kimaki 0.4.71 → 0.4.72

package/dist/cli.js

@@ -16,7 +16,7 @@ import { Events, ChannelType, REST, Routes, SlashCommandBuilder, AttachmentBuild
 import path from 'node:path';
 import fs from 'node:fs';
 import * as errore from 'errore';
-import { createLogger, formatErrorWithStack, LogPrefix } from './logger.js';
+import { createLogger, formatErrorWithStack, initLogFile, LogPrefix } from './logger.js';
 import { initSentry, notifyError } from './sentry.js';
 import { archiveThread, uploadFilesToDiscord, stripMentions, } from './discord-utils.js';
 import { spawn, execSync } from 'node:child_process';
@@ -1120,6 +1120,8 @@ cli
             setDataDir(options.dataDir);
             cliLogger.log(`Using data directory: ${getDataDir()}`);
         }
+        // Initialize file logging to <dataDir>/kimaki.log
+        initLogFile(getDataDir());
         if (options.verbosity) {
             const validLevels = [
                 'tools-and-text',

package/dist/commands/queue.js

@@ -2,7 +2,7 @@
 import { ChannelType, MessageFlags } from 'discord.js';
 import { getThreadSession } from '../database.js';
 import { resolveWorkingDirectory, sendThreadMessage, SILENT_MESSAGE_FLAGS, } from '../discord-utils.js';
-import { handleOpencodeSession, abortControllers, addToQueue, getQueueLength, clearQueue, } from '../session-handler.js';
+import { handleOpencodeSession, abortControllers, addToQueue, getQueueLength, clearQueue, queueOrSendMessage, } from '../session-handler.js';
 import { createLogger, LogPrefix } from '../logger.js';
 import { notifyError } from '../sentry.js';
 import { registeredUserCommands } from '../config.js';
@@ -29,67 +29,38 @@ export async function handleQueueCommand({ command, appId, }) {
         });
         return;
     }
-    const sessionId = await getThreadSession(channel.id);
-    if (!sessionId) {
+    const result = await queueOrSendMessage({
+        thread: channel,
+        prompt: message,
+        userId: command.user.id,
+        username: command.user.displayName,
+        appId,
+    });
+    if (result.action === 'no-session') {
         await command.reply({
             content: 'No active session in this thread. Send a message directly instead.',
             flags: MessageFlags.Ephemeral | SILENT_MESSAGE_FLAGS,
         });
         return;
     }
-    // Check if there's an active request running
-    const existingController = abortControllers.get(sessionId);
-    const hasActiveRequest = Boolean(existingController && !existingController.signal.aborted);
-    if (existingController && existingController.signal.aborted) {
-        abortControllers.delete(sessionId);
-    }
-    if (!hasActiveRequest) {
-        // No active request, send immediately
-        const resolved = await resolveWorkingDirectory({
-            channel: channel,
+    if (result.action === 'no-directory') {
+        await command.reply({
+            content: 'Could not determine project directory',
+            flags: MessageFlags.Ephemeral | SILENT_MESSAGE_FLAGS,
         });
-        if (!resolved) {
-            await command.reply({
-                content: 'Could not determine project directory',
-                flags: MessageFlags.Ephemeral | SILENT_MESSAGE_FLAGS,
-            });
-            return;
-        }
+        return;
+    }
+    if (result.action === 'sent') {
         await command.reply({
             content: `» **${command.user.displayName}:** ${message.slice(0, 100)}${message.length > 100 ? '...' : ''}`,
             flags: SILENT_MESSAGE_FLAGS,
         });
-        logger.log(`[QUEUE] No active request, sending immediately in thread ${channel.id}`);
-        handleOpencodeSession({
-            prompt: message,
-            thread: channel,
-            projectDirectory: resolved.projectDirectory,
-            channelId: channel.parentId || channel.id,
-            appId,
-        }).catch(async (e) => {
-            logger.error(`[QUEUE] Failed to send message:`, e);
-            void notifyError(e, 'Queue: failed to send message');
-            const errorMsg = e instanceof Error ? e.message : String(e);
-            await sendThreadMessage(channel, `✗ Failed: ${errorMsg.slice(0, 200)}`);
-        });
         return;
     }
-    // Add to queue
-    const queuePosition = addToQueue({
-        threadId: channel.id,
-        message: {
-            prompt: message,
-            userId: command.user.id,
-            username: command.user.displayName,
-            queuedAt: Date.now(),
-            appId,
-        },
-    });
     await command.reply({
-        content: `✅ Message queued (position: ${queuePosition}). Will be sent after current response.`,
+        content: `Message queued (position: ${result.position}). Will be sent after current response.`,
         flags: MessageFlags.Ephemeral | SILENT_MESSAGE_FLAGS,
     });
-    logger.log(`[QUEUE] User ${command.user.displayName} queued message in thread ${channel.id}`);
 }
 export async function handleClearQueueCommand({ command, }) {
     const channel = command.channel;

package/dist/condense-memory.js

@@ -0,0 +1,33 @@
+// Utility to condense MEMORY.md into a line-numbered table of contents.
+// Separated from opencode-plugin.ts because OpenCode's plugin loader calls
+// every exported function in the module as a plugin initializer — exporting
+// this utility from the plugin entry file caused it to be invoked with a
+// PluginInput object instead of a string, crashing inside marked's Lexer.
+import { Lexer } from 'marked';
+/**
+ * Condense MEMORY.md into a line-numbered table of contents.
+ * Parses markdown AST with marked's Lexer, emits each heading prefixed by
+ * its source line number, and collapses non-heading content to `...`.
+ * The agent can then use Read with offset/limit to read specific sections.
+ */
+export function condenseMemoryMd(content) {
+    const tokens = new Lexer().lex(content);
+    const lines = [];
+    let charOffset = 0;
+    let lastWasEllipsis = false;
+    for (const token of tokens) {
+        // Compute 1-based line number from character offset
+        const lineNumber = content.slice(0, charOffset).split('\n').length;
+        if (token.type === 'heading') {
+            const prefix = '#'.repeat(token.depth);
+            lines.push(`${lineNumber}: ${prefix} ${token.text}`);
+            lastWasEllipsis = false;
+        }
+        else if (!lastWasEllipsis) {
+            lines.push('...');
+            lastWasEllipsis = true;
+        }
+        charOffset += token.raw.length;
+    }
+    return lines.join('\n');
+}

package/dist/database.js

@@ -460,27 +460,29 @@ export async function getThreadWorktree(threadId) {
  */
 export async function createPendingWorktree({ threadId, worktreeName, projectDirectory, }) {
     const prisma = await getPrisma();
-    await prisma.thread_sessions.upsert({
-        where: { thread_id: threadId },
-        create: { thread_id: threadId, session_id: '' },
-        update: {},
-    });
-    await prisma.thread_worktrees.upsert({
-        where: { thread_id: threadId },
-        create: {
-            thread_id: threadId,
-            worktree_name: worktreeName,
-            project_directory: projectDirectory,
-            status: 'pending',
-        },
-        update: {
-            worktree_name: worktreeName,
-            project_directory: projectDirectory,
-            status: 'pending',
-            worktree_directory: null,
-            error_message: null,
-        },
-    });
+    await prisma.$transaction([
+        prisma.thread_sessions.upsert({
+            where: { thread_id: threadId },
+            create: { thread_id: threadId, session_id: '' },
+            update: {},
+        }),
+        prisma.thread_worktrees.upsert({
+            where: { thread_id: threadId },
+            create: {
+                thread_id: threadId,
+                worktree_name: worktreeName,
+                project_directory: projectDirectory,
+                status: 'pending',
+            },
+            update: {
+                worktree_name: worktreeName,
+                project_directory: projectDirectory,
+                status: 'pending',
+                worktree_directory: null,
+                error_message: null,
+            },
+        }),
+    ]);
 }
 /**
  * Mark a worktree as ready with its directory.

package/dist/db.test.js

@@ -2,6 +2,7 @@
 // Auto-isolated via VITEST guards in config.ts (temp data dir) and db.ts (clears KIMAKI_DB_URL).
 import { afterAll, describe, expect, test } from 'vitest';
 import { getPrisma, closePrisma } from './db.js';
+import { createPendingWorktree } from './database.js';
 afterAll(async () => {
     await closePrisma();
 });
@@ -22,4 +23,27 @@ describe('getPrisma', () => {
             where: { thread_id: 'test-thread-123' },
         });
     });
+    test('createPendingWorktree creates parent and child rows', async () => {
+        const prisma = await getPrisma();
+        const threadId = `test-worktree-${Date.now()}`;
+        await createPendingWorktree({
+            threadId,
+            worktreeName: 'regression-worktree',
+            projectDirectory: '/tmp/regression-project',
+        });
+        const session = await prisma.thread_sessions.findUnique({
+            where: { thread_id: threadId },
+        });
+        expect(session).toBeTruthy();
+        expect(session?.session_id).toBe('');
+        const worktree = await prisma.thread_worktrees.findUnique({
+            where: { thread_id: threadId },
+        });
+        expect(worktree).toBeTruthy();
+        expect(worktree?.worktree_name).toBe('regression-worktree');
+        expect(worktree?.project_directory).toBe('/tmp/regression-project');
+        expect(worktree?.status).toBe('pending');
+        await prisma.thread_worktrees.delete({ where: { thread_id: threadId } });
+        await prisma.thread_sessions.delete({ where: { thread_id: threadId } });
+    });
 });

package/dist/discord-bot.js

@@ -6,14 +6,14 @@ import { initializeOpencodeForDirectory, getOpencodeServers, } from './opencode.
 import { formatWorktreeName } from './commands/worktree.js';
 import { WORKTREE_PREFIX } from './commands/merge-worktree.js';
 import { createWorktreeWithSubmodules } from './worktree-utils.js';
-import { escapeBackticksInCodeBlocks, splitMarkdownForDiscord, SILENT_MESSAGE_FLAGS, reactToThread, stripMentions, hasKimakiBotPermission, hasNoKimakiRole, } from './discord-utils.js';
+import { escapeBackticksInCodeBlocks, splitMarkdownForDiscord, sendThreadMessage, SILENT_MESSAGE_FLAGS, reactToThread, stripMentions, hasKimakiBotPermission, hasNoKimakiRole, } from './discord-utils.js';
 import { getOpencodeSystemMessage, } from './system-message.js';
 import yaml from 'js-yaml';
 import { getFileAttachments, getTextAttachments, resolveMentions, } from './message-formatting.js';
 import { ensureKimakiCategory, ensureKimakiAudioCategory, createProjectChannels, getChannelsWithDescriptions, } from './channel-management.js';
 import { voiceConnections, cleanupVoiceConnection, processVoiceAttachment, registerVoiceStateHandler, } from './voice-handler.js';
 import { getCompactSessionContext, getLastSessionId } from './markdown.js';
-import { handleOpencodeSession, signalThreadInterrupt, } from './session-handler.js';
+import { handleOpencodeSession, signalThreadInterrupt, queueOrSendMessage, abortControllers, } from './session-handler.js';
 import { runShellCommand } from './commands/run-command.js';
 import { registerInteractionHandler } from './interaction-handler.js';
 import { stopHranaServer } from './hrana-server.js';
@@ -303,10 +303,41 @@ export async function startDiscordBot({ token, appId, discordClient, useWorktree
                 }
                 // Chain onto per-thread queue so messages (voice transcription + text)
                 // are processed in Discord arrival order, not completion order.
+                const hasVoiceAttachment = message.attachments.some((a) => {
+                    return a.contentType?.startsWith('audio/');
+                });
                 const prev = threadMessageQueue.get(thread.id);
-                if (prev) {
+                // Snapshot active request state NOW, before prev task finishes.
+                // Voice messages skip the eager interrupt so the session stays alive during
+                // transcription. But processThreadMessage is serialized behind prev, so by
+                // the time it runs the prev task may have finished and the controller is gone.
+                // This snapshot lets queueOrSendMessage know there WAS an active request
+                // when the voice message arrived, so it should queue even if the controller
+                // is no longer active.
+                // Conservative: if prev exists, something is actively being processed, so
+                // we treat it as having an active request (avoids race where the async
+                // getThreadSession call lets the prev task finish first).
+                const hadActiveRequestOnArrival = await (async () => {
+                    if (!hasVoiceAttachment) {
+                        return false;
+                    }
+                    if (prev) {
+                        return true;
+                    }
+                    const sid = await getThreadSession(thread.id);
+                    if (!sid) {
+                        return false;
+                    }
+                    const controller = abortControllers.get(sid);
+                    return Boolean(controller && !controller.signal.aborted);
+                })();
+                if (prev && !hasVoiceAttachment) {
                     // Another message is being processed — abort it immediately so this
                     // queued message can start as soon as possible.
+                    // Voice messages are excluded: they need transcription first to detect
+                    // "queue this message" intent. Interrupting before transcription would
+                    // abort the running session, making queueOrSendMessage see no active
+                    // request and send immediately instead of queueing.
                     const sdkDirectory = worktreeInfo?.status === 'ready' && worktreeInfo.worktree_directory
                         ? worktreeInfo.worktree_directory
                         : projectDirectory;
@@ -335,14 +366,18 @@ export async function startDiscordBot({ token, appId, discordClient, useWorktree
                             return;
                         }
                         let prompt = resolveMentions(message);
-                        const transcription = await processVoiceAttachment({
+                        const voiceResult = await processVoiceAttachment({
                             message,
                             thread,
                             projectDirectory,
                             appId: currentAppId,
                         });
-                        if (transcription) {
-                            prompt = `Voice message transcription from Discord user:\n\n${transcription}`;
+                        if (voiceResult) {
+                            prompt = `Voice message transcription from Discord user:\n\n${voiceResult.transcription}`;
+                        }
+                        // If voice transcription failed and there's no text content, bail out
+                        if (hasVoiceAttachment && !voiceResult && !prompt.trim()) {
+                            return;
                         }
                         const starterMessage = await thread
                             .fetchStarterMessage()
@@ -426,7 +461,7 @@ export async function startDiscordBot({ token, appId, discordClient, useWorktree
                             void notifyError(e, 'Failed to get session context');
                         }
                     }
-                    const transcription = await processVoiceAttachment({
+                    const voiceResult = await processVoiceAttachment({
                         message,
                         thread,
                         projectDirectory,
@@ -434,8 +469,58 @@ export async function startDiscordBot({ token, appId, discordClient, useWorktree
                         currentSessionContext,
                         lastSessionContext,
                     });
-                    if (transcription) {
-                        messageContent = `Voice message transcription from Discord user:\n\n${transcription}`;
+                    if (voiceResult) {
+                        messageContent = `Voice message transcription from Discord user:\n\n${voiceResult.transcription}`;
+                    }
+                    // If voice transcription failed (returned null) and there's no text content,
+                    // bail out — don't fire deferred interrupt or send an empty prompt.
+                    if (hasVoiceAttachment && !voiceResult && !messageContent.trim()) {
+                        return;
+                    }
+                    // If the transcription model detected "queue this message" intent,
+                    // use queueOrSendMessage instead of sending immediately.
+                    if (voiceResult?.queueMessage) {
+                        const fileAttachments = await getFileAttachments(message);
+                        const textAttachmentsContent = await getTextAttachments(message);
+                        const promptWithAttachments = textAttachmentsContent
+                            ? `${messageContent}\n\n${textAttachmentsContent}`
+                            : messageContent;
+                        const username = cliInjectedUsername ||
+                            message.member?.displayName ||
+                            message.author.displayName;
+                        const result = await queueOrSendMessage({
+                            thread,
+                            prompt: promptWithAttachments,
+                            userId: isCliInjectedPrompt
+                                ? cliInjectedUserId || message.author.id
+                                : message.author.id,
+                            username,
+                            appId: currentAppId,
+                            images: fileAttachments,
+                            forceQueue: hadActiveRequestOnArrival,
+                        });
+                        if (result.action === 'queued') {
+                            await sendThreadMessage(thread, `Queued (position: ${result.position}). Will be sent after current response.`);
+                            return;
+                        }
+                        if (result.action === 'sent') {
+                            return;
+                        }
+                        // no-session / no-directory: fall through to normal handleOpencodeSession flow
+                    }
+                    // For voice messages without queue intent, we deferred the interrupt
+                    // until after transcription (to preserve active-request state for queue
+                    // detection). Now that we know it's not a queue message, signal the
+                    // interrupt so the running session aborts before the new prompt is sent.
+                    if (hasVoiceAttachment && !voiceResult?.queueMessage) {
+                        const sdkDirectory = worktreeInfo?.status === 'ready' && worktreeInfo.worktree_directory
+                            ? worktreeInfo.worktree_directory
+                            : projectDirectory;
+                        signalThreadInterrupt({
+                            threadId: thread.id,
+                            serverDirectory: projectDirectory,
+                            sdkDirectory,
+                        });
                     }
                     const fileAttachments = await getFileAttachments(message);
                     const textAttachmentsContent = await getTextAttachments(message);
@@ -567,15 +652,19 @@ export async function startDiscordBot({ token, appId, discordClient, useWorktree
                     }
                 }
                 let messageContent = resolveMentions(message);
-                const transcription = await processVoiceAttachment({
+                const voiceResult = await processVoiceAttachment({
                     message,
                     thread,
                     projectDirectory: sessionDirectory,
                     isNewThread: true,
                     appId: currentAppId,
                 });
-                if (transcription) {
-                    messageContent = `Voice message transcription from Discord user:\n\n${transcription}`;
+                if (voiceResult) {
+                    messageContent = `Voice message transcription from Discord user:\n\n${voiceResult.transcription}`;
+                }
+                // If voice transcription failed and there's no text content, bail out
+                if (hasVoice && !voiceResult && !messageContent.trim()) {
+                    return;
                 }
                 const fileAttachments = await getFileAttachments(message);
                 const textAttachmentsContent = await getTextAttachments(message);

package/dist/discord-utils.js

@@ -1,7 +1,7 @@
 // Discord-specific utility functions.
 // Handles markdown splitting for Discord's 2000-char limit, code block escaping,
 // thread message sending, and channel metadata extraction from topic tags.
-import { ChannelType, MessageFlags, PermissionsBitField, } from 'discord.js';
+import { ChannelType, GuildMember, MessageFlags, PermissionsBitField, } from 'discord.js';
 import { REST, Routes } from 'discord.js';
 import { Lexer } from 'marked';
 import { splitTablesFromMarkdown } from './format-tables.js';
@@ -20,25 +20,42 @@ const discordLogger = createLogger(LogPrefix.DISCORD);
  * - Server owner, Administrator, Manage Server, or "Kimaki" role (case-insensitive).
  * Returns false if member is null or has the "no-kimaki" role (overrides all).
  */
-export function hasKimakiBotPermission(member) {
+export function hasKimakiBotPermission(member, guild) {
     if (!member) {
         return false;
     }
-    // interaction.member can be an APIInteractionGuildMember (plain object)
-    // instead of a hydrated GuildMember class instance, so roles.cache may not exist
-    if (!member.roles?.cache) {
-        return false;
-    }
-    const hasNoKimakiRole = member.roles.cache.some((role) => role.name.toLowerCase() === 'no-kimaki');
+    const hasNoKimakiRole = hasRoleByName(member, 'no-kimaki', guild);
     if (hasNoKimakiRole) {
         return false;
     }
-    const isOwner = member.id === member.guild.ownerId;
-    const isAdmin = member.permissions.has(PermissionsBitField.Flags.Administrator);
-    const canManageServer = member.permissions.has(PermissionsBitField.Flags.ManageGuild);
-    const hasKimakiRole = member.roles.cache.some((role) => role.name.toLowerCase() === 'kimaki');
+    const memberPermissions = member instanceof GuildMember
+        ? member.permissions
+        : new PermissionsBitField(BigInt(member.permissions));
+    const ownerId = member instanceof GuildMember ? member.guild.ownerId : guild?.ownerId;
+    const memberId = member instanceof GuildMember ? member.id : member.user.id;
+    const isOwner = ownerId ? memberId === ownerId : false;
+    const isAdmin = memberPermissions.has(PermissionsBitField.Flags.Administrator);
+    const canManageServer = memberPermissions.has(PermissionsBitField.Flags.ManageGuild);
+    const hasKimakiRole = hasRoleByName(member, 'kimaki', guild);
     return isOwner || isAdmin || canManageServer || hasKimakiRole;
 }
+function hasRoleByName(member, roleName, guild) {
+    const target = roleName.toLowerCase();
+    if (member instanceof GuildMember) {
+        return member.roles.cache.some((role) => role.name.toLowerCase() === target);
+    }
+    if (!guild) {
+        return false;
+    }
+    const roleIds = Array.isArray(member.roles) ? member.roles : [];
+    for (const roleId of roleIds) {
+        const role = guild.roles.cache.get(roleId);
+        if (role?.name.toLowerCase() === target) {
+            return true;
+        }
+    }
+    return false;
+}
 /**
  * Check if the member has the "no-kimaki" role that blocks bot access.
  * Separate from hasKimakiBotPermission so callers can show a specific error message.

package/dist/discord-utils.test.js

@@ -1,5 +1,6 @@
+import { PermissionsBitField } from 'discord.js';
 import { describe, expect, test } from 'vitest';
-import { splitMarkdownForDiscord } from './discord-utils.js';
+import { hasKimakiBotPermission, splitMarkdownForDiscord } from './discord-utils.js';
 describe('splitMarkdownForDiscord', () => {
     test('never returns chunks over the max length with code fences', () => {
         const maxLength = 2000;
@@ -69,3 +70,46 @@ describe('splitMarkdownForDiscord', () => {
     `);
     });
 });
+describe('hasKimakiBotPermission', () => {
+    test('allows API interaction member when kimaki role exists', () => {
+        const kimakiRoleId = '111';
+        const guild = {
+            ownerId: 'owner-id',
+            roles: {
+                cache: new Map([
+                    [kimakiRoleId, { id: kimakiRoleId, name: 'Kimaki' }],
+                ]),
+            },
+        };
+        const member = {
+            user: { id: 'member-id' },
+            permissions: '0',
+            roles: [kimakiRoleId],
+        };
+        expect(hasKimakiBotPermission(member, guild)).toBe(true);
+    });
+    test('allows API interaction member with ManageGuild permission', () => {
+        const guild = {
+            ownerId: 'owner-id',
+            roles: { cache: new Map() },
+        };
+        const member = {
+            user: { id: 'member-id' },
+            permissions: PermissionsBitField.Flags.ManageGuild.toString(),
+            roles: [],
+        };
+        expect(hasKimakiBotPermission(member, guild)).toBe(true);
+    });
+    test('denies API interaction member with no role, owner, or admin rights', () => {
+        const guild = {
+            ownerId: 'owner-id',
+            roles: { cache: new Map() },
+        };
+        const member = {
+            user: { id: 'member-id' },
+            permissions: '0',
+            roles: [],
+        };
+        expect(hasKimakiBotPermission(member, guild)).toBe(false);
+    });
+});

package/dist/interaction-handler.js

@@ -72,7 +72,7 @@ export function registerInteractionHandler({ discordClient, appId, }) {
             }
             if (interaction.isChatInputCommand()) {
                 interactionLogger.log(`[COMMAND] Processing: ${interaction.commandName}`);
-                if (!hasKimakiBotPermission(interaction.member)) {
+                if (!hasKimakiBotPermission(interaction.member, interaction.guild)) {
                     await interaction.reply({
                         content: `You don't have permission to use this command.\nTo use Kimaki, ask a server admin to give you the **Kimaki** role.`,
                         flags: MessageFlags.Ephemeral,
@@ -204,7 +204,7 @@ export function registerInteractionHandler({ discordClient, appId, }) {
                 return;
             }
             if (interaction.isButton()) {
-                if (!hasKimakiBotPermission(interaction.member)) {
+                if (!hasKimakiBotPermission(interaction.member, interaction.guild)) {
                     await interaction.reply({
                         content: `You don't have permission to use this.\nTo use Kimaki, ask a server admin to give you the **Kimaki** role.`,
                         flags: MessageFlags.Ephemeral,
@@ -233,7 +233,7 @@ export function registerInteractionHandler({ discordClient, appId, }) {
                 return;
             }
             if (interaction.isStringSelectMenu()) {
-                if (!hasKimakiBotPermission(interaction.member)) {
+                if (!hasKimakiBotPermission(interaction.member, interaction.guild)) {
                     await interaction.reply({
                         content: `You don't have permission to use this.\nTo use Kimaki, ask a server admin to give you the **Kimaki** role.`,
                         flags: MessageFlags.Ephemeral,
@@ -280,7 +280,7 @@ export function registerInteractionHandler({ discordClient, appId, }) {
                 return;
             }
             if (interaction.isModalSubmit()) {
-                if (!hasKimakiBotPermission(interaction.member)) {
+                if (!hasKimakiBotPermission(interaction.member, interaction.guild)) {
                     await interaction.reply({
                         content: `You don't have permission to use this.\nTo use Kimaki, ask a server admin to give you the **Kimaki** role.`,
                         flags: MessageFlags.Ephemeral,

package/dist/logger.js

@@ -3,10 +3,10 @@
 // output interleaving from concurrent async operations.
 import { log as clackLog } from '@clack/prompts';
 import fs from 'node:fs';
-import path, { dirname } from 'node:path';
-import { fileURLToPath } from 'node:url';
+import path from 'node:path';
 import util from 'node:util';
 import pc from 'picocolors';
+import { sanitizeSensitiveText, sanitizeUnknownValue } from './privacy-sanitizer.js';
 // All known log prefixes - add new ones here to keep alignment consistent
 export const LogPrefix = {
     ABORT: 'ABORT',
@@ -51,36 +51,55 @@ export const LogPrefix = {
 };
 // compute max length from all known prefixes for alignment
 const MAX_PREFIX_LENGTH = Math.max(...Object.values(LogPrefix).map((p) => p.length));
-const __filename = fileURLToPath(import.meta.url);
-const __dirname = dirname(__filename);
-const isDev = !__dirname.includes('node_modules');
-const logFilePath = path.join(__dirname, '..', 'kimaki.log');
-// reset log file on startup in dev mode
-if (isDev) {
+// Log file path is set by initLogFile() after the data directory is known.
+// Before initLogFile() is called, file logging is skipped.
+let logFilePath = null;
+/**
+ * Initialize file logging. Call this after setDataDir() so the log file
+ * is written to `<dataDir>/kimaki.log`. The log file is truncated on
+ * every bot startup so it contains only the current run's logs.
+ */
+export function initLogFile(dataDir) {
+    logFilePath = path.join(dataDir, 'kimaki.log');
     const logDir = path.dirname(logFilePath);
     if (!fs.existsSync(logDir)) {
         fs.mkdirSync(logDir, { recursive: true });
     }
     fs.writeFileSync(logFilePath, `--- kimaki log started at ${new Date().toISOString()} ---\n`);
 }
+/**
+ * Set the log file path without truncating. Use this in child processes
+ * (like the opencode plugin) that should append to the same log file
+ * the bot process already created with initLogFile().
+ */
+export function setLogFilePath(dataDir) {
+    logFilePath = path.join(dataDir, 'kimaki.log');
+}
+export function getLogFilePath() {
+    return logFilePath;
+}
 function formatArg(arg) {
     if (typeof arg === 'string') {
-        return arg;
+        return sanitizeSensitiveText(arg, { redactPaths: false });
     }
-    return util.inspect(arg, { colors: true, depth: 4 });
+    const safeArg = sanitizeUnknownValue(arg, { redactPaths: false });
+    return util.inspect(safeArg, { colors: true, depth: 4 });
 }
 export function formatErrorWithStack(error) {
     if (error instanceof Error) {
-        return error.stack ?? `${error.name}: ${error.message}`;
+        return sanitizeSensitiveText(error.stack ?? `${error.name}: ${error.message}`, { redactPaths: false });
     }
     if (typeof error === 'string') {
-        return error;
+        return sanitizeSensitiveText(error, { redactPaths: false });
     }
     // Keep this stable and safe for unknown values (handles circular structures).
-    return util.inspect(error, { colors: false, depth: 4 });
+    const safeError = sanitizeUnknownValue(error, { redactPaths: false });
+    return sanitizeSensitiveText(util.inspect(safeError, { colors: false, depth: 4 }), {
+        redactPaths: false,
+    });
 }
 function writeToFile(level, prefix, args) {
-    if (!isDev) {
+    if (!logFilePath) {
         return;
     }
     const timestamp = new Date().toISOString();