remodex-cli 1.0.0

package/dist/sdk-process.js

@@ -0,0 +1,960 @@
+import { existsSync, mkdirSync } from "node:fs";
+import { EventEmitter } from "node:events";
+import { query } from "@anthropic-ai/claude-agent-sdk";
+import { normalizeToolResultContent, } from "./parser.js";
+// Tools that are auto-approved in acceptEdits mode
+export const ACCEPT_EDITS_AUTO_APPROVE = new Set([
+    "Read", "Glob", "Grep",
+    "Edit", "Write", "NotebookEdit",
+    "TaskCreate", "TaskUpdate", "TaskList", "TaskGet",
+    "EnterPlanMode", "AskUserQuestion",
+    "WebSearch", "WebFetch",
+    "Task", "Skill",
+]);
+const FILE_EDIT_TOOLS = new Set([
+    "Edit",
+    "Write",
+    "MultiEdit",
+    "NotebookEdit",
+]);
+function toFiniteNumber(value) {
+    if (typeof value !== "number" || !Number.isFinite(value))
+        return undefined;
+    return value;
+}
+export function isFileEditToolName(toolName) {
+    return FILE_EDIT_TOOLS.has(toolName);
+}
+export function extractTokenUsage(usage) {
+    if (!usage || typeof usage !== "object" || Array.isArray(usage)) {
+        return {};
+    }
+    const obj = usage;
+    const inputTokens = toFiniteNumber(obj.input_tokens)
+        ?? toFiniteNumber(obj.inputTokens);
+    const outputTokens = toFiniteNumber(obj.output_tokens)
+        ?? toFiniteNumber(obj.outputTokens);
+    const cachedReadTokens = toFiniteNumber(obj.cached_input_tokens)
+        ?? toFiniteNumber(obj.cache_read_input_tokens)
+        ?? toFiniteNumber(obj.cachedInputTokens)
+        ?? toFiniteNumber(obj.cacheReadInputTokens);
+    return {
+        ...(inputTokens != null ? { inputTokens } : {}),
+        ...(cachedReadTokens != null ? { cachedInputTokens: cachedReadTokens } : {}),
+        ...(outputTokens != null ? { outputTokens } : {}),
+    };
+}
+/**
+ * Parse a permission rule in ToolName(ruleContent) format.
+ * Matches the CLI's internal pzT() function: /^([^(]+)\(([^)]+)\)$/
+ */
+export function parseRule(rule) {
+    const match = rule.match(/^([^(]+)\(([^)]+)\)$/);
+    if (!match || !match[1] || !match[2])
+        return { toolName: rule };
+    return { toolName: match[1], ruleContent: match[2] };
+}
+/**
+ * Check if a tool invocation matches any session allow rule.
+ */
+export function matchesSessionRule(toolName, input, rules) {
+    for (const rule of rules) {
+        const parsed = parseRule(rule);
+        if (parsed.toolName !== toolName)
+            continue;
+        // No ruleContent -> matches any invocation of this tool
+        if (!parsed.ruleContent)
+            return true;
+        // Bash: prefix matching with ":*" suffix
+        if (toolName === "Bash" && typeof input.command === "string") {
+            if (parsed.ruleContent.endsWith(":*")) {
+                const prefix = parsed.ruleContent.slice(0, -2);
+                const firstWord = input.command.trim().split(/\s+/)[0] ?? "";
+                if (firstWord === prefix)
+                    return true;
+            }
+            else {
+                if (input.command === parsed.ruleContent)
+                    return true;
+            }
+        }
+    }
+    return false;
+}
+/**
+ * Build a session allow rule string from a tool name and input.
+ * Bash: uses first word as prefix (e.g., "Bash(npm:*)")
+ * Others: tool name only (e.g., "Edit")
+ */
+export function buildSessionRule(toolName, input) {
+    if (toolName === "Bash" && typeof input.command === "string") {
+        const firstWord = input.command.trim().split(/\s+/)[0] ?? "";
+        if (firstWord)
+            return `${toolName}(${firstWord}:*)`;
+    }
+    return toolName;
+}
+const AUTH_REMEDY = "Fix: Run this command in the terminal on the machine running Bridge:\n  claude auth login";
+/**
+ * Build a user-friendly auth error result.
+ * The `message` field is designed to be helpful even without errorCode parsing
+ * (i.e. for older app versions that only display the raw message text).
+ */
+export function buildAuthError(reason, detail) {
+    switch (reason) {
+        case "no_credentials":
+            return {
+                authenticated: false,
+                errorCode: "auth_login_required",
+                message: `⚠ Claude Code authentication required\n\nClaude is not logged in on this machine.\nCredentials file not found (~/.claude/.credentials.json).\n\n${AUTH_REMEDY}`,
+            };
+        case "no_access_token":
+            return {
+                authenticated: false,
+                errorCode: "auth_login_required",
+                message: `⚠ Claude Code authentication required\n\nCredentials file exists but contains no access token.\n\n${AUTH_REMEDY}`,
+            };
+        case "token_expired":
+            return {
+                authenticated: false,
+                errorCode: "auth_token_expired",
+                message: `⚠ Claude Code session expired\n\nYour login session has expired and could not be refreshed automatically.\n\n${AUTH_REMEDY}`,
+            };
+        case "general":
+            return {
+                authenticated: false,
+                errorCode: "auth_api_error",
+                message: `⚠ Claude Code authentication failed\n\n${detail ?? "Unknown error"}\n\n${AUTH_REMEDY}`,
+            };
+    }
+}
+/**
+ * Check if Claude CLI is authenticated and ensure the access token is valid.
+ * If the token is expired, automatically refreshes it using the refresh token.
+ * Returns authenticated=false with a message when login is required.
+ */
+async function checkClaudeAuth() {
+    // API key authentication — always allowed.
+    if (process.env.ANTHROPIC_API_KEY || process.env.ANTHROPIC_AUTH_TOKEN) {
+        return { authenticated: true };
+    }
+    // Subscription (OAuth) authentication is temporarily disabled pending
+    // official clarification from Anthropic on third-party SDK usage policy.
+    // See: https://code.claude.com/docs/en/legal-and-compliance
+    //
+    // Users should set ANTHROPIC_API_KEY instead.
+    return {
+        authenticated: false,
+        errorCode: "auth_api_error",
+        message: "⚠ API key required\n\nSubscription-based authentication is temporarily unavailable while we await policy clarification from Anthropic.\n\nPlease set the ANTHROPIC_API_KEY environment variable on the Bridge machine.\nhttps://console.anthropic.com/settings/keys",
+    };
+}
+/**
+ * Convert SDK messages to the ServerMessage format used by the WebSocket protocol.
+ * Exported for testing.
+ */
+export function sdkMessageToServerMessage(msg) {
+    switch (msg.type) {
+        case "system": {
+            const sys = msg;
+            if (sys.subtype === "init") {
+                return {
+                    type: "system",
+                    subtype: "init",
+                    sessionId: msg.session_id,
+                    model: sys.model,
+                    ...(sys.slash_commands ? { slashCommands: sys.slash_commands } : {}),
+                    ...(sys.skills ? { skills: sys.skills } : {}),
+                };
+            }
+            if (sys.subtype === "compact_boundary") {
+                return { type: "status", status: "compacting" };
+            }
+            return null;
+        }
+        case "assistant": {
+            const ast = msg;
+            return {
+                type: "assistant",
+                message: ast.message,
+                ...(ast.uuid ? { messageUuid: ast.uuid } : {}),
+            };
+        }
+        case "user": {
+            const usr = msg;
+            // Filter out meta messages early (e.g., skill loading prompts).
+            // Following Happy Coder's approach: isMeta messages are not user-facing.
+            if (usr.isMeta)
+                return null;
+            const content = usr.message?.content;
+            if (!Array.isArray(content))
+                return null;
+            const results = content.filter((c) => c.type === "tool_result");
+            if (results.length > 0) {
+                const first = results[0];
+                const rawContent = first.content;
+                return {
+                    type: "tool_result",
+                    toolUseId: first.tool_use_id,
+                    content: normalizeToolResultContent(rawContent),
+                    ...(Array.isArray(rawContent) ? { rawContentBlocks: rawContent } : {}),
+                    ...(usr.uuid ? { userMessageUuid: usr.uuid } : {}),
+                };
+            }
+            // User text input (first prompt of each turn)
+            const texts = content
+                .filter((c) => c.type === "text")
+                .map((c) => c.text);
+            if (texts.length > 0) {
+                return {
+                    type: "user_input",
+                    text: texts.join("\n"),
+                    ...(usr.uuid ? { userMessageUuid: usr.uuid } : {}),
+                    ...(usr.isSynthetic ? { isSynthetic: true } : {}),
+                    ...(usr.isMeta ? { isMeta: true } : {}),
+                };
+            }
+            return null;
+        }
+        case "result": {
+            const res = msg;
+            const tokenUsage = extractTokenUsage(res.usage);
+            if (res.subtype === "success") {
+                return {
+                    type: "result",
+                    subtype: "success",
+                    result: res.result,
+                    cost: res.total_cost_usd,
+                    duration: res.duration_ms,
+                    sessionId: msg.session_id,
+                    stopReason: res.stop_reason,
+                    ...tokenUsage,
+                };
+            }
+            // All other result subtypes are errors
+            const errorText = Array.isArray(res.errors) ? res.errors.join("\n") : "Unknown error";
+            // Suppress spurious CLI runtime errors (SDK bug: Bun API referenced on Node.js)
+            if (errorText.includes("Bun is not defined")) {
+                return null;
+            }
+            return {
+                type: "result",
+                subtype: "error",
+                error: errorText,
+                sessionId: msg.session_id,
+                stopReason: res.stop_reason,
+                ...tokenUsage,
+            };
+        }
+        case "stream_event": {
+            const stream = msg;
+            const event = stream.event;
+            if (event.type === "content_block_delta") {
+                const delta = event.delta;
+                if (delta.type === "text_delta" && delta.text) {
+                    return { type: "stream_delta", text: delta.text };
+                }
+                if (delta.type === "thinking_delta" && delta.thinking) {
+                    return { type: "thinking_delta", text: delta.thinking };
+                }
+            }
+            return null;
+        }
+        case "tool_use_summary": {
+            const summary = msg;
+            return {
+                type: "tool_use_summary",
+                summary: summary.summary,
+                precedingToolUseIds: summary.preceding_tool_use_ids,
+            };
+        }
+        default:
+            return null;
+    }
+}
+export class SdkProcess extends EventEmitter {
+    queryInstance = null;
+    _status = "idle";
+    _sessionId = null;
+    pendingPermissions = new Map();
+    _permissionMode;
+    get permissionMode() { return this._permissionMode; }
+    _model;
+    get model() { return this._model; }
+    sessionAllowRules = new Set();
+    initTimeoutId = null;
+    sessionEndEmitted = false;
+    // User message channel
+    userMessageResolve = null;
+    stopped = false;
+    pendingInputQueue = [];
+    _projectPath = null;
+    toolCallsSinceLastResult = 0;
+    fileEditsSinceLastResult = 0;
+    get status() {
+        return this._status;
+    }
+    get isWaitingForInput() {
+        return this.userMessageResolve !== null;
+    }
+    get sessionId() {
+        return this._sessionId;
+    }
+    get isRunning() {
+        return this.queryInstance !== null;
+    }
+    start(projectPath, options) {
+        if (this.queryInstance) {
+            this.stop();
+        }
+        this._projectPath = projectPath;
+        if (!existsSync(projectPath)) {
+            try {
+                mkdirSync(projectPath, { recursive: true });
+            }
+            catch (err) {
+                throw new Error(`Cannot create project directory: ${projectPath} (${err.code ?? err})`);
+            }
+        }
+        this.stopped = false;
+        this._sessionId = null;
+        this.sessionEndEmitted = false;
+        this.pendingPermissions.clear();
+        this._permissionMode = options?.permissionMode;
+        this.sessionAllowRules.clear();
+        this.toolCallsSinceLastResult = 0;
+        this.fileEditsSinceLastResult = 0;
+        if (options?.initialInput) {
+            this.pendingInputQueue.push({ text: options.initialInput });
+        }
+        this.setStatus("starting");
+        // Pre-check Claude auth (async: refreshes expired tokens) then start SDK.
+        this.startAfterAuthCheck(projectPath, options);
+    }
+    startAfterAuthCheck(projectPath, options) {
+        checkClaudeAuth()
+            .then((authCheck) => {
+            if (this.stopped)
+                return; // Cancelled while awaiting auth
+            if (!authCheck.authenticated) {
+                console.log(`[sdk-process] Auth pre-check failed: ${authCheck.message}`);
+                this.emitMessage({
+                    type: "error",
+                    message: authCheck.message ?? "Claude is not authenticated. Please run: claude auth login",
+                    ...(authCheck.errorCode ? { errorCode: authCheck.errorCode } : {}),
+                });
+                this.setStatus("idle");
+                this.emit("exit", 1);
+                return;
+            }
+            this.startSdkQuery(projectPath, options);
+        })
+            .catch((err) => {
+            if (this.stopped)
+                return;
+            console.error("[sdk-process] Auth check error:", err);
+            this.emitMessage({
+                type: "error",
+                message: `Auth check failed: ${err instanceof Error ? err.message : String(err)}`,
+            });
+            this.setStatus("idle");
+            this.emit("exit", 1);
+        });
+    }
+    startSdkQuery(projectPath, options) {
+        console.log(`[sdk-process] Starting SDK query (cwd: ${projectPath}, mode: ${options?.permissionMode ?? "default"}${options?.sessionId ? `, resume: ${options.sessionId}` : ""}${options?.continueMode ? ", continue: true" : ""})`);
+        // In -p mode with --input-format stream-json, Claude CLI won't emit
+        // system/init until the first user input. Set a fallback timeout to
+        // transition to "idle" if init hasn't arrived, since the process IS
+        // ready to accept input at that point.
+        if (this.initTimeoutId)
+            clearTimeout(this.initTimeoutId);
+        this.initTimeoutId = setTimeout(() => {
+            if (this._status === "starting") {
+                console.log("[sdk-process] Init timeout: setting status to idle (process ready for input)");
+                this.setStatus("idle");
+            }
+            this.initTimeoutId = null;
+        }, 3000);
+        this.queryInstance = query({
+            prompt: this.createUserMessageStream(),
+            options: {
+                cwd: projectPath,
+                resume: options?.sessionId,
+                continue: options?.continueMode,
+                permissionMode: options?.permissionMode ?? "default",
+                ...(options?.model ? { model: options.model } : {}),
+                ...(options?.effort ? { effort: options.effort } : {}),
+                ...(options?.maxTurns != null ? { maxTurns: options.maxTurns } : {}),
+                ...(options?.maxBudgetUsd != null ? { maxBudgetUsd: options.maxBudgetUsd } : {}),
+                ...(options?.fallbackModel ? { fallbackModel: options.fallbackModel } : {}),
+                ...(options?.forkSession != null ? { forkSession: options.forkSession } : {}),
+                ...(options?.persistSession != null ? { persistSession: options.persistSession } : {}),
+                hooks: {
+                    PostToolUse: [{
+                            hooks: [async (input) => {
+                                    this.handlePostToolUseHook(input);
+                                    return { continue: true };
+                                }],
+                        }],
+                },
+                includePartialMessages: true,
+                canUseTool: this.handleCanUseTool.bind(this),
+                settingSources: ["user", "project", "local"],
+                enableFileCheckpointing: true,
+                ...(options?.resumeSessionAt ? { resumeSessionAt: options.resumeSessionAt } : {}),
+                ...(options?.sandboxEnabled === true
+                    ? { sandbox: { enabled: true } }
+                    : options?.sandboxEnabled === false
+                        ? { sandbox: { enabled: false } }
+                        : {}),
+                stderr: (data) => {
+                    // Capture CLI stderr for resume failure diagnostics
+                    const trimmed = data.trim();
+                    if (trimmed) {
+                        console.error(`[sdk-process:stderr] ${trimmed}`);
+                    }
+                },
+            },
+        });
+        // Background message processing
+        this.processMessages().catch((err) => {
+            if (this.stopped) {
+                // Suppress errors from intentional stop (SDK bug: Bun API referenced on Node.js)
+                return;
+            }
+            console.error("[sdk-process] Message processing error:", err);
+            this.emitMessage({ type: "error", message: `SDK error: ${err instanceof Error ? err.message : String(err)}` });
+            this.setStatus("idle");
+            this.emit("exit", 1);
+        });
+        // Proactively fetch supported commands via SDK API (non-blocking)
+        this.fetchSupportedCommands();
+    }
+    stop() {
+        if (this.initTimeoutId) {
+            clearTimeout(this.initTimeoutId);
+            this.initTimeoutId = null;
+        }
+        this.stopped = true;
+        this.pendingInputQueue = [];
+        if (this.queryInstance) {
+            console.log("[sdk-process] Stopping query");
+            this.queryInstance.close();
+            this.queryInstance = null;
+        }
+        this.pendingPermissions.clear();
+        this.userMessageResolve = null;
+        this.toolCallsSinceLastResult = 0;
+        this.fileEditsSinceLastResult = 0;
+        // Emit session_end so listeners can re-persist metadata before cleanup.
+        // processMessages() won't reach its session_end emit because close()
+        // causes the iterator to throw and the error is suppressed.
+        this.emitSessionEnd();
+        this.setStatus("idle");
+    }
+    interrupt() {
+        if (this.queryInstance) {
+            console.log("[sdk-process] Interrupting query");
+            // NOTE: Do NOT clear pendingInputQueue here — queued messages should
+            // survive an interrupt so they are delivered on the next turn.
+            this.queryInstance.interrupt().catch((err) => {
+                console.error("[sdk-process] Interrupt error:", err);
+            });
+            this.pendingPermissions.clear();
+        }
+    }
+    /**
+     * Returns true when the SDK async generator is blocked waiting for the
+     * next user message (i.e. the agent is idle between turns).
+     * When false, the agent is mid-turn and input will be queued.
+     */
+    get hasInputQueue() {
+        return this.pendingInputQueue.length > 0;
+    }
+    sendInput(text) {
+        if (!this.userMessageResolve) {
+            // Queue the message. The async generator (createUserMessageStream)
+            // drains pendingInputQueue on each iteration, so it will be
+            // delivered once the SDK is ready for the next turn.
+            this.pendingInputQueue.push({ text });
+            console.log(`[sdk-process] Queued input (queue depth: ${this.pendingInputQueue.length})`);
+            return true;
+        }
+        const resolve = this.userMessageResolve;
+        this.userMessageResolve = null;
+        resolve({
+            type: "user",
+            session_id: this._sessionId ?? "",
+            message: {
+                role: "user",
+                content: [{ type: "text", text }],
+            },
+            parent_tool_use_id: null,
+        });
+        return false;
+    }
+    /**
+     * Send a message with one or more image attachments.
+     * @param text - The text message
+     * @param images - Array of base64-encoded image data with mime types
+     */
+    sendInputWithImages(text, images) {
+        if (!this.userMessageResolve) {
+            this.pendingInputQueue.push({ text, images });
+            console.log(`[sdk-process] Queued input with ${images.length} image(s) (queue depth: ${this.pendingInputQueue.length})`);
+            return true;
+        }
+        const resolve = this.userMessageResolve;
+        this.userMessageResolve = null;
+        const content = [];
+        // Add image blocks first (Claude processes images before text)
+        for (const image of images) {
+            content.push({
+                type: "image",
+                source: {
+                    type: "base64",
+                    media_type: image.mimeType,
+                    data: image.base64,
+                },
+            });
+        }
+        // Add text block
+        content.push({ type: "text", text });
+        const totalKB = images.reduce((sum, img) => sum + Math.round(img.base64.length / 1024), 0);
+        console.log(`[sdk-process] Sending message with ${images.length} image(s) (${totalKB}KB base64 total)`);
+        resolve({
+            type: "user",
+            session_id: this._sessionId ?? "",
+            message: {
+                role: "user",
+                content,
+            },
+            parent_tool_use_id: null,
+        });
+        return false;
+    }
+    /**
+     * Approve a pending permission request.
+     * With the SDK, this actually blocks tool execution until approved.
+     */
+    approve(toolUseId, updatedInput) {
+        const id = toolUseId ?? this.firstPendingId();
+        const pending = id ? this.pendingPermissions.get(id) : undefined;
+        if (!pending) {
+            console.log("[sdk-process] approve() called but no pending permission requests");
+            return;
+        }
+        const mergedInput = updatedInput
+            ? { ...pending.input, ...updatedInput }
+            : pending.input;
+        this.pendingPermissions.delete(id);
+        pending.resolve({
+            behavior: "allow",
+            updatedInput: mergedInput,
+        });
+        if (this.pendingPermissions.size === 0) {
+            this.setStatus("running");
+        }
+    }
+    /**
+     * Approve a pending permission request and add a session-scoped allow rule.
+     */
+    approveAlways(toolUseId) {
+        const id = toolUseId ?? this.firstPendingId();
+        const pending = id ? this.pendingPermissions.get(id) : undefined;
+        if (!pending) {
+            console.log("[sdk-process] approveAlways() called but no pending permission requests");
+            return;
+        }
+        const rule = buildSessionRule(pending.toolName, pending.input);
+        this.sessionAllowRules.add(rule);
+        console.log(`[sdk-process] Added session allow rule: ${rule}`);
+        // When a file-edit tool is always-approved, the effective mode is
+        // "acceptEdits" — mirror the CLI behaviour by notifying clients.
+        if (isFileEditToolName(pending.toolName) && this._permissionMode !== "acceptEdits") {
+            console.log(`[sdk-process] Permission mode changed: ${this._permissionMode} → acceptEdits (file-edit always-approved)`);
+            this._permissionMode = "acceptEdits";
+            this.emitMessage({
+                type: "system",
+                subtype: "set_permission_mode",
+                permissionMode: "acceptEdits",
+                sessionId: this._sessionId ?? undefined,
+            });
+        }
+        this.pendingPermissions.delete(id);
+        pending.resolve({
+            behavior: "allow",
+            updatedInput: pending.input,
+            updatedPermissions: [{
+                    type: "addRules",
+                    rules: [{ toolName: pending.toolName }],
+                    behavior: "allow",
+                    destination: "session",
+                }],
+        });
+        if (this.pendingPermissions.size === 0) {
+            this.setStatus("running");
+        }
+    }
+    /**
+     * Reject a pending permission request.
+     * The SDK's canUseTool will return deny, which tells Claude the tool was rejected.
+     */
+    reject(toolUseId, message) {
+        const id = toolUseId ?? this.firstPendingId();
+        const pending = id ? this.pendingPermissions.get(id) : undefined;
+        if (!pending) {
+            console.log("[sdk-process] reject() called but no pending permission requests");
+            return;
+        }
+        this.pendingPermissions.delete(id);
+        pending.resolve({
+            behavior: "deny",
+            message: message ?? "User rejected this action",
+        });
+        if (this.pendingPermissions.size === 0) {
+            this.setStatus("running");
+        }
+    }
+    /**
+     * Answer an AskUserQuestion tool call.
+     * The SDK handles this through canUseTool with updatedInput.
+     */
+    answer(toolUseId, result) {
+        const pending = this.pendingPermissions.get(toolUseId);
+        if (!pending || pending.toolName !== "AskUserQuestion") {
+            console.log("[sdk-process] answer() called but no pending AskUserQuestion");
+            return;
+        }
+        this.pendingPermissions.delete(toolUseId);
+        pending.resolve({
+            behavior: "allow",
+            updatedInput: {
+                ...pending.input,
+                answers: { ...(pending.input.answers ?? {}), result },
+            },
+        });
+        if (this.pendingPermissions.size === 0) {
+            this.setStatus("running");
+        }
+    }
+    /**
+     * Update permission mode for the current session.
+     * Only available while the query instance is active.
+     */
+    async setPermissionMode(mode) {
+        if (!this.queryInstance) {
+            throw new Error("No active query instance");
+        }
+        await this.queryInstance.setPermissionMode(mode);
+        this._permissionMode = mode;
+        this.emitMessage({
+            type: "system",
+            subtype: "set_permission_mode",
+            permissionMode: mode,
+            sessionId: this._sessionId ?? undefined,
+        });
+    }
+    /**
+     * Rewind files to their state at the specified user message.
+     * Requires enableFileCheckpointing to be enabled (done in start()).
+     */
+    async rewindFiles(userMessageId, dryRun) {
+        if (!this.queryInstance) {
+            return { canRewind: false, error: "No active query instance" };
+        }
+        try {
+            const result = await this.queryInstance.rewindFiles(userMessageId, { dryRun });
+            return result;
+        }
+        catch (err) {
+            return { canRewind: false, error: err instanceof Error ? err.message : String(err) };
+        }
+    }
+    // ---- Private ----
+    /**
+     * Proactively fetch supported commands from the SDK.
+     * This may resolve before the first user input, providing slash commands
+     * without waiting for system/init.
+     */
+    fetchSupportedCommands() {
+        if (!this.queryInstance)
+            return;
+        const TIMEOUT_MS = 10_000;
+        const timeoutPromise = new Promise((resolve) => {
+            setTimeout(() => resolve(null), TIMEOUT_MS);
+        });
+        Promise.race([
+            this.queryInstance.supportedCommands(),
+            timeoutPromise,
+        ])
+            .then((result) => {
+            if (this.stopped || !result)
+                return;
+            const slashCommands = result.map((cmd) => cmd.name);
+            // Build skill metadata from description field returned by the SDK.
+            // This provides human-readable descriptions for custom skills
+            // that are not in the client's hardcoded knownCommands map.
+            const skillMetadata = result
+                .filter((cmd) => cmd.description && cmd.description !== cmd.name)
+                .map((cmd) => ({
+                name: cmd.name,
+                path: "",
+                description: cmd.description,
+                shortDescription: cmd.description,
+                enabled: true,
+                scope: "project",
+            }));
+            const skills = skillMetadata.map((m) => m.name);
+            console.log(`[sdk-process] supportedCommands() returned ${slashCommands.length} commands (${skills.length} with descriptions)`);
+            this.emitMessage({
+                type: "system",
+                subtype: "supported_commands",
+                slashCommands,
+                ...(skills.length > 0 ? { skills, skillMetadata } : {}),
+            });
+        })
+            .catch((err) => {
+            console.log(`[sdk-process] supportedCommands() failed (non-fatal): ${err instanceof Error ? err.message : String(err)}`);
+        });
+    }
+    firstPendingId() {
+        const first = this.pendingPermissions.keys().next();
+        return first.done ? undefined : first.value;
+    }
+    /**
+     * Returns a snapshot of a pending permission request.
+     * Used by the bridge to support Clear & Accept flows.
+     */
+    getPendingPermission(toolUseId) {
+        const id = toolUseId ?? this.firstPendingId();
+        const pending = id ? this.pendingPermissions.get(id) : undefined;
+        if (!pending || !id)
+            return undefined;
+        return {
+            toolUseId: id,
+            toolName: pending.toolName,
+            input: { ...pending.input },
+        };
+    }
+    async *createUserMessageStream() {
+        while (!this.stopped) {
+            // Drain queued messages first (FIFO order)
+            if (this.pendingInputQueue.length > 0) {
+                const { text, images } = this.pendingInputQueue.shift();
+                console.log(`[sdk-process] Sending queued input${images ? ` with ${images.length} image(s)` : ""} (remaining: ${this.pendingInputQueue.length})`);
+                const content = [];
+                if (images) {
+                    for (const image of images) {
+                        content.push({
+                            type: "image",
+                            source: {
+                                type: "base64",
+                                media_type: image.mimeType,
+                                data: image.base64,
+                            },
+                        });
+                    }
+                }
+                content.push({ type: "text", text });
+                yield {
+                    type: "user",
+                    session_id: this._sessionId ?? "",
+                    message: {
+                        role: "user",
+                        content,
+                    },
+                    parent_tool_use_id: null,
+                };
+                continue;
+            }
+            const msg = await new Promise((resolve) => {
+                this.userMessageResolve = resolve;
+            });
+            if (this.stopped)
+                break;
+            yield msg;
+        }
+    }
+    async processMessages() {
+        if (!this.queryInstance)
+            return;
+        for await (const message of this.queryInstance) {
+            if (this.stopped)
+                break;
+            // Convert SDK message to ServerMessage
+            let serverMsg = sdkMessageToServerMessage(message);
+            if (serverMsg?.type === "result") {
+                if (this.toolCallsSinceLastResult > 0 || this.fileEditsSinceLastResult > 0) {
+                    serverMsg = {
+                        ...serverMsg,
+                        ...(this.toolCallsSinceLastResult > 0
+                            ? { toolCalls: this.toolCallsSinceLastResult }
+                            : {}),
+                        ...(this.fileEditsSinceLastResult > 0
+                            ? { fileEdits: this.fileEditsSinceLastResult }
+                            : {}),
+                    };
+                }
+                this.toolCallsSinceLastResult = 0;
+                this.fileEditsSinceLastResult = 0;
+            }
+            if (serverMsg) {
+                this.emitMessage(serverMsg);
+            }
+            // Extract session ID and model from system/init
+            if (message.type === "system" && "subtype" in message && message.subtype === "init") {
+                // Guard: reject OAuth authentication even if SDK accepted it.
+                // API key (ANTHROPIC_API_KEY) is the only allowed auth source.
+                const apiKeySource = message.apiKeySource;
+                if (apiKeySource === "oauth") {
+                    console.log("[sdk-process] Rejected OAuth auth source at runtime");
+                    this.emitMessage({
+                        type: "error",
+                        message: "⚠ API key required\n\nOAuth (subscription) authentication is not permitted. Please set the ANTHROPIC_API_KEY environment variable on the Bridge machine.\nhttps://console.anthropic.com/settings/keys",
+                        errorCode: "auth_api_error",
+                    });
+                    this.stop();
+                    this.emit("exit", 1);
+                    return;
+                }
+                if (this.initTimeoutId) {
+                    clearTimeout(this.initTimeoutId);
+                    this.initTimeoutId = null;
+                }
+                this._sessionId = message.session_id;
+                const initModel = message.model;
+                if (typeof initModel === "string" && initModel) {
+                    this._model = initModel;
+                }
+                this.setStatus("idle");
+            }
+            // Detect permission mode changes from SDK status messages (SSOT).
+            // When the CLI internally transitions (e.g. "Always allow" edits →
+            // default → acceptEdits), the SDK emits a status message with the new
+            // permissionMode.  Propagate the change to connected clients.
+            if (message.type === "system" && "subtype" in message) {
+                const sys = message;
+                if (sys.subtype === "status" && typeof sys.permissionMode === "string") {
+                    const newMode = sys.permissionMode;
+                    if (newMode !== this._permissionMode) {
+                        console.log(`[sdk-process] Permission mode changed: ${this._permissionMode} → ${newMode}`);
+                        this._permissionMode = newMode;
+                        this.emitMessage({
+                            type: "system",
+                            subtype: "set_permission_mode",
+                            permissionMode: newMode,
+                            sessionId: this._sessionId ?? undefined,
+                        });
+                    }
+                }
+            }
+            // Update status from message type
+            this.updateStatusFromMessage(message);
+        }
+        // Query finished — CLI has completed shutdown including file writes.
+        this.queryInstance = null;
+        // Emit session_end before exit so listeners can re-persist metadata
+        // (e.g. customTitle) that the CLI may have overwritten during shutdown.
+        this.emitSessionEnd();
+        this.setStatus("idle");
+        this.emit("exit", 0);
+    }
+    /**
+     * Core permission handler: called by SDK before each tool execution.
+     * Returns a Promise that resolves when the user approves/rejects.
+     */
+    async handleCanUseTool(toolName, input, options) {
+        // AskUserQuestion: always forward to client for response
+        if (toolName === "AskUserQuestion") {
+            return this.waitForPermission(options.toolUseID, toolName, input, options.signal);
+        }
+        // Auto-approve check: session allow rules
+        if (matchesSessionRule(toolName, input, this.sessionAllowRules)) {
+            return { behavior: "allow", updatedInput: input };
+        }
+        // SDK handles permissionMode internally, but canUseTool is only called
+        // for tools that the SDK thinks need permission. We emit the request
+        // to the mobile client and wait.
+        return this.waitForPermission(options.toolUseID, toolName, input, options.signal);
+    }
+    waitForPermission(toolUseId, toolName, input, signal) {
+        // Emit permission request to client
+        this.emitMessage({
+            type: "permission_request",
+            toolUseId,
+            toolName,
+            input,
+        });
+        this.setStatus("waiting_approval");
+        return new Promise((resolve) => {
+            this.pendingPermissions.set(toolUseId, { resolve, toolName, input });
+            // Handle abort (timeout)
+            if (signal.aborted) {
+                this.pendingPermissions.delete(toolUseId);
+                resolve({ behavior: "deny", message: "Permission request aborted" });
+                return;
+            }
+            signal.addEventListener("abort", () => {
+                if (this.pendingPermissions.has(toolUseId)) {
+                    this.pendingPermissions.delete(toolUseId);
+                    resolve({ behavior: "deny", message: "Permission request timed out" });
+                }
+            }, { once: true });
+        });
+    }
+    updateStatusFromMessage(msg) {
+        switch (msg.type) {
+            case "system":
+                // Already handled in processMessages for init
+                break;
+            case "assistant":
+                if (this.pendingPermissions.size === 0) {
+                    this.setStatus("running");
+                }
+                break;
+            case "user":
+                if (this.pendingPermissions.size === 0) {
+                    this.setStatus("running");
+                }
+                break;
+            case "result":
+                this.pendingPermissions.clear();
+                this.setStatus("idle");
+                break;
+        }
+    }
+    handlePostToolUseHook(input) {
+        if (!input || typeof input !== "object" || Array.isArray(input)) {
+            return;
+        }
+        const hookInput = input;
+        const toolName = hookInput.tool_name;
+        if (typeof toolName !== "string" || toolName.length === 0) {
+            return;
+        }
+        this.toolCallsSinceLastResult += 1;
+        if (isFileEditToolName(toolName)) {
+            this.fileEditsSinceLastResult += 1;
+        }
+    }
+    setStatus(status) {
+        if (this._status !== status) {
+            this._status = status;
+            this.emit("status", status);
+            this.emitMessage({ type: "status", status });
+        }
+    }
+    /** Emit session_end at most once per session lifecycle. */
+    emitSessionEnd() {
+        if (this.sessionEndEmitted)
+            return;
+        this.sessionEndEmitted = true;
+        this.emit("session_end");
+    }
+    emitMessage(msg) {
+        this.emit("message", msg);
+    }
+}
+//# sourceMappingURL=sdk-process.js.map