hammoc 1.2.3 → 1.4.0

package/packages/server/dist/handlers/websocket.js

@@ -21,11 +21,13 @@ import { notificationService, formatAskQuestionPrompt } from '../services/notifi
 import { preferencesService } from '../services/preferencesService.js';
 import { getOrCreateQueueService, getQueueInstances } from '../controllers/queueController.js';
 import { createLogger } from '../utils/logger.js';
+import { clampEffortForModel, supportsAdaptiveThinking } from '../utils/effortUtils.js';
 import { buildStreamCallbacks } from './streamCallbacks.js';
 import { rateLimitProbeService } from '../services/rateLimitProbeService.js';
 import { ptyService } from '../services/ptyService.js';
 import { projectService } from '../services/projectService.js';
 import { dashboardService } from '../services/dashboardService.js';
+import { fileWatcherService } from '../services/fileWatcherService.js';
 import { summarize } from '../services/summarizeService.js';
 import { parseJSONLFile, transformToHistoryMessages } from '../services/historyParser.js';
 import { buildRawMessageTree, getActiveRawBranch, getDefaultRawBranchSelections, findBranchSelectionsForUuid } from '../utils/messageTree.js';
@@ -101,6 +103,30 @@ const chainResumableSessions = new Set();
 let chainItemCounter = 0;
 const CHAIN_MAX_RETRIES = 3;
 const UUID_RE = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
+// Debug hook: synthetic failure injection for chain drain (G-02-02 retry test).
+// Only consumed when ENABLE_TEST_ENDPOINTS=true; the POST /api/debug route
+// validates the flag before writing to this map.
+const chainDrainFailureInjection = new Map();
+export function setChainDrainFailureInjection(sessionId, count) {
+    if (count <= 0) {
+        chainDrainFailureInjection.delete(sessionId);
+    }
+    else {
+        chainDrainFailureInjection.set(sessionId, count);
+    }
+}
+function consumeChainDrainFailureInjection(sessionId) {
+    const remaining = chainDrainFailureInjection.get(sessionId) ?? 0;
+    if (remaining <= 0)
+        return false;
+    if (remaining === 1) {
+        chainDrainFailureInjection.delete(sessionId);
+    }
+    else {
+        chainDrainFailureInjection.set(sessionId, remaining - 1);
+    }
+    return true;
+}
 // Story 25.9: Per-socket summarizing state — requestId prevents race between cancel + new request
 const socketSummarizing = new Map();
 /** Generate a unique chain item ID */
@@ -232,6 +258,11 @@ function scheduleChainDrain(sessionId, lang) {
         const abortController = new AbortController();
         let stream;
         try {
+            // Debug: synthetic failure injection for retry tests (G-02-02).
+            // Throws before creating the stream so the retry path is exercised cleanly.
+            if (consumeChainDrainFailureInjection(sessionId)) {
+                throw new Error('Injected chain drain failure (debug)');
+            }
             // Create headless stream inside try — if this throws, sending status is recovered below
             const headless = createHeadlessStream(sessionId, abortController);
             stream = headless.stream;
@@ -416,9 +447,17 @@ export function getJoinedSessionIdsByProject(projectSlug) {
 async function completeBufferAndBroadcast(sessionId, projectSlug, stream) {
     const aborted = stream?.abortController.signal.aborted ?? false;
     const usage = stream?.deferredUsage;
+    // Guard: if a new stream has taken over during async polling, skip emit
+    // to prevent overwriting the newer stream's client state with stale data.
+    const isStreamReplaced = () => stream && activeStreams.has(sessionId) && activeStreams.get(sessionId) !== stream;
     if (projectSlug) {
         try {
             const messages = await pollFileStabilityThenReload(sessionId, projectSlug);
+            if (isStreamReplaced()) {
+                log.info(`completeBufferAndBroadcast: stream replaced during JSONL polling, skipping emit for ${sessionId}`);
+                sessionBufferManager.setStreaming(sessionId, false);
+                return;
+            }
             sessionBufferManager.setStreaming(sessionId, false);
             io.to(`session:${sessionId}`).emit('stream:complete-messages', {
                 sessionId, messages, usage, ...(aborted && { aborted: true }),
@@ -426,6 +465,11 @@ async function completeBufferAndBroadcast(sessionId, projectSlug, stream) {
         }
         catch (err) {
             log.error(`completeBufferAndBroadcast: failed for ${sessionId}:`, err);
+            if (isStreamReplaced()) {
+                log.info(`completeBufferAndBroadcast: stream replaced (error path), skipping emit for ${sessionId}`);
+                sessionBufferManager.setStreaming(sessionId, false);
+                return;
+            }
             sessionBufferManager.setStreaming(sessionId, false);
             const fallback = sessionBufferManager.get(sessionId)?.messages ?? [];
             io.to(`session:${sessionId}`).emit('stream:complete-messages', {
@@ -501,7 +545,7 @@ function cleanupStream(streamKey, expectedStream) {
 }
 /** Normalize legacy 'never' sync policy to 'streaming' */
 function normalizeSyncPolicy(policy) {
-    return policy === 'always' ? 'always' : 'streaming';
+    return policy === 'streaming' ? 'streaming' : 'always';
 }
 /**
  * Persist the stream's final permission mode to .hammoc/session-permissions.json.
@@ -688,6 +732,29 @@ export async function initializeWebSocket(httpServer) {
         cors: config.cors,
         maxHttpBufferSize: 100 * 1024 * 1024, // 100MB for base64 image payloads
     });
+    // Mirror project-room membership into fileWatcherService so every code path
+    // that calls socket.join/leave with a `project:<slug>` room transparently
+    // starts or stops the chokidar watcher for that project. socket.io emits
+    // join-room/leave-room exactly once per (socket, room) transition, so the
+    // service's ref count aligns with the number of sockets currently in the room.
+    const projectRoomAdapter = io.of('/').adapter;
+    projectRoomAdapter.on('join-room', (room, _id) => {
+        if (!room.startsWith('project:'))
+            return;
+        const slug = room.slice('project:'.length);
+        projectService
+            .resolveOriginalPath(slug)
+            .then((projectRoot) => fileWatcherService.ensureWatcher(slug, projectRoot))
+            .catch(() => {
+            // Project not found — nothing to watch; silently skip.
+        });
+    });
+    projectRoomAdapter.on('leave-room', (room, _id) => {
+        if (!room.startsWith('project:'))
+            return;
+        const slug = room.slice('project:'.length);
+        fileWatcherService.releaseWatcher(slug);
+    });
     // Session middleware for WebSocket (Story 2.5 - Task 4)
     const sessionMiddleware = await createSessionMiddleware();
     // Parse session from cookie for Socket.io connections
@@ -752,6 +819,28 @@ export async function initializeWebSocket(httpServer) {
                 });
             }
         })();
+        // Allow clients to re-request terminal access info (e.g., after late listener registration)
+        socket.on('terminal:access:request', () => {
+            try {
+                const lang = socket.data.language || 'en';
+                const t = i18next.getFixedT(lang);
+                const clientIP = extractClientIP(socket);
+                const isLocal = isLocalIP(clientIP);
+                const terminalEnabled = preferencesService.getTerminalEnabled();
+                socket.emit('terminal:access', {
+                    allowed: terminalEnabled && isLocal,
+                    enabled: terminalEnabled,
+                    reason: !terminalEnabled
+                        ? t('ws.error.terminalDisabled')
+                        : !isLocal
+                            ? t('ws.error.terminalAccessDenied')
+                            : undefined,
+                });
+            }
+            catch {
+                socket.emit('terminal:access', { allowed: false, enabled: false });
+            }
+        });
         // Start rate limit polling on first client connection
         if (connectedClients === 1) {
             rateLimitProbeService.startPolling((data) => { io.emit('rateLimit:update', data); }, (data) => { io.emit('apiHealth:update', data); });
@@ -859,33 +948,41 @@ export async function initializeWebSocket(httpServer) {
                     // from disk and broadcast confirmed messages to all session viewers.
                     const sendEndSlug = sessionProjectMap.get(endedSessionId) ?? null;
                     await completeBufferAndBroadcast(endedSessionId, sendEndSlug, stream);
-                    cleanupStream(endedSessionId);
-                    emitStreamChange(endedSessionId, false, sendEndSlug);
-                    // Persist per-session permission mode before cleanup
-                    const sendFinalMode = stream.chatService?.getPermissionMode();
-                    if (sendFinalMode)
-                        await persistSessionPermissionMode(endedSessionId, sendFinalMode);
-                    // Story 20.1: Trigger dashboard status change on stream end
-                    const endProjectSlug = sessionProjectMap.get(endedSessionId);
-                    if (endProjectSlug) {
-                        // Update sessions-index.json so future list queries hit cache
-                        new SessionService().updateSessionIndex(endProjectSlug, endedSessionId).catch((err) => {
-                            log.warn(`Failed to update session index: project=${endProjectSlug} session=${endedSessionId}`, err);
-                        });
-                        triggerDashboardStatusChange(endProjectSlug);
-                        sessionProjectMap.delete(endedSessionId);
-                    }
-                    // Story 24.1: Schedule chain drain if pending items exist (browser-independent)
-                    const pendingChain = chainState.get(endedSessionId);
-                    const pendingCount = pendingChain?.filter(item => item.status === 'pending').length ?? 0;
-                    log.info(`[CHAIN-DRAIN] chat:send finally: chainItems=${pendingChain?.length ?? 0}, pendingCount=${pendingCount}, statuses=${JSON.stringify(pendingChain?.map(i => ({ id: i.id.slice(0, 8), status: i.status })) ?? [])}`);
-                    if (pendingChain && pendingChain.some(item => item.status === 'pending')) {
-                        scheduleChainDrain(endedSessionId, lang);
+                    // Re-check after async operation — a new chat:send may have replaced
+                    // this stream during JSONL polling, taking over activeStreams/socketToSession.
+                    // Cleaning up or emitting inactive would corrupt the replacement stream.
+                    if (activeStreams.get(endedSessionId) !== stream && activeStreams.has(endedSessionId)) {
+                        log.info(`chat:send finally: stream replaced after completeBufferAndBroadcast for ${endedSessionId}, skipping cleanup`);
                     }
                     else {
-                        log.info(`[CHAIN-DRAIN] chat:send finally: no pending chain items, calling cleanupChainIfIdle for ${endedSessionId}`);
-                        cleanupChainIfIdle(endedSessionId);
-                    }
+                        cleanupStream(endedSessionId, stream);
+                        emitStreamChange(endedSessionId, false, sendEndSlug);
+                        // Persist per-session permission mode before cleanup
+                        const sendFinalMode = stream.chatService?.getPermissionMode();
+                        if (sendFinalMode)
+                            await persistSessionPermissionMode(endedSessionId, sendFinalMode);
+                        // Story 20.1: Trigger dashboard status change on stream end
+                        const endProjectSlug = sessionProjectMap.get(endedSessionId);
+                        if (endProjectSlug) {
+                            // Update sessions-index.json so future list queries hit cache
+                            new SessionService().updateSessionIndex(endProjectSlug, endedSessionId).catch((err) => {
+                                log.warn(`Failed to update session index: project=${endProjectSlug} session=${endedSessionId}`, err);
+                            });
+                            triggerDashboardStatusChange(endProjectSlug);
+                            sessionProjectMap.delete(endedSessionId);
+                        }
+                        // Story 24.1: Schedule chain drain if pending items exist (browser-independent)
+                        const pendingChain = chainState.get(endedSessionId);
+                        const pendingCount = pendingChain?.filter(item => item.status === 'pending').length ?? 0;
+                        log.info(`[CHAIN-DRAIN] chat:send finally: chainItems=${pendingChain?.length ?? 0}, pendingCount=${pendingCount}, statuses=${JSON.stringify(pendingChain?.map(i => ({ id: i.id.slice(0, 8), status: i.status })) ?? [])}`);
+                        if (pendingChain && pendingChain.some(item => item.status === 'pending')) {
+                            scheduleChainDrain(endedSessionId, lang);
+                        }
+                        else {
+                            log.info(`[CHAIN-DRAIN] chat:send finally: no pending chain items, calling cleanupChainIfIdle for ${endedSessionId}`);
+                            cleanupChainIfIdle(endedSessionId);
+                        }
+                    } // end re-check else (stream not replaced after await)
                 }
                 else {
                     log.warn(`[CHAIN-DRAIN] chat:send finally: stream is NOT current active stream (replaced?): endedSessionId=${endedSessionId}`);
@@ -989,7 +1086,7 @@ export async function initializeWebSocket(httpServer) {
             // Use projectSlug from client as fallback when sessionProjectMap entry is gone (stream ended)
             await persistSessionPermissionMode(sessionId, mode, projectSlug);
             // 3) Broadcast to other viewers based on sync policy
-            let syncPolicy = 'streaming';
+            let syncPolicy = 'always';
             try {
                 const prefs = await preferencesService.readPreferences();
                 syncPolicy = normalizeSyncPolicy(prefs.permissionSyncPolicy);
@@ -1005,6 +1102,12 @@ export async function initializeWebSocket(httpServer) {
         // Handle session:join event — attach socket to active running stream (broadcast)
         // Also joins a persistent Socket.io room so future streams auto-include this socket.
         socket.on('session:join', (sessionId, projectSlug) => {
+            // Dedup guard: if the same socket re-emits session:join for the same
+            // session it's already in, skip the history / buffer-replay emissions
+            // below. Room and stream.sockets membership are already correct, and
+            // redundant replays on every reconnect (see ea66988 client-side change)
+            // would cost extra bandwidth and trigger unnecessary client re-renders.
+            const alreadyJoinedSame = socketSessionRoom.get(socket.id) === sessionId;
             // Detach this socket from any previously-attached stream to prevent
             // events from the old stream leaking to a different session's listeners
             const prevSessionId = socketToSession.get(socket.id);
@@ -1022,7 +1125,8 @@ export async function initializeWebSocket(httpServer) {
             if (prevRoomSessionId && prevRoomSessionId !== sessionId && prevRoomSessionId !== prevSessionId) {
                 socket.leave(`session:${prevRoomSessionId}`);
             }
-            // Join persistent session room (survives beyond ActiveStream lifecycle)
+            // Join persistent session room (survives beyond ActiveStream lifecycle).
+            // socket.join() is idempotent — safe to call even if already joined.
             socket.join(`session:${sessionId}`);
             // Leave previous project room if switching projects (or if new join has no projectSlug)
             const prevProjectRoom = socketProjectRoom.get(socket.id);
@@ -1070,6 +1174,13 @@ export async function initializeWebSocket(httpServer) {
                 const freshItems = (chainState.get(sessionId) || []).map(toPublicChainItem);
                 socket.emit('chain:update', { sessionId, items: freshItems });
             }
+            // Dedup: a duplicate session:join from the already-present socket for
+            // the same session doesn't need history / buffer-replay — the socket
+            // already has them. Room membership and chain:update above are idempotent
+            // and cheap, so we let those run.
+            if (alreadyJoinedSame) {
+                return;
+            }
             if (!stream || stream.status !== 'running') {
                 // Story 27.1: Deliver buffer messages via stream:history (no HTTP fetch needed).
                 // Wrapped in a helper that re-checks activeStreams because the async
@@ -1159,7 +1270,7 @@ export async function initializeWebSocket(httpServer) {
             const permissionMode = stream.chatService?.getPermissionMode();
             // Story 27.1: Deliver buffer messages (history + streaming data accumulated so far)
             // so a new browser joining mid-stream sees the full context immediately.
-            let buf = sessionBufferManager.get(sessionId);
+            const buf = sessionBufferManager.get(sessionId);
             // Buffer may have been destroyed if all sockets left briefly — recover from JSONL
             if (!buf) {
                 const slug = sessionProjectMap.get(sessionId);
@@ -1361,6 +1472,39 @@ export async function initializeWebSocket(httpServer) {
                 log.error(`Failed to remove persisted failure ${id} for session ${sessionId}:`, err);
             });
         });
+        socket.on('chain:reorder', (data) => {
+            if (!data || typeof data !== 'object')
+                return;
+            const { sessionId, ids } = data;
+            if (!sessionId || typeof sessionId !== 'string' || !UUID_RE.test(sessionId))
+                return;
+            if (!Array.isArray(ids) || ids.length === 0)
+                return;
+            if (!ids.every(id => typeof id === 'string'))
+                return;
+            if (!socket.rooms.has(`session:${sessionId}`))
+                return;
+            const currentItems = chainState.get(sessionId);
+            if (!currentItems)
+                return;
+            // Only reorder pending items — sending/sent items are already processed.
+            const nonPending = currentItems.filter(item => item.status !== 'pending');
+            const pendingById = new Map(currentItems.filter(item => item.status === 'pending').map(item => [item.id, item]));
+            const reordered = [];
+            for (const id of ids) {
+                const item = pendingById.get(id);
+                if (item) {
+                    reordered.push(item);
+                    pendingById.delete(id);
+                }
+            }
+            // Append any pending items not present in ids (safety: preserve unknowns)
+            for (const item of pendingById.values()) {
+                reordered.push(item);
+            }
+            chainState.set(sessionId, [...nonPending, ...reordered]);
+            broadcastChainUpdate(sessionId);
+        });
         socket.on('chain:clear', (data) => {
             if (!data || typeof data !== 'object')
                 return;
@@ -1415,7 +1559,7 @@ export async function initializeWebSocket(httpServer) {
             log.info(`session:rewind-files sessionId=${sessionId}, messageUuid=${messageUuid}, dryRun=${!!dryRun}`);
             try {
                 const sessionService = new SessionService();
-                const projectSlug = sessionService.encodeProjectPath(workingDirectory);
+                const _projectSlug = sessionService.encodeProjectPath(workingDirectory);
                 const rewindQuery = sdkQuery({
                     prompt: '',
                     options: {
@@ -1448,8 +1592,16 @@ export async function initializeWebSocket(httpServer) {
                     }
                 }
                 finally {
+                    // Mark session as dirty BEFORE close — SDK query({ prompt: '' })
+                    // writes an empty user message to the JSONL which causes
+                    // cache_control 400 errors. chatService will clean the JSONL
+                    // before the next resume.
+                    sessionService.markRewindDirty(workingDirectory, sessionId);
                     // Clean up the query object
-                    rewindQuery.close();
+                    try {
+                        rewindQuery.close();
+                    }
+                    catch { /* best-effort */ }
                 }
             }
             catch (err) {
@@ -1697,7 +1849,13 @@ export async function initializeWebSocket(httpServer) {
             const qs = getOrCreateQueueService(data.projectSlug);
             const result = parseQueueScript(data.rawLine);
             if (result.items.length > 0) {
-                qs.addItem(result.items[0]);
+                const added = qs.addItem(result.items[0]);
+                if (!added && result.items[0].loop) {
+                    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+                    socket.emit('queue:addItemRejected', {
+                        reason: 'Block directives (@loop/@end) cannot be added via addItem',
+                    });
+                }
             }
         });
         socket.on('queue:reorderItems', (data) => {
@@ -2082,7 +2240,7 @@ async function handleChatSend(stream, data, abortController, lang) {
     // Root-level edit branching is not supported — the SDK's --resume-session-at
     // only accepts assistant message UUIDs, and there is no assistant before the
     // first user message. The client should not send ROOT_BRANCH_KEY; reject if received.
-    let resumeSessionAt = rawResumeSessionAt;
+    const resumeSessionAt = rawResumeSessionAt;
     if (resumeSessionAt === ROOT_BRANCH_KEY) {
         emit('error', {
             code: ERROR_CODES.VALIDATION_ERROR,
@@ -2147,10 +2305,17 @@ async function handleChatSend(stream, data, abortController, lang) {
         stream.chatService = chatService;
         // Load preferences early for advanced settings + timeout
         const effectivePrefs = await preferencesService.getEffectivePreferences();
-        // Clamp 'max' effort to 'high' for non-Opus 4.6 models
-        const resolvedEffort = effort ?? effectivePrefs.defaultEffort;
-        const isOpus46 = model && (model === 'claude-opus-4-6' || model === 'opus' || model.includes('opus-4-6'));
-        const effectiveEffort = resolvedEffort === 'max' && !isOpus46 ? 'high' : resolvedEffort;
+        const effectiveEffort = clampEffortForModel(effort ?? effectivePrefs.defaultEffort, model);
+        // Opus 4.7 flipped `thinking.display` default to 'omitted' — ThinkingBlock UI stays blank
+        // unless we explicitly opt in. For adaptive-thinking models, forward an explicit `thinking`
+        // config based on the user's showThinkingBlocks preference (Hammoc default: true).
+        // Legacy models (Sonnet 4.5, Opus 4.5, Haiku, Sonnet 4) keep the `maxThinkingTokens` path
+        // since they don't accept `thinking.type: 'adaptive'`.
+        const adaptiveCapable = supportsAdaptiveThinking(model);
+        const showThinkingBlocks = effectivePrefs.showThinkingBlocks ?? true;
+        const thinkingConfig = adaptiveCapable
+            ? { type: 'adaptive', display: (showThinkingBlocks ? 'summarized' : 'omitted') }
+            : undefined;
         const chatOptions = {
             ...(isResuming ? { resume: sessionId } : { sessionId }),
             abortController,
@@ -2158,7 +2323,11 @@ async function handleChatSend(stream, data, abortController, lang) {
             images,
             // Advanced settings from preferences
             customSystemPrompt: effectivePrefs.customSystemPrompt,
-            maxThinkingTokens: effectivePrefs.maxThinkingTokens,
+            // maxThinkingTokens: legacy path; SDK docs say it takes precedence for backward-compat,
+            // which conflicts with adaptive mode on Opus 4.7 (rejects enabled+budget). Skip on
+            // adaptive-capable models so the explicit `thinking` field governs.
+            ...(!adaptiveCapable && { maxThinkingTokens: effectivePrefs.maxThinkingTokens }),
+            ...(thinkingConfig && { thinking: thinkingConfig }),
             maxTurns: effectivePrefs.maxTurns,
             maxBudgetUsd: effectivePrefs.maxBudgetUsd,
             effort: effectiveEffort,
@@ -2245,9 +2414,9 @@ async function handleChatSend(stream, data, abortController, lang) {
         };
         // Activity-based timeout: resets on every SDK callback event
         // Prevents cancellation while SDK is actively working (e.g., large Write input streaming)
-        // Timeout value from preferences (with env var override), clamped to 30s–30min range
+        // Timeout value from preferences (with env var override), clamped to 5s–30min range
         const rawTimeoutMs = effectivePrefs.chatTimeoutMs ?? config.chat.timeoutMs;
-        const timeoutMs = (rawTimeoutMs >= 30000 && rawTimeoutMs <= 1800000) ? rawTimeoutMs : 300000;
+        const timeoutMs = (rawTimeoutMs >= 5000 && rawTimeoutMs <= 1800000) ? rawTimeoutMs : 300000;
         let lastResetSource = 'initial';
         const resetTimeout = (source) => {
             if (source)
@@ -2287,7 +2456,7 @@ async function handleChatSend(stream, data, abortController, lang) {
         };
         // Defer completion until JSONL is flushed — keeps client in streaming state.
         // Usage data is stored and included in stream:complete-messages.
-        const baseOnComplete = callbacks.onComplete;
+        const _baseOnComplete = callbacks.onComplete;
         callbacks.onComplete = (response) => {
             if (response.usage) {
                 stream.deferredUsage = response.usage;
@@ -2385,18 +2554,41 @@ async function handleChatSend(stream, data, abortController, lang) {
                 origOnComplete?.(gatedComplete);
         }
         catch (sendError) {
-            // Resume failed — retry once without resume so SDK creates a fresh session.
-            // Guards:
-            //  1. Only when resuming (not a fresh session send)
-            //  2. Skip if intentionally aborted (user-abort / another-client / timeout)
-            //  3. Skip if SDK already emitted output (onSessionInit fired) — retrying would duplicate side-effects
-            //  4. Skip for non-session errors (rate-limit / auth / network / service-unavailable)
             const parsedError = parseSDKError(sendError, lang);
-            const isNonSessionError = !!parsedError.code && parsedError.code !== SDKErrorCode.UNKNOWN;
+            // Context overflow during resume — auto-compact then retry the original message.
+            // /compact is a CLI-level command processed before context evaluation,
+            // so it works even when context is overflowing.
             if (isResumeAttempt
+                && parsedError.code === SDKErrorCode.CONTEXT_OVERFLOW
+                && !abortController.signal.aborted
+                && !hasEmittedOutput) {
+                log.info(`[AUTO-COMPACT] context overflow on resume, running /compact: sessionId=${sessionId}`);
+                emit('system:info', { message: 'Context limit reached — auto-compacting…' });
+                gatedResultError = null;
+                gatedComplete = null;
+                ungateCallbacks();
+                resetTimeout('auto-compact');
+                // Run /compact to shrink context (preserves session file)
+                await chatService.sendMessageWithCallbacks('/compact', callbacks, chatOptions, canUseTool, (messageType) => {
+                    resetTimeout(`compact:${messageType}`);
+                });
+                // Retry the original message after compaction
+                log.info(`[AUTO-COMPACT] compaction done, retrying original message: sessionId=${sessionId}`);
+                resetTimeout('auto-compact-retry');
+                await chatService.sendMessageWithCallbacks(content, callbacks, chatOptions, canUseTool, (messageType) => {
+                    resetTimeout(`retry:${messageType}`);
+                });
+                // Resume failed for other unknown reasons — retry without resume (fresh session).
+                // Guards:
+                //  1. Only when resuming (not a fresh session send)
+                //  2. Skip if intentionally aborted (user-abort / another-client / timeout)
+                //  3. Skip if SDK already emitted output (onSessionInit fired) — retrying would duplicate side-effects
+                //  4. Skip for non-session errors (rate-limit / auth / network / service-unavailable)
+            }
+            else if (isResumeAttempt
                 && !abortController.signal.aborted
                 && !hasEmittedOutput
-                && !isNonSessionError
+                && parsedError.code === SDKErrorCode.UNKNOWN
                 && !chatOptions.resumeSessionAt) {
                 log.info(`[RESUME-RETRY] resume failed, retrying without resume: sessionId=${sessionId}, error=${parsedError.message.slice(0, 120)}`);
                 // Discard gated events and restore original callbacks for the retry