svamp-cli 0.2.74 → 0.2.76

package/dist/{agentCommands-BXQNGfyi.mjs → agentCommands-CKVP9dOf.mjs}

@@ -148,7 +148,7 @@ async function sessionBroadcast(action, args) {
   console.log(`Broadcast sent: ${action}`);
 }
 async function connectToMachineService() {
-  const { connectAndGetMachine } = await import('./commands--SLXTrkN.mjs');
+  const { connectAndGetMachine } = await import('./commands-CZs5avkF.mjs');
   return connectAndGetMachine();
 }
 async function inboxSend(targetSessionId, opts) {
@@ -165,7 +165,7 @@ async function inboxSend(targetSessionId, opts) {
   }
   const { server, machine } = await connectToMachineService();
   try {
-    const { resolveSessionId } = await import('./commands--SLXTrkN.mjs');
+    const { resolveSessionId } = await import('./commands-CZs5avkF.mjs');
     const sessions = await machine.listSessions();
     const match = resolveSessionId(sessions, targetSessionId);
     const fullTargetId = match.sessionId;

package/dist/cli.mjs

@@ -1,4 +1,4 @@
-import { s as startDaemon, b as stopDaemon, d as daemonStatus } from './run-Br90om8R.mjs';
+import { s as startDaemon, b as stopDaemon, d as daemonStatus } from './run-D1eKN5kE.mjs';
 import 'os';
 import 'fs/promises';
 import 'fs';
@@ -44,7 +44,7 @@ async function main() {
         console.error(`svamp daemon restart: ${err.message || err}`);
         process.exit(1);
       }
-      const { restartDaemon } = await import('./run-Br90om8R.mjs').then(function (n) { return n.u; });
+      const { restartDaemon } = await import('./run-D1eKN5kE.mjs').then(function (n) { return n.u; });
       await restartDaemon();
       process.exit(0);
     }
@@ -287,7 +287,7 @@ async function main() {
       console.error("svamp service: Service commands are not available in sandboxed sessions.");
       process.exit(1);
     }
-    const { handleServiceCommand } = await import('./commands-yzpViN29.mjs');
+    const { handleServiceCommand } = await import('./commands-DLVy7n8Z.mjs');
     await handleServiceCommand();
   } else if (subcommand === "serve") {
     const { isSandboxed: isSandboxedServe } = await import('./sandboxDetect-DNTcbgWD.mjs');
@@ -295,7 +295,7 @@ async function main() {
       console.error("svamp serve: Serve commands are not available in sandboxed sessions.");
       process.exit(1);
     }
-    const { handleServeCommand } = await import('./serveCommands-Cu_2l3vg.mjs');
+    const { handleServeCommand } = await import('./serveCommands-vzzDvFg_.mjs');
     await handleServeCommand();
     process.exit(0);
   } else if (subcommand === "process" || subcommand === "proc") {
@@ -304,7 +304,7 @@ async function main() {
       console.error("svamp process: Process commands are not available in sandboxed sessions.");
       process.exit(1);
     }
-    const { processCommand } = await import('./commands-BTZCHV-Z.mjs');
+    const { processCommand } = await import('./commands-BZm6LT7D.mjs');
     let machineId;
     const processArgs = args.slice(1);
     const mIdx = processArgs.findIndex((a) => a === "--machine" || a === "-m");
@@ -322,7 +322,7 @@ async function main() {
   } else if (!subcommand || subcommand === "start") {
     await handleInteractiveCommand();
   } else if (subcommand === "--version" || subcommand === "-v") {
-    const pkg = await import('./package-C__x7TGc.mjs').catch(() => ({ default: { version: "unknown" } }));
+    const pkg = await import('./package-CfUAL2KO.mjs').catch(() => ({ default: { version: "unknown" } }));
     console.log(`svamp version: ${pkg.default.version}`);
   } else {
     console.error(`Unknown command: ${subcommand}`);
@@ -331,7 +331,7 @@ async function main() {
   }
 }
 async function handleInteractiveCommand() {
-  const { runInteractive } = await import('./run-DO_Axr2M.mjs');
+  const { runInteractive } = await import('./run-DxXRSNiT.mjs');
   const interactiveArgs = subcommand === "start" ? args.slice(1) : args;
   let directory = process.cwd();
   let resumeSessionId;
@@ -376,7 +376,7 @@ async function handleAgentCommand() {
     return;
   }
   if (agentArgs[0] === "list") {
-    const { KNOWN_ACP_AGENTS, KNOWN_MCP_AGENTS: KNOWN_MCP_AGENTS2 } = await import('./run-Br90om8R.mjs').then(function (n) { return n.p; });
+    const { KNOWN_ACP_AGENTS, KNOWN_MCP_AGENTS: KNOWN_MCP_AGENTS2 } = await import('./run-D1eKN5kE.mjs').then(function (n) { return n.p; });
     console.log("Known agents:");
     for (const [name, config2] of Object.entries(KNOWN_ACP_AGENTS)) {
       console.log(`  ${name.padEnd(12)} ${config2.command} ${config2.args.join(" ")}  (ACP)`);
@@ -388,7 +388,7 @@ async function handleAgentCommand() {
     console.log('Use "svamp agent -- <command> [args]" for a custom ACP agent.');
     return;
   }
-  const { resolveAcpAgentConfig, KNOWN_MCP_AGENTS } = await import('./run-Br90om8R.mjs').then(function (n) { return n.p; });
+  const { resolveAcpAgentConfig, KNOWN_MCP_AGENTS } = await import('./run-D1eKN5kE.mjs').then(function (n) { return n.p; });
   let cwd = process.cwd();
   const filteredArgs = [];
   for (let i = 0; i < agentArgs.length; i++) {
@@ -412,12 +412,12 @@ async function handleAgentCommand() {
   console.log(`Starting ${config.agentName} agent in ${cwd}...`);
   let backend;
   if (KNOWN_MCP_AGENTS[config.agentName]) {
-    const { CodexMcpBackend } = await import('./run-Br90om8R.mjs').then(function (n) { return n.q; });
+    const { CodexMcpBackend } = await import('./run-D1eKN5kE.mjs').then(function (n) { return n.q; });
     backend = new CodexMcpBackend({ cwd, log: logFn });
   } else {
-    const { AcpBackend } = await import('./run-Br90om8R.mjs').then(function (n) { return n.o; });
-    const { GeminiTransport } = await import('./run-Br90om8R.mjs').then(function (n) { return n.G; });
-    const { DefaultTransport } = await import('./run-Br90om8R.mjs').then(function (n) { return n.D; });
+    const { AcpBackend } = await import('./run-D1eKN5kE.mjs').then(function (n) { return n.o; });
+    const { GeminiTransport } = await import('./run-D1eKN5kE.mjs').then(function (n) { return n.G; });
+    const { DefaultTransport } = await import('./run-D1eKN5kE.mjs').then(function (n) { return n.D; });
     const transportHandler = config.agentName === "gemini" ? new GeminiTransport() : new DefaultTransport(config.agentName);
     backend = new AcpBackend({
       agentName: config.agentName,
@@ -544,7 +544,7 @@ async function handleSessionCommand() {
       process.exit(1);
     }
   }
-  const { sessionList, sessionSpawn, sessionArchive, sessionResume, sessionDelete, sessionInfo, sessionMessages, sessionAttach, sessionMachines, sessionSend, sessionWait, sessionShare, sessionRalphStart, sessionRalphCancel, sessionRalphStatus, sessionInboxSend, sessionInboxList, sessionInboxRead, sessionInboxReply, sessionInboxClear } = await import('./commands--SLXTrkN.mjs');
+  const { sessionList, sessionSpawn, sessionArchive, sessionResume, sessionDelete, sessionInfo, sessionMessages, sessionAttach, sessionMachines, sessionSend, sessionWait, sessionShare, sessionRalphStart, sessionRalphCancel, sessionRalphStatus, sessionInboxSend, sessionInboxList, sessionInboxRead, sessionInboxReply, sessionInboxClear } = await import('./commands-CZs5avkF.mjs');
   const parseFlagStr = (flag, shortFlag) => {
     for (let i = 1; i < sessionArgs.length; i++) {
       if ((sessionArgs[i] === flag || shortFlag) && i + 1 < sessionArgs.length) {
@@ -610,7 +610,7 @@ async function handleSessionCommand() {
         allowDomain.push(sessionArgs[++i]);
       }
     }
-    const { parseShareArg } = await import('./commands--SLXTrkN.mjs');
+    const { parseShareArg } = await import('./commands-CZs5avkF.mjs');
     const shareEntries = share.map((s) => parseShareArg(s));
     await sessionSpawn(agent, dir, targetMachineId, {
       message,
@@ -673,7 +673,8 @@ async function handleSessionCommand() {
     await sessionAttach(sessionArgs[1], targetMachineId);
   } else if (sessionSubcommand === "send") {
     if (!sessionArgs[1] || !sessionArgs[2]) {
-      console.error('Usage: svamp session send <session-id> <message> [--subject "..."] [--urgency urgent|normal] [--wait] [--response] [--btw] [--require-approval] [--timeout N] [--json]');
+      console.error('Usage: svamp session send <session-id> <message> [--model <id>] [--subject "..."] [--urgency urgent|normal] [--wait] [--response] [--btw] [--require-approval] [--timeout N] [--json]');
+      console.error("  --model <id>   Switch the session model (e.g. claude-opus-4-7, claude-sonnet-4-6) before delivering the message \u2014 forces a respawn.");
       process.exit(1);
     }
     await sessionSend(sessionArgs[1], sessionArgs[2], targetMachineId, {
@@ -684,7 +685,8 @@ async function handleSessionCommand() {
       timeout: parseFlagInt("--timeout"),
       json: hasFlag("--json"),
       subject: parseFlagStr("--subject"),
-      urgency: parseFlagStr("--urgency")
+      urgency: parseFlagStr("--urgency"),
+      model: parseFlagStr("--model")
     });
   } else if (sessionSubcommand === "query") {
     const dir = sessionArgs[1];
@@ -694,7 +696,7 @@ async function handleSessionCommand() {
       console.error("  Spawns a stateless Claude session in <directory>, sends <prompt>, prints the answer, then deletes the session.");
       process.exit(1);
     }
-    const { sessionQuery } = await import('./commands--SLXTrkN.mjs');
+    const { sessionQuery } = await import('./commands-CZs5avkF.mjs');
     await sessionQuery(dir, prompt, targetMachineId, {
       timeout: parseFlagInt("--timeout"),
       json: hasFlag("--json"),
@@ -727,7 +729,7 @@ async function handleSessionCommand() {
       console.error("Usage: svamp session approve <session-id> [request-id] [--json]");
       process.exit(1);
     }
-    const { sessionApprove } = await import('./commands--SLXTrkN.mjs');
+    const { sessionApprove } = await import('./commands-CZs5avkF.mjs');
     const approveReqId = sessionArgs[2] && !sessionArgs[2].startsWith("--") ? sessionArgs[2] : void 0;
     await sessionApprove(sessionArgs[1], approveReqId, targetMachineId, {
       json: hasFlag("--json")
@@ -737,7 +739,7 @@ async function handleSessionCommand() {
       console.error("Usage: svamp session deny <session-id> [request-id] [--json]");
       process.exit(1);
     }
-    const { sessionDeny } = await import('./commands--SLXTrkN.mjs');
+    const { sessionDeny } = await import('./commands-CZs5avkF.mjs');
     const denyReqId = sessionArgs[2] && !sessionArgs[2].startsWith("--") ? sessionArgs[2] : void 0;
     await sessionDeny(sessionArgs[1], denyReqId, targetMachineId, {
       json: hasFlag("--json")
@@ -773,7 +775,7 @@ async function handleSessionCommand() {
       console.error("Usage: svamp session set-title <title>");
       process.exit(1);
     }
-    const { sessionSetTitle } = await import('./agentCommands-BXQNGfyi.mjs');
+    const { sessionSetTitle } = await import('./agentCommands-CKVP9dOf.mjs');
     await sessionSetTitle(title);
   } else if (sessionSubcommand === "set-link") {
     const url = sessionArgs[1];
@@ -782,7 +784,7 @@ async function handleSessionCommand() {
       process.exit(1);
     }
     const label = sessionArgs[2] && !sessionArgs[2].startsWith("--") ? sessionArgs[2] : void 0;
-    const { sessionSetLink } = await import('./agentCommands-BXQNGfyi.mjs');
+    const { sessionSetLink } = await import('./agentCommands-CKVP9dOf.mjs');
     await sessionSetLink(url, label);
   } else if (sessionSubcommand === "notify") {
     const message = sessionArgs[1];
@@ -791,7 +793,7 @@ async function handleSessionCommand() {
       process.exit(1);
     }
     const level = parseFlagStr("--level") || "info";
-    const { sessionNotify } = await import('./agentCommands-BXQNGfyi.mjs');
+    const { sessionNotify } = await import('./agentCommands-CKVP9dOf.mjs');
     await sessionNotify(message, level);
   } else if (sessionSubcommand === "broadcast") {
     const action = sessionArgs[1];
@@ -799,7 +801,7 @@ async function handleSessionCommand() {
       console.error("Usage: svamp session broadcast <action> [args...]\nActions: open-canvas <url> [label], close-canvas, toast <message>");
       process.exit(1);
     }
-    const { sessionBroadcast } = await import('./agentCommands-BXQNGfyi.mjs');
+    const { sessionBroadcast } = await import('./agentCommands-CKVP9dOf.mjs');
     await sessionBroadcast(action, sessionArgs.slice(2).filter((a) => !a.startsWith("--")));
   } else if (sessionSubcommand === "inbox") {
     const inboxSubcmd = sessionArgs[1];
@@ -810,7 +812,7 @@ async function handleSessionCommand() {
         process.exit(1);
       }
       if (agentSessionId) {
-        const { inboxSend } = await import('./agentCommands-BXQNGfyi.mjs');
+        const { inboxSend } = await import('./agentCommands-CKVP9dOf.mjs');
         await inboxSend(sessionArgs[2], {
           body: sessionArgs[3],
           subject: parseFlagStr("--subject"),
@@ -825,7 +827,7 @@ async function handleSessionCommand() {
       }
     } else if (inboxSubcmd === "list" || inboxSubcmd === "ls") {
       if (agentSessionId && !sessionArgs[2]) {
-        const { inboxList } = await import('./agentCommands-BXQNGfyi.mjs');
+        const { inboxList } = await import('./agentCommands-CKVP9dOf.mjs');
         await inboxList({
           unread: hasFlag("--unread"),
           limit: parseFlagInt("--limit"),
@@ -847,7 +849,7 @@ async function handleSessionCommand() {
         process.exit(1);
       }
       if (agentSessionId && !sessionArgs[3]) {
-        const { inboxList } = await import('./agentCommands-BXQNGfyi.mjs');
+        const { inboxList } = await import('./agentCommands-CKVP9dOf.mjs');
         await sessionInboxRead(agentSessionId, sessionArgs[2], targetMachineId);
       } else if (sessionArgs[3]) {
         await sessionInboxRead(sessionArgs[2], sessionArgs[3], targetMachineId);
@@ -857,7 +859,7 @@ async function handleSessionCommand() {
       }
     } else if (inboxSubcmd === "reply") {
       if (agentSessionId && sessionArgs[2] && sessionArgs[3] && !sessionArgs[4]) {
-        const { inboxReply } = await import('./agentCommands-BXQNGfyi.mjs');
+        const { inboxReply } = await import('./agentCommands-CKVP9dOf.mjs');
         await inboxReply(sessionArgs[2], sessionArgs[3]);
       } else if (sessionArgs[2] && sessionArgs[3] && sessionArgs[4]) {
         await sessionInboxReply(sessionArgs[2], sessionArgs[3], sessionArgs[4], targetMachineId);
@@ -893,7 +895,7 @@ async function handleMachineCommand() {
     return;
   }
   if (machineSubcommand === "share") {
-    const { machineShare } = await import('./commands--SLXTrkN.mjs');
+    const { machineShare } = await import('./commands-CZs5avkF.mjs');
     let machineId;
     const shareArgs = [];
     for (let i = 1; i < machineArgs.length; i++) {
@@ -923,7 +925,7 @@ async function handleMachineCommand() {
     }
     await machineShare(machineId, { add, remove, list, configPath, showConfig });
   } else if (machineSubcommand === "exec") {
-    const { machineExec } = await import('./commands--SLXTrkN.mjs');
+    const { machineExec } = await import('./commands-CZs5avkF.mjs');
     let machineId;
     let cwd;
     const cmdParts = [];
@@ -943,7 +945,7 @@ async function handleMachineCommand() {
     }
     await machineExec(machineId, command, cwd);
   } else if (machineSubcommand === "info") {
-    const { machineInfo } = await import('./commands--SLXTrkN.mjs');
+    const { machineInfo } = await import('./commands-CZs5avkF.mjs');
     let machineId;
     for (let i = 1; i < machineArgs.length; i++) {
       if ((machineArgs[i] === "--machine" || machineArgs[i] === "-m") && i + 1 < machineArgs.length) {
@@ -963,10 +965,10 @@ async function handleMachineCommand() {
         level = machineArgs[++i];
       }
     }
-    const { machineNotify } = await import('./agentCommands-BXQNGfyi.mjs');
+    const { machineNotify } = await import('./agentCommands-CKVP9dOf.mjs');
     await machineNotify(message, level);
   } else if (machineSubcommand === "ls") {
-    const { machineLs } = await import('./commands--SLXTrkN.mjs');
+    const { machineLs } = await import('./commands-CZs5avkF.mjs');
     let machineId;
     let showHidden = false;
     let path;
@@ -1020,24 +1022,24 @@ Examples:
   };
   const hasFlag = (name) => fleetArgs.includes(`--${name}`);
   if (sub === "status") {
-    const { fleetStatus } = await import('./fleet-DMajjqRV.mjs');
+    const { fleetStatus } = await import('./fleet-Dxy1dK0s.mjs');
     await fleetStatus();
   } else if (sub === "exec") {
     const command = fleetArgs.slice(1).filter((a) => !a.startsWith("--")).join(" ");
-    const { fleetExec } = await import('./fleet-DMajjqRV.mjs');
+    const { fleetExec } = await import('./fleet-Dxy1dK0s.mjs');
     await fleetExec(command, { cwd: flag("cwd") });
   } else if (sub === "upgrade-claude") {
-    const { fleetUpgradeClaude } = await import('./fleet-DMajjqRV.mjs');
+    const { fleetUpgradeClaude } = await import('./fleet-Dxy1dK0s.mjs');
     await fleetUpgradeClaude({ version: flag("version", "-v") });
   } else if (sub === "upgrade-svamp") {
-    const { fleetUpgradeSvamp } = await import('./fleet-DMajjqRV.mjs');
+    const { fleetUpgradeSvamp } = await import('./fleet-Dxy1dK0s.mjs');
     await fleetUpgradeSvamp({ version: flag("version", "-v") });
   } else if (sub === "daemon-restart") {
-    const { fleetDaemonRestart } = await import('./fleet-DMajjqRV.mjs');
+    const { fleetDaemonRestart } = await import('./fleet-Dxy1dK0s.mjs');
     await fleetDaemonRestart({ graceful: !hasFlag("cleanup") });
   } else if (sub === "push-skill") {
     const name = fleetArgs[1];
-    const { fleetPushSkill } = await import('./fleet-DMajjqRV.mjs');
+    const { fleetPushSkill } = await import('./fleet-Dxy1dK0s.mjs');
     await fleetPushSkill(name);
   } else {
     console.error(`Unknown fleet subcommand: ${sub}`);
@@ -1496,7 +1498,7 @@ async function applyClaudeAuthFlags(argv) {
       "--use-hypha-proxy, --use-claude-login, and --anthropic-base-url/--anthropic-api-key are mutually exclusive"
     );
   }
-  const mod = await import('./run-Br90om8R.mjs').then(function (n) { return n.t; });
+  const mod = await import('./run-D1eKN5kE.mjs').then(function (n) { return n.t; });
   if (hasHypha) {
     mod.setClaudeAuthHyphaProxy();
     console.log("Claude auth configured: hypha-proxy (uses HYPHA_TOKEN live at each spawn).");
@@ -1534,7 +1536,7 @@ async function applyDaemonShareFlag(argv) {
     }
   }
   if (collected.length === 0) return;
-  const { updateEnvFile } = await import('./run-Br90om8R.mjs').then(function (n) { return n.t; });
+  const { updateEnvFile } = await import('./run-D1eKN5kE.mjs').then(function (n) { return n.t; });
   const seen = /* @__PURE__ */ new Set();
   const deduped = collected.filter((e) => {
     const k = e.toLowerCase();
@@ -1547,7 +1549,7 @@ async function applyDaemonShareFlag(argv) {
 }
 async function handleDaemonAuthCommand(argv) {
   const sub = (argv[0] || "status").toLowerCase();
-  const mod = await import('./run-Br90om8R.mjs').then(function (n) { return n.t; });
+  const mod = await import('./run-D1eKN5kE.mjs').then(function (n) { return n.t; });
   if (sub === "--help" || sub === "-h" || sub === "help") {
     console.log(`
 svamp daemon auth \u2014 Configure how Claude subprocesses authenticate

package/dist/{commands-BTZCHV-Z.mjs → commands-BZm6LT7D.mjs}

@@ -1,11 +1,11 @@
 import { writeFileSync, readFileSync } from 'fs';
 import { resolve } from 'path';
-import { connectAndGetMachine } from './commands--SLXTrkN.mjs';
+import { connectAndGetMachine } from './commands-CZs5avkF.mjs';
 import 'node:fs';
 import 'node:child_process';
 import 'node:path';
 import 'node:os';
-import './run-Br90om8R.mjs';
+import './run-D1eKN5kE.mjs';
 import 'os';
 import 'fs/promises';
 import 'url';

package/dist/{commands--SLXTrkN.mjs → commands-CZs5avkF.mjs}

@@ -2,7 +2,7 @@ import { existsSync, readFileSync } from 'node:fs';
 import { execSync } from 'node:child_process';
 import { resolve, join } from 'node:path';
 import os from 'node:os';
-import { n as normalizeAllowedUser, l as loadSecurityContextConfig, e as resolveSecurityContext, f as buildSecurityContextFromFlags, m as mergeSecurityContexts, c as connectToHypha, i as buildSessionShareUrl, j as buildMachineShareUrl } from './run-Br90om8R.mjs';
+import { n as normalizeAllowedUser, l as loadSecurityContextConfig, e as resolveSecurityContext, f as buildSecurityContextFromFlags, m as mergeSecurityContexts, c as connectToHypha, i as buildSessionShareUrl, j as buildMachineShareUrl } from './run-D1eKN5kE.mjs';
 import 'os';
 import 'fs/promises';
 import 'fs';
@@ -1123,9 +1123,14 @@ async function sessionMessages(sessionId, machineId, opts) {
   const { server, machine, fullId } = await connectAndResolveSession(sessionId, machineId);
   try {
     const svc = getSessionProxy(machine, fullId);
-    const afterSeq = opts?.after ?? 0;
-    const apiLimit = opts?.limit ?? 1e3;
-    const { messages } = await svc.getMessages(afterSeq, apiLimit);
+    let messages;
+    if (opts?.after !== void 0) {
+      const apiLimit = opts?.limit ?? 500;
+      ({ messages } = await svc.getMessages(opts.after, apiLimit));
+    } else {
+      const tailCount = Math.min(opts?.last ?? opts?.limit ?? 50, 500);
+      ({ messages } = await svc.getLatestMessages(void 0, tailCount));
+    }
     const toShow = opts?.last ? messages.slice(-opts.last) : messages;
     if (toShow.length === 0) {
       if (opts?.json) {
@@ -1428,6 +1433,7 @@ function validateSendOptions(opts) {
   if (opts.urgency) incompatible.push("--urgency");
   if (opts.wait) incompatible.push("--wait");
   if (opts.response) incompatible.push("--response");
+  if (opts.model) incompatible.push("--model");
   return incompatible;
 }
 async function sendCore(machine, fullId, message, opts) {
@@ -1454,6 +1460,55 @@ async function sendCore(machine, fullId, message, opts) {
   }
   const wantResponse = !!opts?.response;
   const shouldWait = !!opts?.wait || wantResponse;
+  if (opts?.model) {
+    const { randomUUID: ruuid } = await import('node:crypto');
+    if (shouldWait && !opts?.requireApproval) {
+      try {
+        await machine.sessionRPC(fullId, "switchMode", { mode: "bypassPermissions" });
+      } catch {
+      }
+    }
+    try {
+      await machine.sessionRPC(fullId, "abort", {});
+    } catch {
+    }
+    await new Promise((r) => setTimeout(r, 2e3));
+    const meta = { model: opts.model, sentFrom: "svamp-cli" };
+    const contentStr = JSON.stringify({ role: "user", content: { type: "text", text: message }, meta });
+    const sendRes = await machine.sessionRPC(fullId, "sendMessage", {
+      content: contentStr,
+      localId: ruuid(),
+      meta
+    });
+    let mWait;
+    if (shouldWait) {
+      mWait = await waitForBusyThenIdle(machine, fullId, (opts?.timeout || 300) * 1e3);
+    }
+    if (mWait?.pendingPermissions?.length) {
+      return {
+        sessionId: fullId,
+        mode: "send",
+        sent: true,
+        messageId: sendRes?.id,
+        waited: true,
+        status: "permission-pending",
+        pendingPermissions: mWait.pendingPermissions
+      };
+    }
+    let mResponse;
+    if (wantResponse) {
+      mResponse = await collectAssistantResponse(machine, fullId, 0);
+    }
+    return {
+      sessionId: fullId,
+      mode: "send",
+      sent: true,
+      messageId: sendRes?.id,
+      waited: shouldWait,
+      status: shouldWait ? "idle" : "sent",
+      ...wantResponse && mResponse ? { response: mResponse.text, responseSeqs: mResponse.messageSeqs } : {}
+    };
+  }
   let bypassEnsured = false;
   if (shouldWait && !opts?.requireApproval) {
     try {

package/dist/{commands-yzpViN29.mjs → commands-DLVy7n8Z.mjs}

@@ -68,7 +68,7 @@ async function serviceExpose(args) {
     });
     return;
   }
-  const { connectAndGetMachine } = await import('./commands--SLXTrkN.mjs');
+  const { connectAndGetMachine } = await import('./commands-CZs5avkF.mjs');
   const { server, machine } = await connectAndGetMachine();
   try {
     const status = await machine.tunnelStart({
@@ -132,7 +132,7 @@ async function serviceServe(args) {
 }
 async function serviceList(_args) {
   try {
-    const { connectAndGetMachine } = await import('./commands--SLXTrkN.mjs');
+    const { connectAndGetMachine } = await import('./commands-CZs5avkF.mjs');
     const { server, machine } = await connectAndGetMachine();
     try {
       const tunnels = await machine.tunnelList({});
@@ -161,7 +161,7 @@ async function serviceDelete(args) {
     process.exit(1);
   }
   try {
-    const { connectAndGetMachine } = await import('./commands--SLXTrkN.mjs');
+    const { connectAndGetMachine } = await import('./commands-CZs5avkF.mjs');
     const { server, machine } = await connectAndGetMachine();
     try {
       await machine.tunnelStop({ name });

package/dist/{fleet-DMajjqRV.mjs → fleet-Dxy1dK0s.mjs}

@@ -1,7 +1,7 @@
 import { existsSync, readFileSync } from 'node:fs';
 import { join } from 'node:path';
 import os from 'node:os';
-import { c as connectToHypha } from './run-Br90om8R.mjs';
+import { c as connectToHypha } from './run-D1eKN5kE.mjs';
 import { PINNED_CLAUDE_CODE_VERSION } from './pinnedClaudeCode-HydRNEt7.mjs';
 import 'os';
 import 'fs/promises';

package/dist/index.mjs

@@ -1,4 +1,4 @@
-export { c as connectToHypha, d as daemonStatus, g as getHyphaServerUrl, r as registerMachineService, a as registerSessionService, s as startDaemon, b as stopDaemon } from './run-Br90om8R.mjs';
+export { c as connectToHypha, d as daemonStatus, g as getHyphaServerUrl, r as registerMachineService, a as registerSessionService, s as startDaemon, b as stopDaemon } from './run-D1eKN5kE.mjs';
 import 'os';
 import 'fs/promises';
 import 'fs';

package/dist/{package-C__x7TGc.mjs → package-CfUAL2KO.mjs}

@@ -1,5 +1,5 @@
 var name = "svamp-cli";
-var version = "0.2.74";
+var version = "0.2.76";
 var description = "Svamp CLI — AI workspace daemon on Hypha Cloud";
 var author = "Amun AI AB";
 var license = "SEE LICENSE IN LICENSE";

package/dist/{run-Br90om8R.mjs → run-D1eKN5kE.mjs}

@@ -5559,6 +5559,7 @@ function applyDaemonShareSeed(sharing, seedEmails, ownerEmail) {
 
 const AUTH0_NAMESPACES = ["https://api.imjoy.io/", "https://amun.ai/"];
 const COOKIE_NAME = "svamp_serve_token";
+const SVAMP_SERVE_TOKEN_PARAM = "__svamp_serve_token";
 const DEFAULT_CACHE_TTL_MS = 5 * 60 * 1e3;
 const DEFAULT_CACHE_MAX_SIZE = 1e3;
 class TokenCache {
@@ -5603,8 +5604,10 @@ function extractToken(req) {
     return auth.slice(7).trim();
   }
   const url = new URL(req.url || "/", "http://localhost");
-  const qToken = url.searchParams.get("token");
-  if (qToken) return qToken;
+  const svampTokens = url.searchParams.getAll(SVAMP_SERVE_TOKEN_PARAM);
+  if (svampTokens.length > 0) return svampTokens[svampTokens.length - 1];
+  const tokens = url.searchParams.getAll("token");
+  if (tokens.length > 0) return tokens[tokens.length - 1];
   return null;
 }
 function parseCookies(header) {
@@ -5746,6 +5749,7 @@ a:hover{text-decoration:underline}
 const hyphaServer = ${JSON.stringify(this.hyphaServerUrl)};
 const redirectUrl = ${JSON.stringify(redirectUrl)};
 const cookieName = ${JSON.stringify(COOKIE_NAME)};
+const tokenParam = ${JSON.stringify(SVAMP_SERVE_TOKEN_PARAM)};
 
 const btn = document.getElementById('login-btn');
 const statusEl = document.getElementById('status');
@@ -5815,13 +5819,26 @@ btn.addEventListener('click', async () => {
         // Also carry the token in the redirect URL as a fallback: browsers that
         // block third-party cookies entirely (Safari ITP, Chrome 3p-cookie
         // phaseout) won't send the cookie above when we're framed cross-site, but
-        // the proxy also accepts ?token= on the request. Harmless when the cookie
-        // does work \u2014 extractToken() prefers the cookie.
-        let dest = redirectUrl;
+        // the proxy also accepts the param on the request. Harmless when the
+        // cookie works \u2014 extractToken() prefers the cookie.
+        //
+        // Use the dedicated __svamp_serve_token name (not plain "token") so it
+        // can never collide with any token the originally-requested URL had
+        // for its own purposes \u2014 that collision caused the "stays on login
+        // page" loop where the proxy's URL parser returned the *stale* token.
+        // URL/URLSearchParams handles encoding, dedup of our own param across
+        // retries, and preserving everything else (hash, other query, etc.).
+        let dest;
         try {
-            const sep = dest.indexOf('?') === -1 ? '?' : '&';
-            dest = dest + sep + 'token=' + encodeURIComponent(token);
-        } catch (e) {}
+            const u = new URL(redirectUrl, location.origin);
+            u.searchParams.delete(tokenParam);
+            u.searchParams.append(tokenParam, token);
+            dest = u.pathname + u.search + u.hash;
+        } catch (e) {
+            // Fallback if URL parsing fails for some reason \u2014 just append.
+            const sep = redirectUrl.indexOf('?') === -1 ? '?' : '&';
+            dest = redirectUrl + sep + tokenParam + '=' + encodeURIComponent(token);
+        }
 
         try { popup.close(); } catch (e) {}
         statusEl.innerHTML = '<span class="ok">Signed in. Redirecting\u2026</span>';
@@ -6758,6 +6775,43 @@ function checkTruncation(format, tail, fileSize, head) {
 const __filename$1 = fileURLToPath(import.meta.url);
 const __dirname$1 = dirname(__filename$1);
 const CLAUDE_SKILLS_DIR = join(os$1.homedir(), ".claude", "skills");
+function looksLikeClaudeError(line) {
+  const l = line.toLowerCase();
+  return l.includes("api error") || l.includes("request rejected") || l.includes("error:") || l.includes("overloaded") || l.includes("rate limit") || l.includes("unauthorized") || l.includes("forbidden") || /\b(4\d\d|5\d\d)\b/.test(l) && (l.includes("status") || l.includes("error") || l.includes("rejected"));
+}
+function dedupeLines(lines) {
+  const seen = /* @__PURE__ */ new Set();
+  const out = [];
+  for (const raw of lines) {
+    const line = raw.trim();
+    if (!line || seen.has(line)) continue;
+    seen.add(line);
+    out.push(line);
+  }
+  return out;
+}
+function buildClaudeErrorHint(text, apiErrorStatus) {
+  const lower = (text || "").toLowerCase();
+  const isOverload = apiErrorStatus === 529 || lower.includes("529") || lower.includes("overload");
+  const isResumeIssue = lower.includes("tool_use.name") || lower.includes("invalid_request") || lower.includes("messages.");
+  const isBillingIssue = lower.includes("credit") || lower.includes("balance") || lower.includes("billing") || lower.includes("quota") || lower.includes("subscription") || lower.includes("payment") || lower.includes("1m-context") || lower.includes("1m context");
+  const isLoginIssue = lower.includes("login") || lower.includes("logged in") || lower.includes("auth") || lower.includes("api key") || lower.includes("unauthorized");
+  if (isOverload) {
+    const onHyphaProxy = (process.env.SVAMP_CLAUDE_PROXY || "").toLowerCase() === "hypha";
+    const proxyHint = onHyphaProxy ? "" : "\n\u2022 Switch the daemon to the Hypha proxy (rotates across accounts on 529): `svamp daemon auth use-hypha-proxy && svamp daemon restart`";
+    return "\n\nAnthropic returned HTTP 529 Overloaded \u2014 server-side capacity, not your account. This session may be pinned to a hot backend shard.\n\u2022 Start a fresh session (different conversation id \u2192 different shard).\n\u2022 Wait a minute and resend.\n\u2022 Check https://status.claude.com." + proxyHint;
+  }
+  if (isBillingIssue) {
+    return "\n\nThis looks like an account/plan limit (credits, quota, or context size not covered by your subscription). Switch the session to a standard 200K-context model (e.g. `claude-opus-4-7` / `claude-sonnet-4-6`), or check your Claude account credits/subscription at https://console.anthropic.com.";
+  }
+  if (isLoginIssue) {
+    return "\n\nRun `claude login` in your terminal on the machine running the daemon to re-authenticate.";
+  }
+  if (isResumeIssue) {
+    return "\n\nThe conversation history may be corrupted. Try starting a fresh session.";
+  }
+  return "\n\nCheck that the Claude Code CLI is properly installed and configured.";
+}
 function readSkillVersion(skillDir) {
   try {
     const md = readFileSync$1(join(skillDir, "SKILL.md"), "utf-8");
@@ -7885,7 +7939,7 @@ async function startDaemon(options) {
     const list = loadExposedTunnels().filter((t) => t.name !== name);
     saveExposedTunnels(list);
   }
-  const { ServeManager } = await import('./serveManager-ClzowUXI.mjs');
+  const { ServeManager } = await import('./serveManager-Cpzlvbw7.mjs');
   const serveManager = new ServeManager(SVAMP_HOME, (msg) => logger.log(`[SERVE] ${msg}`), hyphaServerUrl);
   ensureAutoInstalledSkills(logger).catch(() => {
   });
@@ -8106,6 +8160,7 @@ async function startDaemon(options) {
         let startupFailureRetryPending = false;
         let startupRetryMessage;
         let startupNonJsonLines = [];
+        let errorOutputLines = [];
         const STUCK_PROCESS_TIMEOUT_MS = 30 * 60 * 1e3;
         const STUCK_CHECK_INTERVAL_MS = 2 * 60 * 1e3;
         let lastOutputTime = Date.now();
@@ -8224,6 +8279,7 @@ async function startDaemon(options) {
         const spawnClaude = (initialMessage, meta) => {
           const effectiveMeta = { ...lastSpawnMeta, ...meta };
           startupNonJsonLines = [];
+          errorOutputLines = [];
           startupRetryMessage = initialMessage;
           let rawPermissionMode = effectiveMeta.permissionMode || agentConfig.default_permission_mode || currentPermissionMode;
           if (options2.forceIsolation || sessionMetadata.sharing?.enabled) {
@@ -8469,18 +8525,8 @@ async function startDaemon(options) {
                         lastErrorMessagePushed = true;
                       } else {
                         const lower = resultText.toLowerCase();
-                        const isOverload = msg.api_error_status === 529 || lower.includes("529") || lower.includes("overload");
                         const isLoginIssue = lower.includes("login") || lower.includes("logged in") || lower.includes("auth") || lower.includes("api key") || lower.includes("unauthorized");
-                        const isResumeIssue = lower.includes("tool_use.name") || lower.includes("invalid_request") || lower.includes("messages.");
-                        const isBillingIssue = lower.includes("credit") || lower.includes("balance") || lower.includes("billing") || lower.includes("quota") || lower.includes("subscription") || lower.includes("payment");
-                        let hint = "";
-                        if (isOverload) {
-                          const onHyphaProxy = (process.env.SVAMP_CLAUDE_PROXY || "").toLowerCase() === "hypha";
-                          const proxyHint = onHyphaProxy ? "" : "\n\u2022 Switch the daemon to the Hypha proxy (rotates across accounts on 529): `svamp daemon auth use-hypha-proxy && svamp daemon restart`";
-                          hint = "\n\nAnthropic returned HTTP 529 Overloaded \u2014 server-side capacity, not your account. This session may be pinned to a hot backend shard.\n\u2022 Start a fresh session (different conversation id \u2192 different shard).\n\u2022 Wait a minute and resend.\n\u2022 Check https://status.claude.com." + proxyHint;
-                        } else if (isBillingIssue) {
-                          hint = "\n\nCheck your Claude account credits or subscription at https://console.anthropic.com.";
-                        } else if (isLoginIssue) {
+                        if (isLoginIssue) {
                           checkAndRefreshOAuthToken(true, logger).then((r) => {
                             if (r.refreshed) {
                               logger.log(`[Session ${sessionId}] OAuth token refreshed after auth error \u2014 retrying on next message`);
@@ -8489,12 +8535,8 @@ async function startDaemon(options) {
                           }).catch((err) => {
                             logger.log(`[Session ${sessionId}] Reactive OAuth refresh failed: ${err.message}`);
                           });
-                          hint = "\n\nRun `claude login` in your terminal on the machine running the daemon to re-authenticate.";
-                        } else if (isResumeIssue) {
-                          hint = "\n\nThe conversation history may be corrupted. Try starting a fresh session.";
-                        } else {
-                          hint = "\n\nCheck that the Claude Code CLI is properly installed and configured.";
                         }
+                        const hint = buildClaudeErrorHint(resultText, msg.api_error_status);
                         const displayMsg = resultText || "Claude Code exited with an error.";
                         let contextInfo = "";
                         if (startupNonJsonLines.length > 0) {
@@ -8867,6 +8909,9 @@ The automated loop has finished. Review the progress above and let me know if yo
                 if (!spawnHasReceivedInit) {
                   startupNonJsonLines.push(line.slice(0, 500));
                 }
+                if (looksLikeClaudeError(line)) {
+                  errorOutputLines.push(line.slice(0, 500));
+                }
               }
             }
           });
@@ -8888,6 +8933,11 @@ The automated loop has finished. Review the progress above and let me know if yo
             const text = chunk.toString();
             logger.log(`[Session ${sessionId}] Claude stderr: ${text.trim()}`);
             stderrBuffer += text;
+            for (const line of text.split("\n")) {
+              if (looksLikeClaudeError(line)) {
+                errorOutputLines.push(line.trim().slice(0, 500));
+              }
+            }
           });
           child.on("exit", (code, signal) => {
             logger.log(`[Session ${sessionId}] Claude exited: code=${code}, signal=${signal}`);
@@ -8903,10 +8953,18 @@ The automated loop has finished. Review the progress above and let me know if yo
             }
             pendingPermissions.clear();
             if (code !== 0 && code !== null && !lastErrorMessagePushed) {
+              const capturedError = dedupeLines(errorOutputLines).join("\n").trim();
+              let exitMsg = `Agent process exited unexpectedly (code ${code}${signal ? `, signal: ${signal}` : ""})`;
+              if (capturedError) {
+                exitMsg += `
+
+${capturedError}${buildClaudeErrorHint(capturedError)}`;
+              }
               sessionService.pushMessage(
-                { type: "message", message: `Agent process exited unexpectedly (code ${code}${signal ? `, signal: ${signal}` : ""})` },
+                { type: "message", message: exitMsg, level: "error" },
                 "event"
               );
+              lastErrorMessagePushed = true;
             }
             lastErrorMessagePushed = false;
             sessionMetadata = { ...sessionMetadata, lifecycleState: claudeResumeId ? "idle" : "stopped" };

package/dist/{run-DO_Axr2M.mjs → run-DxXRSNiT.mjs}

@@ -2,7 +2,7 @@ import{createRequire as _pkgrollCR}from"node:module";const require=_pkgrollCR(im
 import os from 'node:os';
 import { resolve, join } from 'node:path';
 import { existsSync, readFileSync, watch } from 'node:fs';
-import { c as connectToHypha, a as registerSessionService, k as generateHookSettings } from './run-Br90om8R.mjs';
+import { c as connectToHypha, a as registerSessionService, k as generateHookSettings } from './run-D1eKN5kE.mjs';
 import { createServer } from 'node:http';
 import { spawn } from 'node:child_process';
 import { createInterface } from 'node:readline';

package/dist/{serveCommands-Cu_2l3vg.mjs → serveCommands-vzzDvFg_.mjs}

@@ -54,7 +54,7 @@ async function handleServeCommand() {
   }
 }
 async function serveAdd(args, machineId) {
-  const { connectAndGetMachine } = await import('./commands--SLXTrkN.mjs');
+  const { connectAndGetMachine } = await import('./commands-CZs5avkF.mjs');
   const pos = positionalArgs(args);
   const name = pos[0];
   if (!name) {
@@ -93,7 +93,7 @@ async function serveAdd(args, machineId) {
   }
 }
 async function serveApply(args, machineId) {
-  const { connectAndGetMachine } = await import('./commands--SLXTrkN.mjs');
+  const { connectAndGetMachine } = await import('./commands-CZs5avkF.mjs');
   const fs = await import('fs');
   const yaml = await import('yaml');
   const file = positionalArgs(args)[0];
@@ -182,7 +182,7 @@ async function serveApply(args, machineId) {
   }
 }
 async function serveRemove(args, machineId) {
-  const { connectAndGetMachine } = await import('./commands--SLXTrkN.mjs');
+  const { connectAndGetMachine } = await import('./commands-CZs5avkF.mjs');
   const pos = positionalArgs(args);
   const name = pos[0];
   if (!name) {
@@ -202,7 +202,7 @@ async function serveRemove(args, machineId) {
   }
 }
 async function serveList(args, machineId) {
-  const { connectAndGetMachine } = await import('./commands--SLXTrkN.mjs');
+  const { connectAndGetMachine } = await import('./commands-CZs5avkF.mjs');
   const all = hasFlag(args, "--all", "-a");
   const json = hasFlag(args, "--json");
   const sessionId = getFlag(args, "--session");
@@ -235,7 +235,7 @@ async function serveList(args, machineId) {
   }
 }
 async function serveInfo(machineId) {
-  const { connectAndGetMachine } = await import('./commands--SLXTrkN.mjs');
+  const { connectAndGetMachine } = await import('./commands-CZs5avkF.mjs');
   const { machine, server } = await connectAndGetMachine(machineId);
   try {
     const info = await machine.serveInfo();

package/dist/{serveManager-ClzowUXI.mjs → serveManager-Cpzlvbw7.mjs}

@@ -4,7 +4,7 @@ import * as fs from 'fs';
 import * as http from 'http';
 import * as net from 'net';
 import * as path from 'path';
-import { S as ServeAuth, h as hasCookieToken } from './run-Br90om8R.mjs';
+import { S as ServeAuth, h as hasCookieToken } from './run-D1eKN5kE.mjs';
 import 'os';
 import 'fs/promises';
 import 'url';
@@ -530,7 +530,8 @@ class ServeManager {
         }
         if (basePath === "/__login__" || url.pathname === "/__login__") {
           const returnUrl = url.searchParams.get("return") || "/";
-          const safeReturn = returnUrl.startsWith("/__login__") ? "/" : returnUrl;
+          const isSameOriginPath = returnUrl.startsWith("/") && !returnUrl.startsWith("//") && !returnUrl.startsWith("/__login__");
+          const safeReturn = isSameOriginPath ? returnUrl : "/";
           const html = this.auth ? this.auth.getLoginPageHtml(safeReturn) : "<h1>Auth not configured</h1>";
           res.writeHead(200, {
             "Content-Type": "text/html; charset=utf-8",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "svamp-cli",
-  "version": "0.2.74",
+  "version": "0.2.76",
   "description": "Svamp CLI — AI workspace daemon on Hypha Cloud",
   "author": "Amun AI AB",
   "license": "SEE LICENSE IN LICENSE",