create-walle 0.9.21 → 0.9.22

package/template/claude-task-manager/server.js

@@ -95,6 +95,7 @@ const {
   buildSessionStandupSnapshot,
   isWalleOwnedSession,
 } = require('./lib/session-standup');
+const { summarizeRestartGuard } = require('./lib/restart-guard');
 const { createStandupIncrementalCache } = require('./lib/standup-incremental');
 const {
   buildStandupAttentionContext,
@@ -166,6 +167,8 @@ const {
   isLoopbackRequest,
   loadTlsOptions,
   parseAllowedOrigins,
+  primaryProcessIpLockoutExemptions,
+  requestClientIp,
   requestOrigin,
 } = require('./lib/transport-security');
 const {
@@ -185,6 +188,7 @@ const {
   clearMicrosoftDevTunnelTraffic,
   detectMicrosoftDevTunnelSetup,
   getMicrosoftDevTunnelProgress,
+  logoutMicrosoftDevTunnelUser,
   probeMicrosoftDevTunnelPublicAccess,
   recordMicrosoftDevTunnelTraffic,
   setMicrosoftDevTunnelKeepAwake,
@@ -712,7 +716,9 @@ const loggedSetupProviderDuplicateSignatures = new Set();
 const WALLE_SESSIONS_DIR = walleTranscript.defaultSessionsDir(process.env);
 
 const config = loadConfig();
-const authRateLimiter = new AuthRateLimiter();
+const authRateLimiter = new AuthRateLimiter({
+  ipLockoutExemptions: primaryProcessIpLockoutExemptions(HOST),
+});
 const AGENT_CLI_CACHE_FILE = path.join(CONFIG_DIR, 'agent-cli-cache.json');
 const {
   detectAgentType,
@@ -1513,7 +1519,7 @@ function _sendAuthFailure(res, decision) {
 }
 
 function _remoteIpFromReq(req) {
-  return req?.socket?.remoteAddress || '';
+  return requestClientIp(req);
 }
 
 function _auditAuthDecision({ req, auth, rule, decision, route, wsType, action }) {
@@ -1544,15 +1550,18 @@ function _rateLimitDecision(auth, rule, keyPath) {
 
 function _authorizeHttpRequest(req, res, url) {
   const remoteIp = _remoteIpFromReq(req);
-  const locked = authRateLimiter.isIpLocked(remoteIp);
-  if (!locked.ok) {
-    _sendAuthFailure(res, { status: 429, ...locked });
-    return false;
-  }
-
   const auth = _authContextForRequest(req, url);
   req.ctmAuth = auth;
 
+  if (!auth.isLoopback) {
+    const locked = authRateLimiter.isIpLocked(remoteIp);
+    if (!locked.ok && !auth.authenticated) {
+      _sendAuthFailure(res, { status: 429, ...locked });
+      return false;
+    }
+    if (!locked.ok && auth.authenticated) authRateLimiter.recordAuthSuccess(remoteIp);
+  }
+
   const rule = getHttpAuthRule(req.method, url.pathname);
   if (!rule && auth.isLoopback) return true;
 
@@ -2559,6 +2568,19 @@ async function handleSetupNetwork(req, res, url) {
       return true;
     }
   }
+  if (url.pathname === '/api/setup/network/microsoft-dev-tunnel/logout' && req.method === 'POST') {
+    try {
+      const result = await logoutMicrosoftDevTunnelUser({ configDir: CONFIG_DIR, port: PORT });
+      const status = result.ok ? 200 : 400;
+      res.writeHead(status, { 'Content-Type': 'application/json' });
+      res.end(JSON.stringify(result));
+      return true;
+    } catch (e) {
+      res.writeHead(400, { 'Content-Type': 'application/json' });
+      res.end(JSON.stringify({ ok: false, error: e.message }));
+      return true;
+    }
+  }
   if (url.pathname === '/api/setup/network/microsoft-dev-tunnel/stop' && req.method === 'POST') {
     const result = await stopMicrosoftDevTunnel({ configDir: CONFIG_DIR, port: PORT });
     res.writeHead(200, { 'Content-Type': 'application/json' });
@@ -2812,6 +2834,45 @@ function _isLiveTerminalSession(session) {
   return !!(session && session.ptyProcess && session.status !== 'exited' && session.status !== 'closed');
 }
 
+function _isDefaultWalleChatSessionId(sessionId) {
+  const id = String(sessionId || '').trim().toLowerCase();
+  return id === 'default' || id === 'walle-default' || id === 'walle-default-chat';
+}
+
+async function _sendRemoteDefaultWalleChatMessage(text, body = {}) {
+  if (!String(text || '').trim()) return { ok: false, error: 'message_required' };
+  const attachments = Array.isArray(body.attachments) ? body.attachments : [];
+  const explicitModel = body.model_id || body.model || '';
+  const explicitProvider = body.model_provider || body.provider || '';
+  const upstream = await walleClient.requestJson('/api/wall-e/chat', {
+    method: 'POST',
+    body: {
+      message: text,
+      session_id: 'default',
+      channel: 'ctm',
+      attachments: attachments.length ? attachments : undefined,
+      model: explicitModel || undefined,
+      provider: explicitProvider || undefined,
+      modelPinned: body.modelPinned === true || body.model_pinned === true || !!explicitModel,
+      allowProviderFallback: explicitModel ? false : body.allowProviderFallback === true,
+    },
+  });
+  if (upstream.status >= 400) {
+    return {
+      ok: false,
+      error: upstream.json?.error || upstream.json?.message || `wall_e_chat_failed_${upstream.status}`,
+      status: upstream.status,
+      providerError: upstream.json?.providerError || null,
+    };
+  }
+  return {
+    ok: true,
+    delivered: true,
+    session_id: 'default',
+    reply: upstream.json?.data?.reply || '',
+  };
+}
+
 function _remoteTerminalAgentType(session) {
   if (!session || session.type === 'walle') return '';
   return normalizeAgentType(session.agentType || session._providerId || '') ||
@@ -3094,6 +3155,9 @@ async function handleRemoteApi(req, res, url) {
           },
           sendWalleMessage: async (sessionId, text, body = {}) => {
             const session = sessions.get(sessionId);
+            if (!session && _isDefaultWalleChatSessionId(sessionId)) {
+              return _sendRemoteDefaultWalleChatMessage(text, body);
+            }
             if (!session) return { ok: false, error: 'session_not_found' };
             if (session.type !== 'walle') return { ok: false, error: 'not_walle_session' };
             if (!text.trim()) return { ok: false, error: 'message_required' };
@@ -3117,7 +3181,7 @@ async function handleRemoteApi(req, res, url) {
           setWalleModel: async (sessionId, body = {}) => {
             const session = sessions.get(sessionId);
             if (!session) return { ok: false, error: 'session_not_found' };
-            if (session.type !== 'walle') return { ok: false, error: 'not_walle_session' };
+            if (!_isWalleModelConfigurableSession(session)) return { ok: false, error: 'not_walle_session' };
             const pref = _persistWalleSessionModelPreference(session, {
               model_id: body.model_id || body.model || '',
               model_provider: body.model_provider || body.provider || '',
@@ -3127,14 +3191,15 @@ async function handleRemoteApi(req, res, url) {
               source: 'phone',
               pinned: body.pinned !== false,
             });
+            const selection = _walleModelSelectionForActiveSession(session);
             return {
               ok: true,
               delivered: true,
-              model_id: session.model_id || null,
-              model_provider: session.model_provider || null,
-              model_registry_id: session.model_registry_id || '',
-              model_provider_id: session.model_provider_id || '',
-              model_pinned: !!session.model_pinned,
+              model_id: selection.model_id || null,
+              model_provider: selection.model_provider || null,
+              model_registry_id: selection.model_registry_id || '',
+              model_provider_id: selection.model_provider_id || '',
+              model_pinned: !!selection.model_pinned,
               cleared: !pref,
             };
           },
@@ -3192,6 +3257,7 @@ async function handleApi(req, res, url) {
     let walleProvider = process.env.WALLE_PROVIDER || 'anthropic';
     let walleModel = process.env.WALLE_MODEL || '';
     let serviceAlerts = [];
+    let serviceAlertSummary = null;
     try {
       const upstream = await walleClient.requestJson('/api/wall-e/status');
       const data = upstream.json?.data || {};
@@ -3200,6 +3266,7 @@ async function handleApi(req, res, url) {
       if (data.owner && !ownerName) ownerName = data.owner;
       if (typeof data.has_api_key === 'boolean') hasApiKey = hasApiKey || data.has_api_key;
       serviceAlerts = Array.isArray(data.service_alerts) ? data.service_alerts : [];
+      if (data.service_alert_summary && typeof data.service_alert_summary === 'object') serviceAlertSummary = data.service_alert_summary;
     } catch {}
     // Also check env-based provider keys
     if (!hasApiKey && walleProvider === 'openai' && process.env.OPENAI_API_KEY) hasApiKey = true;
@@ -3212,7 +3279,7 @@ async function handleApi(req, res, url) {
     const authMethod = providerState.authMethod || '';
     const codingViaCli = process.env.WALLE_CODING_USE_CLI === 'true';
     const deviceLabel = dbModule.getSetting('ui_setup_device_label', 'Owner iPhone');
-    res.end(JSON.stringify({ owner_name: ownerName, has_api_key: hasApiKey, slack_connected: slackConnected, slack_team: slackTeam, needs_setup: !hasApiKey && setup.needsSetup(), version, ctm_data_dir: ctmDataDir, walle_data_dir: walleDataDir, hostname: HOSTNAME, walle_model: walleModel, walle_provider: walleProvider, auth_method: authMethod, coding_via_cli: codingViaCli, service_alerts: serviceAlerts, device_label: deviceLabel }));
+    res.end(JSON.stringify({ owner_name: ownerName, has_api_key: hasApiKey, slack_connected: slackConnected, slack_team: slackTeam, needs_setup: !hasApiKey && setup.needsSetup(), version, ctm_data_dir: ctmDataDir, walle_data_dir: walleDataDir, hostname: HOSTNAME, walle_model: walleModel, walle_provider: walleProvider, auth_method: authMethod, coding_via_cli: codingViaCli, service_alerts: serviceAlerts, service_alert_summary: serviceAlertSummary, device_label: deviceLabel }));
     return;
   }
   if (url.pathname === '/api/setup/test-key' && req.method === 'GET') {
@@ -6655,6 +6722,14 @@ function apiRecentSessions(req, res, url) {
         // slug-first verifyLineage and respects the grace window.
       });
       txn();
+      try {
+        const identityRepair = dbModule.repairCodexRolloutAgentIdentities?.();
+        if (identityRepair && identityRepair.repaired > 0) {
+          console.log(`[session-index] repaired ${identityRepair.repaired} Codex rollout agent identity row(s)`);
+        }
+      } catch (e) {
+        console.error('[session-index] Codex identity repair error:', e.message);
+      }
       try {
         const repaired = dbModule.repairCodexSessionMetadataFromConversations?.();
         if (repaired && repaired.repaired > 0) {
@@ -9549,6 +9624,22 @@ function _persistTelemetrySessionToken({ ctmSessionId, agentSessionId, existingA
  * Parse JSONL content and append messages to the provided array.
  * Handles user, assistant, and system messages with deduplication.
  */
+function _jsonlContentText(content) {
+  if (typeof content === 'string') return content;
+  if (!Array.isArray(content)) return '';
+  const parts = [];
+  let imageCount = 0;
+  for (const block of content) {
+    if (!block || typeof block !== 'object') continue;
+    if ((block.type === 'text' || block.type === 'input_text') && block.text) {
+      parts.push(block.text);
+    } else if (block.type === 'image' || block.type === 'input_image' || block.type === 'image_ref') {
+      parts.push(`[Image #${++imageCount}]`);
+    }
+  }
+  return parts.join('\n');
+}
+
 function _parseJsonlIntoMessages(content, messages, opts = {}) {
   if (content.includes('"type":"session_meta"') && content.includes('"originator":"codex-tui"')) {
     parseCodexJsonlIntoMessages(content, messages);
@@ -9572,8 +9663,7 @@ function _parseJsonlIntoMessages(content, messages, opts = {}) {
       const entry = JSON.parse(line);
       if (entry.type === 'user' && entry.message?.role === 'user') {
         const c = entry.message.content;
-        let text = typeof c === 'string' ? c
-          : Array.isArray(c) ? c.filter(b => b.type === 'text').map(b => b.text).join('\n') : '';
+        let text = _jsonlContentText(c);
         if (!text) continue;
         // Detect system/tool messages masquerading as user messages
         const isToolResult = Array.isArray(c) && c.some(b => b.type === 'tool_result');
@@ -11663,11 +11753,6 @@ wss.on('connection', (ws, req) => {
     socket: { remoteAddress: _remoteIpFromReq(req) },
     headers: { 'user-agent': req.headers?.['user-agent'] || '' },
   };
-  const locked = authRateLimiter.isIpLocked(reqSnapshot.socket.remoteAddress);
-  if (!locked.ok) {
-    ws.close(4008, locked.code || 'Rate limited');
-    return;
-  }
   const cfDecision = cloudflareAccessVerifier.verifyRequestSync(req, { isLocalhost });
   if (!cfDecision.ok) {
     _auditAuthDecision({
@@ -11682,6 +11767,14 @@ wss.on('connection', (ws, req) => {
     return;
   }
   const auth = _authContextForRequest(req, url);
+  if (!auth.isLoopback) {
+    const locked = authRateLimiter.isIpLocked(reqSnapshot.socket.remoteAddress);
+    if (!locked.ok && !auth.authenticated) {
+      ws.close(4008, locked.code || 'Rate limited');
+      return;
+    }
+    if (!locked.ok && auth.authenticated) authRateLimiter.recordAuthSuccess(reqSnapshot.socket.remoteAddress);
+  }
 
   if (!auth.authenticated) {
     if (!auth.isLoopback) authRateLimiter.recordAuthFailure(reqSnapshot.socket.remoteAddress);
@@ -11721,7 +11814,7 @@ wss.on('connection', (ws, req) => {
   // browser echoes this in X-CTM-Client-Id when calling PUT /api/settings,
   // and we filter it out of broadcastUiPrefs to prevent self-echo.
   ws.clientId = crypto.randomUUID();
-  try { ws.send(JSON.stringify({ type: 'hello', clientId: ws.clientId })); } catch {}
+  try { ws.send(JSON.stringify({ type: 'hello', clientId: ws.clientId, appVersion: getAppVersionInfo() })); } catch {}
   ws.on('pong', () => { ws.isAlive = true; });
 
   ws.on('message', (raw) => {
@@ -13368,12 +13461,18 @@ function handleCreate(ws, msg) {
       model_provider = defaults.model_provider || null;
       model_pinned = false;
     }
-    const agentMode = msg.agentMode || msg.agent_mode || 'coding';
-    const agentKind = msg.agentKind || msg.agent_kind || (agentMode === 'coding' ? 'walle-coding' : 'walle-chat');
-    const taskType = msg.taskType || msg.task_type || (agentMode === 'coding' ? 'coding' : 'chat');
-    const chatSessionId = msg.chatSessionId || `walle-${id}`;
+    const requestedChatSessionId = msg.chatSessionId || `walle-${id}`;
+    let jsonlPath = _walleTranscriptPathForSession(id, requestedChatSessionId);
+    const restoredMeta = msg._isRestore ? walleTranscript.readSessionMeta(jsonlPath) : null;
+    const restoredMode = restoredMeta?.agentMode || restoredMeta?.agent_mode || '';
+    const restoredKind = restoredMeta?.agentKind || restoredMeta?.agent_kind || '';
+    const restoredTaskType = restoredMeta?.taskType || restoredMeta?.task_type || '';
+    const agentMode = msg.agentMode || msg.agent_mode || restoredMode || 'coding';
+    const agentKind = msg.agentKind || msg.agent_kind || restoredKind || (agentMode === 'coding' ? 'walle-coding' : 'walle-chat');
+    const taskType = msg.taskType || msg.task_type || restoredTaskType || (agentMode === 'coding' ? 'coding' : 'chat');
+    const chatSessionId = msg.chatSessionId || restoredMeta?.chatSessionId || `walle-${id}`;
     const initialMessage = String(msg.initialMessage || msg.initial_message || '').trim();
-    const jsonlPath = _walleTranscriptPathForSession(id, chatSessionId);
+    if (chatSessionId !== requestedChatSessionId) jsonlPath = _walleTranscriptPathForSession(id, chatSessionId);
     const createResult = walleTranscript.createSession(jsonlPath, {
       reset: !msg._isRestore,
       sessionId: id,
@@ -13442,6 +13541,11 @@ function handleCreate(ws, msg) {
         model_registry_id: session.model_registry_id || '',
         model_provider_id: session.model_provider_id || '',
         model_pinned: !!session.model_pinned,
+        agentMode: session.agentMode,
+        agentKind: session.agentKind,
+        taskType: session.taskType,
+        walle_chat_session: session.agentMode === 'chat' || session.taskType === 'chat',
+        walleChatSession: session.agentMode === 'chat' || session.taskType === 'chat',
       }));
     }
     broadcastSessionList(true);
@@ -15837,21 +15941,28 @@ function _safePathForCompare(p) {
 }
 
 function _findSessionWorktree(worktrees, session) {
-  const explicitPath = session.worktree_path || (_isAgentWorktreePath(session.cwd) ? session.cwd : '');
-  const sessionPath = _safePathForCompare(explicitPath || '');
+  const sessionPath = _safePathForCompare(session.worktree_path || session.cwd || '');
   const branch = session.branch || '';
-  const exact = sessionPath
-    ? worktrees.find(wt => _safePathForCompare(wt.path || '') === sessionPath)
-    : null;
-  if (exact) return exact;
-  if (!session.worktree_path || !branch) return null;
-  const branchMatches = worktrees.filter(wt => wt && !wt.isMain && wt.branch === branch);
+  const pathMatches = sessionPath
+    ? worktrees
+      .filter(wt => {
+        const wtPath = _safePathForCompare(wt?.path || '');
+        return wtPath && (sessionPath === wtPath || sessionPath.startsWith(wtPath + path.sep));
+      })
+      .sort((a, b) => String(b.path || '').length - String(a.path || '').length)
+    : [];
+  if (pathMatches.length > 0) return pathMatches[0];
+  if (!branch) return null;
+  const branchMatches = worktrees.filter(wt => wt && wt.branch === branch);
   return branchMatches.length === 1 ? branchMatches[0] : null;
 }
 
 function _worktreeFinishMessage(wt, branch) {
   const parts = [];
-  if ((wt.dirtyFiles || 0) > 0) parts.push(`${wt.dirtyFiles} dirty file(s)`);
+  const trackedDirty = wt.trackedDirtyFiles != null
+    ? Number(wt.trackedDirtyFiles || 0)
+    : Math.max(0, Number(wt.dirtyFiles || 0) - Number(wt.untrackedFiles || 0));
+  if (trackedDirty > 0) parts.push(`${trackedDirty} tracked dirty file(s)`);
   if ((wt.unmergedCommits || 0) > 0) parts.push(`${wt.unmergedCommits} unmerged commit(s)`);
   if ((wt.behind || 0) > 0) parts.push(`${wt.behind} behind main`);
   const detail = parts.length ? parts.join(', ') : (wt.summary || wt.state || 'unfinished work');
@@ -15872,9 +15983,12 @@ async function _maybeBroadcastWorktreeFinishGate(session, sessionId) {
     const wtBranch = wt.branch || branch;
     if (wtBranch === 'main' || wtBranch === 'master') return;
     const dirtyFiles = wt.dirtyFiles || 0;
+    const trackedDirtyFiles = wt.trackedDirtyFiles != null
+      ? Number(wt.trackedDirtyFiles || 0)
+      : Math.max(0, Number(wt.dirtyFiles || 0) - Number(wt.untrackedFiles || 0));
     const unmergedCommits = wt.unmergedCommits || 0;
     const actionableState = ['ahead', 'diverged', 'dirty', 'detached'].includes(wt.state);
-    if (dirtyFiles === 0 && unmergedCommits === 0 && !actionableState) return;
+    if (trackedDirtyFiles === 0 && unmergedCommits === 0 && !actionableState) return;
     broadcastToAll({
       type: 'worktree-finish-gate',
       sessionId,
@@ -15885,6 +15999,8 @@ async function _maybeBroadcastWorktreeFinishGate(session, sessionId) {
       ahead: wt.ahead || 0,
       behind: wt.behind || 0,
       dirtyFiles,
+      trackedDirtyFiles,
+      untrackedFiles: wt.untrackedFiles || 0,
       unmergedCommits,
       summary: wt.summary || '',
       recommendedAction: wt.recommendedAction || null,
@@ -15924,31 +16040,51 @@ let _sessionWorktreeStatusRefreshInFlight = false;
 
 function _sessionNeedsWorktreeStatus(session) {
   if (!session) return false;
-  const branch = session.branch || '';
-  if (branch === 'main' || branch === 'master') return false;
-  return !!(session.worktree_path || _isAgentWorktreePath(session.cwd));
+  return !!(session.worktree_path || session.cwd);
 }
 
 function _normalizeSessionWorktreeStatus(session, wt) {
   if (!session || !wt) return null;
   const branch = wt.branch || session.branch || '';
-  if (!branch || branch === 'main' || branch === 'master' || wt.isMain) return null;
+  if (!branch) return null;
+  const isMain = wt.isMain === true || branch === 'main' || branch === 'master';
+  const mainRemote = isMain && wt.mainRemote ? wt.mainRemote : null;
   const dirtyFiles = Number(wt.dirtyFiles || 0);
-  const unmergedCommits = Number(wt.unmergedCommits || 0);
-  const ahead = Number(wt.ahead || 0);
-  const behind = Number(wt.behind || 0);
-  return {
+  const trackedDirtyFiles = wt.trackedDirtyFiles != null
+    ? Number(wt.trackedDirtyFiles || 0)
+    : Math.max(0, dirtyFiles - Number(wt.untrackedFiles || 0));
+  const untrackedFiles = Number(wt.untrackedFiles || 0);
+  const unpushedCommits = isMain ? Number(mainRemote?.ahead || wt.unpushedCommits || 0) : 0;
+  const unmergedCommits = isMain ? 0 : Number(wt.unmergedCommits || 0);
+  const ahead = isMain ? unpushedCommits : Number(wt.ahead || 0);
+  const behind = isMain ? Number(mainRemote?.behind || wt.behind || 0) : Number(wt.behind || 0);
+  const status = {
     branch,
     worktreeName: wt.worktreeName || path.basename(wt.path || session.worktree_path || session.cwd || branch),
     worktreePath: wt.path || session.worktree_path || session.cwd || null,
+    isMain,
     state: wt.state || 'unknown',
     dirtyFiles,
+    trackedDirtyFiles,
+    untrackedFiles,
     unmergedCommits,
+    unpushedCommits,
     ahead,
     behind,
     summary: wt.summary || '',
-    needsAttention: dirtyFiles > 0 || unmergedCommits > 0,
+    needsAttention: trackedDirtyFiles > 0 || unmergedCommits > 0 || unpushedCommits > 0,
   };
+  if (mainRemote) {
+    status.mainRemote = {
+      remote: mainRemote.remote || '',
+      ahead: Number(mainRemote.ahead || 0),
+      behind: Number(mainRemote.behind || 0),
+      state: mainRemote.state || '',
+      summary: mainRemote.summary || '',
+    };
+    if (!status.summary && mainRemote.summary) status.summary = mainRemote.summary;
+  }
+  return status;
 }
 
 function _sessionWorktreeStatusSnapshot(map) {
@@ -15957,12 +16093,17 @@ function _sessionWorktreeStatusSnapshot(map) {
     .map(([id, wt]) => [
       id,
       wt.branch,
+      wt.isMain,
       wt.state,
       wt.dirtyFiles,
+      wt.trackedDirtyFiles,
+      wt.untrackedFiles,
       wt.unmergedCommits,
+      wt.unpushedCommits,
       wt.ahead,
       wt.behind,
       wt.summary,
+      wt.mainRemote?.state,
       wt.needsAttention,
     ]));
 }
@@ -16064,23 +16205,44 @@ function normalizeWalleClientModelSelection({ model, provider, session }) {
 
 function _applyWalleSessionModelPreference(session, pref) {
   if (!session || !pref || !pref.model_id) return false;
-  session.model_id = pref.model_id;
-  session.model_provider = pref.provider_type || session.model_provider || null;
-  session.model_registry_id = pref.registry_id || '';
-  session.model_provider_id = pref.provider_id || '';
-  session.model_pinned = pref.pinned !== false;
+  if (session.type === 'walle') {
+    session.model_id = pref.model_id;
+    session.model_provider = pref.provider_type || session.model_provider || null;
+    session.model_registry_id = pref.registry_id || '';
+    session.model_provider_id = pref.provider_id || '';
+    session.model_pinned = pref.pinned !== false;
+    return true;
+  }
+  session.walle_model_id = pref.model_id;
+  session.walle_model_provider = pref.provider_type || '';
+  session.walle_model_registry_id = pref.registry_id || '';
+  session.walle_model_provider_id = pref.provider_id || '';
+  session.walle_model_pinned = pref.pinned !== false;
   return true;
 }
 
+function _isWalleModelConfigurableSession(session) {
+  if (!session) return false;
+  if (session.type === 'walle') return true;
+  if (isWalleOwnedSession(session)) return true;
+  try {
+    const identity = session.id ? dbModule.getSessionIdentity?.(session.id) : null;
+    if (identity?.ctm?.provider === 'walle') return true;
+    if (identity?.primaryAgent?.provider === 'walle') return true;
+  } catch {}
+  return false;
+}
+
 function _walleModelPayload(session, extra = {}) {
+  const selection = _walleModelSelectionForActiveSession(session);
   return {
     type: 'walle-model',
     id: session.id,
-    model_id: session.model_id || null,
-    model_provider: session.model_provider || null,
-    model_registry_id: session.model_registry_id || '',
-    model_provider_id: session.model_provider_id || '',
-    model_pinned: !!session.model_pinned,
+    model_id: selection.model_id || null,
+    model_provider: selection.model_provider || null,
+    model_registry_id: selection.model_registry_id || '',
+    model_provider_id: selection.model_provider_id || '',
+    model_pinned: !!selection.model_pinned,
     ...extra,
   };
 }
@@ -16094,7 +16256,7 @@ function _broadcastWalleModel(session, extra = {}) {
 }
 
 function _hydrateWalleSessionModelPreference(session, { broadcast = false } = {}) {
-  if (!session || session.type !== 'walle') return null;
+  if (!_isWalleModelConfigurableSession(session)) return null;
   let pref = null;
   try {
     pref = dbModule.getSessionModelPreference?.(session.id) || null;
@@ -16108,17 +16270,26 @@ function _hydrateWalleSessionModelPreference(session, { broadcast = false } = {}
 }
 
 function _persistWalleSessionModelPreference(session, msg = {}) {
-  if (!session || session.type !== 'walle') return null;
+  if (!_isWalleModelConfigurableSession(session)) return null;
+  const nativeWalleSession = session.type === 'walle';
   const rawModel = msg.model_id || msg.model || '';
   const rawProvider = msg.model_provider || msg.provider || '';
   if (!rawModel) {
     try { dbModule.clearSessionModelPreference?.(session.id); } catch (e) { console.error('[walle-session] model preference clear error:', e.message); }
-    session.model_id = null;
-    session.model_provider = null;
-    session.model_registry_id = '';
-    session.model_provider_id = '';
-    session.model_pinned = false;
-    try { dbModule.addStartupTask(session.id, session.label, '', [], session.cwd, null, 'walle', session.chatSessionId); } catch (e) { console.error('[ctm] addStartupTask (walle model clear) error:', e.message); }
+    if (nativeWalleSession) {
+      session.model_id = null;
+      session.model_provider = null;
+      session.model_registry_id = '';
+      session.model_provider_id = '';
+      session.model_pinned = false;
+      try { dbModule.addStartupTask(session.id, session.label, '', [], session.cwd, null, 'walle', session.chatSessionId); } catch (e) { console.error('[ctm] addStartupTask (walle model clear) error:', e.message); }
+    } else {
+      session.walle_model_id = null;
+      session.walle_model_provider = null;
+      session.walle_model_registry_id = '';
+      session.walle_model_provider_id = '';
+      session.walle_model_pinned = false;
+    }
     _broadcastWalleModel(session, { model_source: 'session-preference-cleared' });
     broadcastSessionList(true);
     return null;
@@ -16168,30 +16339,32 @@ function _persistWalleSessionModelPreference(session, msg = {}) {
   }
 
   _applyWalleSessionModelPreference(session, pref);
-  try {
-    dbModule.addStartupTask(session.id, session.label, '', [], session.cwd, session.model_id, 'walle', session.chatSessionId);
-  } catch (e) {
-    console.error('[ctm] addStartupTask (walle model preference) error:', e.message);
-  }
-  try {
-    dbModule.upsertSession(session.id, {
-      agentSessionId: session.chatSessionId,
-      provider: 'walle',
-      cwd: session.cwd || '',
-      projectPath: session.cwd || '',
-      title: session.label || '',
-      jsonlPath: session.jsonlPath || '',
-      model: session.model_id || '',
-      hostname: HOSTNAME,
-    });
-  } catch (e) {
-    console.error('[walle-session] model preference index update error:', e.message);
+  if (nativeWalleSession) {
+    try {
+      dbModule.addStartupTask(session.id, session.label, '', [], session.cwd, session.model_id, 'walle', session.chatSessionId);
+    } catch (e) {
+      console.error('[ctm] addStartupTask (walle model preference) error:', e.message);
+    }
+    try {
+      dbModule.upsertSession(session.id, {
+        agentSessionId: session.chatSessionId,
+        provider: 'walle',
+        cwd: session.cwd || '',
+        projectPath: session.cwd || '',
+        title: session.label || '',
+        jsonlPath: session.jsonlPath || '',
+        model: session.model_id || '',
+        hostname: HOSTNAME,
+      });
+    } catch (e) {
+      console.error('[walle-session] model preference index update error:', e.message);
+    }
   }
   try {
     telemetry.track('walle_session_model_changed', {
       session_id: String(session.id || '').slice(0, 8),
-      provider_type: session.model_provider || '',
-      model_id: session.model_id || '',
+      provider_type: nativeWalleSession ? (session.model_provider || '') : (session.walle_model_provider || ''),
+      model_id: nativeWalleSession ? (session.model_id || '') : (session.walle_model_id || ''),
       source: msg.source || 'user',
     });
   } catch {}
@@ -16716,15 +16889,36 @@ function _sessionActivityIso(value, now = Date.now(), session = null, field = 'a
 
 function _walleModelSelectionForActiveSession(session) {
   const defaults = resolveWalleDefaultModelSelection({ brain: getWalleBrain(), env: process.env });
+  let pref = null;
+  try {
+    pref = session?.id ? dbModule.getSessionModelPreference?.(session.id) || null : null;
+  } catch (e) {
+    console.error('[walle-session] model preference read error:', e.message);
+  }
+  if (pref?.model_id) {
+    return {
+      model_id: pref.model_id || '',
+      model_provider: pref.provider_type || '',
+      model_registry_id: pref.registry_id || '',
+      model_provider_id: pref.provider_id || '',
+      model_pinned: pref.pinned !== false,
+    };
+  }
   if (session?.type === 'walle') {
     return {
       model_id: session.model_id || defaults.model_id || '',
       model_provider: session.model_provider || defaults.model_provider || '',
+      model_registry_id: session.model_registry_id || '',
+      model_provider_id: session.model_provider_id || '',
+      model_pinned: !!session.model_pinned,
     };
   }
   return {
-    model_id: defaults.model_id || session?.model_id || '',
-    model_provider: defaults.model_provider || session?.model_provider || '',
+    model_id: session?.walle_model_id || defaults.model_id || session?.model_id || '',
+    model_provider: session?.walle_model_provider || defaults.model_provider || session?.model_provider || '',
+    model_registry_id: session?.walle_model_registry_id || '',
+    model_provider_id: session?.walle_model_provider_id || '',
+    model_pinned: !!session?.walle_model_pinned,
   };
 }
 
@@ -16757,9 +16951,29 @@ function _sessionPayload(s) {
     worktreeStatus,
   });
   const walleModel = walleOwned ? _walleModelSelectionForActiveSession(s) : null;
+  const nativeWalleSession = s.type === 'walle';
+  const walleMode = String(s.agentMode || '').trim().toLowerCase();
+  const walleKind = String(s.agentKind || '').trim().toLowerCase();
+  const walleTaskType = String(s.taskType || '').trim().toLowerCase();
+  const walleChatSession = nativeWalleSession && (
+    walleMode === 'chat'
+    || walleTaskType === 'chat'
+    || /wall-?e-chat|walle-chat/.test(walleKind)
+  );
   return {
     id: s.id,
     type: s.type || 'pty',
+    session_type: s.type || 'pty',
+    runtime_type: s.type || 'pty',
+    walle_owned: !!walleOwned,
+    walleOwned: !!walleOwned,
+    native_walle_session: nativeWalleSession,
+    nativeWalleSession,
+    walle_chat_session: walleChatSession,
+    walleChatSession,
+    agentMode: s.agentMode || null,
+    agentKind: s.agentKind || (walleOwned && !nativeWalleSession ? 'walle-coding' : null),
+    taskType: s.taskType || (walleOwned && !nativeWalleSession ? 'coding' : null),
     label: s.label,
     cmd: s.cmd,
     cwd: s.cwd,
@@ -16777,9 +16991,9 @@ function _sessionPayload(s) {
     fileSize: fileInfo.fileSize || 0,
     model_id: walleModel?.model_id || s.model_id,
     model_provider: walleModel?.model_provider || s.model_provider,
-    model_registry_id: s.model_registry_id || '',
-    model_provider_id: s.model_provider_id || '',
-    model_pinned: !!s.model_pinned,
+    model_registry_id: walleModel?.model_registry_id || s.model_registry_id || '',
+    model_provider_id: walleModel?.model_provider_id || s.model_provider_id || '',
+    model_pinned: walleModel?.model_pinned != null ? !!walleModel.model_pinned : !!s.model_pinned,
     walle_model_id: walleModel?.model_id || null,
     walle_model_provider: walleModel?.model_provider || null,
     runtime_model_id: walleOwned ? (s.model_id || null) : null,
@@ -17660,6 +17874,10 @@ function apiSyncWorktree(req, res) {
           res.writeHead(409, WORKTREE_JSON_HEADERS);
           return res.end(JSON.stringify(result));
         }
+        if (result.blocked) {
+          res.writeHead(409, WORKTREE_JSON_HEADERS);
+          return res.end(JSON.stringify(result));
+        }
         res.writeHead(result.merged ? 200 : 500, WORKTREE_JSON_HEADERS);
         res.end(JSON.stringify(result));
       }).catch(e => {
@@ -17829,18 +18047,31 @@ function apiCreatePR(req, res) {
 function apiRestartCtm(req, res) {
   const reqUrl = new URL(req.url, 'http://localhost');
   const force = reqUrl.searchParams.get('force') === 'true';
-  const activeCount = sessions.size;
-  if (activeCount > 0 && !force) {
+  const now = Date.now();
+  const guard = summarizeRestartGuard(sessions.values(), {
+    statusForSession: (session) => _standupLiveStatusForSession(session, now),
+    isWaitingForInput: (session) => _isServerWaitingForInput(session.id, session, now),
+  });
+  if (guard.blockingCount > 0 && !force) {
+    const noun = guard.blockingCount === 1 ? 'session' : 'sessions';
     res.writeHead(409, { 'Content-Type': 'application/json' });
     return res.end(JSON.stringify({
       ok: false,
-      error: `Blocked: ${activeCount} active session(s) would be killed. Use ?force=true to override, or use the dev instance (bash bin/dev.sh) for testing.`,
-      active_sessions: activeCount
+      error: `Blocked: ${guard.blockingCount} running/waiting ${noun} would be interrupted. Use ?force=true to override, or wait for the blocking work to settle.`,
+      active_sessions: guard.blockingCount,
+      blocking_sessions: guard.blockers.slice(0, 10),
+      restorable_sessions: guard.restorableCount,
+      total_sessions: guard.totalCount,
     }));
   }
 
   res.writeHead(200, { 'Content-Type': 'application/json' });
-  res.end(JSON.stringify({ ok: true, message: 'CTM server restarting...' }));
+  res.end(JSON.stringify({
+    ok: true,
+    message: 'CTM server restarting...',
+    restorable_sessions: guard.restorableCount,
+    total_sessions: guard.totalCount,
+  }));
 
   // No bash watcher — launchd KeepAlive handles restart on non-zero exit.
   // (Detached bash kill-0 loops trigger Cortex XDR behavioral threat detection.)
@@ -18174,10 +18405,49 @@ function getCurrentVersion() {
   return readPackageVersion(path.join(__dirname, '..', 'package.json'));
 }
 
+function getAppBuildIdentity() {
+  const root = path.join(__dirname, '..');
+  const files = [
+    'package.json',
+    'claude-task-manager/package.json',
+    'claude-task-manager/server.js',
+    'claude-task-manager/public/index.html',
+    'claude-task-manager/public/m/index.html',
+    'claude-task-manager/public/m/app.css',
+    'claude-task-manager/public/m/app.js',
+    'claude-task-manager/public/m/sw.js',
+    'wall-e/package.json',
+    'create-walle/package.json',
+  ];
+  const hash = crypto.createHash('sha256');
+  const fileState = [];
+  for (const rel of files) {
+    const full = path.join(root, rel);
+    try {
+      const stat = fs.statSync(full);
+      const entry = `${rel}:${stat.size}:${Math.floor(stat.mtimeMs)}`;
+      fileState.push(entry);
+      hash.update(entry);
+      hash.update('\n');
+    } catch {
+      const entry = `${rel}:missing`;
+      fileState.push(entry);
+      hash.update(entry);
+      hash.update('\n');
+    }
+  }
+  return {
+    buildId: hash.digest('hex').slice(0, 16),
+    files: fileState,
+  };
+}
+
 function getAppVersionInfo() {
+  const build = getAppBuildIdentity();
   return {
     version: getCurrentVersion(),
     product: 'create-walle',
+    buildId: build.buildId,
     components: {
       ctm: readPackageVersion(path.join(__dirname, 'package.json')),
       wallE: readPackageVersion(path.join(__dirname, '..', 'wall-e', 'package.json')),