opencode-zellij 0.0.7 → 0.0.9

package/dist/index.mjs

@@ -1,14 +1,14 @@
 import process from "node:process";
 import { execFile, spawn, spawnSync } from "node:child_process";
-import { randomUUID } from "node:crypto";
 import { existsSync, mkdirSync, readFileSync, readdirSync, renameSync, rmSync, writeFileSync } from "node:fs";
-import { mkdir, readFile, rename, rm, writeFile } from "node:fs/promises";
+import { readFile, rename, rm } from "node:fs/promises";
 import path, { basename, dirname, join } from "node:path";
 import { fileURLToPath } from "node:url";
 import { promisify } from "node:util";
 import { homedir, tmpdir } from "node:os";
 import { parseJSON, parseJSONC } from "confbox";
 import { z } from "zod";
+import { randomUUID } from "node:crypto";
 import { setTimeout as setTimeout$1 } from "node:timers/promises";
 import { tool } from "@opencode-ai/plugin";
 import { Buffer } from "node:buffer";
@@ -18,19 +18,20 @@ function debug(message, ...details) {
 	console.warn(`[opencode-zellij] ${message}`, ...details);
 }
 //#endregion
+//#region src/utils/errors.ts
+function errorMessage(error) {
+	return error instanceof Error ? error.message : String(error);
+}
+//#endregion
 //#region src/auto-update.ts
 const PACKAGE_NAME = "opencode-zellij";
 const NPM_REGISTRY_URL = "https://registry.npmjs.org/-/package/opencode-zellij/dist-tags";
 const FETCH_TIMEOUT_MS = 5e3;
 const INSTALL_TIMEOUT_MS = 6e4;
-const LOCK_STALE_MS = INSTALL_TIMEOUT_MS * 2 + FETCH_TIMEOUT_MS + 3e4;
 const defaultExecFile = promisify(execFile);
 function packageDir(installRoot) {
 	return join(installRoot, "node_modules", PACKAGE_NAME);
 }
-function lockDir(installRoot) {
-	return join(installRoot, ".opencode-zellij-update.lock");
-}
 function backupDir(installRoot) {
 	return join(installRoot, "node_modules", `${PACKAGE_NAME}.update-backup`);
 }
@@ -43,7 +44,9 @@ async function installedPackageMetadata(installRoot) {
 			version: typeof pkg.version === "string" ? pkg.version : void 0,
 			main: typeof pkg.main === "string" ? pkg.main : void 0
 		};
-	} catch {}
+	} catch (error) {
+		debug("installedPackageMetadata failed", errorMessage(error));
+	}
 }
 function isExpectedPackage(metadata, version) {
 	return metadata?.name === "opencode-zellij" && metadata.version === version;
@@ -64,52 +67,6 @@ async function removeInstalledPackage(installRoot) {
 		recursive: true
 	});
 }
-async function installRootLockIsStale(installRoot) {
-	try {
-		const content = await readFile(join(lockDir(installRoot), "owner.json"), "utf8");
-		const owner = JSON.parse(content);
-		if (isRecord$1(owner) && typeof owner.createdAt === "number") return Date.now() - owner.createdAt > LOCK_STALE_MS;
-	} catch {
-		return true;
-	}
-	return false;
-}
-async function acquireInstallLock(installRoot) {
-	const dir = lockDir(installRoot);
-	const token = randomUUID();
-	try {
-		await mkdir(dir);
-	} catch {
-		if (!await installRootLockIsStale(installRoot)) return void 0;
-		await rm(dir, {
-			force: true,
-			recursive: true
-		});
-		try {
-			await mkdir(dir);
-		} catch {
-			return;
-		}
-	}
-	await writeFile(join(dir, "owner.json"), JSON.stringify({
-		pid: process.pid,
-		token,
-		createdAt: Date.now()
-	}));
-	return async () => {
-		try {
-			const content = await readFile(join(dir, "owner.json"), "utf8");
-			const owner = JSON.parse(content);
-			if (isRecord$1(owner) && owner.token !== token) return;
-		} catch {
-			return;
-		}
-		await rm(dir, {
-			force: true,
-			recursive: true
-		});
-	};
-}
 async function backupInstalledPackage(installRoot) {
 	const source = packageDir(installRoot);
 	if (!existsSync(source)) return void 0;
@@ -158,7 +115,9 @@ async function findInstallContext(importMetaUrl) {
 						currentVersion: pkg.version
 					};
 				}
-			} catch {}
+			} catch (error) {
+				debug("findInstallContext package.json read failed", errorMessage(error));
+			}
 		}
 		const parent = dirname(dir);
 		if (parent === dir) break;
@@ -253,48 +212,36 @@ async function checkAndUpdate(options) {
 			reason: `cache spec is pinned or unknown (${context.cacheSpec})`
 		};
 	}
-	const releaseLock = await acquireInstallLock(context.installRoot);
-	if (!releaseLock) {
-		debug(`skipping auto-update: update already in progress for ${context.installRoot}`);
+	const latest = await fetchLatestVersion(options.fetchImpl);
+	if (!latest) {
+		debug("skipping auto-update: could not determine latest version");
 		return {
 			type: "skipped",
-			reason: "update already in progress"
+			reason: "could not determine latest version"
 		};
 	}
-	try {
-		const latest = await fetchLatestVersion(options.fetchImpl);
-		if (!latest) {
-			debug("skipping auto-update: could not determine latest version");
-			return {
-				type: "skipped",
-				reason: "could not determine latest version"
-			};
-		}
-		const installedVersion = (await installedPackageMetadata(context.installRoot))?.version ?? context.currentVersion;
-		if (latest === installedVersion) {
-			debug(`auto-update: already on latest ${latest}`);
-			return {
-				type: "up-to-date",
-				currentVersion: installedVersion
-			};
-		}
-		if (await runNpmInstall(context.installRoot, latest, options.execImpl)) {
-			debug(`updated ${PACKAGE_NAME} from ${installedVersion} to ${latest}`);
-			return {
-				type: "updated",
-				fromVersion: installedVersion,
-				toVersion: latest
-			};
-		}
+	const installedVersion = (await installedPackageMetadata(context.installRoot))?.version ?? context.currentVersion;
+	if (latest === installedVersion) {
+		debug(`auto-update: already on latest ${latest}`);
 		return {
-			type: "failed",
-			currentVersion: installedVersion,
-			latestVersion: latest,
-			reason: "npm install failed"
+			type: "up-to-date",
+			currentVersion: installedVersion
 		};
-	} finally {
-		await releaseLock();
 	}
+	if (await runNpmInstall(context.installRoot, latest, options.execImpl)) {
+		debug(`updated ${PACKAGE_NAME} from ${installedVersion} to ${latest}`);
+		return {
+			type: "updated",
+			fromVersion: installedVersion,
+			toVersion: latest
+		};
+	}
+	return {
+		type: "failed",
+		currentVersion: installedVersion,
+		latestVersion: latest,
+		reason: "npm install failed"
+	};
 }
 //#endregion
 //#region src/config.ts
@@ -316,7 +263,7 @@ const ptyLayerSchema = z.object({
 	enabled: z.boolean().optional().describe("Enable Zellij-backed PTY tools."),
 	sudoPane: sudoPaneSchema.optional().describe("Controls whether the sudo pane tool is available, denied, or hidden.")
 }).strict();
-const autoUpdateLayerSchema = z.object({ enabled: z.boolean().optional().describe("Enable automatic update checks for the opencode-zellij plugin.") }).strict();
+const autoUpdateLayerSchema = z.boolean().optional().describe("Enable automatic update checks for the opencode-zellij plugin.");
 const sidecarConfigSchema = z.object({
 	$schema: z.string().optional().describe("JSON Schema URI for editor completion."),
 	tabTitle: tabTitleLayerSchema.optional(),
@@ -336,7 +283,7 @@ const defaultConfig = {
 		enabled: true,
 		sudoPane: "allow"
 	},
-	autoUpdate: { enabled: true }
+	autoUpdate: true
 };
 function validConfigLayer(value) {
 	const result = sidecarConfigSchema.safeParse(value);
@@ -361,7 +308,7 @@ function mergeConfig(user, project) {
 			enabled: project?.pty?.enabled ?? user?.pty?.enabled ?? defaultConfig.pty.enabled,
 			sudoPane: project?.pty?.sudoPane ?? user?.pty?.sudoPane ?? defaultConfig.pty.sudoPane
 		},
-		autoUpdate: { enabled: project?.autoUpdate?.enabled ?? user?.autoUpdate?.enabled ?? defaultConfig.autoUpdate.enabled }
+		autoUpdate: project?.autoUpdate ?? user?.autoUpdate ?? defaultConfig.autoUpdate
 	};
 }
 async function loadConfigLayer(directory, warnings) {
@@ -416,80 +363,13 @@ async function loadConfig(input) {
 	};
 }
 //#endregion
-//#region src/utils/shell-args.ts
-const directCommandExitWrapper = "token=\"$1\"; shift; set +e; \"$@\"; code=$?; printf \"\\n[zellij-pty:%s] exit-code=%s\\n\" \"$token\" \"$code\"; exit \"$code\"";
-const shellCommandExitWrapper = "token=\"$1\"; command=\"$2\"; set +e; bash -lc \"$command\"; code=$?; printf \"\\n[zellij-pty:%s] exit-code=%s\\n\" \"$token\" \"$code\"; exit \"$code\"";
-function buildCommandArgv(input, options = {}) {
-	const command = input.command.trim();
-	if (!command) throw new Error("command is required");
-	if (options.exitCodeToken) {
-		if (input.args && input.args.length > 0) return [
-			"bash",
-			"-lc",
-			directCommandExitWrapper,
-			"zellij-pty",
-			options.exitCodeToken,
-			command,
-			...input.args
-		];
-		return [
-			"bash",
-			"-lc",
-			shellCommandExitWrapper,
-			"zellij-pty",
-			options.exitCodeToken,
-			command
-		];
-	}
-	if (input.args && input.args.length > 0) return [command, ...input.args];
-	return [
-		"bash",
-		"-lc",
-		command
-	];
+//#region src/permissions/sudo-pane.ts
+let sudoPaneAllowed = true;
+function configureSudoPane(allowed) {
+	sudoPaneAllowed = allowed;
 }
-function commandLineForPolicy(input) {
-	if (!input.args || input.args.length === 0) return input.command.trim();
-	return [input.command, ...input.args].join(" ").trim();
-}
-//#endregion
-//#region src/permissions/policy.ts
-const denyPatterns = [
-	/(^|\s)rm\s+-[^\n&;r|]*r[^\n&;|]*f\s+\//,
-	/(^|\s)mkfs(?:\s|$)/,
-	/(^|\s)dd\s+(?:[^\s&;|][^\n;|&]*)?\bof=\/dev\//,
-	/:\(\)\s*\{\s*:\|:\s*&\s*\}\s*;/
-];
-const sudoPattern = /(?:^|[\s;&|])sudo(?:[\s;&|]|$)/;
-let configuredDenyCommands = [];
-let configuredAllowCommands = [];
-let allowSudoPane = true;
-function isStringArray(value) {
-	return Array.isArray(value) && value.every((item) => typeof item === "string");
-}
-function escapeRegex(value) {
-	return value.replace(/[|\\{}()[\]^$+?.]/g, "\\$&");
-}
-function wildcardMatches(pattern, commandLine) {
-	return new RegExp(`^${pattern.split("*").map(escapeRegex).join(".*")}$`).test(commandLine);
-}
-function configurePolicy(config) {
-	configuredDenyCommands = [];
-	configuredAllowCommands = [];
-	allowSudoPane = true;
-	if (!config || typeof config !== "object") return;
-	const object = config;
-	if (isStringArray(object.denyCommands)) configuredDenyCommands = object.denyCommands;
-	if (isStringArray(object.allowCommands)) configuredAllowCommands = object.allowCommands;
-	if (typeof object.allowSudoPane === "boolean") allowSudoPane = object.allowSudoPane;
-}
-function assertCommandAllowed(input) {
-	const commandLine = commandLineForPolicy(input);
-	for (const pattern of denyPatterns) if (pattern.test(commandLine)) throw new Error(`Command denied by zellij-pty policy: ${commandLine}`);
-	for (const pattern of configuredDenyCommands) if (wildcardMatches(pattern, commandLine)) throw new Error(`Command denied by zellij-pty configured deny rule: ${commandLine}`);
-	if (configuredAllowCommands.length > 0 && !configuredAllowCommands.some((pattern) => wildcardMatches(pattern, commandLine))) throw new Error(`Command denied by zellij-pty allow list: ${commandLine}`);
-	if (!input.humanInputOnly && sudoPattern.test(commandLine)) throw new Error("sudo commands must use zellij_pty_request_sudo so credentials stay human-input-only and never pass through agent tool input.");
-	if (input.humanInputOnly && !allowSudoPane) throw new Error("sudo pane is disabled by zellij-pty policy.");
+function assertSudoPaneAllowed() {
+	if (!sudoPaneAllowed) throw new Error("sudo pane is disabled by zellij-pty config.");
 }
 //#endregion
 //#region src/utils/ids.ts
@@ -540,6 +420,9 @@ var SessionManager = class {
 		if (!session) throw new Error(`Unknown zellij PTY session: ${id}`);
 		return session;
 	}
+	find(id) {
+		return this.sessions.get(id);
+	}
 	list() {
 		return Array.from(this.sessions.values()).sort((a, b) => a.createdAt.localeCompare(b.createdAt));
 	}
@@ -572,6 +455,39 @@ var SessionManager = class {
 };
 const sessionManager = new SessionManager();
 //#endregion
+//#region src/utils/shell-args.ts
+const directCommandExitWrapper = "token=\"$1\"; shift; set +e; \"$@\"; code=$?; printf \"\\n[zellij-pty:%s] exit-code=%s\\n\" \"$token\" \"$code\"; exit \"$code\"";
+const shellCommandExitWrapper = "token=\"$1\"; command=\"$2\"; set +e; bash -lc \"$command\"; code=$?; printf \"\\n[zellij-pty:%s] exit-code=%s\\n\" \"$token\" \"$code\"; exit \"$code\"";
+function buildCommandArgv(input, options = {}) {
+	const command = input.command.trim();
+	if (!command) throw new Error("command is required");
+	if (options.exitCodeToken) {
+		if (input.args && input.args.length > 0) return [
+			"bash",
+			"-lc",
+			directCommandExitWrapper,
+			"zellij-pty",
+			options.exitCodeToken,
+			command,
+			...input.args
+		];
+		return [
+			"bash",
+			"-lc",
+			shellCommandExitWrapper,
+			"zellij-pty",
+			options.exitCodeToken,
+			command
+		];
+	}
+	if (input.args && input.args.length > 0) return [command, ...input.args];
+	return [
+		"bash",
+		"-lc",
+		command
+	];
+}
+//#endregion
 //#region src/zellij/cli.ts
 const execFileAsync$1 = promisify(execFile);
 function zellijCommandArgs(actionArgs) {
@@ -652,7 +568,8 @@ function parseCurrentPaneTabId(listPanesJson, paneId) {
 	if (!Number.isInteger(parsedPaneId)) return void 0;
 	try {
 		return findPaneTabId(JSON.parse(listPanesJson), parsedPaneId);
-	} catch {
+	} catch (error) {
+		debug("parseCurrentPaneTabId failed", errorMessage(error));
 		return;
 	}
 }
@@ -735,6 +652,7 @@ const zellijCli = new ZellijCli();
 //#region src/zellij/pane-watchdog.ts
 const instanceId = randomUUID();
 let watchdogStarted = false;
+let watchdogChild = null;
 function registryDirectory() {
 	const base = process.env.XDG_RUNTIME_DIR || tmpdir();
 	return path.join(base, `opencode-zellij-${process.getuid?.() ?? "user"}`);
@@ -748,7 +666,8 @@ function parseLinuxProcessStartTime(stat) {
 function linuxProcessStartTime(pid) {
 	try {
 		return parseLinuxProcessStartTime(readFileSync(`/proc/${pid}/stat`, "utf8"));
-	} catch {
+	} catch (error) {
+		debug("linuxProcessStartTime failed", errorMessage(error));
 		return null;
 	}
 }
@@ -769,7 +688,8 @@ function readRegistry() {
 		const parsed = JSON.parse(readFileSync(file, "utf8"));
 		if (parsed.version !== 1 || parsed.instanceId !== instanceId || parsed.ownerPid !== process.pid || !Array.isArray(parsed.panes)) return emptyRegistry();
 		return parsed;
-	} catch {
+	} catch (error) {
+		debug("readRegistry failed", errorMessage(error));
 		return emptyRegistry();
 	}
 }
@@ -784,13 +704,24 @@ function writeRegistry(registry) {
 	renameSync(tempFile, file);
 }
 function ensureWatchdog() {
-	if (watchdogStarted) return;
+	if (watchdogStarted && watchdogChild) return;
 	watchdogStarted = true;
-	spawn("node", [watchdogRunnerPath(), watchdogRegistryPath()], {
+	const child = spawn(process.execPath, [watchdogRunnerPath(), watchdogRegistryPath()], {
 		detached: true,
 		stdio: "ignore",
 		env: process.env
-	}).unref();
+	});
+	watchdogChild = child;
+	child.unref();
+	child.on("error", () => {
+		watchdogStarted = false;
+		if (watchdogChild === child) watchdogChild = null;
+	});
+	child.on("exit", () => {
+		watchdogStarted = false;
+		if (watchdogChild === child) watchdogChild = null;
+		if (existsSync(watchdogRegistryPath())) ensureWatchdog();
+	});
 }
 function watchdogRunnerPath() {
 	return fileURLToPath(new URL("./pane-watchdog-runner.mjs", import.meta.url));
@@ -806,7 +737,8 @@ function cleanupStaleWatchdogRegistries() {
 			if (registry.version !== 1 || ownerStillMatches(registry)) continue;
 			closeRegistryPanes(registry);
 			rmSync(file, { force: true });
-		} catch {
+		} catch (error) {
+			debug("cleanupStaleWatchdogRegistries failed", errorMessage(error));
 			rmSync(file, { force: true });
 		}
 	}
@@ -814,7 +746,8 @@ function cleanupStaleWatchdogRegistries() {
 function ownerStillMatches(registry) {
 	try {
 		process.kill(registry.ownerPid, 0);
-	} catch {
+	} catch (error) {
+		debug("ownerStillMatches kill check failed", errorMessage(error));
 		return false;
 	}
 	return !registry.ownerStartTime || linuxProcessStartTime(registry.ownerPid) === registry.ownerStartTime;
@@ -866,7 +799,10 @@ function unregisterPaneFromWatchdog(sessionId) {
 function removeWatchdogRegistry() {
 	try {
 		rmSync(watchdogRegistryPath(), { force: true });
-	} catch {}
+	} catch (error) {
+		debug("removeWatchdogRegistry failed", errorMessage(error));
+	}
+	if (!watchdogChild) watchdogStarted = false;
 }
 //#endregion
 //#region src/pty/ring-buffer.ts
@@ -1011,14 +947,26 @@ function extractRenderedLines(event) {
 }
 var SubscriberManager = class {
 	subscribers = /* @__PURE__ */ new Map();
+	startingSessions = /* @__PURE__ */ new Map();
 	constructor(sessions, maxBufferLines = Number(process.env.PTY_MAX_BUFFER_LINES ?? 5e4)) {
 		this.sessions = sessions;
 		this.maxBufferLines = maxBufferLines;
 	}
 	async start(session) {
-		const existing = this.subscribers.get(session.id);
-		if (existing?.child) return;
+		if (this.subscribers.get(session.id)?.child) return;
+		const inProgress = this.startingSessions.get(session.id);
+		if (inProgress) return inProgress;
 		ensureZellijTarget();
+		const startPromise = this.doStart(session);
+		this.startingSessions.set(session.id, startPromise);
+		try {
+			await startPromise;
+		} finally {
+			this.startingSessions.delete(session.id);
+		}
+	}
+	async doStart(session) {
+		const existing = this.subscribers.get(session.id);
 		const state = existing ?? {
 			child: null,
 			buffer: new RingBuffer(this.maxBufferLines),
@@ -1027,13 +975,7 @@ var SubscriberManager = class {
 			startedAt: (/* @__PURE__ */ new Date()).toISOString(),
 			lastExitedAt: null
 		};
-		if (!existing) {
-			try {
-				state.buffer.appendSnapshot(await zellijCli.dumpScreen(session.paneId));
-				this.sessions.updateLineCount(session.id, state.buffer.lineCount);
-			} catch {}
-			this.subscribers.set(session.id, state);
-		}
+		if (!existing) this.subscribers.set(session.id, state);
 		const child = spawn("zellij", zellijCommandArgs([
 			"subscribe",
 			"--pane-id",
@@ -1048,14 +990,26 @@ var SubscriberManager = class {
 			"pipe"
 		] });
 		child.stdin.end();
+		if (this.subscribers.get(session.id) !== state) {
+			child.kill("SIGTERM");
+			return;
+		}
 		state.child = child;
 		state.lastExitedAt = null;
 		child.stdout.setEncoding("utf8");
-		child.stdout.on("data", (chunk) => this.handleStdout(session.id, chunk));
+		child.stdout.on("data", (chunk) => this.handleStdout(session.id, child, chunk));
 		child.stderr.setEncoding("utf8");
-		child.stderr.on("data", (chunk) => this.handleStderr(session.id, chunk));
-		child.on("exit", () => this.handleSubscriberExit(session.id));
-		child.on("error", (error) => this.handleSubscriberError(session.id, error));
+		child.stderr.on("data", (chunk) => this.handleStderr(session.id, child, chunk));
+		child.on("exit", () => this.handleSubscriberExit(session.id, child));
+		child.on("error", (error) => this.handleSubscriberError(session.id, child, error));
+		if (!existing) try {
+			const snapshot = await zellijCli.dumpScreen(session.paneId);
+			if (this.subscribers.get(session.id) !== state || state.child !== child) return;
+			state.buffer.appendSnapshot(snapshot);
+			this.sessions.updateLineCount(session.id, state.buffer.lineCount);
+		} catch (error) {
+			debug("dumpScreen failed", errorMessage(error));
+		}
 	}
 	read(sessionId, input) {
 		const state = this.subscribers.get(sessionId);
@@ -1095,18 +1049,20 @@ var SubscriberManager = class {
 		this.stop(sessionId);
 		try {
 			await zellijCli.closePane(session.paneId);
-		} catch {}
+		} catch (error) {
+			debug("closePane failed", errorMessage(error));
+		}
 	}
-	handleStdout(sessionId, chunk) {
+	handleStdout(sessionId, child, chunk) {
 		const state = this.subscribers.get(sessionId);
-		if (!state) return;
+		if (!state || state.child !== child) return;
 		const parts = `${state.stdoutRemainder}${chunk}`.split("\n");
 		state.stdoutRemainder = parts.pop() ?? "";
-		for (const part of parts) this.handleJsonLine(sessionId, part);
+		for (const part of parts) this.handleJsonLine(sessionId, child, part);
 	}
-	handleJsonLine(sessionId, line) {
+	handleJsonLine(sessionId, child, line) {
 		const state = this.subscribers.get(sessionId);
-		if (!state) return;
+		if (!state || state.child !== child) return;
 		const trimmed = line.trim();
 		if (!trimmed) return;
 		let event;
@@ -1114,12 +1070,20 @@ var SubscriberManager = class {
 			const parsed = JSON.parse(trimmed);
 			if (!parsed || typeof parsed !== "object") return;
 			event = parsed;
-		} catch {
+		} catch (error) {
 			state.buffer.append(trimmed);
 			this.sessions.updateLineCount(sessionId, state.buffer.lineCount);
+			debug("JSON parse of subscriber event failed, treating as raw text", errorMessage(error));
+			return;
+		}
+		let session;
+		try {
+			session = this.sessions.get(sessionId);
+		} catch (error) {
+			this.forget(sessionId);
+			debug("session lookup by id failed", errorMessage(error));
 			return;
 		}
-		const session = this.sessions.get(sessionId);
 		const paneId = eventPaneId(event);
 		if (paneId && paneId !== session.paneId) return;
 		const type = eventType(event);
@@ -1147,24 +1111,29 @@ var SubscriberManager = class {
 			return;
 		}
 	}
-	handleStderr(sessionId, chunk) {
+	handleStderr(sessionId, child, chunk) {
 		const state = this.subscribers.get(sessionId);
-		if (!state) return;
+		if (!state || state.child !== child) return;
 		state.stderr.push(...splitLines(chunk));
 		if (state.stderr.length > maxStderrLines) state.stderr = state.stderr.slice(state.stderr.length - maxStderrLines);
 	}
-	handleSubscriberExit(sessionId) {
+	handleSubscriberExit(sessionId, child) {
 		const state = this.subscribers.get(sessionId);
 		if (!state) return;
+		if (state.child !== child) return;
 		state.child = null;
 		state.lastExitedAt = (/* @__PURE__ */ new Date()).toISOString();
 		state.stderr.push(`[zellij-pty] subscriber exited at ${state.lastExitedAt}; last buffered output is retained.`);
 		if (state.stderr.length > maxStderrLines) state.stderr = state.stderr.slice(state.stderr.length - maxStderrLines);
 	}
-	handleSubscriberError(sessionId, error) {
+	handleSubscriberError(sessionId, child, error) {
 		const state = this.subscribers.get(sessionId);
-		if (state) state.stderr.push(error.message);
-		this.sessions.updateStatus(sessionId, "unknown");
+		if (state?.child === child) {
+			state.stderr.push(error.message);
+			state.child = null;
+			state.lastExitedAt = (/* @__PURE__ */ new Date()).toISOString();
+			this.sessions.updateStatus(sessionId, "unknown");
+		}
 	}
 };
 const subscriberManager = new SubscriberManager(sessionManager);
@@ -1214,7 +1183,7 @@ function validateGrep(grep) {
 		new RegExp(grep).test("");
 		return null;
 	} catch (error) {
-		return error instanceof Error ? error.message : String(error);
+		return errorMessage(error);
 	}
 }
 function readOutputSnapshot(sessionId, options = {}) {
@@ -1327,11 +1296,12 @@ const zellijPtyReadTool = tool({
 			next: nextAdvice(false, `Invalid grep regex: ${grepError}`),
 			warnings: []
 		});
-		if (!subscriberManager.has(session.id)) await subscriberManager.start(session);
 		const subscriberStatus = subscriberManager.status(session.id);
+		if (!subscriberStatus.hasBuffer || !subscriberStatus.active && (session.status === "running" || session.status === "unknown")) await subscriberManager.start(session);
+		const statusAfterStart = subscriberManager.status(session.id);
 		const warnings = [];
 		if (session.humanInputOnly) warnings.push("This pane is human-input-only: agent writes are forbidden, but rendered output is visible to the agent.");
-		if (!subscriberStatus.active) {
+		if (!statusAfterStart.active) {
 			warnings.push("Subscriber is inactive; returned output may be stale.");
 			if (session.status === "running") sessionManager.updateStatus(session.id, "unknown");
 		}
@@ -1344,8 +1314,8 @@ const zellijPtyReadTool = tool({
 			session: publicSession(session),
 			output,
 			next: nextAdvice(session.status !== "exited" && session.status !== "killed", nextReadReason(session.status)),
-			subscriberActive: subscriberStatus.active,
-			subscriberLastExitedAt: subscriberStatus.lastExitedAt,
+			subscriberActive: statusAfterStart.active,
+			subscriberLastExitedAt: statusAfterStart.lastExitedAt,
 			subscriberErrors: subscriberManager.stderr(session.id),
 			warnings
 		});
@@ -1407,10 +1377,7 @@ const requestSudoTool = tool({
 	async execute(args, context) {
 		const cwd = context.directory;
 		const exitCodeToken = createExitCodeToken();
-		for (const script of args.scripts) assertCommandAllowed({
-			command: script.command,
-			humanInputOnly: true
-		});
+		assertSudoPaneAllowed();
 		const command = buildReviewScript(args.summary, args.scripts);
 		const title = createOpenCodePaneTitle("zellij_pty_request_sudo");
 		const paneId = await zellijCli.newPane({
@@ -1536,11 +1503,6 @@ const zellijPtySpawnTool = tool({
 	async execute(args, context) {
 		const cwd = args.cwd ?? context.directory;
 		const exitCodeToken = createExitCodeToken();
-		assertCommandAllowed({
-			command: args.command,
-			args: args.args,
-			humanInputOnly: false
-		});
 		const grepError = args.probe?.type === "output" ? validateGrep(args.probe.grep) : null;
 		if (grepError) throw new Error(`Invalid probe.grep regex: ${grepError}`);
 		const title = createOpenCodePaneTitle(args.title ?? args.command);
@@ -1633,16 +1595,23 @@ const zellijPtyWriteTool = tool({
 		session.updatedAt = (/* @__PURE__ */ new Date()).toISOString();
 		if (args.interruptAfterSeconds) {
 			await setTimeout$1(args.interruptAfterSeconds * 1e3);
-			if (sessionManager.get(session.id).status === "running") {
+			if (sessionManager.find(session.id)?.status === "running") {
 				await zellijCli.sendCtrlC(session.paneId);
 				await setTimeout$1(500);
 			}
 		} else await setTimeout$1(1e3);
+		const warnings = [];
+		let output = emptyOutputSnapshot(session.lineCount);
+		try {
+			output = readOutputSnapshot(session.id, { maxLines: args.maxLines });
+		} catch (error) {
+			warnings.push(`Session output was unavailable before the write response completed: ${errorMessage(error)}`);
+		}
 		return jsonResponse({
 			session: publicSession(session),
-			output: readOutputSnapshot(session.id, { maxLines: args.maxLines }),
+			output,
 			next: nextAdvice(true, args.interruptAfterSeconds ? "Input was sent; Ctrl-C was sent after the requested interrupt timeout if the session was still running." : "Input was sent and recent output was observed."),
-			warnings: []
+			warnings
 		});
 	}
 });
@@ -1656,11 +1625,15 @@ function cleanupPanesOnShutdown(sessions = sessionManager, subscribers = subscri
 	for (const session of sessions.list()) {
 		try {
 			zellijCli.closePaneSync(session.paneId);
-		} catch {}
+		} catch (error) {
+			debug("cleanupPanesOnShutdown closePane failed", errorMessage(error));
+		}
 		subscribers.forget(session.id);
 		try {
 			sessions.remove(session.id);
-		} catch {}
+		} catch (error) {
+			debug("cleanupPanesOnShutdown sessions.remove failed", errorMessage(error));
+		}
 	}
 }
 function registerShutdownCleanup() {
@@ -1730,7 +1703,8 @@ async function readGitBranch(worktree) {
 async function getInitialBranch(worktree, readBranch = readGitBranch) {
 	try {
 		return (await readBranch(worktree)).trim() || void 0;
-	} catch {
+	} catch (error) {
+		debug("getInitialBranch failed", errorMessage(error));
 		return;
 	}
 }
@@ -1915,7 +1889,7 @@ var TabTitleManager = class {
 		this.clearDebounceTimer();
 		this.debounceTimer = setTimeout(() => {
 			this.debounceTimer = void 0;
-			this.syncDesiredTitle().catch(() => {});
+			this.syncDesiredTitle().catch((error) => debug("debounced tab title sync failed", errorMessage(error)));
 		}, this.debounceMs);
 		this.unrefTimer(this.debounceTimer);
 	}
@@ -1947,7 +1921,7 @@ var TabTitleManager = class {
 		this.retryAttempt += 1;
 		this.retryTimer = setTimeout(() => {
 			this.retryTimer = void 0;
-			this.syncDesiredTitle().catch(() => {});
+			this.syncDesiredTitle().catch((error) => debug("retry tab title sync failed", errorMessage(error)));
 		}, delay);
 		this.unrefTimer(this.retryTimer);
 	}
@@ -1989,28 +1963,41 @@ function showUpdateToast(client, result) {
 		message: `Updated to ${result.toVersion}. Restart OpenCode to apply the changes.`,
 		variant: "success",
 		duration: 1e4
-	} }).catch(() => {});
+	} }).catch((error) => debug("show update toast for successful update failed", errorMessage(error)));
 	else if (result.type === "failed") client.tui.showToast({ body: {
 		title: "opencode-zellij update failed",
 		message: `Failed to update to ${result.latestVersion}.`,
 		variant: "error",
 		duration: 8e3
-	} }).catch(() => {});
+	} }).catch((error) => debug("show update toast for failed update failed", errorMessage(error)));
 }
 function startAutoUpdateCheck(client, importMetaUrl, check = checkAndUpdate) {
 	(async () => {
 		try {
 			showUpdateToast(client, await check({ importMetaUrl }));
 		} catch (cause) {
-			debug("auto-update check failed", cause instanceof Error ? cause.message : String(cause));
+			debug("auto-update check failed", errorMessage(cause));
 		}
 	})();
 }
+async function cleanupStep(stepName, sessionId, step) {
+	try {
+		await step();
+	} catch (error) {
+		debug(`session.deleted cleanup failed: ${stepName} for ${sessionId}`, errorMessage(error));
+	}
+}
+async function cleanupDeletedSession(sessionId) {
+	await cleanupStep("close pane", sessionId, () => subscriberManager.closeSessionPane(sessionId));
+	await cleanupStep("forget subscriber", sessionId, () => subscriberManager.forget(sessionId));
+	await cleanupStep("unregister watchdog", sessionId, () => unregisterPaneFromWatchdog(sessionId));
+	await cleanupStep("remove session", sessionId, () => sessionManager.remove(sessionId));
+}
 function createZellijPtyPlugin(dependencies = {}) {
 	return async (input) => {
 		const { config, warnings } = await loadConfig(input);
 		for (const warning of warnings) debug(warning);
-		configurePolicy({ allowSudoPane: config.pty.sudoPane === "allow" });
+		configureSudoPane(config.pty.sudoPane === "allow");
 		cleanupStaleWatchdogRegistries();
 		registerShutdownCleanup();
 		const workspaceRoot = getWorkspaceRoot(input);
@@ -2027,9 +2014,9 @@ function createZellijPtyPlugin(dependencies = {}) {
 				branch: config.tabTitle.emojiBranch
 			}
 		}) : void 0;
-		tabTitleManager?.renderImmediate().catch(() => {});
+		tabTitleManager?.renderImmediate().catch((error) => debug("initial tab title render failed", errorMessage(error)));
 		const client = input.client;
-		if (config.autoUpdate.enabled) (dependencies.startAutoUpdateCheck ?? startAutoUpdateCheck)(client, dependencies.importMetaUrl ?? import.meta.url);
+		if (config.autoUpdate) (dependencies.startAutoUpdateCheck ?? startAutoUpdateCheck)(client, dependencies.importMetaUrl ?? import.meta.url);
 		return {
 			async event(input) {
 				const event = input.event;
@@ -2038,12 +2025,7 @@ function createZellijPtyPlugin(dependencies = {}) {
 					const sessionID = deletedSessionID(event);
 					if (!sessionID) return;
 					const sessions = sessionManager.listByOpenCodeSession(sessionID);
-					await Promise.all(sessions.map(async (session) => {
-						await subscriberManager.closeSessionPane(session.id);
-						subscriberManager.forget(session.id);
-						unregisterPaneFromWatchdog(session.id);
-						sessionManager.remove(session.id);
-					}));
+					await Promise.all(sessions.map((session) => cleanupDeletedSession(session.id)));
 				}
 			},
 			tool: config.pty.enabled ? {