inMemory.set(id, resolvedReq)
+        // Persist in background; caller gets immediate result.
+        void (async () => {
+          await opts.store.putToolRequest(req)
+          await opts.store.resolveToolRequest(id, { status: "answered", decision, resolvedAt: now })
+        })()
+        return Promise.resolve({ status: "answered", decision })
+      }
+      // "ask" verdict → persist then wait for external answer.
+      const pendingPromise = new Promise<ToolCallbackResult>((resolve) => {
+        const list = waiters.get(id) ?? []
+        list.push({ resolve, expiresAt })
+        waiters.set(id, list)
+      })
+      void opts.store.putToolRequest(req)
+      return pendingPromise
+    },
+    async answer(id, decision) {
+      const existing = inMemory.get(id) ?? opts.store.getToolRequest(id)
+      if (!existing || POLICY_TERMINAL_STATUSES.has(existing.status)) return
+      await persistResolve(id, { status: "answered", decision, resolvedAt: opts.now() })
+      resolveWaiters(id, { status: "answered", decision })
+    },
+    async cancel(id, reason) {
+      const existing = inMemory.get(id) ?? opts.store.getToolRequest(id)
+      if (!existing || POLICY_TERMINAL_STATUSES.has(existing.status)) return
+      const decision: ToolRequestDecision = { kind: "deny", reason: `canceled: ${reason}` }
+      await persistResolve(id, { status: "canceled", decision, resolvedAt: opts.now() })
+      resolveWaiters(id, { status: "canceled", decision })
+    },
+    async cancelAllForChat(chatId, reason) {
+      // Collect pending ids from in-memory mirror first (synchronous), then
+      // also check store for any records loaded before this service started.
+      const pendingIds = new Set<string>()
+      for (const [id, req] of inMemory.entries()) {
+        if (req.chatId === chatId && req.status === "pending") pendingIds.add(id)
+      }
+      const storeList = opts.store.listPendingToolRequests(chatId)
+      for (const req of storeList) pendingIds.add(req.id)
+      for (const id of pendingIds) await svc.cancel(id, reason)
+    },
+    async cancelAllForSession(sessionId, reason) {
+      const ids = Array.from(waiters.keys())
+      for (const id of ids) {
+        const req = inMemory.get(id) ?? opts.store.getToolRequest(id)
+        if (req && req.sessionId === sessionId) await svc.cancel(id, reason)
+      }
+    },
+    async recoverOnStartup() {
+      const all = opts.store.scanAllToolRequests()
+      for (const req of all) {
+        if (req.status !== "pending") continue
+        const decision: ToolRequestDecision = { kind: "deny", reason: "server_restarted" }
+        await persistResolve(req.id, { status: "session_closed", decision, resolvedAt: opts.now() })
+      }
+    },
+    async tickTimeouts() {
+      const now = opts.now()
+      for (const [id, list] of waiters.entries()) {
+        if (list.length === 0) continue
+        if (list[0].expiresAt > now) continue
+        const decision: ToolRequestDecision = { kind: "deny", reason: "timeout" }
+        await persistResolve(id, { status: "timeout", decision, resolvedAt: now })
+        resolveWaiters(id, { status: "timeout", decision })
+      }
+    },
+  }
+  return svc
+}
+/**
+ * Creates a ToolCallbackService and immediately calls recoverOnStartup()
+ * to fail-close any pending tool requests left over from a previous server
+ * run.  KANNA_SERVER_SECRET should be set in the environment for stable
+ * HMAC ids within a process lifetime; if unset, a fresh random UUID is used
+ * (cross-restart idempotency is not required because recoverOnStartup()
+ * already closes all pending records).
+ */
+export async function initToolCallbackOnBoot(args: {
+  store: EventStore
+  serverSecret: string
+  now?: () => number
+  timeoutMs?: number
+}): Promise<ToolCallbackService> {
+  const svc = createToolCallbackService({
+    store: args.store,
+    serverSecret: args.serverSecret,
+    now: args.now ?? (() => Date.now()),
+    timeoutMs: args.timeoutMs ?? 600_000,
+  })
+  await svc.recoverOnStartup()
+  return svc
+}

package/src/server/claude-pty/tui-control.test.ts ADDED Viewed

@@ -0,0 +1,272 @@
+import { describe, expect, test } from "bun:test"
+import {
+  sendUserPrompt,
+  sendExitCommand,
+  dismissTrustDialogIfPresent,
+  waitForTuiReady,
+  waitForTuiReadyWithTrustDismiss,
+  TRUST_DIALOG_MARKER,
+  TUI_READY_MARKER,
+} from "./tui-control"
+import { OutputRing } from "./output-ring"
+import type { PtyProcess } from "./pty-process.adapter"
+function fakePty(): PtyProcess & { sent: string[] } {
+  const sent: string[] = []
+  return {
+    sent,
+    pid: 99997,
+    async sendInput(data: string) { sent.push(data) },
+    resize() { /* noop */ },
+    exited: new Promise<number>(() => { /* never */ }),
+    close() { /* noop */ },
+    kill() { /* noop */ },
+  } as PtyProcess & { sent: string[] }
+}
+describe("sendUserPrompt", () => {
+  test("writes bracketed-paste wrapped text then separate carriage return once ring grows", async () => {
+    const pty = fakePty()
+    const ring = new OutputRing()
+    // Simulate the TUI rendering the paste preview shortly after the paste write.
+    setTimeout(() => ring.append("[Pasted text #1 +56 lines]"), 5)
+    await sendUserPrompt(pty, ring, "say hi", { commitTimeoutMs: 500, pollMs: 1 })
+    expect(pty.sent).toEqual(["\x1b[200~say hi\x1b[201~", "\r"])
+  })
+  test("empty string still emits paste markers + carriage return after commit", async () => {
+    const pty = fakePty()
+    const ring = new OutputRing()
+    setTimeout(() => ring.append("x"), 5)
+    await sendUserPrompt(pty, ring, "", { commitTimeoutMs: 500, pollMs: 1 })
+    expect(pty.sent).toEqual(["\x1b[200~\x1b[201~", "\r"])
+  })
+  test("sends Enter after commitTimeoutMs even if the ring never grows (degraded fallback)", async () => {
+    const pty = fakePty()
+    const ring = new OutputRing() // never grows
+    const start = Date.now()
+    await sendUserPrompt(pty, ring, "no echo", { commitTimeoutMs: 50, pollMs: 5 })
+    const elapsed = Date.now() - start
+    expect(pty.sent).toEqual(["\x1b[200~no echo\x1b[201~", "\r"])
+    expect(elapsed).toBeGreaterThanOrEqual(45)
+  })
+})
+describe("sendExitCommand", () => {
+  test("writes /exit + carriage return", async () => {
+    const pty = fakePty()
+    await sendExitCommand(pty)
+    expect(pty.sent).toEqual(["/exit\r"])
+  })
+})
+describe("dismissTrustDialogIfPresent", () => {
+  test("sends carriage return when ringbuf contains trust marker", async () => {
+    const pty = fakePty()
+    const ring = new OutputRing()
+    ring.append("Quick safety check: Do you trust this folder? trust this folder")
+    const dismissed = await dismissTrustDialogIfPresent(pty, ring)
+    expect(dismissed).toBe(true)
+    expect(pty.sent).toEqual(["\r"])
+  })
+  test("does nothing when ringbuf lacks trust marker", async () => {
+    const pty = fakePty()
+    const ring = new OutputRing()
+    ring.append("Welcome back c!")
+    const dismissed = await dismissTrustDialogIfPresent(pty, ring)
+    expect(dismissed).toBe(false)
+    expect(pty.sent).toEqual([])
+  })
+  test("exported TRUST_DIALOG_MARKER is the substring matched", () => {
+    expect(TRUST_DIALOG_MARKER).toBe("trust this folder")
+  })
+})
+describe("waitForTuiReady", () => {
+  test("returns 'marker' when ringbuf already contains the input-box marker", async () => {
+    const ring = new OutputRing()
+    ring.append("❯ ")
+    const result = await waitForTuiReady(ring, { hardCapMs: 1000, pollMs: 10, quietPeriodMs: 0 })
+    expect(result).toBe("marker")
+  })
+  test("returns 'timeout' when no marker appears within hardCapMs", async () => {
+    const ring = new OutputRing()
+    const result = await waitForTuiReady(ring, { hardCapMs: 200, pollMs: 10, quietPeriodMs: 0 })
+    expect(result).toBe("timeout")
+  })
+  test("polls until marker appears", async () => {
+    const ring = new OutputRing()
+    setTimeout(() => ring.append("❯ "), 50)
+    const start = Date.now()
+    const result = await waitForTuiReady(ring, { hardCapMs: 1000, pollMs: 10, quietPeriodMs: 0 })
+    const elapsed = Date.now() - start
+    expect(result).toBe("marker")
+    expect(elapsed).toBeLessThan(300)
+  })
+  // Regression: claude TUI v2.1.146 leaks `❯ ` during splash/trust/MCP render
+  // before Ink mounts the keyboard handler. Returning "marker" on first hit
+  // makes the driver send the first prompt into a TUI that discards stdin.
+  // The quiet-period gate waits for ring growth to settle as a proxy for
+  // "input handler attached" — drops the race that causes PTY chats to hang
+  // with no transcript file ever created.
+  test("waits for ring to stay quiet for quietPeriodMs after marker hit", async () => {
+    const ring = new OutputRing()
+    ring.append("splash banner ❯ ")
+    // Keep appending bytes for 200 ms after the marker first appears — the
+    // gate must NOT resolve while the TUI is still rendering.
+    const interval = setInterval(() => ring.append("."), 30)
+    setTimeout(() => clearInterval(interval), 200)
+    const start = Date.now()
+    const result = await waitForTuiReady(ring, { hardCapMs: 2000, pollMs: 10, quietPeriodMs: 150 })
+    const elapsed = Date.now() - start
+    expect(result).toBe("marker")
+    // Render bursts (200 ms) + quiet period (150 ms) = at least 350 ms.
+    expect(elapsed).toBeGreaterThanOrEqual(300)
+  })
+  test("resolves immediately when ring stays quiet from the start", async () => {
+    const ring = new OutputRing()
+    ring.append("❯ ")
+    const start = Date.now()
+    const result = await waitForTuiReady(ring, { hardCapMs: 2000, pollMs: 10, quietPeriodMs: 80 })
+    const elapsed = Date.now() - start
+    expect(result).toBe("marker")
+    expect(elapsed).toBeGreaterThanOrEqual(70)
+    expect(elapsed).toBeLessThan(250)
+  })
+  test("exported TUI_READY_MARKER is the input-box prompt", () => {
+    expect(TUI_READY_MARKER).toBe("❯ ")
+  })
+  test("returns 'marker' when TUI renders ❯ with \\x1b[1C instead of space", async () => {
+    const ring = new OutputRing()
+    // Real TUI output: space after ❯ is cursor-forward-1, not a literal space
+    ring.append("❯\x1b[1C")
+    const result = await waitForTuiReady(ring, { hardCapMs: 1000, pollMs: 10 })
+    expect(result).toBe("marker")
+  })
+  test("returns 'marker' when TUI renders ❯ followed by U+00A0 (non-breaking space)", async () => {
+    const ring = new OutputRing()
+    // Real TUI output: ❯ is followed by NBSP (U+00A0), not a regular space
+    ring.append("❯ ")
+    const result = await waitForTuiReady(ring, { hardCapMs: 1000, pollMs: 10 })
+    expect(result).toBe("marker")
+  })
+})
+describe("dismissTrustDialogIfPresent (ANSI-encoded ring)", () => {
+  test("detects trust dialog when words separated by \\x1b[1C (TUI rendering)", async () => {
+    const pty = fakePty()
+    const ring = new OutputRing()
+    // Real TUI output: spaces rendered as cursor-forward-1 escape sequences
+    ring.append("\x1b[1C❯\x1b[1C1.\x1b[1CYes,\x1b[1CI\x1b[1Ctrust\x1b[1Cthis\x1b[1Cfolder\r\n")
+    const dismissed = await dismissTrustDialogIfPresent(pty, ring)
+    expect(dismissed).toBe(true)
+    expect(pty.sent).toEqual(["\r"])
+  })
+  test("does not false-trigger on plain text without trust marker", async () => {
+    const pty = fakePty()
+    const ring = new OutputRing()
+    ring.append("\x1b[1CWelcome\x1b[1Cback!\x1b[0m❯ ")
+    const dismissed = await dismissTrustDialogIfPresent(pty, ring)
+    expect(dismissed).toBe(false)
+    expect(pty.sent).toEqual([])
+  })
+})
+describe("waitForTuiReadyWithTrustDismiss", () => {
+  test("returns 'ready' immediately when input box already present", async () => {
+    const pty = fakePty()
+    const ring = new OutputRing()
+    ring.append("❯ ")
+    const result = await waitForTuiReadyWithTrustDismiss(pty, ring, { hardCapMs: 500, pollMs: 10 })
+    expect(result).toBe("ready")
+    expect(pty.sent).toEqual([])
+  })
+  test("dismisses ANSI trust dialog then resolves when input box appears", async () => {
+    const pty = fakePty()
+    const ring = new OutputRing()
+    // Trust dialog with ANSI-encoded text appears first
+    ring.append("\x1b[1Ctrust\x1b[1Cthis\x1b[1Cfolder")
+    // After 50ms simulate TUI loading: input box appears after dismiss sends \r
+    setTimeout(() => ring.append("❯ "), 80)
+    const result = await waitForTuiReadyWithTrustDismiss(pty, ring, { hardCapMs: 1000, pollMs: 10 })
+    expect(result).toBe("ready")
+    expect(pty.sent).toContain("\r")
+  })
+  test("returns 'timeout' when neither marker appears", async () => {
+    const pty = fakePty()
+    const ring = new OutputRing()
+    const result = await waitForTuiReadyWithTrustDismiss(pty, ring, { hardCapMs: 150, pollMs: 10 })
+    expect(result).toBe("timeout")
+    expect(pty.sent).toEqual([])
+  })
+  test("returns 'ready' when TUI renders ❯ with \\x1b[1C (ANSI cursor-forward)", async () => {
+    const pty = fakePty()
+    const ring = new OutputRing()
+    ring.append("❯\x1b[1C")
+    const result = await waitForTuiReadyWithTrustDismiss(pty, ring, { hardCapMs: 500, pollMs: 10 })
+    expect(result).toBe("ready")
+    expect(pty.sent).toEqual([])
+  })
+  test("does not false-trigger on trust dialog's own ❯ selection cursor", async () => {
+    // Trust dialog renders "❯ 1. Yes, I trust this folder" as ANSI:
+    // "❯\x1b[1C1.\x1b[1CYes,...trust\x1b[1Cthis\x1b[1Cfolder"
+    // stripAnsi gives "❯ 1. Yes, I trust this folder" which contains "❯ "
+    // → must NOT trigger "ready" while trust dialog is present
+    const pty = fakePty()
+    const ring = new OutputRing()
+    ring.append("\x1b[1C❯\x1b[1C1.\x1b[1CYes,\x1b[1CI\x1b[1Ctrust\x1b[1Cthis\x1b[1Cfolder\r\n")
+    setTimeout(() => ring.append("❯\x1b[1C"), 80)
+    const result = await waitForTuiReadyWithTrustDismiss(pty, ring, { hardCapMs: 1000, pollMs: 10 })
+    expect(result).toBe("ready")
+    expect(pty.sent).toContain("\r")
+  })
+  test("dismisses trust dialog only once even if marker persists in ring", async () => {
+    const pty = fakePty()
+    const ring = new OutputRing()
+    ring.append("\x1b[1Ctrust\x1b[1Cthis\x1b[1Cfolder")
+    setTimeout(() => ring.append("❯ "), 80)
+    await waitForTuiReadyWithTrustDismiss(pty, ring, { hardCapMs: 1000, pollMs: 10 })
+    // \r should appear exactly once (dismiss sent once, not repeated each poll)
+    expect(pty.sent.filter((s) => s === "\r")).toHaveLength(1)
+  })
+  // Regression: same race as waitForTuiReady — after trust dismiss the input
+  // box marker can render before Ink's keyboard handler mounts. Quiet-period
+  // gate must apply on this path too so prompts don't land into a discarding
+  // TUI under load.
+  test("waits for ring to stay quiet for quietPeriodMs after post-dismiss marker hit", async () => {
+    const pty = fakePty()
+    const ring = new OutputRing()
+    ring.append("\x1b[1Ctrust\x1b[1Cthis\x1b[1Cfolder")
+    // After dismiss, marker arrives at t=50, then more bytes for 200 ms.
+    setTimeout(() => ring.append("❯ "), 50)
+    const interval = setInterval(() => ring.append("."), 30)
+    setTimeout(() => clearInterval(interval), 250)
+    const start = Date.now()
+    const result = await waitForTuiReadyWithTrustDismiss(pty, ring, {
+      hardCapMs: 2000,
+      pollMs: 10,
+      quietPeriodMs: 150,
+    })
+    const elapsed = Date.now() - start
+    expect(result).toBe("ready")
+    // Bursts end ~250 ms + quiet 150 ms.
+    expect(elapsed).toBeGreaterThanOrEqual(350)
+  })
+})