kimaki 0.13.1 → 0.14.0

package/dist/cli.js

@@ -40,6 +40,7 @@ cli
     .option('--no-critique', 'Disable automatic diff upload to critique.work in system prompts')
     .option('--auto-restart', 'Automatically restart the bot on crash or OOM kill')
     .option('--allow-all-users', 'Allow all Discord users to start sessions without needing Kimaki role or admin permissions (no-kimaki role still blocks)')
+    .option('--permission-timeout-minutes <minutes>', 'Permission prompt timeout in minutes before auto-rejecting (default: 10)')
     .option('--disable-sync', 'Disable background sync of external OpenCode sessions into Discord')
     .option('--no-sentry', 'Disable Sentry error reporting')
     .option('--gateway', 'Force gateway mode (use the gateway Kimaki bot instead of a self-hosted bot)')
@@ -134,6 +135,19 @@ cli
                 }
             }
         }
+        // --permission-timeout-minutes validation
+        // Node setTimeout max is 2_147_483_647ms; larger values fire immediately.
+        const MAX_TIMEOUT_MINUTES = Math.floor(2_147_483_647 / 60_000);
+        const permissionTimeoutMs = (() => {
+            if (!options.permissionTimeoutMinutes)
+                return undefined;
+            const parsed = Number(options.permissionTimeoutMinutes);
+            if (!Number.isInteger(parsed) || parsed <= 0 || parsed > MAX_TIMEOUT_MINUTES) {
+                cliLogger.error(`Invalid permission timeout: ${options.permissionTimeoutMinutes}. Must be a positive whole number of minutes (max ${MAX_TIMEOUT_MINUTES}).`);
+                process.exit(EXIT_NO_RESTART);
+            }
+            return parsed * 60_000;
+        })();
         store.setState({
             ...(defaultVerbosity && {
                 defaultVerbosity,
@@ -141,6 +155,7 @@ cli
             ...(options.mentionMode && { defaultMentionMode: true }),
             ...(options.noCritique && { critiqueEnabled: false }),
             ...(options.allowAllUsers && { allowAllUsers: true }),
+            ...(permissionTimeoutMs !== undefined && { permissionTimeoutMs }),
             ...(options.disableSync && { syncEnabled: false }),
             ...(enabledSkills.length > 0 && { enabledSkills }),
             ...(disabledSkills.length > 0 && { disabledSkills }),
@@ -155,6 +170,9 @@ cli
         if (options.allowAllUsers) {
             cliLogger.log('Allow all users: any Discord member can start sessions (no-kimaki role still blocks)');
         }
+        if (permissionTimeoutMs !== undefined) {
+            cliLogger.log(`Permission timeout set to ${options.permissionTimeoutMinutes} minutes`);
+        }
         if (options.verbosity) {
             cliLogger.log(`Default verbosity: ${options.verbosity}`);
         }

package/dist/commands/action-buttons.js

@@ -212,7 +212,9 @@ export async function handleActionButton(interaction) {
         content: `**Action Required**\n_Selected: ${button.label}_`,
         components: [],
     });
+    const username = interaction.user.globalName || interaction.user.username;
     const prompt = `User clicked: ${button.label}`;
+    await sendThreadMessage(thread, `» **${username}:** ${button.label}`);
     try {
         await sendClickedActionToModel({
             interaction,

package/dist/commands/ask-question.js

@@ -183,6 +183,8 @@ export async function handleAskQuestionSelectMenu(interaction) {
         content: `**${question.header}**\n${question.question}\n✓ _${answeredText}_`,
         components: [], // Remove the dropdown
     });
+    const username = interaction.user.globalName || interaction.user.username;
+    await sendThreadMessage(context.thread, `» **${username}:** ${answeredText}`);
     // Check if all questions are answered
     if (context.answeredCount >= context.totalQuestions) {
         // All questions answered - send result back to session

package/dist/commands/file-upload.js

@@ -11,7 +11,7 @@ import fs from 'node:fs';
 import path from 'node:path';
 import { createLogger, LogPrefix } from '../logger.js';
 import { notifyError } from '../sentry.js';
-import { NOTIFY_MESSAGE_FLAGS } from '../discord-utils.js';
+import { NOTIFY_MESSAGE_FLAGS, sendThreadMessage } from '../discord-utils.js';
 const logger = createLogger(LogPrefix.FILE_UPLOAD);
 // 5 minute TTL for pending contexts - if user doesn't click within this time,
 // clean up the context and resolve with empty array to unblock the plugin tool
@@ -219,6 +219,10 @@ export async function handleFileUploadModalSubmit(interaction) {
             return `Upload failed: ${errors.join('; ')}`;
         })();
         await interaction.editReply({ content: summary });
+        if (downloadedPaths.length > 0) {
+            const username = interaction.user.globalName || interaction.user.username;
+            await sendThreadMessage(context.thread, `» **${username}:** Uploaded ${fileNames.join(', ')}`);
+        }
         resolveContext(context, downloadedPaths);
         logger.log(`File upload completed for session ${context.sessionId}: ${downloadedPaths.length} files`);
     }

package/dist/commands/model-variant.js

@@ -7,11 +7,10 @@
 // Map. Whichever menu fires second sees the first selection stored and applies.
 import { ChatInputCommandInteraction, StringSelectMenuInteraction, StringSelectMenuBuilder, ActionRowBuilder, ChannelType, MessageFlags, } from 'discord.js';
 import crypto from 'node:crypto';
-import { setChannelModel, setSessionModel, getThreadSession, setGlobalModel, getVariantCascade, } from '../database.js';
+import { setChannelModel, getThreadSession, setGlobalModel, getVariantCascade, } from '../database.js';
 import { initializeOpencodeForDirectory } from '../opencode.js';
 import { resolveTextChannel, getKimakiMetadata } from '../discord-utils.js';
-import { getCurrentModelInfo, ensureSessionPreferencesSnapshot, } from './model.js';
-import { getRuntime } from '../session-handler/thread-session-runtime.js';
+import { getCurrentModelInfo, ensureSessionPreferencesSnapshot, applyToCurrentSession, } from './model.js';
 import { getThinkingValuesForModel } from '../thinking-utils.js';
 import { createLogger, LogPrefix } from '../logger.js';
 const logger = createLogger(LogPrefix.MODEL);
@@ -303,22 +302,14 @@ async function applyVariant({ interaction, context, variant, scope, contextHash,
                 });
                 return;
             }
-            await setSessionModel({
+            const retried = await applyToCurrentSession({
                 sessionId: context.sessionId,
+                thread: context.thread,
                 modelId,
                 variant,
             });
+            const retryNote = retried ? '\n_Restarting current request with new variant..._' : '';
             logger.log(`Set variant ${variant ?? 'none'} for session ${context.sessionId} (model ${modelId})`);
-            let retried = false;
-            if (context.thread) {
-                const runtime = getRuntime(context.thread.id);
-                if (runtime) {
-                    retried = await runtime.retryLastUserPrompt();
-                }
-            }
-            const retryNote = retried
-                ? '\n_Restarting current request with new variant..._'
-                : '';
             await interaction.editReply({
                 content: `Variant set for this session:\n**${context.providerName}** / **${context.modelName}**${variantSuffix}\n\`${modelId}\`${retryNote}${agentTip}`,
                 flags: MessageFlags.SuppressEmbeds,
@@ -332,9 +323,16 @@ async function applyVariant({ interaction, context, variant, scope, contextHash,
                 modelId,
                 variant,
             });
+            const retried = await applyToCurrentSession({
+                sessionId: context.sessionId,
+                thread: context.thread,
+                modelId,
+                variant,
+            });
+            const retryNote = retried ? '\n_Restarting current request with new variant..._' : '';
             logger.log(`Set global variant ${variant ?? 'none'} for app ${context.appId} and channel ${context.channelId} (model ${modelId})`);
             await interaction.editReply({
-                content: `Variant set for this channel and as global default:\n**${context.providerName}** / **${context.modelName}**${variantSuffix}\n\`${modelId}\`\nAll channels will use this variant (unless they have their own override).${agentTip}`,
+                content: `Variant set for this channel and as global default:\n**${context.providerName}** / **${context.modelName}**${variantSuffix}\n\`${modelId}\`\nAll channels will use this variant (unless they have their own override).${retryNote}${agentTip}`,
                 flags: MessageFlags.SuppressEmbeds,
                 components: [],
             });
@@ -346,9 +344,16 @@ async function applyVariant({ interaction, context, variant, scope, contextHash,
                 modelId,
                 variant,
             });
+            const retried = await applyToCurrentSession({
+                sessionId: context.sessionId,
+                thread: context.thread,
+                modelId,
+                variant,
+            });
+            const retryNote = retried ? '\n_Restarting current request with new variant..._' : '';
             logger.log(`Set channel variant ${variant ?? 'none'} for channel ${context.channelId} (model ${modelId})`);
             await interaction.editReply({
-                content: `Variant set for this channel:\n**${context.providerName}** / **${context.modelName}**${variantSuffix}\n\`${modelId}\`\nAll new sessions in this channel will use this variant.${agentTip}`,
+                content: `Variant set for this channel:\n**${context.providerName}** / **${context.modelName}**${variantSuffix}\n\`${modelId}\`\nAll new sessions in this channel will use this variant.${retryNote}${agentTip}`,
                 flags: MessageFlags.SuppressEmbeds,
                 components: [],
             });

package/dist/commands/model.js

@@ -693,6 +693,24 @@ async function showScopeMenu({ interaction, contextHash, context, }) {
         components: [actionRow],
     });
 }
+/**
+ * If a session is active, also update its model preference and retry.
+ * Returns true if the current request was restarted.
+ */
+export async function applyToCurrentSession({ sessionId, thread, modelId, variant, }) {
+    if (!sessionId) {
+        return false;
+    }
+    await setSessionModel({ sessionId, modelId, variant });
+    if (!thread) {
+        return false;
+    }
+    const runtime = getRuntime(thread.id);
+    if (!runtime) {
+        return false;
+    }
+    return runtime.retryLastUserPrompt();
+}
 /**
  * Handle the scope select menu interaction.
  * Applies the model to either the channel or globally.
@@ -739,18 +757,14 @@ export async function handleModelScopeSelectMenu(interaction) {
                 });
                 return;
             }
-            await setSessionModel({ sessionId: context.sessionId, modelId, variant });
+            const retried = await applyToCurrentSession({
+                sessionId: context.sessionId,
+                thread: context.thread,
+                modelId,
+                variant,
+            });
+            const retryNote = retried ? '\n_Restarting current request with new model..._' : '';
             modelLogger.log(`Set model ${modelId}${variantSuffix} for session ${context.sessionId}`);
-            let retried = false;
-            if (context.thread) {
-                const runtime = getRuntime(context.thread.id);
-                if (runtime) {
-                    retried = await runtime.retryLastUserPrompt();
-                }
-            }
-            const retryNote = retried
-                ? '\n_Restarting current request with new model..._'
-                : '';
             await interaction.editReply({
                 content: `Model set for this session:\n**${context.providerName}** / **${modelDisplay}**${variantSuffix}\n\`${modelId}\`${retryNote}${agentTip}`,
                 flags: MessageFlags.SuppressEmbeds,
@@ -768,9 +782,16 @@ export async function handleModelScopeSelectMenu(interaction) {
             }
             await setGlobalModel({ appId: context.appId, modelId, variant });
             await setChannelModel({ channelId: context.channelId, modelId, variant });
+            const retried = await applyToCurrentSession({
+                sessionId: context.sessionId,
+                thread: context.thread,
+                modelId,
+                variant,
+            });
+            const retryNote = retried ? '\n_Restarting current request with new model..._' : '';
             modelLogger.log(`Set global model ${modelId}${variantSuffix} for app ${context.appId} and channel ${context.channelId}`);
             await interaction.editReply({
-                content: `Model set for this channel and as global default:\n**${context.providerName}** / **${modelDisplay}**${variantSuffix}\n\`${modelId}\`\nAll channels will use this model (unless they have their own override).${agentTip}`,
+                content: `Model set for this channel and as global default:\n**${context.providerName}** / **${modelDisplay}**${variantSuffix}\n\`${modelId}\`\nAll channels will use this model (unless they have their own override).${retryNote}${agentTip}`,
                 flags: MessageFlags.SuppressEmbeds,
                 components: [],
             });
@@ -778,9 +799,16 @@ export async function handleModelScopeSelectMenu(interaction) {
         else {
             // channel scope
             await setChannelModel({ channelId: context.channelId, modelId, variant });
+            const retried = await applyToCurrentSession({
+                sessionId: context.sessionId,
+                thread: context.thread,
+                modelId,
+                variant,
+            });
+            const retryNote = retried ? '\n_Restarting current request with new model..._' : '';
             modelLogger.log(`Set model ${modelId}${variantSuffix} for channel ${context.channelId}`);
             await interaction.editReply({
-                content: `Model preference set for this channel:\n**${context.providerName}** / **${modelDisplay}**${variantSuffix}\n\`${modelId}\`\nAll new sessions in this channel will use this model.${agentTip}`,
+                content: `Model preference set for this channel:\n**${context.providerName}** / **${modelDisplay}**${variantSuffix}\n\`${modelId}\`\nAll new sessions in this channel will use this model.${retryNote}${agentTip}`,
                 flags: MessageFlags.SuppressEmbeds,
                 components: [],
             });

package/dist/commands/permissions.js

@@ -4,6 +4,7 @@
 import { ButtonBuilder, ButtonStyle, ActionRowBuilder, MessageFlags, } from 'discord.js';
 import crypto from 'node:crypto';
 import { getOpencodeClient } from '../opencode.js';
+import { getPermissionTimeoutMs } from '../config.js';
 import { NOTIFY_MESSAGE_FLAGS } from '../discord-utils.js';
 import { createLogger, LogPrefix } from '../logger.js';
 const logger = createLogger(LogPrefix.PERMISSIONS);
@@ -59,7 +60,7 @@ export function compactPermissionPatterns(patterns) {
 }
 // Store pending permission contexts by hash.
 // TTL prevents unbounded growth if user never clicks a permission button.
-const PERMISSION_CONTEXT_TTL_MS = 10 * 60 * 1000;
+// Configurable via --permission-timeout-minutes CLI flag (default: 10 minutes).
 export const pendingPermissionContexts = new Map();
 // Atomic take: removes context from Map and returns it. Only the first caller
 // (TTL expiry or button click) wins, preventing duplicate permission replies.
@@ -90,6 +91,9 @@ export async function showPermissionButtons({ thread, permission, directory, per
     // Auto-reject on TTL expiry so the OpenCode session doesn't hang forever
     // waiting for a permission reply that will never come. Uses atomic take
     // so only one of TTL-expiry or button-click can win.
+    // With continue_loop_on_deny enabled in opencode config, the model sees
+    // this as a tool error and continues (tries alternatives or explains).
+    const ttlMs = getPermissionTimeoutMs();
     setTimeout(async () => {
         const ctx = takePendingPermissionContext(contextHash);
         if (!ctx) {
@@ -100,21 +104,27 @@ export async function showPermissionButtons({ thread, permission, directory, per
             const requestIds = ctx.requestIds.length > 0
                 ? ctx.requestIds
                 : [ctx.permission.id];
+            const userId = ctx.thread.ownerId;
+            const timeoutFeedback = `Permission timed out — the user did not respond. They are probably away and not watching the session. ` +
+                `If this tool call is necessary for the core goal of this session, stop and mention the user with <@${userId}> asking them to grant permission. ` +
+                `If not, continue normally — work around it, skip the tool, or use an alternative approach.`;
             await Promise.all(requestIds.map((requestId) => {
                 return client.permission.reply({
                     requestID: requestId,
                     directory: ctx.permissionDirectory,
                     reply: 'reject',
+                    message: timeoutFeedback,
                 });
             })).catch((error) => {
                 logger.error('Failed to auto-reject expired permission:', error);
             });
+            const minutes = Math.round(ttlMs / 60_000);
             updatePermissionMessage({
                 context: ctx,
-                status: '_Permission expired after 10 minutes and was rejected._',
+                status: `_Permission expired after ${minutes} minute${minutes !== 1 ? 's' : ''} and was rejected._`,
             });
         }
-    }, PERMISSION_CONTEXT_TTL_MS).unref();
+    }, ttlMs).unref();
     const patternStr = compactPermissionPatterns(permission.patterns).join(', ');
     // Build 3 buttons for permission actions
     const acceptButton = new ButtonBuilder()

package/dist/config.js

@@ -62,6 +62,14 @@ export function setProjectsDir(dir) {
     }
     store.setState({ projectsDir: resolvedDir });
 }
+/**
+ * Get the permission button timeout in milliseconds.
+ * How long permission buttons remain active before auto-rejecting.
+ * Defaults to 10 minutes (600000ms).
+ */
+export function getPermissionTimeoutMs() {
+    return store.getState().permissionTimeoutMs;
+}
 const DEFAULT_LOCK_PORT = 29988;
 /**
  * Derive a lock port from the data directory path.

package/dist/discord-bot.js

@@ -569,7 +569,7 @@ export async function startDiscordBot({ token, appId, discordClient, useWorktree
                 });
                 // Notify when a voice message was queued instead of sent immediately
                 if (enqueueResult.queued && enqueueResult.position) {
-                    await sendThreadMessage(thread, `Queued at position ${enqueueResult.position}`);
+                    await sendThreadMessage(thread, `Queued at position ${enqueueResult.position}. Edit your message to update it in queue`);
                 }
             }
             if (channel.type === ChannelType.GuildText) {
@@ -777,8 +777,16 @@ export async function startDiscordBot({ token, appId, discordClient, useWorktree
             // If the edit removed the queue suffix, remove the item from the queue.
             // If the suffix is still present, update the prompt.
             const result = runtime.updateQueuedMessage(message.id, forceQueue ? prompt : '');
-            if (result.found) {
-                discordLogger.log(`[MESSAGE_EDIT] ${result.removed ? 'Removed' : 'Updated'} queued message ${message.id} in thread ${channel.id}`);
+            if (result.found && channel.isThread()) {
+                const displayName = message.member?.displayName ?? message.author.displayName;
+                if (result.removed) {
+                    discordLogger.log(`[MESSAGE_EDIT] Removed queued message ${message.id} in thread ${channel.id}`);
+                    await sendThreadMessage(channel, `⬦ **${displayName}** removed message from queue`);
+                }
+                else {
+                    discordLogger.log(`[MESSAGE_EDIT] Updated queued message ${message.id} in thread ${channel.id}`);
+                    await sendThreadMessage(channel, `⬦ **${displayName}** edited queued message`);
+                }
             }
         }
         catch (error) {
@@ -1010,6 +1018,20 @@ export async function startDiscordBot({ token, appId, discordClient, useWorktree
     startHeapMonitor();
     const stopTaskRunner = startTaskRunner({ token });
     const stopRuntimeIdleSweeper = startRuntimeIdleSweeper();
+    // Prevent discord.js from permanently killing the REST token on 401.
+    // @discordjs/rest calls setToken(null) whenever it receives a 401 response.
+    // The gateway proxy now returns 503 for stale-DB rejections (not 401), but
+    // this guard stays as defense-in-depth for any other transient 401 source.
+    // Allows null through when Client.destroy() is running (it sets client.token
+    // = null before calling rest.setToken(null)).
+    const originalSetToken = discordClient.rest.setToken.bind(discordClient.rest);
+    discordClient.rest.setToken = (newToken) => {
+        if (!newToken && discordClient.token !== null) {
+            discordLogger.warn('[REST] Blocked token nullification from 401 response');
+            return discordClient.rest;
+        }
+        return originalSetToken(newToken);
+    };
     const handleShutdown = async (signal, { skipExit = false } = {}) => {
         discordLogger.log(`Received ${signal}, cleaning up...`);
         if (global.shuttingDown) {

package/dist/opencode-interrupt-plugin.js

@@ -190,19 +190,25 @@ const interruptOpencodeSessionOnUserMessage = async (ctx) => {
     }
     return {
         async event({ event }) {
-            // When an assistant message starts processing a queued user message
-            // (parentID match), cancel its interrupt timer: the message began running
-            // normally within the timeout window, so there is nothing to interrupt.
+            // Clear timer even for errored assistant messages — the LLM processed it.
             if (event.type === 'message.updated' && event.properties.info.role === 'assistant') {
-                if (!event.properties.info.error) {
-                    clearPending(event.properties.info.parentID);
-                }
+                clearPending(event.properties.info.parentID);
                 return;
             }
             if (event.type === 'session.deleted') {
                 log('debug', 'session deleted, cleaning up', { sessionID: event.properties.info.id });
                 cleanupSession(event.properties.info.id);
             }
+            // Clear stale timers so they don't abort a later unrelated generation.
+            // Skip when an interrupt is in flight — abort sets the session idle
+            // synchronously, and cleaning up here would drop the pending replay.
+            if (event.type === 'session.idle') {
+                const idleSessionID = event.properties.sessionID;
+                if (interrupting.has(idleSessionID))
+                    return;
+                log('debug', 'session idle, clearing pending timers', { sessionID: idleSessionID });
+                cleanupSession(idleSessionID);
+            }
         },
         async 'chat.message'(input, output) {
             const sessionID = input.sessionID;

package/dist/opencode.js

@@ -22,6 +22,7 @@ import readline from 'node:readline';
 import { fileURLToPath } from 'node:url';
 const __dirname = path.dirname(fileURLToPath(import.meta.url));
 import { createOpencodeClient, } from '@opencode-ai/sdk/v2';
+import { restartGlobalEventListener } from './session-handler/global-event-listener.js';
 import { getDataDir, getLockPort, } from './config.js';
 import { store } from './store.js';
 import { getHranaUrl } from './hrana-server.js';
@@ -521,6 +522,12 @@ async function startSingleServer({ directory, } = {}) {
                 },
             },
         },
+        // When a permission prompt times out and is auto-rejected, the model sees
+        // the rejection as a tool error and continues working (tries alternatives
+        // or explains it couldn't proceed) instead of the session going dead.
+        experimental: {
+            continue_loop_on_deny: true,
+        },
         skills: {
             paths: [path.resolve(__dirname, '..', 'skills')],
         },
@@ -680,10 +687,18 @@ function getOrCreateClient({ baseUrl, directory, }) {
         // @ts-ignore
         timeout: false,
     });
+    const serverPassword = process.env.OPENCODE_SERVER_PASSWORD;
+    const serverUsername = process.env.OPENCODE_SERVER_USERNAME || 'opencode';
+    const authHeaders = {};
+    if (serverPassword) {
+        const encoded = Buffer.from(`${serverUsername}:${serverPassword}`).toString('base64');
+        authHeaders['Authorization'] = `Basic ${encoded}`;
+    }
     const client = createOpencodeClient({
         baseUrl,
         directory,
         fetch: fetchWithTimeout,
+        headers: authHeaders,
     });
     clientCache.set(directory, client);
     return client;
@@ -920,6 +935,9 @@ export function readInjectionGuardConfig({ sessionId }) {
 export function getOpencodeServerPort(_directory) {
     return singleServer?.port ?? null;
 }
+export function getOpencodeServerBaseUrl() {
+    return singleServer?.baseUrl ?? null;
+}
 export function getOpencodeClient(directory) {
     if (!singleServer) {
         return null;
@@ -981,6 +999,10 @@ export async function stopOpencodeServer() {
     singleServer = null;
     clientCache.clear();
     serverRetryCount = 0;
+    // Don't dispose the global listener here — it will reconnect when
+    // the server restarts. Only abort the current SSE connection so it
+    // doesn't hang on a dead server.
+    restartGlobalEventListener();
     await new Promise((resolve) => {
         setTimeout(resolve, 1000);
     });

package/dist/queue-advanced-action-buttons.e2e.test.js

@@ -128,6 +128,7 @@ describe('queue advanced: action buttons', () => {
         **Action Required**
         _Selected: Continue action-buttons flow_
         [user clicks button]
+        » **queue-action-tester:** Continue action-buttons flow
         ⬥ action-buttons-click-continued
         *project ⋅ main ⋅ Ns ⋅ N% ⋅ deterministic-v2*"
       `);

package/dist/queue-question-select-drain.e2e.test.js

@@ -129,6 +129,7 @@ describe('queue drain after question select answer', () => {
         » **question-select-tester:** Reply with exactly: post-question-drain
         Queued message (position 1)
         [user selects dropdown: 0]
+        » **question-select-tester:** Alpha
         ⬥ ok
         *project ⋅ main ⋅ Ns ⋅ N% ⋅ deterministic-v2*"
       `);
@@ -244,6 +245,7 @@ describe('queue drain after question select answer', () => {
         [user interaction]
         Queued message (position 1)
         [user selects dropdown: 0]
+        » **question-select-tester:** Alpha
         ⬥ slow-response-started
         *project ⋅ main ⋅ Ns ⋅ N% ⋅ deterministic-v2*
         » **question-select-tester:** Reply with exactly: post-question-second