opencodekit 0.18.17 → 0.18.19

package/dist/index.js

@@ -20,7 +20,7 @@ var __require = /* @__PURE__ */ createRequire(import.meta.url);
 
 //#endregion
 //#region package.json
-var version = "0.18.17";
+var version = "0.18.19";
 
 //#endregion
 //#region src/utils/license.ts

package/dist/template/.opencode/opencode.json

@@ -161,8 +161,8 @@
 				"claude-haiku-4.5": {
 					"attachment": true,
 					"limit": {
-						"context": 200000,
-						"output": 64000
+						"context": 144000,
+						"output": 32000
 					},
 					"options": {
 						"thinking_budget": 10000,
@@ -174,13 +174,13 @@
 					"variants": {
 						"high": {
 							"options": {
-								"thinking_budget": 8000,
+								"thinking_budget": 16000,
 								"type": "enabled"
 							}
 						},
 						"max": {
 							"options": {
-								"thinking_budget": 16000,
+								"thinking_budget": 32000,
 								"type": "enabled"
 							}
 						}
@@ -189,8 +189,8 @@
 				"claude-opus-4.5": {
 					"attachment": true,
 					"limit": {
-						"context": 200000,
-						"output": 64000
+						"context": 160000,
+						"output": 32000
 					},
 					"options": {
 						"thinking_budget": 10000
@@ -201,12 +201,12 @@
 					"variants": {
 						"high": {
 							"options": {
-								"thinking_budget": 8000
+								"thinking_budget": 16000
 							}
 						},
 						"max": {
 							"options": {
-								"thinking_budget": 16000
+								"thinking_budget": 32000
 							}
 						}
 					}
@@ -214,7 +214,7 @@
 				"claude-opus-4.6": {
 					"attachment": true,
 					"limit": {
-						"context": 200000,
+						"context": 144000,
 						"output": 64000
 					},
 					"options": {
@@ -259,21 +259,33 @@
 				"claude-sonnet-4": {
 					"attachment": true,
 					"limit": {
-						"context": 200000,
-						"output": 64000
+						"context": 216000,
+						"output": 16000
 					},
 					"options": {
 						"thinking_budget": 10000
 					},
 					"reasoning": true,
 					"temperature": true,
-					"tool_call": true
+					"tool_call": true,
+					"variants": {
+						"high": {
+							"options": {
+								"thinking_budget": 16000
+							}
+						},
+						"max": {
+							"options": {
+								"thinking_budget": 32000
+							}
+						}
+					}
 				},
 				"claude-sonnet-4.5": {
 					"attachment": true,
 					"limit": {
-						"context": 200000,
-						"output": 64000
+						"context": 144000,
+						"output": 32000
 					},
 					"options": {
 						"thinking_budget": 10000
@@ -284,12 +296,12 @@
 					"variants": {
 						"high": {
 							"options": {
-								"thinking_budget": 8000
+								"thinking_budget": 16000
 							}
 						},
 						"max": {
 							"options": {
-								"thinking_budget": 16000
+								"thinking_budget": 32000
 							}
 						}
 					}
@@ -298,7 +310,7 @@
 					"attachment": true,
 					"limit": {
 						"context": 200000,
-						"output": 64000
+						"output": 32000
 					},
 					"options": {
 						"thinking": {

package/dist/template/.opencode/plugin/copilot-auth.ts

@@ -67,6 +67,15 @@ const RESPONSES_API_ALTERNATE_INPUT_TYPES = [
 	"reasoning",
 ];
 
+// Expected ID prefixes per Responses API item type.
+// The OpenAI Responses API validates that item IDs start with specific prefixes.
+// GitHub Copilot's backend (especially GPT models) returns non-standard prefixes
+// (e.g., "h_" instead of "fc_") that the API then rejects on replay.
+const RESPONSES_API_EXPECTED_PREFIXES: Record<string, string> = {
+	function_call: "fc_",
+	// function_call_output.call_id prefix is validated directly in sanitizeResponseInputIds
+};
+
 function normalizeDomain(url: string): string {
 	return url.replace(/^https?:\/\//, "").replace(/\/$/, "");
 }
@@ -355,41 +364,135 @@ const MAX_RESPONSE_API_ID_LENGTH = 64;
  * Sanitize an ID to fit within the Responses API 64-char limit.
  * GitHub Copilot returns proprietary long IDs (400+ chars) that violate
  * the OpenAI spec. We hash them to a deterministic 64-char string.
+ * Preserves the original prefix (e.g., "fc_", "msg_", "call_") so that
+ * OpenAI's prefix validation passes.
+ *
+ * @param id - The original ID to sanitize
+ * @param forcedPrefix - If provided, use this prefix instead of the detected one.
+ *   Used when the original prefix is wrong (e.g., Copilot returns "h_" instead of "fc_").
  * See: https://github.com/vercel/ai/issues/5171
  */
-function sanitizeResponseId(id: string): string {
-	if (!id || id.length <= MAX_RESPONSE_API_ID_LENGTH) return id;
-	// Use a simple hash: take first 8 chars + hash of full string for uniqueness
-	// Format: "h_" + first 8 chars + "_" + base36 hash (up to ~50 chars total)
+function sanitizeResponseId(id: string, forcedPrefix?: string): string {
+	// Detect the original prefix (e.g., "fc_", "msg_", "call_", "resp_", "h_")
+	const prefixMatch = id.match(/^([a-z]+_)/);
+	const detectedPrefix = prefixMatch ? prefixMatch[1] : "";
+	const prefix = forcedPrefix ?? detectedPrefix;
+
+	// If no forced prefix and within length, return as-is
+	if (!forcedPrefix && (!id || id.length <= MAX_RESPONSE_API_ID_LENGTH)) {
+		return id;
+	}
+
+	// Strip the original prefix to get the core ID
+	const coreId = id.slice(detectedPrefix.length);
+
+	// If just a prefix swap and within length, do a simple replacement
+	if (forcedPrefix && (prefix.length + coreId.length) <= MAX_RESPONSE_API_ID_LENGTH) {
+		return `${prefix}${coreId}`;
+	}
+
+	// Hash the full original ID for deterministic uniqueness
 	let hash = 0;
 	for (let i = 0; i < id.length; i++) {
 		hash = ((hash << 5) - hash + id.charCodeAt(i)) | 0;
 	}
 	const hashStr = Math.abs(hash).toString(36);
-	const prefix = id.slice(0, 8);
-	// Ensure total length <= 64: "h_" (2) + prefix (8) + "_" (1) + hash
-	return `h_${prefix}_${hashStr}`.slice(0, MAX_RESPONSE_API_ID_LENGTH);
+	// Take some chars from the core for additional uniqueness
+	const maxMiddleLen =
+		MAX_RESPONSE_API_ID_LENGTH - prefix.length - hashStr.length - 1;
+	const middle = coreId.slice(0, Math.max(0, maxMiddleLen));
+	// Format: prefix + middle + "_" + hash (ensure total <= 64)
+	return `${prefix}${middle}_${hashStr}`.slice(0, MAX_RESPONSE_API_ID_LENGTH);
+}
+
+/**
+ * Check if an ID has the expected prefix for its item type.
+ * Returns the expected prefix if the ID is wrong, or null if it's fine.
+ */
+function getExpectedPrefix(item: any): string | null {
+	if (!item || typeof item !== "object" || !item.type) return null;
+	const expected = RESPONSES_API_EXPECTED_PREFIXES[item.type];
+	if (!expected) return null;
+	if (typeof item.id === "string" && !item.id.startsWith(expected)) {
+		return expected;
+	}
+	return null;
 }
 
 /**
  * Sanitize all IDs in a Responses API input array.
- * Recursively checks `id` and `call_id` fields on each input item.
+ *
+ * Handles TWO classes of invalid IDs:
+ * 1. Wrong prefix — Copilot GPT models return IDs like "h_xxx" instead of "fc_xxx"
+ *    for function_call items. These are short but have the wrong prefix.
+ * 2. Excessive length — Copilot returns 400+ char IDs that exceed the 64-char limit.
+ *
+ * Uses a two-pass approach:
+ * - Pass 1: Build an ID remap for all invalid IDs (both prefix and length issues)
+ * - Pass 2: Apply the remap to both `id` and `call_id` fields consistently,
+ *   so function_call_output.call_id stays in sync with function_call.id
  */
 function sanitizeResponseInputIds(input: any[]): any[] {
-	return input.map((item: any) => {
-		if (!item || typeof item !== "object") return item;
-		const sanitized = { ...item };
+	// Pass 1: Build ID remapping
+	const idRemap = new Map<string, string>();
+
+	for (const item of input) {
+		if (!item || typeof item !== "object") continue;
+
+		// Check for wrong prefix (e.g., function_call with "h_" instead of "fc_")
+		const expectedPrefix = getExpectedPrefix(item);
+		if (expectedPrefix && typeof item.id === "string" && !idRemap.has(item.id)) {
+			const newId = sanitizeResponseId(item.id, expectedPrefix);
+			if (newId !== item.id) {
+				idRemap.set(item.id, newId);
+			}
+		}
+
+		// Check for excessive length on id
 		if (
-			typeof sanitized.id === "string" &&
-			sanitized.id.length > MAX_RESPONSE_API_ID_LENGTH
+			typeof item.id === "string" &&
+			item.id.length > MAX_RESPONSE_API_ID_LENGTH &&
+			!idRemap.has(item.id)
 		) {
-			sanitized.id = sanitizeResponseId(sanitized.id);
+			idRemap.set(item.id, sanitizeResponseId(item.id));
+		}
+
+		// Check for wrong prefix on call_id (defensive: handles truncated conversations
+		// where function_call_output appears without its corresponding function_call)
+		if (
+			item.type === "function_call_output" &&
+			typeof item.call_id === "string" &&
+			!item.call_id.startsWith("fc_") &&
+			!idRemap.has(item.call_id)
+		) {
+			const newCallId = sanitizeResponseId(item.call_id, "fc_");
+			if (newCallId !== item.call_id) {
+				idRemap.set(item.call_id, newCallId);
+			}
 		}
+
+		// Check for excessive length on call_id
 		if (
-			typeof sanitized.call_id === "string" &&
-			sanitized.call_id.length > MAX_RESPONSE_API_ID_LENGTH
+			typeof item.call_id === "string" &&
+			item.call_id.length > MAX_RESPONSE_API_ID_LENGTH &&
+			!idRemap.has(item.call_id)
 		) {
-			sanitized.call_id = sanitizeResponseId(sanitized.call_id);
+			idRemap.set(item.call_id, sanitizeResponseId(item.call_id));
+		}
+	}
+
+	// No changes needed
+	if (idRemap.size === 0) return input;
+
+	// Pass 2: Apply remapping to both id and call_id fields
+	return input.map((item: any) => {
+		if (!item || typeof item !== "object") return item;
+		const sanitized = { ...item };
+		if (typeof sanitized.id === "string" && idRemap.has(sanitized.id)) {
+			sanitized.id = idRemap.get(sanitized.id);
+		}
+		if (typeof sanitized.call_id === "string" && idRemap.has(sanitized.call_id)) {
+			sanitized.call_id = idRemap.get(sanitized.call_id);
 		}
 		return sanitized;
 	});
@@ -513,7 +616,12 @@ export const CopilotAuthPlugin: Plugin = async ({ client: sdk }) => {
 												return cleanedMsg;
 											}
 
-											// If content is an array, check for thinking blocks
+											// If content is an array, strip ALL thinking blocks.
+											// Reasoning is communicated via reasoning_text/reasoning_opaque
+											// fields, not via thinking blocks in the content array.
+											// Even thinking blocks WITH signatures can cause
+											// "Invalid signature in thinking block" errors when
+											// signatures are expired or from a different context.
 											if (Array.isArray(msg.content)) {
 												const hasThinkingBlock = msg.content.some(
 													(part: any) => part.type === "thinking",
@@ -521,22 +629,10 @@ export const CopilotAuthPlugin: Plugin = async ({ client: sdk }) => {
 												if (hasThinkingBlock) {
 													log(
 														"debug",
-														`Message ${idx} has thinking blocks in content array`,
+														`Stripping all thinking blocks from message ${idx}`,
 													);
-													// Filter out thinking blocks without signatures
 													const cleanedContent = msg.content.filter(
-														(part: any) => {
-															if (part.type === "thinking") {
-																if (!part.signature) {
-																	log(
-																		"warn",
-																		`Removing thinking block without signature`,
-																	);
-																	return false;
-																}
-															}
-															return true;
-														},
+														(part: any) => part.type !== "thinking",
 													);
 													return {
 														...msg,
@@ -598,21 +694,22 @@ export const CopilotAuthPlugin: Plugin = async ({ client: sdk }) => {
 
 							// Responses API
 							if (body?.input) {
-								// Sanitize long IDs from Copilot backend (can be 400+ chars)
-								// OpenAI Responses API enforces a 64-char max on item IDs
+								// Sanitize IDs from Copilot backend:
+								// 1. Wrong prefix — GPT models return "h_xxx" instead of "fc_xxx"
+								// 2. Excessive length — Copilot returns 400+ char IDs (max is 64)
 								const sanitizedInput = sanitizeResponseInputIds(body.input);
 								const inputWasSanitized =
 									sanitizedInput !== body.input &&
 									JSON.stringify(sanitizedInput) !== JSON.stringify(body.input);
 
 								if (inputWasSanitized) {
-									log("info", "Sanitized long IDs in Responses API input", {
-										original_count: body.input.filter(
-											(item: any) =>
-												(typeof item?.id === "string" &&
-													item.id.length > MAX_RESPONSE_API_ID_LENGTH) ||
-												(typeof item?.call_id === "string" &&
-													item.call_id.length > MAX_RESPONSE_API_ID_LENGTH),
+									log("info", "Sanitized IDs in Responses API input (prefix or length)", {
+										items_fixed: body.input.filter(
+											(item: any, i: number) =>
+												item && sanitizedInput[i] && (
+													item.id !== sanitizedInput[i].id ||
+													item.call_id !== sanitizedInput[i].call_id
+												),
 										).length,
 									});
 									modifiedBody = {

package/dist/template/.opencode/plugin/lib/memory-hooks.ts

@@ -90,24 +90,51 @@ export function createHooks(deps: HookDeps) {
 				}
 			}
 
-			// --- Session error: show actual error details ---
+			// --- Session error: classify and guide ---
 			if (event.type === "session.error") {
 				const props = event.properties as Record<string, unknown> | undefined;
 				const errorMsg = props?.error
-					? String(props.error).slice(0, 120)
+					? String(props.error).slice(0, 200)
 					: props?.message
-						? String(props.message).slice(0, 120)
+						? String(props.message).slice(0, 200)
 						: "Unknown error";
 
-				// Classify: match the specific AI SDK error pattern
-				const isTokenOverflow =
+				// Log full error for debugging
+				await log(`Session error: ${errorMsg}`, "warn");
+
+				// Classify error and provide specific guidance
+				let guidance: string;
+				if (
 					/token.{0,20}(exceed|limit)/i.test(errorMsg) ||
-					errorMsg.includes("context_length_exceeded");
-				const guidance = isTokenOverflow
-					? "Context too large — use /compact or start a new session"
-					: "Save important learnings with observation tool";
+					errorMsg.includes("context_length_exceeded")
+				) {
+					guidance = "Context too large — use /compact or start a new session";
+				} else if (
+					/rate.?limit|429|too many requests/i.test(errorMsg)
+				) {
+					guidance = "Rate limited — wait a moment and retry";
+				} else if (
+					/unauthorized|401|403|auth/i.test(errorMsg)
+				) {
+					guidance = "Auth error — check API key or token";
+				} else if (
+					/timeout|ETIMEDOUT|ECONNRESET|network|fetch failed/i.test(errorMsg)
+				) {
+					guidance = "Network error — check connection and retry";
+				} else if (
+					/invalid.*signature|thinking block/i.test(errorMsg)
+				) {
+					guidance = "API format error — try starting a new session";
+				} else if (
+					/500|502|503|504|internal server|service unavailable/i.test(errorMsg)
+				) {
+					guidance = "Server error — retry in a few seconds";
+				} else {
+					guidance = "Unexpected error — save work with observation tool if needed";
+				}
 
-				await showToast("Session Error", `${guidance} (${errorMsg})`, "warning");
+				const short = errorMsg.length > 80 ? `${errorMsg.slice(0, 80)}…` : errorMsg;
+				await showToast("Session Error", `${guidance} (${short})`, "warning");
 			}
 		},
 

package/dist/template/.opencode/plugin/lib/notify.ts

@@ -29,13 +29,17 @@ export function isWSL(): boolean {
  */
 export async function notify($: any, title: string, message: string): Promise<void> {
   const platform = process.platform;
-  const safeTitle = title || "OpenCode";
-  const safeMessage = message || "";
 
   try {
     if (platform === "darwin") {
+      // Escape backslashes and double quotes for AppleScript string literals
+      const escapeAS = (s: string) => (s || "").replace(/\\/g, "\\\\").replace(/"/g, '\\"');
+      const safeTitle = escapeAS(title || "OpenCode");
+      const safeMessage = escapeAS(message || "");
       await $`osascript -e ${`display notification "${safeMessage}" with title "${safeTitle}"`}`;
     } else if (platform === "linux") {
+      const safeTitle = title || "OpenCode";
+      const safeMessage = message || "";
       if (isWSL()) {
         // WSL: try notify-send, fail silently
         await $`notify-send ${safeTitle} ${safeMessage}`.catch(() => {});
@@ -43,6 +47,10 @@ export async function notify($: any, title: string, message: string): Promise<vo
         await $`notify-send ${safeTitle} ${safeMessage}`;
       }
     } else if (platform === "win32") {
+      // Escape single quotes for PowerShell string literals
+      const escapePS = (s: string) => (s || "").replace(/'/g, "''");
+      const safeTitle = escapePS(title || "OpenCode");
+      const safeMessage = escapePS(message || "");
       // Windows: PowerShell toast (fire and forget)
       await $`powershell -Command "Add-Type -AssemblyName System.Windows.Forms; [System.Windows.Forms.MessageBox]::Show('${safeMessage}', '${safeTitle}')"`.catch(
         () => {},

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "opencodekit",
-	"version": "0.18.17",
+	"version": "0.18.19",
 	"description": "CLI tool for bootstrapping and managing OpenCodeKit projects",
 	"keywords": [
 		"agents",