codekin 0.3.7 → 0.4.0

package/server/dist/diff-parser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"diff-parser.js","sourceRoot":"","sources":["../diff-parser.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,6DAA6D;AAC7D,MAAM,iBAAiB,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,CAAA;AAQzC;;;;GAIG;AACH,MAAM,UAAU,SAAS,CAAC,GAAW,EAAE,WAAmB,iBAAiB;IACzE,IAAI,SAAS,GAAG,KAAK,CAAA;IACrB,IAAI,gBAAoC,CAAA;IACxC,IAAI,KAAK,GAAG,GAAG,CAAA;IAEf,IAAI,MAAM,CAAC,UAAU,CAAC,GAAG,EAAE,OAAO,CAAC,GAAG,QAAQ,EAAE,CAAC;QAC/C,SAAS,GAAG,IAAI,CAAA;QAChB,gBAAgB,GAAG,wBAAwB,IAAI,CAAC,KAAK,CAAC,QAAQ,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC,WAAW,CAAA;QAC1F,kEAAkE;QAClE,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;QACrC,MAAM,MAAM,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;QAC1D,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,CAAA;QAC5C,KAAK,GAAG,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,MAAM,CAAA;IACjE,CAAC;IAED,MAAM,KAAK,GAAe,EAAE,CAAA;IAE5B,kDAAkD;IAClD,MAAM,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,eAAe,CAAC,CAAA;IAEjD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7C,MAAM,OAAO,GAAG,YAAY,CAAC,CAAC,CAAC,CAAA;QAC/B,MAAM,IAAI,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAA;QACtC,IAAI,IAAI;YAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAC5B,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,gBAAgB,EAAE,CAAA;AAC/C,CAAC;AAED,SAAS,gBAAgB,CAAC,OAAe;IACvC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACjC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAA;IAEnC,8BAA8B;IAC9B,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;IAC3B,MAAM,SAAS,GAAG,UAAU,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAA;IACzD,IAAI,CAAC,SAAS;QAAE,OAAO,IAAI,CAAA;IAE3B,MAAM,KAAK,GAAG,SAAS,CAAC,CAAC,CAAC,CAAA;IAE1B,IAAI,MAAM,GAAmB,UAAU,CAAA;IACvC,IAAI,OAA2B,CAAA;IAC/B,IAAI,QAAQ,GAAG,KAAK,CAAA;IACpB,MAAM,KAAK,GAAe,EAAE,CAAA;IAC5B,IAAI,SAAS,GAAG,CAAC,CAAA;IACjB,IAAI,SAAS,GAAG,CAAC,CAAA;IAEjB,IAAI,OAAO,GAAG,CAAC,CAAA;IAEf,6EAA6E;IAC7E,OAAO,OAAO,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;QAC9B,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,CAAA;QAE3B,IAAI,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;YACrC,MAAM,GAAG,OAAO,CAAA;QAClB,CAAC;aAAM,IAAI,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,EAAE,CAAC;YAChD,MAAM,GAAG,SAAS,CAAA;QACpB,CAAC;aAAM,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;YAC3C,MAAM,GAAG,SAAS,CAAA;YAClB,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,MAAM,CAAC,CAAA;QAC7C,CAAC;aAAM,IAAI,IAAI,CAAC,UAAU,CAAC,kBAAkB,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,qBAAqB,CAAC,EAAE,CAAC;YACzF,mCAAmC;QACrC,CAAC;aAAM,IAAI,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YACzC,6BAA6B;QAC/B,CAAC;aAAM,IAAI,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YACrC,mBAAmB;QACrB,CAAC;aAAM,IAAI,IAAI,KAAK,kBAAkB,IAAI,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;YAC3E,QAAQ,GAAG,IAAI,CAAA;QACjB,CAAC;aAAM,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YAC9D,oDAAoD;QACtD,CAAC;aAAM,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACjC,6CAA6C;YAC7C,MAAK;QACP,CAAC;aAAM,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YACtE,oBAAoB;QACtB,CAAC;aAAM,CAAC;YACN,yDAAyD;YACzD,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,KAAK,EAAE,EAAE,CAAC;gBAC1C,MAAK;YACP,CAAC;QACH,CAAC;QACD,OAAO,EAAE,CAAA;IACX,CAAC;IAED,cAAc;IACd,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,OAAO,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;YAC9B,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,CAAA;YAC3B,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC1B,MAAM,UAAU,GAAG,SAAS,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;gBAC5C,IAAI,UAAU,EAAE,CAAC;oBACf,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAA;oBAC3B,SAAS,IAAI,UAAU,CAAC,SAAS,CAAA;oBACjC,SAAS,IAAI,UAAU,CAAC,SAAS,CAAA;oBACjC,OAAO,GAAG,UAAU,CAAC,OAAO,CAAA;gBAC9B,CAAC;qBAAM,CAAC;oBACN,OAAO,EAAE,CAAA;gBACX,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,OAAO,EAAE,CAAA;YACX,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,IAAI,EAAE,KAAK;QACX,MAAM;QACN,OAAO,EAAE,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;QACnD,QAAQ;QACR,SAAS;QACT,SAAS;QACT,KAAK;KACN,CAAA;AACH,CAAC;AASD,SAAS,SAAS,CAAC,KAAe,EAAE,QAAgB;IAClD,MAAM,UAAU,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAA;IAClC,6CAA6C;IAC7C,MAAM,SAAS,GAAG,UAAU,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAA;IACtF,IAAI,CAAC,SAAS;QAAE,OAAO,IAAI,CAAA;IAE3B,MAAM,QAAQ,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IAC3C,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;IAC5E,MAAM,QAAQ,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IAC3C,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;IAE5E,MAAM,SAAS,GAAe,EAAE,CAAA;IAChC,IAAI,SAAS,GAAG,CAAC,CAAA;IACjB,IAAI,SAAS,GAAG,CAAC,CAAA;IACjB,IAAI,SAAS,GAAG,QAAQ,CAAA;IACxB,IAAI,SAAS,GAAG,QAAQ,CAAA;IACxB,IAAI,GAAG,GAAG,QAAQ,GAAG,CAAC,CAAA;IAEtB,OAAO,GAAG,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;QAC1B,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,CAAA;QAEvB,yBAAyB;QACzB,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC;YAAE,MAAK;QAElE,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACzB,SAAS,CAAC,IAAI,CAAC;gBACb,IAAI,EAAE,KAAK;gBACX,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;gBACtB,SAAS,EAAE,SAAS;aACrB,CAAC,CAAA;YACF,SAAS,EAAE,CAAA;YACX,SAAS,EAAE,CAAA;QACb,CAAC;aAAM,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAChC,SAAS,CAAC,IAAI,CAAC;gBACb,IAAI,EAAE,QAAQ;gBACd,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;gBACtB,SAAS,EAAE,SAAS;aACrB,CAAC,CAAA;YACF,SAAS,EAAE,CAAA;YACX,SAAS,EAAE,CAAA;QACb,CAAC;aAAM,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAChC,SAAS,CAAC,IAAI,CAAC;gBACb,IAAI,EAAE,SAAS;gBACf,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;gBACtB,SAAS,EAAE,SAAS;gBACpB,SAAS,EAAE,SAAS;aACrB,CAAC,CAAA;YACF,SAAS,EAAE,CAAA;YACX,SAAS,EAAE,CAAA;QACb,CAAC;aAAM,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACjC,uCAAuC;QACzC,CAAC;aAAM,IAAI,IAAI,KAAK,EAAE,EAAE,CAAC;YACvB,4DAA4D;YAC5D,wEAAwE;YACxE,MAAK;QACP,CAAC;aAAM,CAAC;YACN,MAAK;QACP,CAAC;QACD,GAAG,EAAE,CAAA;IACP,CAAC;IAED,OAAO;QACL,IAAI,EAAE;YACJ,MAAM,EAAE,UAAU;YAClB,QAAQ;YACR,QAAQ;YACR,QAAQ;YACR,QAAQ;YACR,KAAK,EAAE,SAAS;SACjB;QACD,SAAS;QACT,SAAS;QACT,OAAO,EAAE,GAAG;KACb,CAAA;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,uBAAuB,CAAC,YAAoB,EAAE,OAAe;IAC3E,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACrC,kEAAkE;IAClE,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,IAAI,SAAS,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC;QACnE,SAAS,CAAC,GAAG,EAAE,CAAA;IACjB,CAAC;IAED,MAAM,SAAS,GAAe,SAAS,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QACxD,IAAI,EAAE,KAAc;QACpB,OAAO,EAAE,IAAI;QACb,SAAS,EAAE,CAAC,GAAG,CAAC;KACjB,CAAC,CAAC,CAAA;IAEH,OAAO;QACL,IAAI,EAAE,YAAY;QAClB,MAAM,EAAE,OAAO;QACf,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,SAAS,CAAC,MAAM;QAC3B,SAAS,EAAE,CAAC;QACZ,KAAK,EAAE,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC7B,MAAM,EAAE,cAAc,SAAS,CAAC,MAAM,KAAK;gBAC3C,QAAQ,EAAE,CAAC;gBACX,QAAQ,EAAE,CAAC;gBACX,QAAQ,EAAE,CAAC;gBACX,QAAQ,EAAE,SAAS,CAAC,MAAM;gBAC1B,KAAK,EAAE,SAAS;aACjB,CAAC,CAAC,CAAC,CAAC,EAAE;KACR,CAAA;AACH,CAAC"}

package/server/dist/session-manager.d.ts

@@ -17,7 +17,7 @@
  */
 import type { WebSocket } from 'ws';
 import { SessionArchive } from './session-archive.js';
-import type { Session, SessionInfo, WsServerMessage } from './types.js';
+import type { DiffFileStatus, DiffScope, Session, SessionInfo, WsServerMessage } from './types.js';
 export interface CreateSessionOptions {
     source?: 'manual' | 'webhook' | 'workflow' | 'stepflow';
     id?: string;
@@ -25,22 +25,23 @@ export interface CreateSessionOptions {
     model?: string;
 }
 export declare class SessionManager {
+    /** All active (non-archived) sessions, keyed by session UUID. */
     private sessions;
-    /** SQLite archive for closed sessions. */
+    /** SQLite archive for closed sessions (persists conversation summaries across restarts). */
     readonly archive: SessionArchive;
     /** Exposed so ws-server can pass its port to child Claude processes. */
     _serverPort: number;
     /** Exposed so ws-server can pass the auth token to child Claude processes. */
     _authToken: string;
-    /** Callback to broadcast a message to ALL connected WebSocket clients (set by ws-server). */
+    /** Callback to broadcast a message to ALL connected WebSocket clients (set by ws-server on startup). */
     _globalBroadcast: ((msg: WsServerMessage) => void) | null;
-    /** Registered listeners notified when a session's Claude process exits. */
+    /** Registered listeners notified when a session's Claude process exits (used by webhook-handler for chained workflows). */
     private _exitListeners;
-    /** Delegated approval logic. */
+    /** Delegated approval logic (auto-approve patterns, deny-lists, pattern management). */
     private approvalManager;
-    /** Delegated naming logic. */
+    /** Delegated auto-naming logic (generates session names from first user message via Claude API). */
     private sessionNaming;
-    /** Delegated persistence logic. */
+    /** Delegated persistence logic (saves/restores session metadata to disk across server restarts). */
     private sessionPersistence;
     constructor();
     /** Check if a tool/command is auto-approved for a repo. */
@@ -53,6 +54,12 @@ export declare class SessionManager {
         commands: string[];
         patterns: string[];
     };
+    /** Return approvals effective globally via cross-repo inference. */
+    getGlobalApprovals(): {
+        tools: Record<string, string[]>;
+        commands: Record<string, string[]>;
+        patterns: Record<string, string[]>;
+    };
     /** Remove an auto-approval rule for a repo (workingDir) and persist to disk. */
     removeApproval(workingDir: string, opts: {
         tool?: string;
@@ -81,7 +88,7 @@ export declare class SessionManager {
     /** Add a WebSocket client to a session. Returns the session or undefined if not found.
      *  Re-broadcasts any pending approval/control prompts so the joining client sees them. */
     join(sessionId: string, ws: WebSocket): Session | undefined;
-    /** Remove a WebSocket client from a session. Auto-denies pending prompts if last client leaves. */
+    /** Remove a WebSocket client from a session. Auto-denies pending prompts if last client leaves (after grace period). */
     leave(sessionId: string, ws: WebSocket): void;
     /** Delete a session: kill its process, notify clients, remove from memory and disk. */
     delete(sessionId: string): boolean;
@@ -183,6 +190,16 @@ export declare class SessionManager {
     broadcast(session: Session, msg: WsServerMessage): void;
     findSessionForClient(ws: WebSocket): Session | undefined;
     removeClient(ws: WebSocket): void;
+    /**
+     * Run git diff in a session's workingDir and return structured results.
+     * Includes untracked file discovery for 'unstaged' and 'all' scopes.
+     */
+    getDiff(sessionId: string, scope?: DiffScope): Promise<WsServerMessage>;
+    /**
+     * Discard changes in a session's workingDir per the given scope and paths.
+     * Returns a fresh diff_result after discarding.
+     */
+    discardChanges(sessionId: string, scope: DiffScope, paths?: string[], statuses?: Record<string, DiffFileStatus>): Promise<WsServerMessage>;
     /** Graceful shutdown: complete in-progress tasks, persist state, kill all processes. */
     shutdown(): void;
     /**

package/server/dist/session-manager.js

@@ -16,6 +16,10 @@
  * - SessionPersistence: disk I/O for session state
  */
 import { randomUUID } from 'crypto';
+import { execFile } from 'child_process';
+import { promises as fs } from 'fs';
+import path from 'path';
+import { promisify } from 'util';
 import { ClaudeProcess } from './claude-process.js';
 import { SessionArchive } from './session-archive.js';
 import { cleanupWorkspace } from './webhook-workspace.js';
@@ -24,6 +28,79 @@ import { ApprovalManager } from './approval-manager.js';
 import { SessionNaming } from './session-naming.js';
 import { SessionPersistence } from './session-persistence.js';
 import { deriveSessionToken } from './crypto-utils.js';
+import { parseDiff, createUntrackedFileDiff } from './diff-parser.js';
+const execFileAsync = promisify(execFile);
+/** Max stdout for git commands (2 MB). */
+const GIT_MAX_BUFFER = 2 * 1024 * 1024;
+/** Timeout for git commands (10 seconds). */
+const GIT_TIMEOUT_MS = 10_000;
+/** Max paths per git command to stay under ARG_MAX (~128 KB on Linux). */
+const GIT_PATH_CHUNK_SIZE = 200;
+/** Run a git command as a fixed argv array (no shell interpolation). */
+async function execGit(args, cwd) {
+    const { stdout } = await execFileAsync('git', args, {
+        cwd,
+        maxBuffer: GIT_MAX_BUFFER,
+        timeout: GIT_TIMEOUT_MS,
+    });
+    return stdout;
+}
+/** Run a git command with paths chunked to avoid E2BIG. Concatenates stdout. */
+async function execGitChunked(baseArgs, paths, cwd) {
+    let result = '';
+    for (let i = 0; i < paths.length; i += GIT_PATH_CHUNK_SIZE) {
+        const chunk = paths.slice(i, i + GIT_PATH_CHUNK_SIZE);
+        result += await execGit([...baseArgs, '--', ...chunk], cwd);
+    }
+    return result;
+}
+/** Get file statuses from `git status --porcelain` for given paths (or all). */
+async function getFileStatuses(cwd, paths) {
+    const args = ['status', '--porcelain', '-z'];
+    if (paths)
+        args.push('--', ...paths);
+    const raw = await execGit(args, cwd);
+    const result = {};
+    // git status --porcelain=v1 -z format: XY NUL path NUL
+    // XY is a two-character status code: X = index status, Y = worktree status.
+    // Examples: " M" = unstaged modification, "A " = staged addition, "??" = untracked.
+    // For renames/copies: XY NUL oldpath NUL newpath NUL
+    const parts = raw.split('\0');
+    let i = 0;
+    while (i < parts.length) {
+        const entry = parts[i];
+        if (entry.length < 3) {
+            i++;
+            continue;
+        } // skip empty trailing entries
+        const x = entry[0]; // index status
+        const y = entry[1]; // worktree status
+        const filePath = entry.slice(3);
+        if (x === 'R' || x === 'C') {
+            // Rename/copy: next NUL-separated part is the new path
+            const newPath = parts[i + 1] ?? filePath;
+            result[newPath] = 'renamed';
+            i += 2;
+        }
+        else if (x === 'D' || y === 'D') {
+            result[filePath] = 'deleted';
+            i++;
+        }
+        else if (x === '?' && y === '?') {
+            result[filePath] = 'added';
+            i++;
+        }
+        else if (x === 'A') {
+            result[filePath] = 'added';
+            i++;
+        }
+        else {
+            result[filePath] = 'modified';
+            i++;
+        }
+    }
+    return result;
+}
 /** Max messages retained in a session's output history buffer. */
 const MAX_HISTORY = 2000;
 /** Max auto-restart attempts before requiring manual intervention. */
@@ -50,22 +127,23 @@ const API_RETRY_PATTERNS = [
     /503/,
 ];
 export class SessionManager {
+    /** All active (non-archived) sessions, keyed by session UUID. */
     sessions = new Map();
-    /** SQLite archive for closed sessions. */
+    /** SQLite archive for closed sessions (persists conversation summaries across restarts). */
     archive;
     /** Exposed so ws-server can pass its port to child Claude processes. */
     _serverPort = PORT;
     /** Exposed so ws-server can pass the auth token to child Claude processes. */
     _authToken = '';
-    /** Callback to broadcast a message to ALL connected WebSocket clients (set by ws-server). */
+    /** Callback to broadcast a message to ALL connected WebSocket clients (set by ws-server on startup). */
     _globalBroadcast = null;
-    /** Registered listeners notified when a session's Claude process exits. */
+    /** Registered listeners notified when a session's Claude process exits (used by webhook-handler for chained workflows). */
     _exitListeners = [];
-    /** Delegated approval logic. */
+    /** Delegated approval logic (auto-approve patterns, deny-lists, pattern management). */
     approvalManager;
-    /** Delegated naming logic. */
+    /** Delegated auto-naming logic (generates session names from first user message via Claude API). */
     sessionNaming;
-    /** Delegated persistence logic. */
+    /** Delegated persistence logic (saves/restores session metadata to disk across server restarts). */
     sessionPersistence;
     constructor() {
         this.archive = new SessionArchive();
@@ -94,6 +172,10 @@ export class SessionManager {
     getApprovals(workingDir) {
         return this.approvalManager.getApprovals(workingDir);
     }
+    /** Return approvals effective globally via cross-repo inference. */
+    getGlobalApprovals() {
+        return this.approvalManager.getGlobalApprovals();
+    }
     /** Remove an auto-approval rule for a repo (workingDir) and persist to disk. */
     removeApproval(workingDir, opts, skipPersist = false) {
         return this.approvalManager.removeApproval(workingDir, opts, skipPersist);
@@ -157,6 +239,7 @@ export class SessionManager {
             isProcessing: false,
             pendingControlRequests: new Map(),
             pendingToolApprovals: new Map(),
+            _leaveGraceTimer: null,
         };
         this.sessions.set(id, session);
         this.persistToDisk();
@@ -201,6 +284,11 @@ export class SessionManager {
         const session = this.sessions.get(sessionId);
         if (!session)
             return undefined;
+        // Cancel pending auto-deny from leave grace period
+        if (session._leaveGraceTimer) {
+            clearTimeout(session._leaveGraceTimer);
+            session._leaveGraceTimer = null;
+        }
         session.clients.add(ws);
         // Re-broadcast pending tool approval prompts (PreToolUse hook path)
         for (const pending of session.pendingToolApprovals.values()) {
@@ -218,28 +306,37 @@ export class SessionManager {
         }
         return session;
     }
-    /** Remove a WebSocket client from a session. Auto-denies pending prompts if last client leaves. */
+    /** Remove a WebSocket client from a session. Auto-denies pending prompts if last client leaves (after grace period). */
     leave(sessionId, ws) {
         const session = this.sessions.get(sessionId);
         if (session) {
             session.clients.delete(ws);
-            // If no clients remain, auto-deny all pending prompts to prevent hangs
+            // If no clients remain, wait a grace period before auto-denying.
+            // This prevents false denials when the user is just refreshing the page.
             if (session.clients.size === 0) {
-                if (session.pendingControlRequests.size > 0) {
-                    console.log(`[session] last client left, auto-denying ${session.pendingControlRequests.size} pending control requests`);
-                    for (const [requestId] of session.pendingControlRequests) {
-                        session.claudeProcess?.sendControlResponse(requestId, 'deny');
-                    }
-                    session.pendingControlRequests.clear();
-                }
-                if (session.pendingToolApprovals.size > 0) {
-                    console.log(`[session] last client left, auto-denying ${session.pendingToolApprovals.size} pending tool approval(s)`);
-                    for (const [reqId, pending] of session.pendingToolApprovals) {
-                        pending.resolve({ allow: false, always: false });
-                        this.broadcast(session, { type: 'prompt_dismiss', requestId: reqId });
+                if (session._leaveGraceTimer)
+                    clearTimeout(session._leaveGraceTimer);
+                session._leaveGraceTimer = setTimeout(() => {
+                    session._leaveGraceTimer = null;
+                    // Re-check: if still no clients after grace period, auto-deny
+                    if (session.clients.size === 0) {
+                        if (session.pendingControlRequests.size > 0) {
+                            console.log(`[session] last client left, auto-denying ${session.pendingControlRequests.size} pending control requests`);
+                            for (const [requestId] of session.pendingControlRequests) {
+                                session.claudeProcess?.sendControlResponse(requestId, 'deny');
+                            }
+                            session.pendingControlRequests.clear();
+                        }
+                        if (session.pendingToolApprovals.size > 0) {
+                            console.log(`[session] last client left, auto-denying ${session.pendingToolApprovals.size} pending tool approval(s)`);
+                            for (const [reqId, pending] of session.pendingToolApprovals) {
+                                pending.resolve({ allow: false, always: false });
+                                this.broadcast(session, { type: 'prompt_dismiss', requestId: reqId });
+                            }
+                            session.pendingToolApprovals.clear();
+                        }
                     }
-                    session.pendingToolApprovals.clear();
-                }
+                }, 3000);
             }
         }
     }
@@ -255,6 +352,8 @@ export class SessionManager {
             clearTimeout(session._apiRetryTimer);
         if (session._namingTimer)
             clearTimeout(session._namingTimer);
+        if (session._leaveGraceTimer)
+            clearTimeout(session._leaveGraceTimer);
         // Kill claude process if running
         if (session.claudeProcess) {
             session.claudeProcess.stop();
@@ -670,10 +769,40 @@ export class SessionManager {
         if (!session)
             return;
         // Check for pending tool approval from PreToolUse hook
-        // Match by requestId if provided, otherwise fall back to oldest pending approval
-        const approval = requestId
-            ? session.pendingToolApprovals.get(requestId)
-            : session.pendingToolApprovals.values().next().value; // fallback: oldest
+        if (!requestId) {
+            const totalPending = session.pendingToolApprovals.size + session.pendingControlRequests.size;
+            if (totalPending === 1) {
+                // Exactly one pending prompt — safe to infer the target
+                const soleApproval = session.pendingToolApprovals.size === 1
+                    ? session.pendingToolApprovals.values().next().value
+                    : undefined;
+                if (soleApproval) {
+                    console.warn(`[prompt_response] no requestId, routing to sole pending tool approval: ${soleApproval.toolName}`);
+                    this.resolveToolApproval(session, soleApproval, value);
+                    return;
+                }
+                const soleControl = session.pendingControlRequests.size === 1
+                    ? session.pendingControlRequests.values().next().value
+                    : undefined;
+                if (soleControl) {
+                    console.warn(`[prompt_response] no requestId, routing to sole pending control request: ${soleControl.toolName}`);
+                    requestId = soleControl.requestId;
+                }
+            }
+            else if (totalPending > 1) {
+                console.warn(`[prompt_response] no requestId with ${totalPending} pending prompts — rejecting to prevent misrouted response`);
+                this.broadcast(session, {
+                    type: 'system_message',
+                    subtype: 'error',
+                    text: 'Prompt response could not be routed: multiple prompts pending. Please refresh and try again.',
+                });
+                return;
+            }
+            else {
+                console.warn(`[prompt_response] no requestId, no pending prompts — forwarding as user message`);
+            }
+        }
+        const approval = requestId ? session.pendingToolApprovals.get(requestId) : undefined;
         if (approval) {
             this.resolveToolApproval(session, approval, value);
             return;
@@ -681,9 +810,7 @@ export class SessionManager {
         if (!session.claudeProcess?.isAlive())
             return;
         // Find matching pending control request
-        const pending = requestId
-            ? session.pendingControlRequests.get(requestId)
-            : session.pendingControlRequests.values().next().value; // fallback: oldest
+        const pending = requestId ? session.pendingControlRequests.get(requestId) : undefined;
         if (pending) {
             session.pendingControlRequests.delete(pending.requestId);
             // Dismiss prompt on all other clients viewing this session
@@ -1042,6 +1169,214 @@ export class SessionManager {
             session.clients.delete(ws);
         }
     }
+    // ---------------------------------------------------------------------------
+    // Diff viewer
+    // ---------------------------------------------------------------------------
+    /**
+     * Run git diff in a session's workingDir and return structured results.
+     * Includes untracked file discovery for 'unstaged' and 'all' scopes.
+     */
+    async getDiff(sessionId, scope = 'all') {
+        const session = this.sessions.get(sessionId);
+        if (!session)
+            return { type: 'diff_error', message: 'Session not found' };
+        const cwd = session.workingDir;
+        try {
+            // Get branch name
+            let branch;
+            try {
+                const branchResult = await execGit(['rev-parse', '--abbrev-ref', 'HEAD'], cwd);
+                branch = branchResult.trim();
+                if (branch === 'HEAD') {
+                    const shaResult = await execGit(['rev-parse', '--short', 'HEAD'], cwd);
+                    branch = `detached at ${shaResult.trim()}`;
+                }
+            }
+            catch {
+                branch = 'unknown';
+            }
+            // Build diff command based on scope
+            const diffArgs = ['diff', '--find-renames', '--no-color', '--unified=3'];
+            if (scope === 'staged') {
+                diffArgs.push('--cached');
+            }
+            else if (scope === 'all') {
+                diffArgs.push('HEAD');
+            }
+            // 'unstaged' uses bare `git diff` (working tree vs index)
+            let rawDiff;
+            try {
+                rawDiff = await execGit(diffArgs, cwd);
+            }
+            catch {
+                // git diff HEAD fails if no commits yet — fall back to staged + unstaged
+                if (scope === 'all') {
+                    const [staged, unstaged] = await Promise.all([
+                        execGit(['diff', '--cached', '--find-renames', '--no-color', '--unified=3'], cwd).catch(() => ''),
+                        execGit(['diff', '--find-renames', '--no-color', '--unified=3'], cwd).catch(() => ''),
+                    ]);
+                    rawDiff = staged + unstaged;
+                }
+                else {
+                    rawDiff = '';
+                }
+            }
+            const { files, truncated, truncationReason } = parseDiff(rawDiff);
+            // Discover untracked files for 'unstaged' and 'all' scopes
+            if (scope !== 'staged') {
+                try {
+                    const untrackedRaw = await execGit(['ls-files', '--others', '--exclude-standard'], cwd);
+                    const untrackedPaths = untrackedRaw.trim().split('\n').filter(Boolean);
+                    for (const relPath of untrackedPaths) {
+                        try {
+                            const fullPath = path.join(cwd, relPath);
+                            // Check if binary by attempting to read as utf-8
+                            const content = await fs.readFile(fullPath, 'utf-8');
+                            files.push(createUntrackedFileDiff(relPath, content));
+                        }
+                        catch {
+                            // Binary or unreadable — add as binary
+                            files.push({
+                                path: relPath,
+                                status: 'added',
+                                isBinary: true,
+                                additions: 0,
+                                deletions: 0,
+                                hunks: [],
+                            });
+                        }
+                    }
+                }
+                catch {
+                    // ls-files failed — skip untracked
+                }
+            }
+            const summary = {
+                filesChanged: files.length,
+                insertions: files.reduce((sum, f) => sum + f.additions, 0),
+                deletions: files.reduce((sum, f) => sum + f.deletions, 0),
+                truncated,
+                truncationReason,
+            };
+            return { type: 'diff_result', files, summary, branch, scope };
+        }
+        catch (err) {
+            const message = err instanceof Error ? err.message : 'Failed to get diff';
+            return { type: 'diff_error', message };
+        }
+    }
+    /**
+     * Discard changes in a session's workingDir per the given scope and paths.
+     * Returns a fresh diff_result after discarding.
+     */
+    async discardChanges(sessionId, scope, paths, statuses) {
+        const session = this.sessions.get(sessionId);
+        if (!session)
+            return { type: 'diff_error', message: 'Session not found' };
+        const cwd = session.workingDir;
+        try {
+            // Validate paths — enforce separator boundary to prevent /repoX matching /repo
+            if (paths) {
+                const root = path.resolve(cwd) + path.sep;
+                for (const p of paths) {
+                    if (p.includes('..') || path.isAbsolute(p)) {
+                        return { type: 'diff_error', message: `Invalid path: ${p}` };
+                    }
+                    const resolved = path.resolve(cwd, p);
+                    if (resolved !== path.resolve(cwd) && !resolved.startsWith(root)) {
+                        return { type: 'diff_error', message: `Path escapes working directory: ${p}` };
+                    }
+                }
+            }
+            // Determine file statuses if not provided
+            let fileStatuses = statuses ?? {};
+            if (!statuses && paths) {
+                fileStatuses = await getFileStatuses(cwd, paths);
+            }
+            else if (!statuses && !paths) {
+                fileStatuses = await getFileStatuses(cwd);
+            }
+            const targetPaths = paths ?? Object.keys(fileStatuses);
+            // Separate files by status for different handling
+            const trackedPaths = [];
+            const untrackedPaths = [];
+            const stagedNewPaths = [];
+            for (const p of targetPaths) {
+                const status = fileStatuses[p];
+                if (status === 'added') {
+                    // Determine if untracked or staged-new by checking the index
+                    try {
+                        const indexEntry = (await execGit(['ls-files', '--stage', '--', p], cwd)).trim();
+                        if (indexEntry) {
+                            stagedNewPaths.push(p);
+                        }
+                        else {
+                            untrackedPaths.push(p);
+                        }
+                    }
+                    catch {
+                        untrackedPaths.push(p);
+                    }
+                }
+                else {
+                    trackedPaths.push(p);
+                }
+            }
+            // Handle tracked files (modified, deleted, renamed) with git restore
+            if (trackedPaths.length > 0) {
+                const restoreArgs = ['restore'];
+                if (scope === 'staged') {
+                    restoreArgs.push('--staged');
+                }
+                else if (scope === 'all') {
+                    restoreArgs.push('--staged', '--worktree');
+                }
+                else {
+                    restoreArgs.push('--worktree');
+                }
+                try {
+                    await execGitChunked(restoreArgs, trackedPaths, cwd);
+                }
+                catch (err) {
+                    // Fallback for Git < 2.23
+                    console.warn('[discard] git restore failed, trying fallback:', err);
+                    if (scope === 'staged' || scope === 'all') {
+                        await execGitChunked(['reset', 'HEAD'], trackedPaths, cwd);
+                    }
+                    if (scope === 'unstaged' || scope === 'all') {
+                        await execGitChunked(['checkout'], trackedPaths, cwd);
+                    }
+                }
+            }
+            // Handle staged new files
+            if (stagedNewPaths.length > 0) {
+                if (scope === 'staged') {
+                    // Unstage only — leave on disk
+                    await execGitChunked(['rm', '--cached'], stagedNewPaths, cwd);
+                }
+                else if (scope === 'all') {
+                    // Remove from index and disk
+                    await execGitChunked(['rm', '--cached'], stagedNewPaths, cwd);
+                    for (const p of stagedNewPaths) {
+                        await fs.unlink(path.join(cwd, p)).catch(() => { });
+                    }
+                }
+                // 'unstaged' scope: N/A for staged-new files
+            }
+            // Handle untracked files (delete from disk)
+            if (untrackedPaths.length > 0 && scope !== 'staged') {
+                for (const p of untrackedPaths) {
+                    await fs.unlink(path.join(cwd, p)).catch(() => { });
+                }
+            }
+            // Return fresh diff
+            return await this.getDiff(sessionId, scope);
+        }
+        catch (err) {
+            const message = err instanceof Error ? err.message : 'Failed to discard changes';
+            return { type: 'diff_error', message };
+        }
+    }
     /** Graceful shutdown: complete in-progress tasks, persist state, kill all processes. */
     shutdown() {
         // Complete in-progress tasks for active sessions before persisting.