svamp-cli 0.2.60 → 0.2.65

package/dist/{run-Dhliie9Z.mjs → run-EPzdDXeY.mjs}

@@ -3,12 +3,13 @@ import fs, { mkdir as mkdir$1, readdir as readdir$1, readFile, writeFile as writ
 import { readFileSync as readFileSync$1, mkdirSync, writeFileSync, renameSync, existsSync as existsSync$1, copyFileSync, unlinkSync as unlinkSync$1, watch, rmdirSync, readdirSync } from 'fs';
 import path__default, { join, dirname, resolve, basename } from 'path';
 import { fileURLToPath } from 'url';
-import { spawn as spawn$1, execSync as execSync$1 } from 'child_process';
+import { execFile, spawn as spawn$1, execSync as execSync$1 } from 'child_process';
 import { randomUUID as randomUUID$1 } from 'crypto';
 import { existsSync, readFileSync, writeFileSync as writeFileSync$1, mkdirSync as mkdirSync$1, appendFileSync, unlinkSync } from 'node:fs';
+import { promisify } from 'util';
 import { randomUUID, createHash } from 'node:crypto';
 import { join as join$1 } from 'node:path';
-import { spawn, execSync, execFile, execFileSync } from 'node:child_process';
+import { spawn, execSync, execFile as execFile$1, execFileSync } from 'node:child_process';
 import { ndJsonStream, ClientSideConnection } from '@agentclientprotocol/sdk';
 import os, { homedir, platform } from 'node:os';
 import { Client } from '@modelcontextprotocol/sdk/client/index.js';
@@ -16,7 +17,7 @@ import { StdioClientTransport } from '@modelcontextprotocol/sdk/client/stdio.js'
 import { ElicitRequestSchema } from '@modelcontextprotocol/sdk/types.js';
 import { z } from 'zod';
 import { mkdir, rm, chmod, access, mkdtemp, copyFile, writeFile, readdir, stat, readFile as readFile$1 } from 'node:fs/promises';
-import { promisify } from 'node:util';
+import { promisify as promisify$1 } from 'node:util';
 
 let connectToServerFn = null;
 async function getConnectToServer() {
@@ -72,9 +73,10 @@ const ROLE_HIERARCHY = {
   admin: 2
 };
 function normalizeAllowedUser(input, addedBy) {
+  const role = input.role && input.role in ROLE_HIERARCHY ? input.role : "admin";
   return {
-    email: input.email.trim(),
-    role: "admin",
+    email: input.email.trim().toLowerCase(),
+    role,
     addedAt: typeof input.addedAt === "number" ? input.addedAt : Date.now(),
     addedBy: input.addedBy ?? addedBy
   };
@@ -88,7 +90,8 @@ function resolveRoleLevel(sharing, userEmail) {
       (u) => u.email.toLowerCase() === userEmail.toLowerCase()
     );
     if (sharedUser) {
-      level = ROLE_HIERARCHY.admin;
+      const storedLevel = ROLE_HIERARCHY[sharedUser.role];
+      level = typeof storedLevel === "number" ? storedLevel : ROLE_HIERARCHY.admin;
     }
   }
   if (sharing.publicAccess) {
@@ -302,6 +305,98 @@ function applySecurityContext(baseConfig, context) {
   return config;
 }
 
+const execFileAsync$1 = promisify(execFile);
+function parseEtime(s) {
+  if (!s) return 0;
+  const dayParts = s.split("-");
+  let dayPrefix = 0;
+  let rest = s;
+  if (dayParts.length === 2) {
+    dayPrefix = parseInt(dayParts[0], 10) || 0;
+    rest = dayParts[1];
+  }
+  const parts = rest.split(":").map((p) => parseInt(p, 10) || 0);
+  let total = 0;
+  if (parts.length === 3) total = parts[0] * 3600 + parts[1] * 60 + parts[2];
+  else if (parts.length === 2) total = parts[0] * 60 + parts[1];
+  else if (parts.length === 1) total = parts[0];
+  return dayPrefix * 86400 + total;
+}
+async function readProcessTable() {
+  if (process.platform === "win32") return [];
+  let stdout;
+  try {
+    const result = await execFileAsync$1("ps", ["-A", "-o", "pid=,ppid=,etime=,%cpu=,rss=,command="], {
+      maxBuffer: 8 * 1024 * 1024
+      // 8MB — plenty for any realistic process table
+    });
+    stdout = result.stdout;
+  } catch {
+    return [];
+  }
+  const rows = [];
+  for (const line of stdout.split("\n")) {
+    const trimmed = line.trim();
+    if (!trimmed) continue;
+    const parts = trimmed.split(/\s+/);
+    if (parts.length < 6) continue;
+    const pid = parseInt(parts[0], 10);
+    const ppid = parseInt(parts[1], 10);
+    if (!pid || isNaN(ppid)) continue;
+    const etimeSec = parseEtime(parts[2]);
+    const cpu = parseFloat(parts[3]) || 0;
+    const rssKb = parseInt(parts[4], 10) || 0;
+    const command = parts.slice(5).join(" ");
+    rows.push({ pid, ppid, etimeSec, cpu, rssKb, command });
+  }
+  return rows;
+}
+async function detectDescendants(rootPid, excludePids = /* @__PURE__ */ new Set()) {
+  if (!rootPid || rootPid < 1) return [];
+  const table = await readProcessTable();
+  if (table.length === 0) return [];
+  const byPpid = /* @__PURE__ */ new Map();
+  for (const row of table) {
+    const list = byPpid.get(row.ppid);
+    if (list) list.push(row);
+    else byPpid.set(row.ppid, [row]);
+  }
+  const descendants = [];
+  const visited = /* @__PURE__ */ new Set([rootPid]);
+  const queue = [rootPid];
+  const MAX_NODES = 5e3;
+  while (queue.length > 0 && descendants.length < MAX_NODES) {
+    const next = queue.shift();
+    const children = byPpid.get(next);
+    if (!children) continue;
+    for (const child of children) {
+      if (visited.has(child.pid)) continue;
+      visited.add(child.pid);
+      queue.push(child.pid);
+      if (!excludePids.has(child.pid)) {
+        descendants.push(child);
+      }
+    }
+  }
+  descendants.sort((a, b) => a.etimeSec - b.etimeSec);
+  return descendants;
+}
+async function killDescendant(rootPid, targetPid, signal = "SIGTERM") {
+  if (!rootPid || rootPid < 1) return { killed: false, reason: "no root pid" };
+  if (!targetPid || targetPid < 1) return { killed: false, reason: "invalid target pid" };
+  if (targetPid === rootPid) return { killed: false, reason: "cannot kill session root pid" };
+  const descendants = await detectDescendants(rootPid);
+  if (!descendants.some((d) => d.pid === targetPid)) {
+    return { killed: false, reason: "pid is not a descendant of this session" };
+  }
+  try {
+    process.kill(targetPid, signal);
+    return { killed: true };
+  } catch (err) {
+    return { killed: false, reason: err?.message ?? "kill failed" };
+  }
+}
+
 function getParamNames(fn) {
   const src = fn.toString();
   const match = src.match(/^(?:async\s+)?(?:function\s*\w*)?\s*\(([^)]*)\)/);
@@ -375,6 +470,20 @@ async function registerMachineService(server, machineId, metadata, daemonState,
       }
     }
   };
+  const ROLE_RANK = { view: 1, interact: 2, admin: 3 };
+  const authorizeSessionAccess = async (sessionId, requiredRole, context) => {
+    try {
+      authorizeRequest(context, currentMetadata.sharing, requiredRole);
+      return;
+    } catch {
+    }
+    const rpc = handlers.getSessionRPCHandlers?.(sessionId);
+    if (!rpc) throw new Error(`Session '${sessionId}' not found`);
+    const role = await rpc.getEffectiveRole(context).catch(() => null);
+    if (!role || (ROLE_RANK[role] ?? 0) < ROLE_RANK[requiredRole]) {
+      throw new Error(`Access denied: ${requiredRole} role required on session ${sessionId}`);
+    }
+  };
   const notifyListeners = (update) => {
     const snapshot = [...listeners];
     for (let i = snapshot.length - 1; i >= 0; i--) {
@@ -737,10 +846,22 @@ async function registerMachineService(server, machineId, metadata, daemonState,
         authorizeRequest(context, currentMetadata.sharing, "view");
         return { sharing: currentMetadata.sharing || null };
       },
+      /** Returns the caller's effective role on this machine (null if no access). */
+      getEffectiveRole: async (context) => {
+        authorizeRequest(context, currentMetadata.sharing, "view");
+        const role = getEffectiveRole(context, currentMetadata.sharing);
+        return { role };
+      },
       updateSharing: async (newSharing, context) => {
         authorizeRequest(context, currentMetadata.sharing, "admin");
-        if (currentMetadata.sharing && context?.user?.email && currentMetadata.sharing.owner && context.user.email.toLowerCase() !== currentMetadata.sharing.owner.toLowerCase()) {
-          throw new Error("Only the machine owner can update sharing settings");
+        const currentOwner = currentMetadata.sharing?.owner;
+        const callerEmail = context?.user?.email;
+        const callerIsOwner = !!currentOwner && !!callerEmail && callerEmail.toLowerCase() === currentOwner.toLowerCase();
+        if (currentOwner && newSharing.owner && newSharing.owner.toLowerCase() !== currentOwner.toLowerCase() && !callerIsOwner) {
+          throw new Error("Only the machine owner can transfer ownership");
+        }
+        if (currentOwner && !newSharing.owner) {
+          newSharing = { ...newSharing, owner: currentOwner };
         }
         if (newSharing.enabled && !newSharing.owner && context?.user?.email) {
           newSharing = { ...newSharing, owner: context.user.email };
@@ -1096,6 +1217,126 @@ async function registerMachineService(server, machineId, metadata, daemonState,
         if (!handlers.supervisor) return [];
         return handlers.supervisor.getLogs(params.idOrName, params.last ?? 50);
       },
+      // ── Session-scoped Tasks panel ───────────────────────────────────
+      // Frontend-facing views that filter by sessionId and also walk the
+      // OS process tree to surface unsupervised child processes (e.g.
+      // `node server.js &` spawned from a bash tool call). These are
+      // separate from the global `process*` RPCs above so that a shared
+      // user can manage their own session's tasks without machine-level
+      // access.
+      /**
+       * Snapshot of everything the session's Tasks panel needs to render:
+       *   - supervised: ProcessSpec/state filtered to this session
+       *   - detected:   descendants of the agent PID that aren't supervised
+       */
+      sessionProcessList: async (params, context) => {
+        await authorizeSessionAccess(params.sessionId, "view", context);
+        const supervisor = handlers.supervisor;
+        const all = supervisor ? supervisor.list() : [];
+        const supervised = all.filter((p) => p.spec.sessionId === params.sessionId);
+        const agentPid = handlers.getSessionPid?.(params.sessionId);
+        let detected = [];
+        if (agentPid) {
+          const supervisedPids = /* @__PURE__ */ new Set();
+          for (const info of all) {
+            if (info.state.pid) supervisedPids.add(info.state.pid);
+          }
+          detected = await detectDescendants(agentPid, supervisedPids);
+        }
+        return { supervised, detected, agentPid };
+      },
+      /**
+       * Cheap counts for the input-bar badge — avoids the cost of a full
+       * detection walk when the panel is closed. Counts are still
+       * accurate enough to indicate "is anything running for this session".
+       */
+      sessionProcessCounts: async (params, context) => {
+        await authorizeSessionAccess(params.sessionId, "view", context);
+        const supervisor = handlers.supervisor;
+        const all = supervisor ? supervisor.list() : [];
+        const supervised = all.filter((p) => p.spec.sessionId === params.sessionId);
+        const supervisedRunning = supervised.filter((p) => p.state.status === "running" || p.state.status === "starting").length;
+        const agentPid = handlers.getSessionPid?.(params.sessionId);
+        let detected = 0;
+        if (agentPid) {
+          const supervisedPids = /* @__PURE__ */ new Set();
+          for (const info of all) if (info.state.pid) supervisedPids.add(info.state.pid);
+          const list = await detectDescendants(agentPid, supervisedPids);
+          detected = list.length;
+        }
+        return { supervised: supervised.length, supervisedRunning, detected, agentPid };
+      },
+      /** Logs for a supervised process, gated by session ownership. */
+      sessionProcessLogs: async (params, context) => {
+        await authorizeSessionAccess(params.sessionId, "view", context);
+        if (!handlers.supervisor) return [];
+        const info = handlers.supervisor.get(params.idOrName);
+        if (!info || info.spec.sessionId !== params.sessionId) return [];
+        return handlers.supervisor.getLogs(params.idOrName, params.last ?? 100);
+      },
+      /**
+       * Lifecycle actions on a session-bound supervised process.
+       * `remove` requires admin; start/stop/restart require interact.
+       */
+      sessionProcessAction: async (params, context) => {
+        const requiredRole = params.action === "remove" ? "admin" : "interact";
+        await authorizeSessionAccess(params.sessionId, requiredRole, context);
+        if (!handlers.supervisor) throw new Error("Process supervisor not available");
+        const info = handlers.supervisor.get(params.idOrName);
+        if (!info) throw new Error(`Process '${params.idOrName}' not found`);
+        if (info.spec.sessionId !== params.sessionId) {
+          throw new Error(`Process '${params.idOrName}' does not belong to this session`);
+        }
+        switch (params.action) {
+          case "start":
+            return handlers.supervisor.start(params.idOrName);
+          case "stop":
+            return handlers.supervisor.stop(params.idOrName);
+          case "restart":
+            return handlers.supervisor.restart(params.idOrName);
+          case "remove":
+            return handlers.supervisor.remove(params.idOrName);
+        }
+      },
+      /**
+       * Kill an unsupervised descendant of the agent. Verified by the
+       * detection helper so callers can only target PIDs that are
+       * actually children of this session.
+       */
+      sessionProcessKill: async (params, context) => {
+        await authorizeSessionAccess(params.sessionId, "admin", context);
+        const agentPid = handlers.getSessionPid?.(params.sessionId);
+        if (!agentPid) return { killed: false, reason: "no agent pid for session" };
+        return killDescendant(agentPid, Number(params.pid), params.signal ?? "SIGTERM");
+      },
+      /**
+       * Promote a detected child into supervision. Kills the original
+       * PID and re-spawns the same command under the supervisor, so the
+       * new process is properly tracked (PID re-parenting isn't
+       * achievable without ptrace).
+       */
+      sessionProcessAdopt: async (params, context) => {
+        await authorizeSessionAccess(params.sessionId, "admin", context);
+        if (!handlers.supervisor) throw new Error("Process supervisor not available");
+        const agentPid = handlers.getSessionPid?.(params.sessionId);
+        if (!agentPid) throw new Error("No agent pid for session");
+        if (params.pid && params.pid > 0) {
+          const res = await killDescendant(agentPid, Number(params.pid), "SIGTERM");
+          if (!res.killed && res.reason !== "pid is not a descendant of this session") ;
+        }
+        const spec = {
+          name: params.name,
+          command: params.command,
+          args: params.args ?? [],
+          workdir: params.workdir ?? process.cwd(),
+          keepAlive: params.keepAlive ?? false,
+          maxRestarts: 0,
+          restartDelay: 2,
+          sessionId: params.sessionId
+        };
+        const result = await handlers.supervisor.apply(spec);
+        return result.info;
+      },
       // ── Service / Tunnel management ──────────────────────────────────
       /** List active tunnels (replaces the old agent-sandbox serviceList). */
       serviceList: async (context) => {
@@ -1804,8 +2045,14 @@ function createSessionStore(server, sessionId, initialMetadata, initialAgentStat
     },
     updateSharing: async (newSharing, context) => {
       authorizeRequest(context, metadata.sharing, "admin");
-      if (metadata.sharing && context?.user?.email && metadata.sharing.owner && context.user.email.toLowerCase() !== metadata.sharing.owner.toLowerCase()) {
-        throw new Error("Only the session owner can update sharing settings");
+      const currentOwner = metadata.sharing?.owner;
+      const callerEmail = context?.user?.email;
+      const callerIsOwner = !!currentOwner && !!callerEmail && callerEmail.toLowerCase() === currentOwner.toLowerCase();
+      if (currentOwner && newSharing.owner && newSharing.owner.toLowerCase() !== currentOwner.toLowerCase() && !callerIsOwner) {
+        throw new Error("Only the session owner can transfer ownership");
+      }
+      if (currentOwner && !newSharing.owner) {
+        newSharing = { ...newSharing, owner: currentOwner };
       }
       if (newSharing.enabled && !newSharing.owner && context?.user?.email) {
         newSharing = { ...newSharing, owner: context.user.email };
@@ -1828,12 +2075,10 @@ function createSessionStore(server, sessionId, initialMetadata, initialAgentStat
       return { success: true, sharing: newSharing };
     },
     /** Update security context and restart the agent process with new rules.
-     *  Pass '__disable__' sentinel (from frontend) or null to disable isolation entirely. */
+     *  Pass '__disable__' sentinel (from frontend) or null to disable isolation entirely.
+     *  Admin tier (owner or admin-shared user) can perform this. */
     updateSecurityContext: async (newSecurityContext, context) => {
       authorizeRequest(context, metadata.sharing, "admin");
-      if (metadata.sharing && context?.user?.email && metadata.sharing.owner && context.user.email.toLowerCase() !== metadata.sharing.owner.toLowerCase()) {
-        throw new Error("Only the session owner can update security context");
-      }
       if (!callbacks.onUpdateSecurityContext) {
         throw new Error("Security context updates are not supported for this session");
       }
@@ -4655,7 +4900,7 @@ var GeminiTransport$1 = /*#__PURE__*/Object.freeze({
     GeminiTransport: GeminiTransport
 });
 
-const execFileAsync = promisify(execFile);
+const execFileAsync = promisify$1(execFile$1);
 const SVAMP_TOOLS_DIR = join$1(homedir(), ".svamp", "tools");
 const SVAMP_BIN_DIR = join$1(SVAMP_TOOLS_DIR, "bin");
 async function checkCommand(command, versionArgs) {
@@ -5401,9 +5646,13 @@ class ServeAuth {
   }
   /**
    * Check if a user email is authorized for a mount's access level.
+   * Note: 'link' mounts are gated by the auth proxy at the path-segment
+   * level (capability token), not by this method — they should never reach
+   * here. We treat them as deny-by-default just in case.
    */
   isAuthorized(email, access, ownerEmail) {
     if (access === "public") return true;
+    if (access === "link") return false;
     if (!email) return false;
     if (access === "owner") {
       return !!ownerEmail && email.toLowerCase() === ownerEmail.toLowerCase();
@@ -6156,6 +6405,71 @@ You may be running in parallel with other agents \u2014 possibly sharing the sam
 `;
 }
 
+const STANDARD_WINDOWS = [2e5, 1e6];
+function readWindow(entry) {
+  if (!entry) return 0;
+  const cw = entry.contextWindow ?? entry.context_window;
+  return typeof cw === "number" && cw > 0 && Number.isFinite(cw) ? cw : 0;
+}
+function computeObservedContext(usage) {
+  if (!usage) return 0;
+  return (usage.input_tokens || 0) + (usage.cache_creation_input_tokens || 0) + (usage.cache_read_input_tokens || 0);
+}
+function inferWindowFromModelName(model) {
+  if (!model) return 0;
+  if (/\[1m\]/i.test(model)) return 1e6;
+  if (/opus-?4-?[7-9]/i.test(model)) return 1e6;
+  if (/opus-?[5-9]/i.test(model)) return 1e6;
+  if (/sonnet-?4-?[5-9]/i.test(model)) return 1e6;
+  if (/sonnet-?[5-9]/i.test(model)) return 1e6;
+  if (/opus|sonnet/i.test(model)) return 2e5;
+  if (/haiku/i.test(model)) return 2e5;
+  return 0;
+}
+function matchedMainModel(modelUsage, mainModel) {
+  if (!modelUsage || !mainModel) return { window: 0, matched: false };
+  const variants = [
+    mainModel,
+    `${mainModel}[1m]`,
+    mainModel.replace(/\[1m\]$/i, "")
+  ];
+  for (const k of variants) {
+    const cw = readWindow(modelUsage[k]);
+    if (cw > 0) return { window: cw, matched: true };
+  }
+  return { window: 0, matched: false };
+}
+function maxAcrossModelUsage(modelUsage) {
+  if (!modelUsage) return 0;
+  let best = 0;
+  for (const v of Object.values(modelUsage)) {
+    const cw = readWindow(v);
+    if (cw > best) best = cw;
+  }
+  return best;
+}
+function selfHealForObserved(candidate, observed) {
+  if (observed <= candidate) return candidate;
+  const next = STANDARD_WINDOWS.find((w) => w >= observed);
+  if (next) return Math.max(candidate, next);
+  return Math.max(candidate, Math.ceil(observed * 1.25));
+}
+function resolveContextWindow(opts) {
+  const { modelUsage, usage, mainModel, currentWindow } = opts;
+  const observed = computeObservedContext(usage);
+  const main = matchedMainModel(modelUsage, mainModel);
+  let candidate = main.window;
+  const definitiveMatch = main.matched;
+  if (!candidate) candidate = maxAcrossModelUsage(modelUsage);
+  if (!candidate) candidate = inferWindowFromModelName(mainModel);
+  candidate = selfHealForObserved(candidate, observed);
+  const current = typeof currentWindow === "number" && currentWindow > 0 ? currentWindow : 0;
+  if (current > 0 && candidate > 0 && candidate < current && !definitiveMatch) {
+    candidate = current;
+  }
+  return candidate;
+}
+
 const SVAMP_HOME$1 = process.env.SVAMP_HOME || join$1(os.homedir(), ".svamp");
 function generateHookSettings(portOrOptions = {}) {
   const opts = typeof portOrOptions === "number" ? { sessionStartPort: portOrOptions } : portOrOptions;
@@ -7441,7 +7755,7 @@ async function startDaemon(options) {
     const list = loadExposedTunnels().filter((t) => t.name !== name);
     saveExposedTunnels(list);
   }
-  const { ServeManager } = await import('./serveManager-C9pzi-2O.mjs');
+  const { ServeManager } = await import('./serveManager-pDviHaH8.mjs');
   const serveManager = new ServeManager(SVAMP_HOME, (msg) => logger.log(`[SERVE] ${msg}`), hyphaServerUrl);
   ensureAutoInstalledSkills(logger).catch(() => {
   });
@@ -7645,6 +7959,7 @@ async function startDaemon(options) {
         let lastSpawnMeta = persisted?.spawnMeta || {};
         let sessionWasProcessing = !!options2.wasProcessing;
         let lastAssistantText = "";
+        let lastMainModel;
         let consecutiveRalphErrors = 0;
         const MAX_RALPH_ERRORS = 3;
         let spawnHasReceivedInit = false;
@@ -7738,6 +8053,9 @@ async function startDaemon(options) {
         let isKillingClaude = false;
         let isRestartingClaude = false;
         let isSwitchingMode = false;
+        const OVERLOAD_BAIL_THRESHOLD = 3;
+        let consecutiveOverloadRetries = 0;
+        let overloadBailedThisTurn = false;
         let checkSvampConfig;
         let cleanupSvampConfig;
         const VALID_CLAUDE_PERMISSION_MODES = /* @__PURE__ */ new Set(["default", "acceptEdits", "plan", "bypassPermissions"]);
@@ -7969,6 +8287,12 @@ async function startDaemon(options) {
                       "event"
                     );
                   }
+                  if (msg.type === "assistant") {
+                    const assistantModel = msg.message?.model;
+                    if (typeof assistantModel === "string" && assistantModel.length > 0) {
+                      lastMainModel = assistantModel;
+                    }
+                  }
                   const assistantContent = msg.type === "assistant" ? msg.message?.content ?? msg.content : void 0;
                   if (Array.isArray(assistantContent)) {
                     for (const block of assistantContent) {
@@ -7993,13 +8317,21 @@ async function startDaemon(options) {
                         logger.log(`[Session ${sessionId}] Startup failure detected \u2014 scheduling silent retry without --resume`);
                         startupFailureRetryPending = true;
                         lastErrorMessagePushed = true;
+                      } else if (overloadBailedThisTurn) {
+                        logger.log(`[Session ${sessionId}] Suppressing duplicate error \u2014 overload hint already pushed for this turn`);
+                        lastErrorMessagePushed = true;
                       } else {
                         const lower = resultText.toLowerCase();
+                        const isOverload = msg.api_error_status === 529 || lower.includes("529") || lower.includes("overload");
                         const isLoginIssue = lower.includes("login") || lower.includes("logged in") || lower.includes("auth") || lower.includes("api key") || lower.includes("unauthorized");
                         const isResumeIssue = lower.includes("tool_use.name") || lower.includes("invalid_request") || lower.includes("messages.");
                         const isBillingIssue = lower.includes("credit") || lower.includes("balance") || lower.includes("billing") || lower.includes("quota") || lower.includes("subscription") || lower.includes("payment");
                         let hint = "";
-                        if (isBillingIssue) {
+                        if (isOverload) {
+                          const onHyphaProxy = (process.env.SVAMP_CLAUDE_PROXY || "").toLowerCase() === "hypha";
+                          const proxyHint = onHyphaProxy ? "" : "\n\u2022 Switch the daemon to the Hypha proxy (rotates across accounts on 529): `svamp daemon auth use-hypha-proxy && svamp daemon restart`";
+                          hint = "\n\nAnthropic returned HTTP 529 Overloaded \u2014 server-side capacity, not your account. This session may be pinned to a hot backend shard.\n\u2022 Start a fresh session (different conversation id \u2192 different shard).\n\u2022 Wait a minute and resend.\n\u2022 Check https://status.claude.com." + proxyHint;
+                        } else if (isBillingIssue) {
                           hint = "\n\nCheck your Claude account credits or subscription at https://console.anthropic.com.";
                         } else if (isLoginIssue) {
                           checkAndRefreshOAuthToken(true, logger).then((r) => {
@@ -8064,15 +8396,15 @@ async function startDaemon(options) {
                     }
                     signalProcessing(false);
                     sessionWasProcessing = false;
-                    if (msg.modelUsage && typeof msg.modelUsage === "object") {
-                      const modelKeys = Object.keys(msg.modelUsage);
-                      if (modelKeys.length > 0) {
-                        const firstModel = msg.modelUsage[modelKeys[0]];
-                        if (firstModel?.contextWindow && firstModel.contextWindow !== sessionMetadata.contextWindow) {
-                          sessionMetadata = { ...sessionMetadata, contextWindow: firstModel.contextWindow };
-                          sessionService.updateMetadata(sessionMetadata);
-                        }
-                      }
+                    const resolvedWindow = resolveContextWindow({
+                      modelUsage: msg.modelUsage,
+                      usage: msg.usage,
+                      mainModel: lastMainModel,
+                      currentWindow: sessionMetadata.contextWindow
+                    });
+                    if (resolvedWindow > 0 && resolvedWindow !== sessionMetadata.contextWindow) {
+                      sessionMetadata = { ...sessionMetadata, contextWindow: resolvedWindow };
+                      sessionService.updateMetadata(sessionMetadata);
                     }
                     if (claudeResumeId && !trackedSession.stopped) {
                       saveSession({
@@ -8287,6 +8619,8 @@ The automated loop has finished. Review the progress above and let me know if yo
                   sessionService.pushMessage(msg, "agent");
                 } else if (msg.type === "system" && msg.subtype === "init") {
                   lastAssistantText = "";
+                  consecutiveOverloadRetries = 0;
+                  overloadBailedThisTurn = false;
                   if (!userMessagePending) {
                     turnInitiatedByUser = false;
                     logger.log(`[Session ${sessionId}] SDK-initiated turn (likely stale task_notification)`);
@@ -8295,6 +8629,9 @@ The automated loop has finished. Review the progress above and let me know if yo
                   if (msg.slash_commands && Array.isArray(msg.slash_commands)) {
                     sessionMetadata = { ...sessionMetadata, slashCommands: msg.slash_commands };
                   }
+                  if (typeof msg.model === "string" && msg.model.length > 0) {
+                    lastMainModel = msg.model;
+                  }
                   if (msg.session_id) {
                     const isResumeFailure = !spawnHasReceivedInit && claudeResumeId && msg.session_id !== claudeResumeId;
                     const isConversationClear = spawnHasReceivedInit && claudeResumeId && msg.session_id !== claudeResumeId;
@@ -8331,6 +8668,34 @@ The automated loop has finished. Review the progress above and let me know if yo
                     sessionService.updateMetadata(sessionMetadata);
                   }
                   sessionService.pushMessage(msg, "session");
+                } else if (msg.type === "system" && msg.subtype === "api_retry") {
+                  if (msg.error_status === 529) {
+                    consecutiveOverloadRetries++;
+                    if (consecutiveOverloadRetries >= OVERLOAD_BAIL_THRESHOLD && !overloadBailedThisTurn) {
+                      overloadBailedThisTurn = true;
+                      const onHyphaProxy = (process.env.SVAMP_CLAUDE_PROXY || "").toLowerCase() === "hypha";
+                      const proxyHint = onHyphaProxy ? "" : "\n\u2022 Switch the daemon to the Hypha proxy (which rotates across accounts on 529): `svamp daemon auth use-hypha-proxy && svamp daemon restart`";
+                      const hint = `Anthropic returned HTTP 529 Overloaded ${consecutiveOverloadRetries} times in a row. This is server-side capacity, not your account \u2014 typically a hot backend shard pinned to this session. Stopping early so you don't wait for the SDK's full ~4 min retry storm.
+
+**Try:**
+\u2022 Start a fresh session (different conversation id \u2192 different shard).
+\u2022 Wait a minute and resend.
+\u2022 Check https://status.claude.com.` + proxyHint;
+                      logger.log(`[Session ${sessionId}] Bailing on ${consecutiveOverloadRetries}\xD7 consecutive 529 retries \u2014 sending interrupt`);
+                      sessionService.pushMessage({ type: "message", message: hint, level: "warning" }, "event");
+                      try {
+                        if (claudeProcess && !claudeProcess.killed && claudeProcess.stdin) {
+                          const interruptMsg = JSON.stringify({ type: "control_request", request: { type: "interrupt" } });
+                          claudeProcess.stdin.write(interruptMsg + "\n");
+                        }
+                      } catch (err) {
+                        logger.log(`[Session ${sessionId}] Failed to send overload interrupt: ${err.message}`);
+                      }
+                    }
+                  } else {
+                    consecutiveOverloadRetries = 0;
+                  }
+                  sessionService.pushMessage(msg, "agent");
                 } else if (msg.type === "system" && msg.subtype === "task_notification" && msg.status === "completed") {
                   backgroundTaskCount = Math.max(0, backgroundTaskCount - 1);
                   if (backgroundTaskNames.length > 0) {
@@ -9820,6 +10185,14 @@ The automated loop has finished. Review the progress above and let me know if yo
           }
           return ids;
         },
+        getSessionPid: (sessionId) => {
+          for (const [, session] of pidToTrackedSession) {
+            if (session.svampSessionId === sessionId && !session.stopped) {
+              return session.pid;
+            }
+          }
+          return void 0;
+        },
         supervisor,
         tunnels,
         serveManager,

package/dist/{run-DmWqzmqX.mjs → run-cSiQAr8c.mjs}

@@ -2,7 +2,7 @@ import{createRequire as _pkgrollCR}from"node:module";const require=_pkgrollCR(im
 import os from 'node:os';
 import { resolve, join } from 'node:path';
 import { existsSync, readFileSync, watch } from 'node:fs';
-import { c as connectToHypha, a as registerSessionService, k as generateHookSettings } from './run-Dhliie9Z.mjs';
+import { c as connectToHypha, a as registerSessionService, k as generateHookSettings } from './run-EPzdDXeY.mjs';
 import { createServer } from 'node:http';
 import { spawn } from 'node:child_process';
 import { createInterface } from 'node:readline';
@@ -13,6 +13,7 @@ import 'path';
 import 'url';
 import 'child_process';
 import 'crypto';
+import 'util';
 import '@agentclientprotocol/sdk';
 import '@modelcontextprotocol/sdk/client/index.js';
 import '@modelcontextprotocol/sdk/client/stdio.js';