kimiflare 0.50.1 → 0.51.0

package/dist/index.js

@@ -2467,6 +2467,7 @@ Use console.log() to return results. Only console.log output will be sent back t
   let cumulativePromptTokens = 0;
   let iter = 0;
   let budgetExhausted = false;
+  let loopExhausted = false;
   while (true) {
     if (budgetExhausted) {
       opts2.messages.push({
@@ -2474,6 +2475,12 @@ Use console.log() to return results. Only console.log output will be sent back t
         content: "You have reached the cumulative input token budget for this session. Please synthesize your findings and provide a final summary of what was accomplished."
       });
     }
+    if (loopExhausted) {
+      opts2.messages.push({
+        role: "system",
+        content: "You have repeatedly called the same tools with identical arguments and are stuck in a loop. Please synthesize what you know from the conversation history and provide a final answer."
+      });
+    }
     if (iter >= max) {
       if (opts2.callbacks.onToolLimitReached) {
         const decision = await opts2.callbacks.onToolLimitReached();
@@ -2651,6 +2658,7 @@ Use console.log() to return results. Only console.log output will be sent back t
       logger.info("turn:complete", { sessionId: opts2.sessionId, durationMs: Math.round(performance.now() - turnStart) });
       return;
     }
+    let blockedCount = 0;
     for (const tc of toolCalls) {
       if (opts2.signal.aborted) throw new DOMException("aborted", "AbortError");
       const loopSignature = `${tc.function.name}:${stableStringify(tc.function.arguments)}`;
@@ -2673,6 +2681,7 @@ Use console.log() to return results. Only console.log output will be sent back t
         opts2.callbacks.onToolResult?.(loopResult);
         recentToolCalls.push(loopSignature);
         if (recentToolCalls.length > LOOP_WINDOW) recentToolCalls.shift();
+        blockedCount++;
         continue;
       }
       if (tc.function.name === "web_fetch") {
@@ -2700,6 +2709,7 @@ Use console.log() to return results. Only console.log output will be sent back t
             opts2.callbacks.onToolResult?.(budgetResult);
             recentToolCalls.push(loopSignature);
             if (recentToolCalls.length > LOOP_WINDOW) recentToolCalls.shift();
+            blockedCount++;
             continue;
           }
           if (domainCount >= WEB_FETCH_DOMAIN_THRESHOLD) {
@@ -2720,6 +2730,7 @@ Use console.log() to return results. Only console.log output will be sent back t
             opts2.callbacks.onToolResult?.(loopResult);
             recentToolCalls.push(loopSignature);
             if (recentToolCalls.length > LOOP_WINDOW) recentToolCalls.shift();
+            blockedCount++;
             continue;
           }
           webFetchHistory.push({ url, domain });
@@ -2855,6 +2866,9 @@ ${sandboxResult.output}` : `${warningPrefix}${sandboxResult.output}`;
         if (recentToolCalls.length > LOOP_WINDOW) recentToolCalls.shift();
       }
     }
+    if (blockedCount === toolCalls.length && toolCalls.length > 0) {
+      loopExhausted = true;
+    }
     if (opts2.sessionId) {
       const current = driftAccumulator.get(opts2.sessionId) ?? 0;
       if (current > 0) {
@@ -2883,6 +2897,9 @@ ${sandboxResult.output}` : `${warningPrefix}${sandboxResult.output}`;
     if (budgetExhausted) {
       throw new BudgetExhaustedError();
     }
+    if (loopExhausted) {
+      throw new AgentLoopError();
+    }
   }
 }
 function validateToolArguments(raw) {
@@ -2894,7 +2911,7 @@ function validateToolArguments(raw) {
     return "{}";
   }
 }
-var BudgetExhaustedError, codeModeApiCache, driftAccumulator, DRIFT_THRESHOLD, MAX_PROMPT_TOKENS, MAX_TOOL_CONTENT_CHARS;
+var BudgetExhaustedError, AgentLoopError, codeModeApiCache, driftAccumulator, DRIFT_THRESHOLD, MAX_PROMPT_TOKENS, MAX_TOOL_CONTENT_CHARS;
 var init_loop = __esm({
   "src/agent/loop.ts"() {
     "use strict";
@@ -2913,6 +2930,12 @@ var init_loop = __esm({
         this.name = "BudgetExhaustedError";
       }
     };
+    AgentLoopError = class extends Error {
+      constructor(message2 = "Agent got stuck repeating the same tool calls") {
+        super(message2);
+        this.name = "AgentLoopError";
+      }
+    };
     codeModeApiCache = /* @__PURE__ */ new Map();
     driftAccumulator = /* @__PURE__ */ new Map();
     DRIFT_THRESHOLD = 5;
@@ -2953,88 +2976,47 @@ function isBlockedInPlanMode(toolName) {
   if (toolName === "browser_fetch") return true;
   return false;
 }
-function tokenizeCommand(command) {
-  const tokens = [];
-  let current = "";
-  let inQuote = null;
-  for (const ch of command) {
-    if (inQuote) {
-      if (ch === inQuote) {
-        inQuote = null;
-      } else {
-        current += ch;
-      }
+function getTokens(s) {
+  const toks = [];
+  let cur = "";
+  let q = null;
+  for (const ch of s) {
+    if (q) {
+      if (ch === q) q = null;
+      else cur += ch;
     } else if (ch === '"' || ch === "'") {
-      inQuote = ch;
+      q = ch;
     } else if (/\s/.test(ch)) {
-      if (current) {
-        tokens.push(current);
-        current = "";
+      if (cur) {
+        toks.push(cur);
+        cur = "";
       }
     } else {
-      current += ch;
+      cur += ch;
     }
   }
-  if (current) tokens.push(current);
-  return tokens;
+  if (cur) toks.push(cur);
+  return toks;
 }
-function splitByOperators(command, operators) {
-  const segments = [];
-  let current = "";
-  let inQuote = null;
-  for (let i = 0; i < command.length; i++) {
-    const ch = command[i];
-    if (inQuote) {
-      if (ch === inQuote) {
-        inQuote = null;
-      }
-      current += ch;
-      continue;
-    }
-    if (ch === '"' || ch === "'") {
-      inQuote = ch;
-      current += ch;
-      continue;
-    }
-    let matchedOp = false;
-    for (const op of operators) {
-      if (command.slice(i, i + op.length) === op) {
-        segments.push(current.trim());
-        current = "";
-        i += op.length - 1;
-        matchedOp = true;
-        break;
-      }
-    }
-    if (matchedOp) continue;
-    current += ch;
-  }
-  if (current.trim()) segments.push(current.trim());
-  return segments;
-}
-function isReadOnlyBashSegment(command) {
-  const trimmed = command.trim();
-  if (!trimmed) return false;
-  const tokens = tokenizeCommand(trimmed);
-  if (tokens.length === 0) return false;
-  const cmd = tokens[0];
-  const args = tokens.slice(1);
+function isReadOnlySegment(seg) {
+  const toks = getTokens(seg.trim());
+  if (toks.length === 0) return false;
+  const [cmd, sub, ...rest] = toks;
   if (cmd === "git") {
-    const sub = args[0] ?? "";
-    const allowed = GIT_READONLY_SUBCOMMANDS[sub];
+    const allowed = GIT_READONLY_SUBCOMMANDS[sub ?? ""];
     if (allowed === void 0) return false;
     if (allowed === true) return true;
     switch (sub) {
       case "branch":
-        return !args.some((a) => /^-[dDmMcC]/.test(a));
+        return !rest.some((a) => /^-[dDmMcC]/.test(a));
       case "stash":
-        return args[1] === "list";
+        return rest[0] === "list";
       case "remote":
-        return args[1] === "-v" || args[1] === "--verbose" || args.length === 1;
+        return rest[0] === "-v" || rest[0] === "--verbose" || rest.length === 0;
       case "tag":
-        return args[1] === "-l" || args[1] === "--list" || args.length === 1;
+        return rest[0] === "-l" || rest[0] === "--list" || rest.length === 0;
       case "config":
-        return args[1] === "--list" || args[1]?.startsWith("--get") === true || args.length === 1;
+        return rest[0] === "--list" || rest[0]?.startsWith("--get") === true || rest.length === 0;
       default:
         return false;
     }
@@ -3045,10 +3027,32 @@ function isReadOnlyBash(command) {
   const trimmed = command.trim();
   if (!trimmed) return false;
   if (DANGEROUS_PATTERNS.test(trimmed)) return false;
-  const segments = splitByOperators(trimmed, ["|", "&&"]);
-  if (segments.length === 0) return false;
-  for (const segment of segments) {
-    if (!isReadOnlyBashSegment(segment.trim())) return false;
+  const segs = [];
+  let cur = "";
+  let q = null;
+  for (let i = 0; i < trimmed.length; i++) {
+    const ch = trimmed[i];
+    if (q) {
+      if (ch === q) q = null;
+      cur += ch;
+    } else if (ch === '"' || ch === "'") {
+      q = ch;
+      cur += ch;
+    } else if (trimmed.slice(i, i + 2) === "&&") {
+      segs.push(cur);
+      cur = "";
+      i++;
+    } else if (ch === "|") {
+      segs.push(cur);
+      cur = "";
+    } else {
+      cur += ch;
+    }
+  }
+  if (cur.trim()) segs.push(cur);
+  if (segs.length === 0) return false;
+  for (const seg of segs) {
+    if (!isReadOnlySegment(seg.trim())) return false;
   }
   return true;
 }
@@ -6078,13 +6082,18 @@ __export(auth_exports, {
   registerDevice: () => registerDevice,
   saveCloudCredentials: () => saveCloudCredentials
 });
-import { readFile as readFile11, writeFile as writeFile8 } from "fs/promises";
-import { homedir as homedir9 } from "os";
+import { readFile as readFile11, writeFile as writeFile8, mkdir as mkdir8 } from "fs/promises";
+import { createHash } from "crypto";
+import { homedir as homedir9, hostname, userInfo } from "os";
 import { join as join15 } from "path";
 function cloudCredPath() {
   const xdg = process.env.XDG_CONFIG_HOME || join15(homedir9(), ".config");
   return join15(xdg, "kimiflare", "cloud.json");
 }
+function deviceIdPath() {
+  const xdg = process.env.XDG_DATA_HOME || join15(homedir9(), ".local", "share");
+  return join15(xdg, "kimiflare", "device_id");
+}
 function generateCode() {
   const chars = "ABCDEFGHJKLMNPQRSTUVWXYZ23456789";
   let out = "";
@@ -6093,16 +6102,51 @@ function generateCode() {
   }
   return out;
 }
-function generateDeviceId() {
+function deriveStableDeviceId() {
+  const seed = `${hostname()}:${userInfo().username}:${homedir9()}`;
+  const hash = createHash("sha256").update(seed).digest();
+  return hash.subarray(0, 16).toString("hex");
+}
+function generateRandomDeviceId() {
   const arr = new Uint8Array(16);
   crypto.getRandomValues(arr);
   return Array.from(arr, (b) => b.toString(16).padStart(2, "0")).join("");
 }
-function generateDeviceCodes() {
+async function getOrCreateDeviceId() {
+  try {
+    const raw = await readFile11(deviceIdPath(), "utf8");
+    const id = raw.trim();
+    if (/^[0-9a-f]{32}$/i.test(id)) return id;
+  } catch {
+  }
+  try {
+    const raw = await readFile11(cloudCredPath(), "utf8");
+    const parsed = JSON.parse(raw);
+    if (parsed.deviceId && /^[0-9a-f]{32}$/i.test(parsed.deviceId)) {
+      await persistDeviceId(parsed.deviceId);
+      return parsed.deviceId;
+    }
+  } catch {
+  }
+  let deviceId;
+  try {
+    deviceId = deriveStableDeviceId();
+  } catch {
+    deviceId = generateRandomDeviceId();
+  }
+  await persistDeviceId(deviceId);
+  return deviceId;
+}
+async function persistDeviceId(deviceId) {
+  const p = deviceIdPath();
+  await mkdir8(join15(p, ".."), { recursive: true });
+  await writeFile8(p, deviceId, { mode: 384 });
+}
+async function generateDeviceCodes() {
   const deviceCode = `device-${generateCode()}-${Date.now()}`;
   const userCode = `${generateCode()}-${generateCode()}`;
   const authUrl = `${CLOUD_API_URL}/auth?code=${encodeURIComponent(userCode)}`;
-  const deviceId = generateDeviceId();
+  const deviceId = await getOrCreateDeviceId();
   return { deviceCode, userCode, authUrl, deviceId };
 }
 async function registerDevice(codes) {
@@ -6157,6 +6201,10 @@ async function loadCloudCredentials() {
     const raw = await readFile11(cloudCredPath(), "utf8");
     const parsed = JSON.parse(raw);
     if (parsed.expiresAt && parsed.expiresAt > Date.now() / 1e3 && parsed.accessToken) {
+      if (parsed.deviceId) {
+        await persistDeviceId(parsed.deviceId).catch(() => {
+        });
+      }
       return parsed;
     }
   } catch {
@@ -6166,6 +6214,10 @@ async function loadCloudCredentials() {
 async function saveCloudCredentials(creds) {
   const p = cloudCredPath();
   await writeFile8(p, JSON.stringify(creds, null, 2), "utf8");
+  if (creds.deviceId) {
+    await persistDeviceId(creds.deviceId).catch(() => {
+    });
+  }
 }
 async function clearCloudCredentials() {
   try {
@@ -6173,9 +6225,14 @@ async function clearCloudCredentials() {
     await unlink5(cloudCredPath());
   } catch {
   }
+  try {
+    const { unlink: unlink5 } = await import("fs/promises");
+    await unlink5(deviceIdPath());
+  } catch {
+  }
 }
 async function authenticateDevice(onStatus) {
-  const codes = generateDeviceCodes();
+  const codes = await generateDeviceCodes();
   await registerDevice(codes);
   onStatus({ url: codes.authUrl, userCode: codes.userCode, polling: false });
   const startTime = Date.now();
@@ -8309,7 +8366,7 @@ __export(sessions_exports, {
   saveSession: () => saveSession,
   sessionsDir: () => sessionsDir2
 });
-import { readFile as readFile12, writeFile as writeFile9, mkdir as mkdir8, readdir as readdir3, stat as stat4 } from "fs/promises";
+import { readFile as readFile12, writeFile as writeFile9, mkdir as mkdir9, readdir as readdir3, stat as stat4 } from "fs/promises";
 import { homedir as homedir10 } from "os";
 import { join as join17 } from "path";
 function sessionsDir2() {
@@ -8333,7 +8390,7 @@ function makeSessionId(firstPrompt) {
 }
 async function saveSession(file) {
   const dir = sessionsDir2();
-  await mkdir8(dir, { recursive: true });
+  await mkdir9(dir, { recursive: true });
   const path = join17(dir, `${file.id}.json`);
   await writeFile9(path, JSON.stringify(file, null, 2), "utf8");
   return path;
@@ -8443,7 +8500,7 @@ var init_pricing = __esm({
 });
 
 // src/usage-tracker.ts
-import { readFile as readFile13, writeFile as writeFile10, mkdir as mkdir9 } from "fs/promises";
+import { readFile as readFile13, writeFile as writeFile10, mkdir as mkdir10 } from "fs/promises";
 import { homedir as homedir11 } from "os";
 import { join as join18 } from "path";
 function usageDir2() {
@@ -8473,7 +8530,7 @@ async function loadLog2() {
   return { version: LOG_VERSION2, days: [], sessions: [] };
 }
 async function saveLog(log2) {
-  await mkdir9(usageDir2(), { recursive: true });
+  await mkdir10(usageDir2(), { recursive: true });
   await writeFile10(usagePath2(), JSON.stringify(log2, null, 2), "utf8");
 }
 async function loadHistory() {
@@ -8502,7 +8559,7 @@ async function upsertHistoryDay(day) {
     entries.push(day);
   }
   const lines = entries.map((e) => JSON.stringify(e)).join("\n") + "\n";
-  await mkdir9(usageDir2(), { recursive: true });
+  await mkdir10(usageDir2(), { recursive: true });
   await writeFile10(historyPath(), lines, "utf8");
 }
 function getOrCreateDay(log2, date) {
@@ -8973,7 +9030,7 @@ var init_session = __esm({
           if (err.name === "AbortError") {
             this.emit({ type: "session.end", reason: "aborted" });
             this.emit({ type: "status", status: "idle" });
-          } else if (err instanceof BudgetExhaustedError) {
+          } else if (err instanceof BudgetExhaustedError || err instanceof AgentLoopError) {
             this.emit({ type: "session.end", reason: "error", error: err.message });
             this.emit({ type: "status", status: "error" });
             throw err;
@@ -12027,7 +12084,7 @@ function Onboarding({ onDone, onCancel }) {
   );
   const startCloudAuth = useCallback(async () => {
     try {
-      const codes = generateDeviceCodes();
+      const codes = await generateDeviceCodes();
       await registerDevice(codes);
       setCloudAuth({ phase: "ready", codes });
       setStep("cloudAuth");
@@ -12892,7 +12949,7 @@ var init_skills = __esm({
 });
 
 // src/skills/manager.ts
-import { mkdir as mkdir10, writeFile as writeFile11, unlink as unlink2, readFile as readFile15 } from "fs/promises";
+import { mkdir as mkdir11, writeFile as writeFile11, unlink as unlink2, readFile as readFile15 } from "fs/promises";
 import { join as join21 } from "path";
 import matter2 from "gray-matter";
 function getSkillDirs(cwd) {
@@ -12933,7 +12990,7 @@ ${yaml}
 
 Add your instructions here.
 `;
-  await mkdir10(dir, { recursive: true });
+  await mkdir11(dir, { recursive: true });
   await writeFile11(filepath, content, "utf8");
   return { filepath };
 }
@@ -13015,7 +13072,7 @@ var init_image = __esm({
 });
 
 // src/util/state.ts
-import { readFile as readFile17, writeFile as writeFile12, mkdir as mkdir11 } from "fs/promises";
+import { readFile as readFile17, writeFile as writeFile12, mkdir as mkdir12 } from "fs/promises";
 import { homedir as homedir13 } from "os";
 import { join as join22 } from "path";
 function statePath() {
@@ -13032,7 +13089,7 @@ async function readState() {
 }
 async function writeState(state) {
   const path = statePath();
-  await mkdir11(join22(path, ".."), { recursive: true });
+  await mkdir12(join22(path, ".."), { recursive: true });
   await writeFile12(path, JSON.stringify(state, null, 2) + "\n", "utf8");
 }
 async function markCreatorMessageSeen(version) {
@@ -13490,7 +13547,7 @@ var init_builtins = __esm({
 });
 
 // src/commands/save.ts
-import { mkdir as mkdir12, writeFile as writeFile13, unlink as unlink3 } from "fs/promises";
+import { mkdir as mkdir13, writeFile as writeFile13, unlink as unlink3 } from "fs/promises";
 import { dirname as dirname10 } from "path";
 async function saveCustomCommand(opts2) {
   const dir = opts2.source === "project" ? projectCommandsDir(opts2.cwd) : globalCommandsDir();
@@ -13502,7 +13559,7 @@ async function saveCustomCommand(opts2) {
   if (opts2.effort) data.effort = opts2.effort;
   const frontmatter = serializeFrontmatter(data);
   const content = frontmatter + opts2.template;
-  await mkdir12(dirname10(filepath), { recursive: true });
+  await mkdir13(dirname10(filepath), { recursive: true });
   await writeFile13(filepath, content, "utf8");
   return { filepath };
 }
@@ -18044,6 +18101,11 @@ ${wcagWarnings.join("\n")}` }
           ...es,
           { kind: "cloud_quota_exhausted", key: mkKey(), used, limit, expiresAt }
         ]);
+      } else if (e instanceof AgentLoopError) {
+        setEvents((es) => [
+          ...es,
+          { kind: "error", key: mkKey(), text: "The agent got stuck repeating the same actions. Here's what we know so far." }
+        ]);
       } else {
         const displayText = e instanceof KimiApiError ? humanizeCloudflareError(e) : `init failed: ${e.message}`;
         setEvents((es) => [
@@ -20434,6 +20496,11 @@ async function runPrintMode(opts2) {
       process.exitCode = 42;
       return;
     }
+    if (err instanceof AgentLoopError) {
+      process.stderr.write("\n\x1B[33m[Agent loop detected \u2014 exiting with code 43]\x1B[0m\n");
+      process.exitCode = 43;
+      return;
+    }
     if (err instanceof KimiApiError) {
       process.stderr.write(`
 \x1B[31mError: ${humanizeCloudflareError(err)}\x1B[0m