npm - happy-coder - Versions diffs - 0.8.0 → 0.9.0-1 - Mend

happy-coder 0.8.0 → 0.9.0-1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.cjs CHANGED Viewed

@@ -20,18 +20,18 @@ require('node:events');
 require('socket.io-client');
 var tweetnacl = require('tweetnacl');
 require('expo-server-sdk');
-var mcp_js = require('@modelcontextprotocol/sdk/server/mcp.js');
-var node_http = require('node:http');
-var streamableHttp_js = require('@modelcontextprotocol/sdk/server/streamableHttp.js');
-var z = require('zod');
 var child_process = require('child_process');
 var util = require('util');
 var crypto = require('crypto');
+var z = require('zod');
 var fastify = require('fastify');
 var fastifyTypeProviderZod = require('fastify-type-provider-zod');
 var os$1 = require('os');
 var qrcode = require('qrcode-terminal');
 var open = require('open');
+var mcp_js = require('@modelcontextprotocol/sdk/server/mcp.js');
+var node_http = require('node:http');
+var streamableHttp_js = require('@modelcontextprotocol/sdk/server/streamableHttp.js');
 var fs = require('fs');
 var _documentCurrentScript = typeof document !== 'undefined' ? document.currentScript : null;
@@ -923,16 +923,19 @@ async function streamToStdin(stream, stdin, abort) {
 }
 class Query {
-  constructor(childStdin, childStdout, processExitPromise) {
+  constructor(childStdin, childStdout, processExitPromise, canCallTool) {
     this.childStdin = childStdin;
     this.childStdout = childStdout;
     this.processExitPromise = processExitPromise;
+    this.canCallTool = canCallTool;
     this.readMessages();
     this.sdkMessages = this.readSdkMessages();
   }
   pendingControlResponses = /* @__PURE__ */ new Map();
+  cancelControllers = /* @__PURE__ */ new Map();
   sdkMessages;
   inputStream = new Stream();
+  canCallTool;
   /**
    * Set an error on the stream
    */
@@ -977,6 +980,12 @@ class Query {
                 handler(controlResponse.response);
               }
               continue;
+            } else if (message.type === "control_request") {
+              await this.handleControlRequest(message);
+              continue;
+            } else if (message.type === "control_cancel_request") {
+              this.handleControlCancelRequest(message);
+              continue;
             }
             this.inputStream.enqueue(message);
           } catch (e) {
@@ -989,6 +998,7 @@ class Query {
       this.inputStream.error(error);
     } finally {
       this.inputStream.done();
+      this.cleanupControllers();
       rl.close();
     }
   }
@@ -1032,6 +1042,77 @@ class Query {
       childStdin.write(JSON.stringify(sdkRequest) + "\n");
     });
   }
+  /**
+   * Handle incoming control requests for tool permissions
+   * Replicates the exact logic from the SDK's handleControlRequest method
+   */
+  async handleControlRequest(request) {
+    if (!this.childStdin) {
+      logDebug("Cannot handle control request - no stdin available");
+      return;
+    }
+    const controller = new AbortController();
+    this.cancelControllers.set(request.request_id, controller);
+    try {
+      const response = await this.processControlRequest(request, controller.signal);
+      const controlResponse = {
+        type: "control_response",
+        response: {
+          subtype: "success",
+          request_id: request.request_id,
+          response
+        }
+      };
+      this.childStdin.write(JSON.stringify(controlResponse) + "\n");
+    } catch (error) {
+      const controlErrorResponse = {
+        type: "control_response",
+        response: {
+          subtype: "error",
+          request_id: request.request_id,
+          error: error instanceof Error ? error.message : String(error)
+        }
+      };
+      this.childStdin.write(JSON.stringify(controlErrorResponse) + "\n");
+    } finally {
+      this.cancelControllers.delete(request.request_id);
+    }
+  }
+  /**
+   * Handle control cancel requests
+   * Replicates the exact logic from the SDK's handleControlCancelRequest method
+   */
+  handleControlCancelRequest(request) {
+    const controller = this.cancelControllers.get(request.request_id);
+    if (controller) {
+      controller.abort();
+      this.cancelControllers.delete(request.request_id);
+    }
+  }
+  /**
+   * Process control requests based on subtype
+   * Replicates the exact logic from the SDK's processControlRequest method
+   */
+  async processControlRequest(request, signal) {
+    if (request.request.subtype === "can_use_tool") {
+      if (!this.canCallTool) {
+        throw new Error("canCallTool callback is not provided.");
+      }
+      return this.canCallTool(request.request.tool_name, request.request.input, {
+        signal
+      });
+    }
+    throw new Error("Unsupported control request subtype: " + request.request.subtype);
+  }
+  /**
+   * Cleanup method to abort all pending control requests
+   */
+  cleanupControllers() {
+    for (const [requestId, controller] of this.cancelControllers.entries()) {
+      controller.abort();
+      this.cancelControllers.delete(requestId);
+    }
+  }
 }
 function query(config) {
   const {
@@ -1048,12 +1129,12 @@ function query(config) {
       mcpServers,
       pathToClaudeCodeExecutable = getDefaultClaudeCodePath(),
       permissionMode = "default",
-      permissionPromptToolName,
       continue: continueConversation,
       resume,
       model,
       fallbackModel,
-      strictMcpConfig
+      strictMcpConfig,
+      canCallTool
     } = {}
   } = config;
   if (!process.env.CLAUDE_CODE_ENTRYPOINT) {
@@ -1064,7 +1145,12 @@ function query(config) {
   if (appendSystemPrompt) args.push("--append-system-prompt", appendSystemPrompt);
   if (maxTurns) args.push("--max-turns", maxTurns.toString());
   if (model) args.push("--model", model);
-  if (permissionPromptToolName) args.push("--permission-prompt-tool", permissionPromptToolName);
+  if (canCallTool) {
+    if (typeof prompt === "string") {
+      throw new Error("canCallTool callback requires --input-format stream-json. Please set prompt as an AsyncIterable.");
+    }
+    args.push("--permission-prompt-tool", "stdio");
+  }
   if (continueConversation) args.push("--continue");
   if (resume) args.push("--resume", resume);
   if (allowedTools.length > 0) args.push("--allowedTools", allowedTools.join(","));
@@ -1128,7 +1214,7 @@ function query(config) {
       }
     });
   });
-  const query2 = new Query(childStdin, child.stdout, processExitPromise);
+  const query2 = new Query(childStdin, child.stdout, processExitPromise, canCallTool);
   child.on("error", (error) => {
     if (config.options?.abort?.aborted) {
       query2.setError(new AbortError("Claude Code process aborted by user"));
@@ -1146,17 +1232,48 @@ function query(config) {
   return query2;
 }
-async function awaitFileExist(file, timeout = 1e4) {
-  const startTime = Date.now();
-  while (Date.now() - startTime < timeout) {
-    try {
-      await promises.access(file);
-      return true;
-    } catch (e) {
-      await types$1.delay(1e3);
-    }
+function parseCompact(message) {
+  const trimmed = message.trim();
+  if (trimmed === "/compact") {
+    return {
+      isCompact: true,
+      originalMessage: trimmed
+    };
   }
-  return false;
+  if (trimmed.startsWith("/compact ")) {
+    return {
+      isCompact: true,
+      originalMessage: trimmed
+    };
+  }
+  return {
+    isCompact: false,
+    originalMessage: message
+  };
+}
+function parseClear(message) {
+  const trimmed = message.trim();
+  return {
+    isClear: trimmed === "/clear"
+  };
+}
+function parseSpecialCommand(message) {
+  const compactResult = parseCompact(message);
+  if (compactResult.isCompact) {
+    return {
+      type: "compact",
+      originalMessage: compactResult.originalMessage
+    };
+  }
+  const clearResult = parseClear(message);
+  if (clearResult.isClear) {
+    return {
+      type: "clear"
+    };
+  }
+  return {
+    type: null
+  };
 }
 class PushableAsyncIterable {
@@ -1285,48 +1402,17 @@ class PushableAsyncIterable {
   }
 }
-function parseCompact(message) {
-  const trimmed = message.trim();
-  if (trimmed === "/compact") {
-    return {
-      isCompact: true,
-      originalMessage: trimmed
-    };
-  }
-  if (trimmed.startsWith("/compact ")) {
-    return {
-      isCompact: true,
-      originalMessage: trimmed
-    };
-  }
-  return {
-    isCompact: false,
-    originalMessage: message
-  };
-}
-function parseClear(message) {
-  const trimmed = message.trim();
-  return {
-    isClear: trimmed === "/clear"
-  };
-}
-function parseSpecialCommand(message) {
-  const compactResult = parseCompact(message);
-  if (compactResult.isCompact) {
-    return {
-      type: "compact",
-      originalMessage: compactResult.originalMessage
-    };
-  }
-  const clearResult = parseClear(message);
-  if (clearResult.isClear) {
-    return {
-      type: "clear"
-    };
+async function awaitFileExist(file, timeout = 1e4) {
+  const startTime = Date.now();
+  while (Date.now() - startTime < timeout) {
+    try {
+      await promises.access(file);
+      return true;
+    } catch (e) {
+      await types$1.delay(1e3);
+    }
   }
-  return {
-    type: null
-  };
+  return false;
 }
 async function claudeRemote(opts) {
@@ -1339,32 +1425,12 @@ async function claudeRemote(opts) {
       process.env[key] = value;
     });
   }
-  let response;
-  const sdkOptions = {
-    cwd: opts.path,
-    resume: startFrom ?? void 0,
-    mcpServers: opts.mcpServers,
-    permissionPromptToolName: opts.permissionPromptToolName,
-    permissionMode: opts.permissionMode,
-    model: opts.model,
-    fallbackModel: opts.fallbackModel,
-    customSystemPrompt: opts.customSystemPrompt,
-    appendSystemPrompt: opts.appendSystemPrompt,
-    allowedTools: opts.allowedTools,
-    disallowedTools: opts.disallowedTools,
-    executable: "node",
-    abort: opts.signal,
-    pathToClaudeCodeExecutable: (() => {
-      return node_path.resolve(node_path.join(projectPath(), "scripts", "claude_remote_launcher.cjs"));
-    })()
-  };
-  if (opts.claudeArgs && opts.claudeArgs.length > 0) {
-    sdkOptions.executableArgs = [...sdkOptions.executableArgs || [], ...opts.claudeArgs];
+  const initial = await opts.nextMessage();
+  if (!initial) {
+    return;
   }
-  types$1.logger.debug(`[claudeRemote] Starting query with permission mode: ${opts.permissionMode}, model: ${opts.model || "default"}, fallbackModel: ${opts.fallbackModel || "none"}, customSystemPrompt: ${opts.customSystemPrompt ? "set" : "none"}, appendSystemPrompt: ${opts.appendSystemPrompt ? "set" : "none"}, allowedTools: ${opts.allowedTools ? opts.allowedTools.join(",") : "none"}, disallowedTools: ${opts.disallowedTools ? opts.disallowedTools.join(",") : "none"}`);
-  const specialCommand = parseSpecialCommand(opts.message);
+  const specialCommand = parseSpecialCommand(initial.message);
   if (specialCommand.type === "clear") {
-    types$1.logger.debug("[claudeRemote] /clear command detected - should not reach here, handled in start.ts");
     if (opts.onCompletionEvent) {
       opts.onCompletionEvent("Context was reset");
     }
@@ -1373,29 +1439,33 @@ async function claudeRemote(opts) {
     }
     return;
   }
+  let isCompactCommand = false;
   if (specialCommand.type === "compact") {
     types$1.logger.debug("[claudeRemote] /compact command detected - will process as normal but with compaction behavior");
-  }
-  const isCompactCommand = specialCommand.type === "compact";
-  if (isCompactCommand) {
-    types$1.logger.debug("[claudeRemote] Compaction started");
+    isCompactCommand = true;
     if (opts.onCompletionEvent) {
       opts.onCompletionEvent("Compaction started");
     }
   }
-  let message = new PushableAsyncIterable();
-  message.push({
-    type: "user",
-    message: {
-      role: "user",
-      content: opts.message
-    }
-  });
-  message.end();
-  response = query({
-    prompt: message,
-    options: sdkOptions
-  });
+  let mode = initial.mode;
+  const sdkOptions = {
+    cwd: opts.path,
+    resume: startFrom ?? void 0,
+    mcpServers: opts.mcpServers,
+    permissionMode: initial.mode.permissionMode === "plan" ? "plan" : "default",
+    model: initial.mode.model,
+    fallbackModel: initial.mode.fallbackModel,
+    customSystemPrompt: initial.mode.customSystemPrompt ? initial.mode.customSystemPrompt + "\n\n" + systemPrompt : void 0,
+    appendSystemPrompt: initial.mode.appendSystemPrompt ? initial.mode.appendSystemPrompt + "\n\n" + systemPrompt : systemPrompt,
+    allowedTools: initial.mode.allowedTools ? initial.mode.allowedTools.concat(opts.allowedTools) : opts.allowedTools,
+    disallowedTools: initial.mode.disallowedTools,
+    canCallTool: (toolName, input, options) => opts.canCallTool(toolName, input, mode, options),
+    executable: "node",
+    abort: opts.signal,
+    pathToClaudeCodeExecutable: (() => {
+      return node_path.resolve(node_path.join(projectPath(), "scripts", "claude_remote_launcher.cjs"));
+    })()
+  };
   let thinking = false;
   const updateThinking = (newThinking) => {
     if (thinking !== newThinking) {
@@ -1406,15 +1476,27 @@ async function claudeRemote(opts) {
       }
     }
   };
+  let messages = new PushableAsyncIterable();
+  messages.push({
+    type: "user",
+    message: {
+      role: "user",
+      content: initial.message
+    }
+  });
+  const response = query({
+    prompt: messages,
+    options: sdkOptions
+  });
   updateThinking(true);
   try {
     types$1.logger.debug(`[claudeRemote] Starting to iterate over response`);
-    for await (const message2 of response) {
-      types$1.logger.debugLargeJson(`[claudeRemote] Message ${message2.type}`, message2);
-      opts.onMessage(message2);
-      if (message2.type === "system" && message2.subtype === "init") {
+    for await (const message of response) {
+      types$1.logger.debugLargeJson(`[claudeRemote] Message ${message.type}`, message);
+      opts.onMessage(message);
+      if (message.type === "system" && message.subtype === "init") {
         updateThinking(true);
-        const systemInit = message2;
+        const systemInit = message;
         if (systemInit.session_id) {
           types$1.logger.debug(`[claudeRemote] Waiting for session file to be written to disk: ${systemInit.session_id}`);
           const projectDir = getProjectPath(opts.path);
@@ -1423,7 +1505,7 @@ async function claudeRemote(opts) {
           opts.onSessionFound(systemInit.session_id);
         }
       }
-      if (message2.type === "result") {
+      if (message.type === "result") {
         updateThinking(false);
         types$1.logger.debug("[claudeRemote] Result received, exiting claudeRemote");
         if (isCompactCommand) {
@@ -1431,26 +1513,28 @@ async function claudeRemote(opts) {
           if (opts.onCompletionEvent) {
             opts.onCompletionEvent("Compaction completed");
           }
+          isCompactCommand = false;
         }
-        return;
+        const next = await opts.nextMessage();
+        if (!next) {
+          messages.end();
+          return;
+        }
+        mode = next.mode;
+        messages.push({ type: "user", message: { role: "user", content: next.message } });
       }
-      if (message2.type === "user") {
-        const msg = message2;
+      if (message.type === "user") {
+        const msg = message;
         if (msg.message.role === "user" && Array.isArray(msg.message.content)) {
           for (let c of msg.message.content) {
-            if (c.type === "tool_result" && (c.name === "exit_plan_mode" || c.name === "ExitPlanMode")) {
-              types$1.logger.debug("[claudeRemote] Plan result received, exiting claudeRemote");
-              return;
-            }
-            if (c.type === "tool_result" && c.tool_use_id && opts.responses.has(c.tool_use_id) && !opts.responses.get(c.tool_use_id).approved) {
-              types$1.logger.debug("[claudeRemote] Tool rejected, exiting claudeRemote");
+            if (c.type === "tool_result" && c.tool_use_id && opts.isAborted(c.tool_use_id)) {
+              types$1.logger.debug("[claudeRemote] Tool aborted, exiting claudeRemote");
               return;
             }
           }
         }
       }
     }
-    types$1.logger.debug(`[claudeRemote] Finished iterating over response`);
   } catch (e) {
     if (e instanceof AbortError) {
       types$1.logger.debug(`[claudeRemote] Aborted`);
@@ -1460,71 +1544,11 @@ async function claudeRemote(opts) {
   } finally {
     updateThinking(false);
   }
-  types$1.logger.debug(`[claudeRemote] Function completed`);
 }
 const PLAN_FAKE_REJECT = `User approved plan, but you need to be restarted. STOP IMMEDIATELY TO SWITCH FROM PLAN MODE. DO NOT REPLY TO THIS MESSAGE.`;
 const PLAN_FAKE_RESTART = `PlEaZe Continue with plan.`;
-async function startPermissionServerV2(handler) {
-  const mcp = new mcp_js.McpServer({
-    name: "Permission Server",
-    version: "1.0.0",
-    description: "A server that allows you to request permissions from the user"
-  });
-  mcp.registerTool("ask_permission", {
-    description: "Request permission to execute a tool",
-    title: "Request Permission",
-    inputSchema: {
-      tool_name: z.z.string().describe("The tool that needs permission"),
-      input: z.z.any().describe("The arguments for the tool")
-    }
-  }, async (args) => {
-    const response = await handler({ name: args.tool_name, arguments: args.input });
-    types$1.logger.debugLargeJson("[permissionServerV2] Response", response);
-    const result = response.approved ? { behavior: "allow", updatedInput: args.input || {} } : { behavior: "deny", message: response.reason || `The user doesn't want to proceed with this tool use. The tool use was rejected (eg. if it was a file edit, the new_string was NOT written to the file). STOP what you are doing and wait for the user to tell you how to proceed.` };
-    return {
-      content: [
-        {
-          type: "text",
-          text: JSON.stringify(result)
-        }
-      ],
-      isError: false
-    };
-  });
-  const transport = new streamableHttp_js.StreamableHTTPServerTransport({
-    // NOTE: Returning session id here will result in claude
-    // sdk spawn to fail with `Invalid Request: Server already initialized`
-    sessionIdGenerator: void 0
-  });
-  await mcp.connect(transport);
-  const server = node_http.createServer(async (req, res) => {
-    try {
-      await transport.handleRequest(req, res);
-    } catch (error) {
-      types$1.logger.debug("Error handling request:", error);
-      if (!res.headersSent) {
-        res.writeHead(500).end();
-      }
-    }
-  });
-  const baseUrl = await new Promise((resolve) => {
-    server.listen(0, "127.0.0.1", () => {
-      const addr = server.address();
-      resolve(new URL(`http://127.0.0.1:${addr.port}`));
-    });
-  });
-  return {
-    url: baseUrl.toString(),
-    toolName: "ask_permission",
-    stop: () => {
-      mcp.close();
-      server.close();
-    }
-  };
-}
 function deepEqual(a, b) {
   if (a === b) return true;
   if (a == null || b == null) return false;
@@ -1539,133 +1563,218 @@ function deepEqual(a, b) {
   return true;
 }
-async function startPermissionResolver(session) {
-  let toolCalls = [];
-  let responses = /* @__PURE__ */ new Map();
-  let requests = /* @__PURE__ */ new Map();
-  let pendingPermissionRequests = [];
-  const server = await startPermissionServerV2(async (request) => {
-    const id = resolveToolCallId(request.name, request.arguments);
-    if (!id) {
-      types$1.logger.debug(`Tool call ID not yet available for ${request.name}, queueing request`);
-      return new Promise((resolve, reject) => {
-        const timeout = setTimeout(() => {
-          const idx = pendingPermissionRequests.findIndex((p) => p.request === request);
-          if (idx !== -1) {
-            pendingPermissionRequests.splice(idx, 1);
-            reject(new Error(`Timeout: Tool call ID never arrived for ${request.name}`));
-          }
-        }, 3e4);
-        pendingPermissionRequests.push({ request, resolve, reject, timeout });
+const STANDARD_TOOLS = {
+  // File operations
+  "Read": "Read File",
+  "Write": "Write File",
+  "Edit": "Edit File",
+  "MultiEdit": "Edit File",
+  "NotebookEdit": "Edit Notebook",
+  // Search and navigation
+  "Glob": "Find Files",
+  "Grep": "Search in Files",
+  "LS": "List Directory",
+  // Command execution
+  "Bash": "Run Command",
+  "BashOutput": "Check Command Output",
+  "KillBash": "Stop Command",
+  // Task management
+  "TodoWrite": "Update Tasks",
+  "TodoRead": "Read Tasks",
+  "Task": "Launch Agent",
+  // Web tools
+  "WebFetch": "Fetch Web Page",
+  "WebSearch": "Search Web",
+  // Special cases
+  "exit_plan_mode": "Execute Plan",
+  "ExitPlanMode": "Execute Plan"
+};
+function toTitleCase(str) {
+  return str.replace(/([a-z])([A-Z])/g, "$1 $2").replace(/_/g, " ").replace(/\b\w/g, (char) => char.toUpperCase());
+}
+function getToolName(toolName) {
+  if (STANDARD_TOOLS[toolName]) {
+    return STANDARD_TOOLS[toolName];
+  }
+  if (toolName.startsWith("mcp__")) {
+    const parts = toolName.split("__");
+    if (parts.length >= 3) {
+      const server = toTitleCase(parts[1]);
+      const action = toTitleCase(parts.slice(2).join("_"));
+      return `${server}: ${action}`;
+    }
+  }
+  return toTitleCase(toolName);
+}
+function getToolDescriptor(toolName) {
+  if (toolName === "exit_plan_mode" || toolName === "ExitPlanMode") {
+    return { edit: false, exitPlan: true };
+  }
+  if (toolName === "Edit" || toolName === "MultiEdit" || toolName === "Write" || toolName === "NotebookEdit") {
+    return { edit: true, exitPlan: false };
+  }
+  return { edit: false, exitPlan: false };
+}
+class PermissionHandler {
+  toolCalls = [];
+  responses = /* @__PURE__ */ new Map();
+  pendingRequests = /* @__PURE__ */ new Map();
+  session;
+  allowedTools = /* @__PURE__ */ new Set();
+  allowedBashLiterals = /* @__PURE__ */ new Set();
+  allowedBashPrefixes = /* @__PURE__ */ new Set();
+  permissionMode = "default";
+  constructor(session) {
+    this.session = session;
+    this.setupClientHandler();
+  }
+  handleModeChange(mode) {
+    this.permissionMode = mode;
+  }
+  /**
+   * Handler response
+   */
+  handlePermissionResponse(response, pending) {
+    if (response.allowTools && response.allowTools.length > 0) {
+      response.allowTools.forEach((tool) => {
+        if (tool.startsWith("Bash(") || tool === "Bash") {
+          this.parseBashPermission(tool);
+        } else {
+          this.allowedTools.add(tool);
+        }
       });
     }
-    return handlePermissionRequest(id, request);
-  });
-  function handlePermissionRequest(id, request) {
-    let promise = new Promise((resolve) => {
-      if (request.name === "exit_plan_mode" || request.name === "ExitPlanMode") {
-        const wrappedResolve = (response) => {
-          if (response.approved) {
-            types$1.logger.debug("Plan approved - injecting PLAN_FAKE_RESTART");
-            if (response.mode && ["default", "acceptEdits", "bypassPermissions"].includes(response.mode)) {
-              session.queue.unshift(PLAN_FAKE_RESTART, { permissionMode: response.mode });
-            } else {
-              session.queue.unshift(PLAN_FAKE_RESTART, { permissionMode: "default" });
-            }
-            resolve({ approved: false, reason: PLAN_FAKE_REJECT });
-          } else {
-            resolve(response);
-          }
-        };
-        requests.set(id, wrappedResolve);
+    if (response.mode) {
+      this.permissionMode = response.mode;
+    }
+    if (pending.toolName === "exit_plan_mode" || pending.toolName === "ExitPlanMode") {
+      types$1.logger.debug("Plan mode result received", response);
+      if (response.approved) {
+        types$1.logger.debug("Plan approved - injecting PLAN_FAKE_RESTART");
+        if (response.mode && ["default", "acceptEdits", "bypassPermissions"].includes(response.mode)) {
+          this.session.queue.unshift(PLAN_FAKE_RESTART, { permissionMode: response.mode });
+        } else {
+          this.session.queue.unshift(PLAN_FAKE_RESTART, { permissionMode: "default" });
+        }
+        pending.resolve({ behavior: "deny", message: PLAN_FAKE_REJECT });
       } else {
-        requests.set(id, resolve);
+        pending.resolve({ behavior: "deny", message: response.reason || "Plan rejected" });
       }
-    });
-    let timeout = setTimeout(async () => {
-      types$1.logger.debug("Permission timeout - attempting to interrupt Claude");
-      requests.delete(id);
-      session.client.updateAgentState((currentState) => {
-        const request2 = currentState.requests?.[id];
-        if (!request2) return currentState;
-        let r = { ...currentState.requests };
-        delete r[id];
-        return {
-          ...currentState,
-          requests: r,
-          completedRequests: {
-            ...currentState.completedRequests,
-            [id]: {
-              ...request2,
-              completedAt: Date.now(),
-              status: "canceled",
-              reason: "Timeout"
-            }
+    } else {
+      const result = response.approved ? { behavior: "allow", updatedInput: pending.input || {} } : { behavior: "deny", message: response.reason || `The user doesn't want to proceed with this tool use. The tool use was rejected (eg. if it was a file edit, the new_string was NOT written to the file). STOP what you are doing and wait for the user to tell you how to proceed.` };
+      pending.resolve(result);
+    }
+  }
+  /**
+   * Creates the canCallTool callback for the SDK
+   */
+  handleToolCall = async (toolName, input, mode, options) => {
+    if (toolName === "Bash") {
+      const inputObj = input;
+      if (inputObj?.command) {
+        if (this.allowedBashLiterals.has(inputObj.command)) {
+          return { behavior: "allow", updatedInput: input };
+        }
+        for (const prefix of this.allowedBashPrefixes) {
+          if (inputObj.command.startsWith(prefix)) {
+            return { behavior: "allow", updatedInput: input };
           }
-        };
-      });
-    }, 1e3 * 60 * 4.5);
-    types$1.logger.debug("Permission request" + id + " " + JSON.stringify(request));
-    session.api.push().sendToAllDevices(
-      "Permission Request",
-      `Claude wants to use ${request.name}`,
-      {
-        sessionId: session.client.sessionId,
-        requestId: id,
-        tool: request.name,
-        type: "permission_request"
-      }
-    );
-    session.client.updateAgentState((currentState) => ({
-      ...currentState,
-      requests: {
-        ...currentState.requests,
-        [id]: {
-          tool: request.name,
-          arguments: request.arguments,
-          createdAt: Date.now()
         }
       }
-    }));
-    promise.then(() => clearTimeout(timeout)).catch(() => clearTimeout(timeout));
-    return promise;
-  }
-  session.client.setHandler("permission", async (message) => {
-    types$1.logger.debug("Permission response" + JSON.stringify(message));
-    const id = message.id;
-    const resolve = requests.get(id);
-    if (resolve) {
-      responses.set(id, message);
-      resolve({ approved: message.approved, reason: message.reason, mode: message.mode });
-      requests.delete(id);
-    } else {
-      types$1.logger.debug("Permission request stale, likely timed out");
-      return;
+    } else if (this.allowedTools.has(toolName)) {
+      return { behavior: "allow", updatedInput: input };
     }
-    session.client.updateAgentState((currentState) => {
-      const request = currentState.requests?.[id];
-      if (!request) return currentState;
-      let r = { ...currentState.requests };
-      delete r[id];
-      const isExitPlanModeSuccess = request.tool === "exit_plan_mode" && !message.approved && message.reason === PLAN_FAKE_REJECT;
-      return {
+    const descriptor = getToolDescriptor(toolName);
+    if (this.permissionMode === "bypassPermissions") {
+      return { behavior: "allow", updatedInput: input };
+    }
+    if (this.permissionMode === "acceptEdits" && descriptor.edit) {
+      return { behavior: "allow", updatedInput: input };
+    }
+    let toolCallId = this.resolveToolCallId(toolName, input);
+    if (!toolCallId) {
+      await types$1.delay(1e3);
+      toolCallId = this.resolveToolCallId(toolName, input);
+      if (!toolCallId) {
+        throw new Error(`Could not resolve tool call ID for ${toolName}`);
+      }
+    }
+    return this.handlePermissionRequest(toolCallId, toolName, input, options.signal);
+  };
+  /**
+   * Handles individual permission requests
+   */
+  async handlePermissionRequest(id, toolName, input, signal) {
+    return new Promise((resolve, reject) => {
+      const abortHandler = () => {
+        this.pendingRequests.delete(id);
+        reject(new Error("Permission request aborted"));
+      };
+      signal.addEventListener("abort", abortHandler, { once: true });
+      this.pendingRequests.set(id, {
+        resolve: (result) => {
+          signal.removeEventListener("abort", abortHandler);
+          resolve(result);
+        },
+        reject: (error) => {
+          signal.removeEventListener("abort", abortHandler);
+          reject(error);
+        },
+        toolName,
+        input
+      });
+      this.session.api.push().sendToAllDevices(
+        "Permission Request",
+        `Claude wants to ${getToolName(toolName)}`,
+        {
+          sessionId: this.session.client.sessionId,
+          requestId: id,
+          tool: toolName,
+          type: "permission_request"
+        }
+      );
+      this.session.client.updateAgentState((currentState) => ({
         ...currentState,
-        requests: r,
-        completedRequests: {
-          ...currentState.completedRequests,
+        requests: {
+          ...currentState.requests,
           [id]: {
-            ...request,
-            completedAt: Date.now(),
-            status: isExitPlanModeSuccess ? "approved" : message.approved ? "approved" : "denied",
-            reason: isExitPlanModeSuccess ? "Plan approved" : message.reason
+            tool: toolName,
+            arguments: input,
+            createdAt: Date.now()
           }
         }
-      };
+      }));
+      types$1.logger.debug(`Permission request sent for tool call ${id}: ${toolName}`);
     });
-  });
-  const resolveToolCallId = (name, args) => {
-    for (let i = toolCalls.length - 1; i >= 0; i--) {
-      const call = toolCalls[i];
+  }
+  /**
+   * Parses Bash permission strings into literal and prefix sets
+   */
+  parseBashPermission(permission) {
+    if (permission === "Bash") {
+      return;
+    }
+    const bashPattern = /^Bash\((.+?)\)$/;
+    const match = permission.match(bashPattern);
+    if (!match) {
+      return;
+    }
+    const command = match[1];
+    if (command.endsWith(":*")) {
+      const prefix = command.slice(0, -2);
+      this.allowedBashPrefixes.add(prefix);
+    } else {
+      this.allowedBashLiterals.add(command);
+    }
+  }
+  /**
+   * Resolves tool call ID based on tool name and input
+   */
+  resolveToolCallId(name, args) {
+    for (let i = this.toolCalls.length - 1; i >= 0; i--) {
+      const call = this.toolCalls[i];
       if (call.name === name && deepEqual(call.input, args)) {
         if (call.used) {
           return null;
@@ -1675,59 +1784,22 @@ async function startPermissionResolver(session) {
       }
     }
     return null;
-  };
-  function reset() {
-    toolCalls = [];
-    requests.clear();
-    responses.clear();
-    for (const pending of pendingPermissionRequests) {
-      clearTimeout(pending.timeout);
-    }
-    pendingPermissionRequests = [];
-    session.client.updateAgentState((currentState) => {
-      const pendingRequests = currentState.requests || {};
-      const completedRequests = { ...currentState.completedRequests };
-      for (const [id, request] of Object.entries(pendingRequests)) {
-        completedRequests[id] = {
-          ...request,
-          completedAt: Date.now(),
-          status: "canceled",
-          reason: "Session switched to local mode"
-        };
-      }
-      return {
-        ...currentState,
-        requests: {},
-        // Clear all pending requests
-        completedRequests
-      };
-    });
   }
-  function onMessage(message) {
+  /**
+   * Handles messages to track tool calls
+   */
+  onMessage(message) {
     if (message.type === "assistant") {
       const assistantMsg = message;
       if (assistantMsg.message && assistantMsg.message.content) {
         for (const block of assistantMsg.message.content) {
           if (block.type === "tool_use") {
-            toolCalls.push({
+            this.toolCalls.push({
               id: block.id,
               name: block.name,
               input: block.input,
               used: false
             });
-            for (let i = pendingPermissionRequests.length - 1; i >= 0; i--) {
-              const pending = pendingPermissionRequests[i];
-              if (pending.request.name === block.name && deepEqual(pending.request.arguments, block.input)) {
-                types$1.logger.debug(`Resolving pending permission request for ${block.name} with ID ${block.id}`);
-                clearTimeout(pending.timeout);
-                pendingPermissionRequests.splice(i, 1);
-                handlePermissionRequest(block.id, pending.request).then(
-                  pending.resolve,
-                  pending.reject
-                );
-                break;
-              }
-            }
           }
         }
       }
@@ -1737,7 +1809,7 @@ async function startPermissionResolver(session) {
       if (userMsg.message && userMsg.message.content && Array.isArray(userMsg.message.content)) {
         for (const block of userMsg.message.content) {
           if (block.type === "tool_result" && block.tool_use_id) {
-            const toolCall = toolCalls.find((tc) => tc.id === block.tool_use_id);
+            const toolCall = this.toolCalls.find((tc) => tc.id === block.tool_use_id);
             if (toolCall && !toolCall.used) {
               toolCall.used = true;
             }
@@ -1746,12 +1818,95 @@ async function startPermissionResolver(session) {
       }
     }
   }
-  return {
-    server,
-    reset,
-    onMessage,
-    responses
-  };
+  /**
+   * Checks if a tool call is rejected
+   */
+  isAborted(toolCallId) {
+    if (this.responses.get(toolCallId)?.approved === false) {
+      return true;
+    }
+    const toolCall = this.toolCalls.find((tc) => tc.id === toolCallId);
+    if (toolCall && (toolCall.name === "exit_plan_mode" || toolCall.name === "ExitPlanMode")) {
+      return true;
+    }
+    return false;
+  }
+  /**
+   * Resets all state for new sessions
+   */
+  reset() {
+    this.toolCalls = [];
+    this.responses.clear();
+    this.allowedTools.clear();
+    this.allowedBashLiterals.clear();
+    this.allowedBashPrefixes.clear();
+    for (const [, pending] of this.pendingRequests.entries()) {
+      pending.reject(new Error("Session reset"));
+    }
+    this.pendingRequests.clear();
+    this.session.client.updateAgentState((currentState) => {
+      const pendingRequests = currentState.requests || {};
+      const completedRequests = { ...currentState.completedRequests };
+      for (const [id, request] of Object.entries(pendingRequests)) {
+        completedRequests[id] = {
+          ...request,
+          completedAt: Date.now(),
+          status: "canceled",
+          reason: "Session switched to local mode"
+        };
+      }
+      return {
+        ...currentState,
+        requests: {},
+        // Clear all pending requests
+        completedRequests
+      };
+    });
+  }
+  /**
+   * Sets up the client handler for permission responses
+   */
+  setupClientHandler() {
+    this.session.client.setHandler("permission", async (message) => {
+      types$1.logger.debug(`Permission response: ${JSON.stringify(message)}`);
+      const id = message.id;
+      const pending = this.pendingRequests.get(id);
+      if (!pending) {
+        types$1.logger.debug("Permission request not found or already resolved");
+        return;
+      }
+      this.responses.set(id, { ...message, receivedAt: Date.now() });
+      this.pendingRequests.delete(id);
+      this.handlePermissionResponse(message, pending);
+      this.session.client.updateAgentState((currentState) => {
+        const request = currentState.requests?.[id];
+        if (!request) return currentState;
+        let r = { ...currentState.requests };
+        delete r[id];
+        return {
+          ...currentState,
+          requests: r,
+          completedRequests: {
+            ...currentState.completedRequests,
+            [id]: {
+              ...request,
+              completedAt: Date.now(),
+              status: message.approved ? "approved" : "denied",
+              reason: message.reason,
+              mode: message.mode,
+              allowTools: message.allowTools
+            }
+          }
+        };
+      });
+    });
+  }
+  /**
+   * Gets the responses map (for compatibility with existing code)
+   */
+  getResponses() {
+    return this.responses;
+  }
 }
 function formatClaudeMessageForInk(message, messageBuffer, onAssistantResult) {
@@ -2125,12 +2280,6 @@ async function claudeRemoteLauncher(session) {
     }
     process.stdin.setEncoding("utf8");
   }
-  const scanner = await createSessionScanner({
-    sessionId: session.sessionId,
-    workingDirectory: session.path,
-    onMessage: (message) => {
-    }
-  });
   let exitReason = null;
   let abortController = null;
   let abortFuture = null;
@@ -2153,17 +2302,17 @@ async function claudeRemoteLauncher(session) {
   }
   session.client.setHandler("abort", doAbort);
   session.client.setHandler("switch", doSwitch);
-  const permissions = await startPermissionResolver(session);
+  const permissionHandler = new PermissionHandler(session);
   const sdkToLogConverter = new SDKToLogConverter({
     sessionId: session.sessionId || "unknown",
     cwd: session.path,
     version: process.env.npm_package_version
-  }, permissions.responses);
+  }, permissionHandler.getResponses());
   let planModeToolCalls = /* @__PURE__ */ new Set();
   let ongoingToolCalls = /* @__PURE__ */ new Map();
   function onMessage(message) {
     formatClaudeMessageForInk(message, messageBuffer);
-    permissions.onMessage(message);
+    permissionHandler.onMessage(message);
     if (message.type === "assistant") {
       let umessage = message;
       if (umessage.message.content && Array.isArray(umessage.message.content)) {
@@ -2227,6 +2376,32 @@ async function claudeRemoteLauncher(session) {
     }
     const logMessage = sdkToLogConverter.convert(msg);
     if (logMessage) {
+      if (logMessage.type === "user" && logMessage.message?.content) {
+        const content = Array.isArray(logMessage.message.content) ? logMessage.message.content : [];
+        for (let i = 0; i < content.length; i++) {
+          const c = content[i];
+          if (c.type === "tool_result" && c.tool_use_id) {
+            const responses = permissionHandler.getResponses();
+            const response = responses.get(c.tool_use_id);
+            if (response) {
+              const permissions = {
+                date: response.receivedAt || Date.now(),
+                result: response.approved ? "approved" : "denied"
+              };
+              if (response.mode) {
+                permissions.mode = response.mode;
+              }
+              if (response.allowTools && response.allowTools.length > 0) {
+                permissions.allowedTools = response.allowTools;
+              }
+              content[i] = {
+                ...c,
+                permissions
+              };
+            }
+          }
+        }
+      }
       if (logMessage.type !== "system") {
         session.client.sendClaudeSessionMessage(logMessage);
       }
@@ -2246,58 +2421,57 @@ async function claudeRemoteLauncher(session) {
     }
   }
   try {
+    let pending = null;
     while (!exitReason) {
-      types$1.logger.debug("[remote]: fetch next message");
-      abortController = new AbortController();
-      abortFuture = new Future();
-      const messageData = await session.queue.waitForMessagesAndGetAsString(abortController.signal);
-      if (!messageData || abortController.signal.aborted) {
-        types$1.logger.debug("[remote]: fetch next message done: no message or aborted");
-        abortFuture?.resolve(void 0);
-        if (exitReason) {
-          return exitReason;
-        } else {
-          continue;
-        }
-      }
-      types$1.logger.debug("[remote]: fetch next message done: message received");
-      abortFuture?.resolve(void 0);
-      abortFuture = null;
-      abortController = null;
       types$1.logger.debug("[remote]: launch");
       messageBuffer.addMessage("\u2550".repeat(40), "status");
       messageBuffer.addMessage("Starting new Claude session...", "status");
-      abortController = new AbortController();
+      const controller = new AbortController();
+      abortController = controller;
       abortFuture = new Future();
-      permissions.reset();
+      permissionHandler.reset();
       sdkToLogConverter.resetParentChain();
+      let modeHash = null;
+      let mode = null;
       try {
         await claudeRemote({
           sessionId: session.sessionId,
           path: session.path,
-          responses: permissions.responses,
-          mcpServers: {
-            ...session.mcpServers,
-            permission: {
-              type: "http",
-              url: permissions.server.url
+          allowedTools: session.allowedTools ?? [],
+          mcpServers: session.mcpServers,
+          canCallTool: permissionHandler.handleToolCall,
+          isAborted: (toolCallId) => {
+            return permissionHandler.isAborted(toolCallId);
+          },
+          nextMessage: async () => {
+            if (pending) {
+              let p = pending;
+              pending = null;
+              permissionHandler.handleModeChange(p.mode.permissionMode);
+              return p;
             }
+            let msg = await session.queue.waitForMessagesAndGetAsString(controller.signal);
+            if (msg) {
+              if (modeHash && msg.hash !== modeHash || msg.isolate) {
+                types$1.logger.debug("[remote]: mode has changed, pending message");
+                pending = msg;
+                return null;
+              }
+              modeHash = msg.hash;
+              mode = msg.mode;
+              permissionHandler.handleModeChange(mode.permissionMode);
+              return {
+                message: msg.message,
+                mode: msg.mode
+              };
+            }
+            return null;
           },
-          permissionPromptToolName: "mcp__permission__" + permissions.server.toolName,
-          permissionMode: messageData.mode.permissionMode,
-          model: messageData.mode.model,
-          fallbackModel: messageData.mode.fallbackModel,
-          customSystemPrompt: messageData.mode.customSystemPrompt,
-          appendSystemPrompt: messageData.mode.appendSystemPrompt ? messageData.mode.appendSystemPrompt + "\n" + systemPrompt : systemPrompt,
-          allowedTools: messageData.mode.allowedTools ? [...messageData.mode.allowedTools, ...session.allowedTools ? session.allowedTools : []] : session.allowedTools ? [...session.allowedTools] : void 0,
-          disallowedTools: messageData.mode.disallowedTools,
           onSessionFound: (sessionId) => {
             sdkToLogConverter.updateSessionId(sessionId);
             session.onSessionFound(sessionId);
-            scanner.onNewSession(sessionId);
           },
           onThinkingChange: session.onThinkingChange,
-          message: messageData.message,
           claudeEnvVars: session.claudeEnvVars,
           claudeArgs: session.claudeArgs,
           onMessage,
@@ -2315,11 +2489,13 @@ async function claudeRemoteLauncher(session) {
           session.client.sendSessionEvent({ type: "message", message: "Aborted by user" });
         }
       } catch (e) {
+        types$1.logger.debug("[remote]: launch error", e);
         if (!exitReason) {
           session.client.sendSessionEvent({ type: "message", message: "Process exited unexpectedly" });
           continue;
         }
       } finally {
+        types$1.logger.debug("[remote]: launch finally");
         for (let [toolCallId, { parentToolCallId }] of ongoingToolCalls) {
           const converted = sdkToLogConverter.generateInterruptedToolResult(toolCallId, parentToolCallId);
           if (converted) {
@@ -2332,11 +2508,13 @@ async function claudeRemoteLauncher(session) {
         abortFuture?.resolve(void 0);
         abortFuture = null;
         types$1.logger.debug("[remote]: launch done");
-        permissions.reset();
+        permissionHandler.reset();
+        modeHash = null;
+        mode = null;
       }
     }
   } finally {
-    permissions.server.stop();
+    permissionHandler.reset();
     process.stdin.off("data", abort);
     if (process.stdin.isTTY) {
       process.stdin.setRawMode(false);
@@ -2348,7 +2526,6 @@ async function claudeRemoteLauncher(session) {
     if (abortFuture) {
       abortFuture.resolve(void 0);
     }
-    await scanner.cleanup();
   }
   return exitReason || "exit";
 }
@@ -2400,7 +2577,7 @@ async function loop(opts) {
 }
 var name = "happy-coder";
-var version = "0.8.0";
+var version = "0.9.0-1";
 var description = "Claude Code session sharing CLI";
 var author = "Kirill Dubovitskiy";
 var license = "MIT";
@@ -2450,18 +2627,14 @@ var scripts = {
 	test: "yarn build && vitest run",
 	"test:watch": "vitest",
 	"test:integration-test-env": "yarn build && tsx --env-file .env.integration-test node_modules/.bin/vitest run",
-	dev: "DEBUG=1 yarn build && npx tsx src/index.ts",
+	dev: "yarn build && DEBUG=1 npx tsx src/index.ts",
 	"dev:local-server": "yarn build && tsx --env-file .env.dev-local-server src/index.ts",
 	"dev:integration-test-env": "yarn build && tsx --env-file .env.integration-test src/index.ts",
 	prepublishOnly: "yarn build && yarn test",
-	"minor:publish": "yarn build && npm version minor && npm publish",
-	"patch:publish": "yarn build && npm version patch && npm publish",
-	"version:prerelease": "yarn build && npm version prerelease --preid=beta",
-	"publish:prerelease": "npm publish --tag beta",
-	"beta:publish": "yarn version:prerelease && yarn publish:prerelease"
+	release: "release-it"
 };
 var dependencies = {
-	"@anthropic-ai/claude-code": "^1.0.73",
+	"@anthropic-ai/claude-code": "^1.0.89",
 	"@anthropic-ai/sdk": "^0.56.0",
 	"@modelcontextprotocol/sdk": "^1.15.1",
 	"@stablelib/base64": "^2.0.1",
@@ -2490,6 +2663,7 @@ var devDependencies = {
 	eslint: "^9",
 	"eslint-config-prettier": "^10",
 	pkgroll: "^2.14.2",
+	"release-it": "^19.0.4",
 	shx: "^0.3.3",
 	"ts-node": "^10",
 	tsx: "^4.20.3",
@@ -2497,7 +2671,12 @@ var devDependencies = {
 	vitest: "^3.2.4"
 };
 var resolutions = {
-	"whatwg-url": "14.2.0"
+	"whatwg-url": "14.2.0",
+	"parse-path": "7.0.3",
+	"@types/parse-path": "7.0.3"
+};
+var publishConfig = {
+	registry: "https://registry.npmjs.org"
 };
 var packageManager = "yarn@1.22.22";
 var packageJson = {
@@ -2520,6 +2699,7 @@ var packageJson = {
 	dependencies: dependencies,
 	devDependencies: devDependencies,
 	resolutions: resolutions,
+	publishConfig: publishConfig,
 	packageManager: packageManager
 };
@@ -2906,15 +3086,17 @@ async function clearDaemonState() {
 }
 class MessageQueue2 {
-  constructor(modeHasher) {
-    this.modeHasher = modeHasher;
-    types$1.logger.debug(`[MessageQueue2] Initialized`);
-  }
   queue = [];
   // Made public for testing
   waiter = null;
   closed = false;
   onMessageHandler = null;
+  modeHasher;
+  constructor(modeHasher, onMessageHandler = null) {
+    this.modeHasher = modeHasher;
+    this.onMessageHandler = onMessageHandler;
+    types$1.logger.debug(`[MessageQueue2] Initialized`);
+  }
   /**
    * Set a handler that will be called when a message arrives
    */
@@ -3089,6 +3271,7 @@ class MessageQueue2 {
     const firstItem = this.queue[0];
     const sameModeMessages = [];
     let mode = firstItem.mode;
+    let isolate = firstItem.isolate ?? false;
     const targetModeHash = firstItem.modeHash;
     if (firstItem.isolate) {
       const item = this.queue.shift();
@@ -3104,7 +3287,9 @@ class MessageQueue2 {
     const combinedMessage = sameModeMessages.join("\n");
     return {
       message: combinedMessage,
-      mode
+      mode,
+      hash: targetModeHash,
+      isolate
     };
   }
   /**
@@ -3999,10 +4184,10 @@ async function doWebAuth(keypair) {
     console.log("\u2713 Browser opened\n");
     console.log("Complete authentication in your browser window.");
   } else {
-    console.log("Could not open browser automatically.\n");
-    console.log("Please open this URL manually:");
-    console.log(webUrl);
+    console.log("Could not open browser automatically.");
   }
+  console.log("\nIf the browser did not open, please copy and paste this URL:");
+  console.log(webUrl);
   console.log("");
   return await waitForAuthentication(keypair);
 }
@@ -4513,7 +4698,15 @@ async function start(credentials, options = {}) {
   if (caffeinateStarted) {
     types$1.logger.infoDeveloper("Sleep prevention enabled (macOS)");
   }
-  const messageQueue = new MessageQueue2((mode) => hashObject(mode));
+  const messageQueue = new MessageQueue2((mode) => hashObject({
+    isPlan: mode.permissionMode === "plan",
+    model: mode.model,
+    fallbackModel: mode.fallbackModel,
+    customSystemPrompt: mode.customSystemPrompt,
+    appendSystemPrompt: mode.appendSystemPrompt,
+    allowedTools: mode.allowedTools,
+    disallowedTools: mode.disallowedTools
+  }));
   registerHandlers(session);
   let currentPermissionMode = options.permissionMode;
   let currentModel = options.model;