llm-cli-gateway 1.13.2 → 1.15.0

package/dist/prompt-parts.d.ts

@@ -1,25 +1,68 @@
 import { z } from "zod";
+export interface PromptPartsCacheControl {
+    system?: boolean;
+    tools?: boolean;
+    context?: boolean;
+}
 export interface PromptParts {
     system?: string;
     tools?: string;
     context?: string;
     task: string;
+    /**
+     * Slice κ (Claude only): per-block opt-in to Anthropic `cache_control`
+     * breakpoints. Setting `system: true` (or tools/context) marks that
+     * block with `cache_control: {type:"ephemeral", ttl:"1h"}` in the
+     * stream-json payload the gateway pipes to `claude --input-format
+     * stream-json`. The `task` block is NEVER marked (it's the volatile
+     * tail). Empty parts are silently skipped even if their flag is true.
+     *
+     * Constraint: callers MUST also pass `outputFormat:"stream-json"` —
+     * mixing cacheControl with text/json output returns an error response.
+     * `ttl` is hard-coded to `"1h"` because Claude Code injects its own
+     * 1h-marked system blocks ahead of caller content and Anthropic
+     * rejects a 1h block after a 5m block.
+     */
+    cacheControl?: PromptPartsCacheControl;
 }
 export declare const PromptPartsSchema: z.ZodObject<{
     system: z.ZodOptional<z.ZodString>;
     tools: z.ZodOptional<z.ZodString>;
     context: z.ZodOptional<z.ZodString>;
     task: z.ZodString;
+    cacheControl: z.ZodOptional<z.ZodObject<{
+        system: z.ZodOptional<z.ZodBoolean>;
+        tools: z.ZodOptional<z.ZodBoolean>;
+        context: z.ZodOptional<z.ZodBoolean>;
+    }, "strict", z.ZodTypeAny, {
+        system?: boolean | undefined;
+        tools?: boolean | undefined;
+        context?: boolean | undefined;
+    }, {
+        system?: boolean | undefined;
+        tools?: boolean | undefined;
+        context?: boolean | undefined;
+    }>>;
 }, "strip", z.ZodTypeAny, {
     task: string;
     system?: string | undefined;
     tools?: string | undefined;
     context?: string | undefined;
+    cacheControl?: {
+        system?: boolean | undefined;
+        tools?: boolean | undefined;
+        context?: boolean | undefined;
+    } | undefined;
 }, {
     task: string;
     system?: string | undefined;
     tools?: string | undefined;
     context?: string | undefined;
+    cacheControl?: {
+        system?: boolean | undefined;
+        tools?: boolean | undefined;
+        context?: boolean | undefined;
+    } | undefined;
 }>;
 export interface AssembleResult {
     text: string;
@@ -36,3 +79,34 @@ export interface ResolvePromptInputArgs {
     promptParts?: PromptParts;
 }
 export declare function resolvePromptInput(input: ResolvePromptInputArgs): ResolvedPromptInput;
+export interface ClaudeContentBlock {
+    type: "text";
+    text: string;
+    cache_control?: {
+        type: "ephemeral";
+        ttl: "1h";
+    };
+}
+export interface ClaudeStreamJsonUserMessage {
+    type: "user";
+    message: {
+        role: "user";
+        content: ClaudeContentBlock[];
+    };
+}
+export interface AssembleClaudeCacheBlocksResult {
+    payload: ClaudeStreamJsonUserMessage;
+    markedBlockCount: number;
+}
+/**
+ * Slice κ: build the Claude `--input-format stream-json` payload from
+ * a `PromptParts`. Each non-empty part becomes one content block in
+ * `system → tools → context → task` order; parts whose name is `true`
+ * in `cacheControl` get `cache_control: {type:"ephemeral", ttl:"1h"}`.
+ *
+ * Empty parts are skipped (no zero-byte blocks) — a true flag on an
+ * empty part is silently a no-op and not counted in `markedBlockCount`.
+ * The `task` block is never marked, even if a caller accidentally
+ * tries (the schema doesn't expose `task` in `cacheControl`).
+ */
+export declare function assembleClaudeCacheBlocks(parts: PromptParts): AssembleClaudeCacheBlocksResult;

package/dist/prompt-parts.js

@@ -1,10 +1,18 @@
 import { createHash } from "crypto";
 import { z } from "zod";
+const CacheControlSchema = z
+    .object({
+    system: z.boolean().optional(),
+    tools: z.boolean().optional(),
+    context: z.boolean().optional(),
+})
+    .strict();
 export const PromptPartsSchema = z.object({
     system: z.string().optional(),
     tools: z.string().optional(),
     context: z.string().optional(),
     task: z.string().min(1),
+    cacheControl: CacheControlSchema.optional(),
 });
 const SEPARATOR = "\n\n";
 export function assemble(parts) {
@@ -40,3 +48,42 @@ export function resolvePromptInput(input) {
         stablePrefixTokens: null,
     };
 }
+/**
+ * Slice κ: build the Claude `--input-format stream-json` payload from
+ * a `PromptParts`. Each non-empty part becomes one content block in
+ * `system → tools → context → task` order; parts whose name is `true`
+ * in `cacheControl` get `cache_control: {type:"ephemeral", ttl:"1h"}`.
+ *
+ * Empty parts are skipped (no zero-byte blocks) — a true flag on an
+ * empty part is silently a no-op and not counted in `markedBlockCount`.
+ * The `task` block is never marked, even if a caller accidentally
+ * tries (the schema doesn't expose `task` in `cacheControl`).
+ */
+export function assembleClaudeCacheBlocks(parts) {
+    const blocks = [];
+    let markedBlockCount = 0;
+    const cc = parts.cacheControl ?? {};
+    const stableEntries = [
+        ["system", parts.system],
+        ["tools", parts.tools],
+        ["context", parts.context],
+    ];
+    for (const [name, value] of stableEntries) {
+        if (value === undefined || value.length === 0)
+            continue;
+        const block = { type: "text", text: value };
+        if (cc[name]) {
+            block.cache_control = { type: "ephemeral", ttl: "1h" };
+            markedBlockCount += 1;
+        }
+        blocks.push(block);
+    }
+    blocks.push({ type: "text", text: parts.task });
+    return {
+        payload: {
+            type: "user",
+            message: { role: "user", content: blocks },
+        },
+        markedBlockCount,
+    };
+}

package/dist/session-manager.d.ts

@@ -15,11 +15,27 @@ export interface SessionStorage {
     sessions: Record<string, Session>;
     activeSession: Record<CliType, string | null>;
 }
+/**
+ * Slice λ: callback invoked before a session record is removed (whether via
+ * explicit `deleteSession`, TTL eviction, or `clearAllSessions`). Used to
+ * tear down per-session resources owned by the gateway — currently git
+ * worktrees registered on `session.metadata.worktreePath`. The hook
+ * receives the path; promise failures are logged but do not block session
+ * removal (gateway-owned-lifecycle invariant: `session_delete` must always
+ * succeed for the caller).
+ */
+export type SessionCleanupHook = (session: Session) => void | Promise<void>;
 export declare class FileSessionManager {
     private storagePath;
     private storage;
     private readonly sessionTtlMs;
-    constructor(customPath?: string, sessionTtlMs?: number);
+    private readonly cleanupHook?;
+    private readonly logger;
+    constructor(customPath?: string, sessionTtlMs?: number, opts?: {
+        cleanupHook?: SessionCleanupHook;
+        logger?: Logger;
+    });
+    private invokeCleanupHook;
     private isExpired;
     private evictExpiredSessions;
     private ensureStorageDirectory;
@@ -59,4 +75,6 @@ export interface ISessionManager {
  * @param db - Optional pre-existing DatabaseConnection (avoids creating duplicate connections)
  * @param logger - Logger instance for structured logging
  */
-export declare function createSessionManager(config?: Config, db?: DatabaseConnection, logger?: Logger): Promise<ISessionManager>;
+export declare function createSessionManager(config?: Config, db?: DatabaseConnection, logger?: Logger, opts?: {
+    cleanupHook?: SessionCleanupHook;
+}): Promise<ISessionManager>;

package/dist/session-manager.js

@@ -17,12 +17,31 @@ export class FileSessionManager {
     storagePath;
     storage = { sessions: {}, activeSession: createEmptyActiveSessions() };
     sessionTtlMs;
-    constructor(customPath, sessionTtlMs) {
+    cleanupHook;
+    logger;
+    constructor(customPath, sessionTtlMs, opts) {
         this.sessionTtlMs = sessionTtlMs ?? DEFAULT_SESSION_TTL_SECONDS * 1000;
         this.storagePath = customPath || join(homedir(), ".llm-cli-gateway", "sessions.json");
+        this.cleanupHook = opts?.cleanupHook;
+        this.logger = opts?.logger ?? noopLogger;
         this.ensureStorageDirectory();
         this.loadStorage();
     }
+    invokeCleanupHook(session) {
+        if (!this.cleanupHook)
+            return;
+        try {
+            const result = this.cleanupHook(session);
+            if (result && typeof result.catch === "function") {
+                result.catch(err => {
+                    this.logger.error(`session cleanup hook rejected for ${session.id}`, err);
+                });
+            }
+        }
+        catch (err) {
+            this.logger.error(`session cleanup hook threw for ${session.id}`, err);
+        }
+    }
     isExpired(session) {
         const ts = new Date(session.lastUsedAt).getTime();
         if (!Number.isFinite(ts))
@@ -33,6 +52,7 @@ export class FileSessionManager {
         let count = 0;
         for (const [id, session] of Object.entries(this.storage.sessions)) {
             if (this.isExpired(session)) {
+                this.invokeCleanupHook(session);
                 delete this.storage.sessions[id];
                 if (this.storage.activeSession[session.cli] === id) {
                     this.storage.activeSession[session.cli] = null;
@@ -123,6 +143,7 @@ export class FileSessionManager {
             return false;
         }
         const session = this.storage.sessions[sessionId];
+        this.invokeCleanupHook(session);
         delete this.storage.sessions[sessionId];
         // If this was the active session, clear it
         if (this.storage.activeSession[session.cli] === sessionId) {
@@ -189,6 +210,7 @@ export class FileSessionManager {
             ? Object.values(this.storage.sessions).filter(s => s.cli === cli)
             : Object.values(this.storage.sessions);
         sessionsToDelete.forEach(session => {
+            this.invokeCleanupHook(session);
             delete this.storage.sessions[session.id];
             if (this.storage.activeSession[session.cli] === session.id) {
                 this.storage.activeSession[session.cli] = null;
@@ -207,7 +229,7 @@ export const SessionManager = FileSessionManager;
  * @param db - Optional pre-existing DatabaseConnection (avoids creating duplicate connections)
  * @param logger - Logger instance for structured logging
  */
-export async function createSessionManager(config, db, logger) {
+export async function createSessionManager(config, db, logger, opts) {
     if (config?.database && config?.redis) {
         // Import dynamically to avoid loading pg/ioredis if not needed
         const { PostgreSQLSessionManager } = await import("./session-manager-pg.js");
@@ -223,6 +245,9 @@ export async function createSessionManager(config, db, logger) {
         const sessionTtlMs = config?.sessionTtl
             ? config.sessionTtl * 1000
             : DEFAULT_SESSION_TTL_SECONDS * 1000;
-        return new FileSessionManager(undefined, sessionTtlMs);
+        return new FileSessionManager(undefined, sessionTtlMs, {
+            cleanupHook: opts?.cleanupHook,
+            logger,
+        });
     }
 }

package/dist/upstream-contracts.d.ts

@@ -1,5 +1,12 @@
 import type { CliType } from "./session-manager.js";
-export type CliFlagArity = "none" | "one" | "variadic";
+/**
+ * `optional` (slice κ): consumes the next token as the flag's value
+ * ONLY if that token does not start with `-`. Used for Claude's
+ * `-p`/`--print`, which is a no-arg switch in claude-code 2.x but
+ * also doubles as the legacy `-p <prompt>` positional shorthand that
+ * the gateway has emitted since v0.x.
+ */
+export type CliFlagArity = "none" | "one" | "optional" | "variadic";
 export interface CliFlagContract {
     arity: CliFlagArity;
     values?: readonly string[];

package/dist/upstream-contracts.js

@@ -46,8 +46,16 @@ export const UPSTREAM_CLI_CONTRACTS = {
             "strictMcpConfig",
         ],
         flags: {
-            "-p": { arity: "one", description: "Prompt text" },
+            "-p": {
+                arity: "optional",
+                description: "Print/non-interactive mode. Legacy gateway emission used `-p <prompt>` (consumed as positional in claude's grammar); slice κ emits `-p` standalone followed by `--input-format stream-json` so the prompt flows in on stdin.",
+            },
             "--model": { arity: "one", description: "Model selector" },
+            "--input-format": {
+                arity: "one",
+                values: ["text", "stream-json"],
+                description: "Slice κ: realtime JSON stdin payload. `stream-json` enables Anthropic cache_control breakpoints from caller-supplied content blocks.",
+            },
             "--output-format": {
                 arity: "one",
                 values: ["json", "stream-json"],
@@ -163,6 +171,26 @@ export const UPSTREAM_CLI_CONTRACTS = {
                 ],
                 expect: "pass",
             },
+            {
+                // Slice κ: when caller marks promptParts with cache_control, the
+                // gateway emits `-p` as a standalone flag and pipes the JSON
+                // content-blocks payload over stdin via `--input-format
+                // stream-json`. The fixture pins the exact argv combination so
+                // a future regression (re-emitting a positional prompt, dropping
+                // `--input-format`, etc.) trips loudly here.
+                id: "claude-input-format-stream-json",
+                description: "Slice κ: `-p` standalone + --input-format stream-json + --output-format stream-json + --include-partial-messages + --verbose",
+                args: [
+                    "-p",
+                    "--input-format",
+                    "stream-json",
+                    "--output-format",
+                    "stream-json",
+                    "--include-partial-messages",
+                    "--verbose",
+                ],
+                expect: "pass",
+            },
         ],
     },
     codex: {
@@ -764,6 +792,14 @@ export function validateUpstreamCliArgs(cli, args) {
             i += 1;
             continue;
         }
+        if (flag.arity === "optional") {
+            const value = args[i + 1];
+            if (value !== undefined && !value.startsWith("-")) {
+                validateFlagValue(cli, arg, flag, value, i + 1, violations);
+                i += 1;
+            }
+            continue;
+        }
         let consumed = 0;
         while (i + 1 < args.length && !args[i + 1].startsWith("-")) {
             validateFlagValue(cli, arg, flag, args[i + 1], i + 1, violations);

package/dist/worktree-manager.d.ts

@@ -0,0 +1,41 @@
+import { type Logger } from "./logger.js";
+export interface WorktreeHandle {
+    name: string;
+    path: string;
+    ref: string;
+    createdAt: string;
+}
+export interface CreateWorktreeOptions {
+    repoRoot: string;
+    name?: string;
+    ref?: string;
+    logger?: Logger;
+}
+export interface RemoveWorktreeOptions {
+    repoRoot: string;
+    path: string;
+    name?: string;
+    logger?: Logger;
+}
+export declare class WorktreeError extends Error {
+    constructor(message: string);
+}
+export declare class WorktreeCollisionError extends WorktreeError {
+    constructor(path: string);
+}
+export declare function sanitizeWorktreeName(input: string): string;
+export declare function createWorktree(opts: CreateWorktreeOptions): Promise<WorktreeHandle>;
+/**
+ * Build a SessionCleanupHook that tears down per-session worktrees. The
+ * hook reads `session.metadata.worktreePath` (recorded by
+ * `resolveWorktreeForRequest`) and the optional `session.metadata.worktreeName`,
+ * derives `repoRoot` from the path layout (`<repoRoot>/.worktrees/<name>`),
+ * and fires `removeWorktree` asynchronously. Failures are logged by
+ * `removeWorktree` itself — the hook always resolves so session deletion
+ * never blocks on git.
+ */
+export declare function createWorktreeSessionCleanupHook(logger: Logger): (session: {
+    id: string;
+    metadata?: Record<string, unknown>;
+}) => Promise<void>;
+export declare function removeWorktree(opts: RemoveWorktreeOptions): Promise<void>;

package/dist/worktree-manager.js

@@ -0,0 +1,214 @@
+import { spawn } from "child_process";
+import { randomUUID } from "crypto";
+import { existsSync } from "fs";
+import { resolve as resolvePath, join, sep } from "path";
+import { logWarn, noopLogger } from "./logger.js";
+const GIT_TIMEOUT_MS = 10_000;
+const NAME_PATTERN = /^[A-Za-z0-9._-]{1,64}$/;
+export class WorktreeError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = "WorktreeError";
+    }
+}
+export class WorktreeCollisionError extends WorktreeError {
+    constructor(path) {
+        super(`worktree path already exists and is not a registered git worktree: ${path}. ` +
+            `Remove the stale directory (or pick a different worktree name) and retry.`);
+        this.name = "WorktreeCollisionError";
+    }
+}
+export function sanitizeWorktreeName(input) {
+    if (typeof input !== "string") {
+        throw new WorktreeError("worktree name must be a string");
+    }
+    if (input.length === 0) {
+        throw new WorktreeError("worktree name must not be empty");
+    }
+    if (input.length > 64) {
+        throw new WorktreeError("worktree name must be ≤ 64 characters");
+    }
+    if (input === "." || input === "..") {
+        throw new WorktreeError(`worktree name "${input}" is reserved`);
+    }
+    if (input.startsWith(".")) {
+        throw new WorktreeError("worktree name must not start with '.'");
+    }
+    if (input.startsWith("-")) {
+        throw new WorktreeError("worktree name must not start with '-'");
+    }
+    if (input.includes("..")) {
+        throw new WorktreeError("worktree name must not contain '..'");
+    }
+    if (!NAME_PATTERN.test(input)) {
+        throw new WorktreeError(`worktree name "${input}" contains disallowed characters ` +
+            `(allowed: A-Z a-z 0-9 . _ -, length 1-64)`);
+    }
+    return input;
+}
+function generateDefaultName() {
+    return randomUUID().replace(/-/g, "");
+}
+async function execGit(repoRoot, args, logger) {
+    return new Promise((resolveExec, rejectExec) => {
+        const proc = spawn("git", args, {
+            cwd: repoRoot,
+            stdio: ["ignore", "pipe", "pipe"],
+            env: process.env,
+        });
+        const stdoutChunks = [];
+        const stderrChunks = [];
+        let settled = false;
+        const timer = setTimeout(() => {
+            if (settled)
+                return;
+            settled = true;
+            try {
+                proc.kill("SIGKILL");
+            }
+            catch {
+                // ignore — process may already be gone
+            }
+            rejectExec(new WorktreeError(`git ${args.join(" ")} timed out after ${GIT_TIMEOUT_MS}ms`));
+        }, GIT_TIMEOUT_MS);
+        proc.stdout.on("data", chunk => stdoutChunks.push(chunk));
+        proc.stderr.on("data", chunk => stderrChunks.push(chunk));
+        proc.on("error", err => {
+            if (settled)
+                return;
+            settled = true;
+            clearTimeout(timer);
+            rejectExec(new WorktreeError(`git ${args.join(" ")} failed to spawn: ${err.message}`));
+        });
+        proc.on("close", code => {
+            if (settled)
+                return;
+            settled = true;
+            clearTimeout(timer);
+            logger.debug?.(`git ${args.join(" ")} exited ${code}`);
+            resolveExec({
+                stdout: Buffer.concat(stdoutChunks).toString("utf8"),
+                stderr: Buffer.concat(stderrChunks).toString("utf8"),
+                code: code ?? -1,
+            });
+        });
+    });
+}
+async function listExistingWorktreePaths(repoRoot, logger) {
+    const result = await execGit(repoRoot, ["worktree", "list", "--porcelain"], logger);
+    if (result.code !== 0) {
+        throw new WorktreeError(`git worktree list failed (code ${result.code}): ${result.stderr.trim()}`);
+    }
+    const paths = new Set();
+    for (const line of result.stdout.split("\n")) {
+        if (line.startsWith("worktree ")) {
+            paths.add(line.slice("worktree ".length).trim());
+        }
+    }
+    return paths;
+}
+export async function createWorktree(opts) {
+    const logger = opts.logger ?? noopLogger;
+    if (!opts.repoRoot || !existsSync(opts.repoRoot)) {
+        throw new WorktreeError(`repoRoot does not exist: ${opts.repoRoot}`);
+    }
+    const name = opts.name ? sanitizeWorktreeName(opts.name) : generateDefaultName();
+    const worktreesDir = join(opts.repoRoot, ".worktrees");
+    const expectedPrefix = worktreesDir + sep;
+    const worktreePath = resolvePath(opts.repoRoot, ".worktrees", name);
+    // Defense in depth — sanitizeWorktreeName already blocks slashes, but
+    // double-check that the resolved path is under <repoRoot>/.worktrees/.
+    if (!worktreePath.startsWith(expectedPrefix)) {
+        throw new WorktreeError(`resolved worktree path escapes the expected prefix: ${worktreePath} (expected under ${expectedPrefix})`);
+    }
+    const refArg = opts.ref ?? "HEAD";
+    const revParse = await execGit(opts.repoRoot, ["rev-parse", "--verify", `${refArg}^{commit}`], logger);
+    if (revParse.code !== 0) {
+        throw new WorktreeError(`git rev-parse ${refArg} failed (code ${revParse.code}): ${revParse.stderr.trim()}`);
+    }
+    const resolvedRef = revParse.stdout.trim();
+    const existingPaths = await listExistingWorktreePaths(opts.repoRoot, logger);
+    const pathOnDisk = existsSync(worktreePath);
+    const registered = existingPaths.has(worktreePath);
+    if (pathOnDisk) {
+        if (!registered) {
+            throw new WorktreeCollisionError(worktreePath);
+        }
+        // Resume reuse: the worktree already exists and is registered with git.
+        // Return a handle pointing at it without touching anything.
+        logger.info?.(`reusing existing worktree at ${worktreePath}`);
+        return {
+            name,
+            path: worktreePath,
+            ref: resolvedRef,
+            createdAt: new Date().toISOString(),
+        };
+    }
+    if (registered) {
+        // Path is registered but the directory is gone — let git prune it
+        // before we recreate, so `worktree add` doesn't error on the stale
+        // registration.
+        const prune = await execGit(opts.repoRoot, ["worktree", "prune"], logger);
+        if (prune.code !== 0) {
+            logWarn(logger, `git worktree prune failed before creating ${name}: ${prune.stderr.trim()}`);
+        }
+    }
+    const branch = `gateway/${name}`;
+    const add = await execGit(opts.repoRoot, ["worktree", "add", "-b", branch, worktreePath, resolvedRef], logger);
+    if (add.code !== 0) {
+        throw new WorktreeError(`git worktree add failed (code ${add.code}): ${add.stderr.trim() || add.stdout.trim()}`);
+    }
+    return {
+        name,
+        path: worktreePath,
+        ref: resolvedRef,
+        createdAt: new Date().toISOString(),
+    };
+}
+/**
+ * Build a SessionCleanupHook that tears down per-session worktrees. The
+ * hook reads `session.metadata.worktreePath` (recorded by
+ * `resolveWorktreeForRequest`) and the optional `session.metadata.worktreeName`,
+ * derives `repoRoot` from the path layout (`<repoRoot>/.worktrees/<name>`),
+ * and fires `removeWorktree` asynchronously. Failures are logged by
+ * `removeWorktree` itself — the hook always resolves so session deletion
+ * never blocks on git.
+ */
+export function createWorktreeSessionCleanupHook(logger) {
+    return async (session) => {
+        const meta = session.metadata ?? {};
+        const worktreePath = typeof meta.worktreePath === "string" ? meta.worktreePath : undefined;
+        if (!worktreePath)
+            return;
+        const worktreeName = typeof meta.worktreeName === "string" ? meta.worktreeName : undefined;
+        // Layout invariant from createWorktree: <repoRoot>/.worktrees/<name>.
+        // Strip the trailing two segments to recover repoRoot.
+        const marker = `${sep}.worktrees${sep}`;
+        const markerIdx = worktreePath.lastIndexOf(marker);
+        if (markerIdx === -1) {
+            logWarn(logger, `worktreePath on session ${session.id} does not match the gateway layout — skipping cleanup: ${worktreePath}`);
+            return;
+        }
+        const repoRoot = worktreePath.slice(0, markerIdx);
+        await removeWorktree({ repoRoot, path: worktreePath, name: worktreeName, logger });
+    };
+}
+export async function removeWorktree(opts) {
+    const logger = opts.logger ?? noopLogger;
+    if (!opts.repoRoot || !opts.path) {
+        return;
+    }
+    const remove = await execGit(opts.repoRoot, ["worktree", "remove", "--force", opts.path], logger);
+    if (remove.code !== 0) {
+        logWarn(logger, `git worktree remove --force ${opts.path} failed (code ${remove.code}): ${remove.stderr.trim()}`);
+    }
+    if (opts.name) {
+        const branch = `gateway/${opts.name}`;
+        const del = await execGit(opts.repoRoot, ["branch", "-D", branch], logger);
+        if (del.code !== 0) {
+            // Branch may already be gone (user deleted, never existed if add
+            // half-failed, etc.). Demote to debug — this is best-effort cleanup.
+            logger.debug?.(`git branch -D ${branch} returned code ${del.code}: ${del.stderr.trim()}`);
+        }
+    }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "llm-cli-gateway",
-  "version": "1.13.2",
+  "version": "1.15.0",
   "mcpName": "io.github.verivus-oss/llm-cli-gateway",
   "description": "MCP server providing unified access to Claude Code, Codex, Gemini, Grok, and Mistral Vibe CLIs with session management, retry logic, async job orchestration, durable job results, and cross-LLM validation.",
   "license": "MIT",
@@ -70,6 +70,7 @@
     "test:integration": "INTEGRATION_TESTS=1 vitest run src/__tests__/integration.test.ts",
     "test:pg": "bash ./scripts/test-pg.sh",
     "test:all": "npm run test && npm run test:pg",
+    "smoke:cache-control": "node docs/plans/slice-kappa-smoke-test.mjs",
     "lint": "eslint src/**/*.ts",
     "lint:fix": "eslint src/**/*.ts --fix",
     "format": "prettier --write 'src/**/*.ts'",