claude-overnight 1.25.45 → 1.25.47

package/dist/cli/cli.d.ts

@@ -61,6 +61,11 @@ export interface FileArgs {
     usageCap?: number;
     flexiblePlan?: boolean;
 }
+/** Load a markdown plan file. Extracts the first H1 as objective and returns the full body as planContent. */
+export declare function loadPlanFile(file: string): {
+    objective: string;
+    planContent: string;
+};
 export declare function loadTaskFile(file: string): FileArgs;
 export declare function validateConcurrency(value: unknown): asserts value is number;
 export declare function isGitRepo(cwd: string): boolean;

package/dist/cli/cli.js

@@ -7,7 +7,7 @@ import { query } from "@anthropic-ai/claude-agent-sdk";
 // ── CLI flag parsing ──
 export function parseCliFlags(argv) {
     const known = new Set(["concurrency", "model", "timeout", "budget", "usage-cap", "extra-usage-budget", "merge"]);
-    const booleans = new Set(["--dry-run", "-h", "--help", "-v", "--version", "--no-flex", "--allow-extra-usage", "--worktrees", "--no-worktrees", "--yolo"]);
+    const booleans = new Set(["--dry-run", "-h", "--help", "-v", "--version", "--flex", "--no-flex", "--allow-extra-usage", "--worktrees", "--no-worktrees", "--yolo"]);
     const flags = {};
     const positional = [];
     for (let i = 0; i < argv.length; i++) {
@@ -334,6 +334,23 @@ export async function selectKey(label, options) {
 const KNOWN_TASK_FILE_KEYS = new Set([
     "tasks", "objective", "concurrency", "cwd", "model", "allowedTools", "beforeWave", "afterWave", "afterRun", "worktrees", "mergeStrategy", "usageCap", "flexiblePlan",
 ]);
+/** Load a markdown plan file. Extracts the first H1 as objective and returns the full body as planContent. */
+export function loadPlanFile(file) {
+    const path = resolve(file);
+    let raw;
+    try {
+        raw = readFileSync(path, "utf-8");
+    }
+    catch {
+        throw new Error(`Cannot read plan file: ${path}`);
+    }
+    const body = raw.trim();
+    if (!body)
+        throw new Error(`Plan file is empty: ${path}`);
+    const h1 = body.match(/^#\s+(.+)$/m);
+    const objective = (h1?.[1] ?? body.split("\n").find(l => l.trim())).trim();
+    return { objective, planContent: body };
+}
 export function loadTaskFile(file) {
     const path = resolve(file);
     let raw;

package/dist/cli/help.js

@@ -16,6 +16,7 @@ export function printHelp() {
   ${chalk.cyan("Usage")}
     claude-overnight                          ${chalk.dim("interactive mode")}
     claude-overnight tasks.json               ${chalk.dim("task file mode")}
+    claude-overnight plan.md                  ${chalk.dim("plan file mode (.md) — coach + flex")}
     claude-overnight "fix auth" "add tests"   ${chalk.dim("inline tasks")}
 
   ${chalk.cyan("Flags")}
@@ -30,7 +31,8 @@ export function printHelp() {
     --allow-extra-usage    Allow extra/overage usage ${chalk.dim("(default: stop when plan limits hit)")}
     --extra-usage-budget=N Max $ for extra usage ${chalk.dim("(implies --allow-extra-usage)")}
     --timeout=SECONDS      Agent inactivity timeout ${chalk.dim("(default: 900s, nudges at timeout, kills at 2×)")}
-    --no-flex              Disable adaptive multi-wave planning ${chalk.dim("(run all tasks in one shot)")}
+    --flex                 Force adaptive multi-wave planning ${chalk.dim("(steering between waves)")}
+    --no-flex              Fixed plan mode ${chalk.dim("(verifier between waves, no re-planning)")}
     --worktrees            Force worktree isolation on ${chalk.dim("(default: auto-detect git repo)")}
     --no-worktrees         Disable worktree isolation ${chalk.dim("(all agents work in real cwd)")}
     --merge=MODE           Merge strategy: yolo or branch ${chalk.dim("(default: yolo)")}

package/dist/core/_version.d.ts

@@ -1 +1 @@
-export declare const VERSION = "1.25.45";
+export declare const VERSION = "1.25.47";

package/dist/core/_version.js

@@ -1,2 +1,2 @@
 // Auto-generated by build — do not edit manually.
-export const VERSION = "1.25.45";
+export const VERSION = "1.25.47";

package/dist/core/jwt-signer.js

@@ -59,27 +59,29 @@ export function verifyToken(token, providerId) {
  */
 export function verifyTokenWithResult(token, options = {}) {
     const { providerId, model, baseURL } = options;
-    // Unsafely decode the token to extract the `sub` claim so we can derive
-    // the correct signing key. This does NOT verify the signature yet.
-    const raw = jwt.decode(token);
-    if (!raw || typeof raw !== "object") {
+    const header = jwt.decode(token, { complete: true });
+    if (!header || typeof header === "string") {
         return { valid: false, reason: "invalid_signature" };
     }
-    const sub = raw.sub;
-    if (typeof sub !== "string" || !sub) {
+    const loose = header.payload;
+    const subForKey = loose.sub;
+    if (!subForKey || typeof subForKey !== "string") {
+        return { valid: false, reason: "invalid_signature" };
+    }
+    let key;
+    try {
+        key = deriveKey(subForKey);
+    }
+    catch {
         return { valid: false, reason: "invalid_signature" };
     }
-    const key = deriveKey(sub);
     try {
         const decoded = jwt.verify(token, key, {
             algorithms: ["HS256"],
-            // Let jwt.verify check expiration for us
         });
-        // Reject tokens from older versions
         if (decoded.ver !== TOKEN_VERSION) {
             return { valid: false, reason: "wrong_version" };
         }
-        // Validate claims if expected values are provided
         if (providerId && decoded.sub !== providerId) {
             return { valid: false, reason: "claim_mismatch" };
         }

package/dist/core/rate-limiter.d.ts

@@ -8,6 +8,12 @@ export interface RateLimiterConfig {
     windowMs: number;
     minIntervalMs?: number;
 }
+export interface AcquireOptions {
+    /** When true, skip sliding-window / min-interval waits (caller still records after the request). */
+    skipWhen?: () => boolean;
+    /** Invoked once when `skipWhen()` returned true and the throttle was bypassed. */
+    onBypass?: () => void;
+}
 export declare class RateLimiter {
     private readonly maxRequests;
     private readonly windowMs;
@@ -18,6 +24,8 @@ export declare class RateLimiter {
     record(): void;
     get currentCount(): number;
     canRequest(): boolean;
+    /** Wait until a request slot is available. Optional `skipWhen` bypasses the throttle entirely. */
+    acquire(options?: AcquireOptions): Promise<number>;
     waitIfNeeded(): Promise<number>;
     waitMs(): number;
     reset(): void;
@@ -29,6 +37,8 @@ export declare class RateLimiter {
 }
 /** Shared rate limiter for SDK query calls — enforced globally across all workers. */
 export declare const sdkQueryRateLimiter: RateLimiter;
+/** Acquire SDK query slot. Skips the SDK sliding-window limiter when `CURSOR_PROXY_URL` is set (proxy has its own limiters). */
+export declare function acquireSdkQueryRateLimit(): Promise<number>;
 /** Shared rate limiter for Cursor proxy direct fetches — enforced globally. */
 export declare const cursorProxyRateLimiter: RateLimiter;
 /** Shared rate limiter for direct API endpoint calls — guards against rapid

package/dist/core/rate-limiter.js

@@ -38,12 +38,20 @@ export class RateLimiter {
         return this.timestamps.length < this.maxRequests
             && (Date.now() - this.lastRequestAt) >= this.minIntervalMs;
     }
-    async waitIfNeeded() {
+    /** Wait until a request slot is available. Optional `skipWhen` bypasses the throttle entirely. */
+    async acquire(options) {
+        if (options?.skipWhen?.()) {
+            options.onBypass?.();
+            return 0;
+        }
         const waited = this.waitMs();
         if (waited > 0)
             await new Promise(r => setTimeout(r, waited));
         return waited;
     }
+    async waitIfNeeded() {
+        return this.acquire();
+    }
     waitMs() {
         this.evict();
         const volumeWait = this.timestamps.length >= this.maxRequests
@@ -86,6 +94,15 @@ const _cursorProxyLimiter = new RateLimiter({ maxRequests: 4, windowMs: 10_000 }
 const _apiEndpointLimiter = new RateLimiter({ maxRequests: 6, windowMs: 15_000, minIntervalMs: 1_000 });
 /** Shared rate limiter for SDK query calls — enforced globally across all workers. */
 export const sdkQueryRateLimiter = _sdkQueryLimiter;
+/** Acquire SDK query slot. Skips the SDK sliding-window limiter when `CURSOR_PROXY_URL` is set (proxy has its own limiters). */
+export async function acquireSdkQueryRateLimit() {
+    return _sdkQueryLimiter.acquire({
+        skipWhen: () => !!process.env.CURSOR_PROXY_URL,
+        onBypass: () => {
+            console.log("[rate-limiter] Skipping SDK rate limit (Cursor proxy has its own limiter)");
+        },
+    });
+}
 /** Shared rate limiter for Cursor proxy direct fetches — enforced globally. */
 export const cursorProxyRateLimiter = _cursorProxyLimiter;
 /** Shared rate limiter for direct API endpoint calls — guards against rapid

package/dist/core/token-cache.js

@@ -21,7 +21,7 @@ export function getCachedToken(providerId) {
     const entry = tokenCache.get(providerId);
     if (!entry)
         return null;
-    if (isRevoked(entry.sessionId)) {
+    if (isSessionRevoked(entry.sessionId)) {
         tokenCache.delete(providerId);
         return null;
     }
@@ -51,7 +51,7 @@ export function tryRefreshCachedToken(providerId, refresher) {
     const entry = tokenCache.get(providerId);
     if (!entry)
         return null;
-    if (isRevoked(entry.sessionId)) {
+    if (isSessionRevoked(entry.sessionId)) {
         tokenCache.delete(providerId);
         return null;
     }
@@ -99,11 +99,6 @@ export function clearRevocations() {
 export function getRevocationCount() {
     return revokedSessions.size;
 }
-/** Check if a session ID has been revoked, pruning expired entries first. */
-function isRevoked(sessionId) {
-    pruneRevocations();
-    return revokedSessions.has(sessionId);
-}
 /** Remove expired revocation entries and enforce max size. */
 function pruneRevocations() {
     if (revokedSessions.size === 0)

package/dist/core/token-manager.js

@@ -65,10 +65,9 @@ export function refreshToken(oldToken, providerId) {
  */
 export function verifyBearerToken(token, providerId) {
     const result = verifyTokenWithResult(token, { providerId });
-    if (!result.valid)
+    if (!result.valid || !result.payload)
         return result;
-    // Reject if the session was explicitly revoked (check token's jti, not cache)
-    if (result.payload && isSessionRevoked(result.payload.jti)) {
+    if (isSessionRevoked(result.payload.jti)) {
         return { valid: false, reason: "revoked" };
     }
     return result;
@@ -100,11 +99,15 @@ function tryPeekAndRevoke(providerId) {
  * reducing false positives from unrelated 401/403 responses.
  */
 export function isJWTAuthError(err) {
-    const msg = err instanceof Error ? err.message
-        : (err !== null && typeof err === "object" && "message" in err && typeof err.message === "string")
+    const msg = err instanceof Error
+        ? err.message
+        : err && typeof err === "object" && "message" in err && typeof err.message === "string"
             ? err.message
             : String(err);
     const lower = msg.toLowerCase();
+    if (lower.includes("bearer") && lower.includes("token") && lower.includes("invalid")) {
+        return true;
+    }
     // JWT-specific indicators (high confidence)
     const jwtIndicators = [
         "token expired", "invalid_token", "jwt", "signature",

package/dist/core/types.d.ts

@@ -88,6 +88,8 @@ export interface AgentState {
     peakContextTokens?: number;
     /** Resolved model this agent is running (task override or swarm default). */
     model?: string;
+    /** Unix timestamp (ms) of the last assistant stream content (text, tool deltas, etc.). Used to detect SDK streams that yield no content. */
+    lastContentTimestamp?: number;
 }
 /** A timestamped log line from an agent's execution. */
 export interface LogEntry {
@@ -173,8 +175,13 @@ export interface WaveSummary {
         status: string;
         type?: string;
         filesChanged?: number;
+        toolCalls?: number;
         error?: string;
     }[];
+    /** Sum of `toolCalls` across all agents in this wave (diagnostics). */
+    totalToolCalls?: number;
+    /** Non-heal tasks landed 0 files but agents invoked tools — possible worktree/merge bug. */
+    suspectedInfraFailure?: boolean;
 }
 /** Result from the steering function. */
 export interface SteerResult {

package/dist/index.js

@@ -8,7 +8,7 @@ import { setPlannerEnvResolver } from "./planner/query.js";
 import { setTranscriptRunDir } from "./core/transcripts.js";
 import { pickModel, loadProviders, buildEnvResolver, healthCheckCursorProxy, PROXY_DEFAULT_URL, isCursorProxyProvider, bundledComposerProxyShellCommand, warnMacCursorAgentShellPatchIfNeeded, } from "./providers/index.js";
 import { executeRun } from "./run/run.js";
-import { parseCliFlags, fetchModels, ask, select, selectKey, loadTaskFile, validateConcurrency, isGitRepo, validateGitRepo, showPlan, } from "./cli/cli.js";
+import { parseCliFlags, fetchModels, ask, select, selectKey, loadTaskFile, loadPlanFile, validateConcurrency, isGitRepo, validateGitRepo, showPlan, } from "./cli/cli.js";
 import { loadRunState, findOrphanedDesigns, backfillOrphanedPlans, readPreviousRunKnowledge, createRunDir, updateLatestSymlink, } from "./state/state.js";
 import { runSetupCoach, loadUserSettings, saveUserSettings, COACH_MODEL } from "./planner/coach/coach.js";
 import { editRunSettings, formatSettingsSummary } from "./cli/settings.js";
@@ -63,11 +63,21 @@ async function main() {
     // ── Load tasks ──
     let tasks = [];
     let fileCfg;
+    let planFileContent;
     const jsonFiles = args.filter(a => a.endsWith(".json"));
+    const mdFiles = args.filter(a => a.endsWith(".md"));
     if (jsonFiles.length > 1) {
         console.error(chalk.red(`  Multiple task files provided. Only one .json file is supported.`));
         process.exit(1);
     }
+    if (mdFiles.length > 1) {
+        console.error(chalk.red(`  Multiple plan files provided. Only one .md file is supported.`));
+        process.exit(1);
+    }
+    if (jsonFiles.length && mdFiles.length) {
+        console.error(chalk.red(`  Cannot mix a .json task file with a .md plan file.`));
+        process.exit(1);
+    }
     for (const arg of args) {
         if (arg.endsWith(".json")) {
             if (tasks.length > 0) {
@@ -77,8 +87,13 @@ async function main() {
             fileCfg = loadTaskFile(arg);
             tasks = fileCfg.tasks;
         }
+        else if (arg.endsWith(".md")) {
+            const plan = loadPlanFile(arg);
+            planFileContent = plan.planContent;
+            fileCfg = { tasks: [], objective: plan.objective, flexiblePlan: true };
+        }
         else if (!arg.startsWith("-") && existsSync(resolve(arg))) {
-            console.error(chalk.red(`  "${arg}" looks like a file but doesn't end in .json. Rename it or quote the string.`));
+            console.error(chalk.red(`  "${arg}" looks like a file but doesn't end in .json or .md. Rename it or quote the string.`));
             process.exit(1);
         }
         else {
@@ -341,6 +356,30 @@ async function main() {
         console.log(chalk.dim(`  ╰${"─".repeat(innerLen + 4)}╯`));
     }
     else {
+        // ── Setup coach in confirm-only mode (task/plan file on a TTY) ──
+        let coachResult = null;
+        if (fileCfg?.objective && process.stdin.isTTY
+            && !argv.includes("--no-coach") && !loadUserSettings().skipCoach) {
+            const settings = loadUserSettings();
+            const cModel = settings.coachModel ?? COACH_MODEL;
+            const cProvider = settings.coachProviderId
+                ? loadProviders().find(p => p.id === settings.coachProviderId) : undefined;
+            coachResult = await runSetupCoach(fileCfg.objective, cwd, {
+                providers: loadProviders(), cliFlags, coachModel: cModel, coachProvider: cProvider,
+                planContent: planFileContent, confirmOnly: true,
+            });
+            if (coachResult) {
+                coachedOriginal = fileCfg.objective;
+                coachedAt = Date.now();
+                fileCfg.objective = coachResult.improvedObjective;
+                objective = coachResult.improvedObjective;
+                const rec = coachResult.recommended;
+                if (fileCfg.concurrency == null)
+                    fileCfg.concurrency = rec.concurrency;
+                if (fileCfg.usageCap == null && rec.usageCap != null)
+                    fileCfg.usageCap = Math.round(rec.usageCap * 100);
+            }
+        }
         let models = [];
         if (!cliFlags.model && !fileCfg?.model)
             models = await fetchModels(5_000);
@@ -374,7 +413,7 @@ async function main() {
             }
         }
         concurrency = cliFlags.concurrency ? parseInt(cliFlags.concurrency) : (fileCfg?.concurrency ?? 5);
-        budget = cliFlags.budget ? parseInt(cliFlags.budget) : undefined;
+        budget = cliFlags.budget ? parseInt(cliFlags.budget) : coachResult?.recommended.budget;
         if (budget != null && (isNaN(budget) || budget < 1)) {
             console.error(chalk.red(`  --budget must be a positive integer`));
             process.exit(1);
@@ -442,7 +481,8 @@ async function main() {
         console.log(chalk.dim(`  ${workerModel}  concurrency=${concurrency}  worktrees=${useWorktrees}  merge=${mergeStrategy}${capStr}${extraStr}`));
     }
     // ── Plan phase ──
-    const flex = !argv.includes("--no-flex") && (fileCfg?.flexiblePlan ?? objective != null) && objective != null && (budget ?? 10) > 2;
+    const flexFlag = argv.includes("--flex") ? true : argv.includes("--no-flex") ? false : undefined;
+    const flex = objective != null && (flexFlag ?? ((fileCfg?.flexiblePlan ?? true) && (budget ?? 10) > 2));
     const agentTimeoutMs = cliFlags.timeout ? parseFloat(cliFlags.timeout) * 1000 : undefined;
     let thinkingUsed = 0, thinkingCost = 0, thinkingIn = 0, thinkingOut = 0, thinkingTools = 0;
     let thinkingHistory;

package/dist/planner/coach/coach.d.ts

@@ -11,5 +11,9 @@ export interface CoachContext {
     log?: PlannerLog;
     coachModel?: string;
     coachProvider?: ProviderConfig;
+    /** Full markdown plan content (e.g. from a .md plan file). Overrides URL fetching. */
+    planContent?: string;
+    /** When true, show only accept/skip and do not persist user settings. */
+    confirmOnly?: boolean;
 }
 export declare function runSetupCoach(rawObjective: string, cwd: string, ctx: CoachContext): Promise<CoachResult | null>;

package/dist/planner/coach/coach.js

@@ -47,13 +47,15 @@ export async function runSetupCoach(rawObjective, cwd, ctx) {
     const facts = collectRepoFacts(cwd);
     if (facts.srcFileCount > 1_000_000)
         return null;
-    const urls = rawObjective.match(URL_REGEX) ?? [];
-    let planContent = null;
-    if (urls.length > 0) {
-        const results = await Promise.all(urls.map(u => fetchUrlContent(u, 4_000)));
-        const fetched = results.filter(Boolean);
-        if (fetched.length > 0) {
-            planContent = fetched.map((c, i) => `[URL ${i + 1}: ${urls[i]}]\n${c}`).join("\n\n---\n\n");
+    let planContent = ctx.planContent ?? null;
+    if (!planContent) {
+        const urls = rawObjective.match(URL_REGEX) ?? [];
+        if (urls.length > 0) {
+            const results = await Promise.all(urls.map(u => fetchUrlContent(u, 4_000)));
+            const fetched = results.filter(Boolean);
+            if (fetched.length > 0) {
+                planContent = fetched.map((c, i) => `[URL ${i + 1}: ${urls[i]}]\n${c}`).join("\n\n---\n\n");
+            }
         }
     }
     const userMessage = renderRepoFacts(facts, rawObjective, ctx.providers, ctx.cliFlags, planContent);
@@ -120,14 +122,20 @@ export async function runSetupCoach(rawObjective, cwd, ctx) {
         return null;
     }
     renderCoachBlock(result, elapsedMs, model);
-    const choice = await selectKey("", [
-        { key: "y", desc: " accept" },
-        { key: "e", desc: "dit objective" },
-        { key: "s", desc: "kip coach" },
-        { key: "x", desc: " skip coach forever" },
-    ]);
+    const choice = ctx.confirmOnly
+        ? await selectKey("", [
+            { key: "y", desc: " accept" },
+            { key: "s", desc: "kip" },
+        ])
+        : await selectKey("", [
+            { key: "y", desc: " accept" },
+            { key: "e", desc: "dit objective" },
+            { key: "s", desc: "kip coach" },
+            { key: "x", desc: " skip coach forever" },
+        ]);
     if (choice === "y") {
-        saveUserSettings({ ...loadUserSettings(), lastCoachedAt: Date.now() });
+        if (!ctx.confirmOnly)
+            saveUserSettings({ ...loadUserSettings(), lastCoachedAt: Date.now() });
         return result;
     }
     if (choice === "e") {

package/dist/planner/query.js

@@ -3,7 +3,7 @@ import { NudgeError, extractToolTarget, sumUsageTokens } from "../core/types.js"
 import { writeTranscriptEvent } from "../core/transcripts.js";
 import { getTurn, updateTurn } from "../core/turns.js";
 import { isRateLimitError, throttlePlanner, addPlannerCost, recordPeakContext, resetPlannerRateLimit, setContextTokens, applyRateLimitEvent, getPlannerRateLimitInfo, } from "./throttle.js";
-import { cursorProxyRateLimiter, sdkQueryRateLimiter, apiEndpointLimiter } from "../core/rate-limiter.js";
+import { cursorProxyRateLimiter, sdkQueryRateLimiter, apiEndpointLimiter, acquireSdkQueryRateLimit } from "../core/rate-limiter.js";
 export { getTotalPlannerCost, getPeakPlannerContext, getPlannerRateLimitInfo, } from "./throttle.js";
 export { attemptJsonParse, extractTaskJson } from "./json.js";
 export { postProcess } from "./postprocess.js";
@@ -126,7 +126,7 @@ async function runPlannerQueryOnce(prompt, opts, onLog) {
             promptBytes: prompt.length,
         });
     }
-    await rl.waitIfNeeded();
+    await acquireSdkQueryRateLimit();
     const pq = query({
         prompt,
         options: {

package/dist/planner/verifier.d.ts

@@ -0,0 +1,66 @@
+import type { Task, SteerResult, WaveSummary } from "../core/types.js";
+import { type PlannerLog } from "./query.js";
+export declare const VERIFY_SCHEMA: {
+    type: "json_schema";
+    schema: {
+        type: string;
+        properties: {
+            done: {
+                type: string;
+            };
+            reasoning: {
+                type: string;
+            };
+            statusUpdate: {
+                type: string;
+            };
+            estimatedSessionsRemaining: {
+                type: string;
+            };
+            verifiedCount: {
+                type: string;
+            };
+            retryCount: {
+                type: string;
+            };
+            tasks: {
+                type: string;
+                items: {
+                    type: string;
+                    properties: {
+                        prompt: {
+                            type: string;
+                        };
+                        model: {
+                            type: string;
+                        };
+                        noWorktree: {
+                            type: string;
+                        };
+                        type: {
+                            type: string;
+                            enum: string[];
+                        };
+                        postcondition: {
+                            type: string;
+                        };
+                    };
+                    required: string[];
+                };
+            };
+        };
+        required: string[];
+    };
+};
+/**
+ * Verify the previous wave and compose the next fixed batch of pending tasks.
+ *
+ * Unlike `steerWave`, the verifier does not invent new tasks — it:
+ *   1. Runs the project's build/smoke checks.
+ *   2. Fixes shallow regressions in the last wave (edits directly).
+ *   3. Picks the next N pending tasks from the user's fixed plan.
+ *
+ * The model has full tool access so it can actually repair broken commits,
+ * not just report on them.
+ */
+export declare function verifyWave(objective: string, pendingTasks: Task[], lastWave: WaveSummary | undefined, remainingBudget: number, cwd: string, plannerModel: string, concurrency: number, onLog: PlannerLog, transcriptName?: string): Promise<SteerResult>;

package/dist/planner/verifier.js

@@ -0,0 +1,117 @@
+import { runPlannerQuery, attemptJsonParse, postProcess } from "./query.js";
+import { createTurn, beginTurn, endTurn } from "../core/turns.js";
+// Verifier schema — same shape as STEER_SCHEMA plus a `verifiedIds` list so
+// the wave-loop can tell which of the prior wave's tasks actually shipped.
+export const VERIFY_SCHEMA = {
+    type: "json_schema",
+    schema: {
+        type: "object",
+        properties: {
+            done: { type: "boolean" },
+            reasoning: { type: "string" },
+            statusUpdate: { type: "string" },
+            estimatedSessionsRemaining: { type: "number" },
+            verifiedCount: { type: "number" },
+            retryCount: { type: "number" },
+            tasks: {
+                type: "array",
+                items: {
+                    type: "object",
+                    properties: {
+                        prompt: { type: "string" },
+                        model: { type: "string" },
+                        noWorktree: { type: "boolean" },
+                        type: { type: "string", enum: ["execute", "explore", "critique", "synthesize", "verify", "user-test", "polish"] },
+                        postcondition: { type: "string" },
+                    },
+                    required: ["prompt"],
+                },
+            },
+        },
+        required: ["done", "tasks", "reasoning", "statusUpdate", "estimatedSessionsRemaining"],
+    },
+};
+function renderLastWave(w) {
+    if (!w)
+        return "(first wave — nothing to verify yet)";
+    const lines = w.tasks.map(t => {
+        const files = t.filesChanged ? ` (${t.filesChanged} files)` : " (0 files)";
+        const err = t.error ? ` — ${t.error}` : "";
+        return `  - [${t.status}] ${t.prompt.slice(0, 160)}${files}${err}`;
+    }).join("\n");
+    return `Wave ${w.wave + 1}:\n${lines}`;
+}
+/**
+ * Verify the previous wave and compose the next fixed batch of pending tasks.
+ *
+ * Unlike `steerWave`, the verifier does not invent new tasks — it:
+ *   1. Runs the project's build/smoke checks.
+ *   2. Fixes shallow regressions in the last wave (edits directly).
+ *   3. Picks the next N pending tasks from the user's fixed plan.
+ *
+ * The model has full tool access so it can actually repair broken commits,
+ * not just report on them.
+ */
+export async function verifyWave(objective, pendingTasks, lastWave, remainingBudget, cwd, plannerModel, concurrency, onLog, transcriptName = "verify") {
+    const pendingList = pendingTasks.length > 0
+        ? pendingTasks.map((t, i) => `  ${i + 1}. ${t.prompt.slice(0, 200)}`).join("\n")
+        : "(none — every task from the original plan has been attempted)";
+    const prompt = `You are the verifier + fix gate between waves of a fixed-plan execution.
+
+Objective: ${objective}
+
+## What just happened
+${renderLastWave(lastWave)}
+
+## Remaining plan (pending tasks, in order)
+${pendingList}
+
+## Your job
+
+1. Run the project's build and smoke checks. Use the tools you have (Bash, Read, Grep, Edit, Write).
+2. For any regression the last wave introduced, make the fix directly. Don't delegate a fix to the next wave if you can do it in two edits.
+3. Compose the next batch of pending tasks to dispatch — pick tasks with non-overlapping file scopes so ${concurrency} can run in parallel.
+4. If the plan is complete AND the build passes AND one verify task has confirmed the app runs, set done=true.
+
+## Output
+
+Respond with ONLY a JSON object (no markdown fences):
+{"done":boolean,"reasoning":"...","statusUpdate":"REQUIRED","estimatedSessionsRemaining":N,"verifiedCount":N,"retryCount":N,"tasks":[{"prompt":"...","type":"execute","postcondition":"..."}]}
+
+Remaining budget: ${remainingBudget} agent sessions. Include retries inside tasks[] (same format) if a pending step needs a second attempt with corrected context.`;
+    onLog("Verifying last wave…", "status");
+    const turn = createTurn("steer", `Verify wave`, `verify-${lastWave?.wave ?? 0}`, plannerModel);
+    beginTurn(turn);
+    const resultText = await runPlannerQuery(prompt, {
+        cwd, model: plannerModel, outputFormat: VERIFY_SCHEMA,
+        transcriptName, turnId: turn.id, maxTurns: 80,
+    }, onLog);
+    const parsed = attemptJsonParse(resultText);
+    if (!parsed) {
+        endTurn(turn, "error");
+        throw new Error(`Could not parse verifier response (${resultText.length} chars): ${resultText.slice(0, 120)}`);
+    }
+    const isDone = parsed.done === true;
+    const statusUpdate = parsed.statusUpdate || undefined;
+    const estRaw = parsed.estimatedSessionsRemaining;
+    const estimatedSessionsRemaining = typeof estRaw === "number" && estRaw >= 0 ? Math.round(estRaw) : undefined;
+    let tasks = (parsed.tasks || []).map((t, i) => ({
+        id: String(i),
+        prompt: typeof t === "string" ? t : t.prompt,
+        ...(t.noWorktree && { noWorktree: true }),
+        ...(t.type && { type: t.type }),
+        ...(typeof t.postcondition === "string" && t.postcondition.trim() && { postcondition: t.postcondition.trim() }),
+    }));
+    tasks = postProcess(tasks, remainingBudget, onLog);
+    endTurn(turn, tasks.length === 0 && !isDone ? "error" : "done");
+    if (isDone) {
+        return {
+            done: true, tasks: [], reasoning: parsed.reasoning || "Plan complete and verified",
+            statusUpdate, estimatedSessionsRemaining: estimatedSessionsRemaining ?? 0,
+        };
+    }
+    return {
+        done: tasks.length === 0, tasks,
+        reasoning: parsed.reasoning || "", statusUpdate, estimatedSessionsRemaining,
+    };
+}

package/dist/providers/index.js

@@ -11,7 +11,7 @@ import { DEFAULT_MODEL } from "../core/models.js";
 import { isCursorProxyProvider, resolveCursorAgentToken, cachedAgentPaths, } from "./cursor-env.js";
 import { preflightCursorProxyViaHttp } from "./cursor-proxy.js";
 import { pickCursorModel } from "./cursor-picker.js";
-import { sdkQueryRateLimiter } from "../core/rate-limiter.js";
+import { sdkQueryRateLimiter, acquireSdkQueryRateLimit } from "../core/rate-limiter.js";
 // Re-export Cursor utilities so callers can keep a single import point.
 export { PROXY_DEFAULT_URL, isCursorProxyProvider, bundledComposerProxyShellCommand, readCursorProxyLogTail, warnMacCursorAgentShellPatchIfNeeded, hasCursorAgentToken, getCursorAgentToken, } from "./cursor-env.js";
 export { healthCheckCursorProxy, ensureCursorProxyRunning } from "./cursor-proxy.js";
@@ -243,7 +243,7 @@ export async function preflightProvider(p, cwd, timeoutMs = 20_000, opts) {
     let pq;
     const rl = sdkQueryRateLimiter;
     try {
-        await rl.waitIfNeeded();
+        await acquireSdkQueryRateLimit();
         pq = query({
             prompt: "Reply with exactly the word ok and nothing else.",
             options: {