thinkpool-pair 0.7.7 → 0.7.9

package/bridge.mjs

@@ -457,14 +457,16 @@ function printLocal(evt) {
 // relay STRUCTURED events. onEvent → broadcast `code-event` + print locally +
 // persist to the host file; tool calls round-trip through the perm card; the
 // rolling log replays to joiners and survives bridge restarts (session-store).
-function openStructured({ id, model, resume, log, commands }) {
+function openStructured({ id, model, resume, log, commands, mode }) {
   if (sessions.has(id)) return
-  const entry = { cmd: 'claude', kind: 'structured', log: Array.isArray(log) ? log.slice(-STRUCTURED_LOG_MAX) : [], pending: new Map(), session: null, recovered: false, commands: Array.isArray(commands) ? commands : undefined }
+  const entry = { cmd: 'claude', kind: 'structured', log: Array.isArray(log) ? log.slice(-STRUCTURED_LOG_MAX) : [], pending: new Map(), session: null, recovered: false, commands: Array.isArray(commands) ? commands : undefined, mode }
   sessions.set(id, entry)
   if (entry.log.length) process.stderr.write(`\n  ◆ restored ${entry.log.length} prior events (${id.slice(0, 8)})${resume ? ' + resuming live context' : ''}.\n`)
-  const persist = () => saveSession(room, id, { sessionId: entry.session?.sessionId || resume || null, log: entry.log, commands: entry.commands })
+  // Persist the permission mode alongside the transcript so a bridge restart
+  // restores the session in the SAME mode (a bypass room stays bypass on resume).
+  const persist = () => saveSession(room, id, { sessionId: entry.session?.sessionId || resume || null, log: entry.log, commands: entry.commands, mode: entry.mode })
   entry.session = startClaudeSession({
-    cwd: process.cwd(), model, resume,
+    cwd: process.cwd(), model, resume, mode,
     onEvent: (evt) => {
       // Self-heal a stale resume — the saved SDK session expired. Reopen fresh,
       // keeping the transcript (scrollback survives; live context is gone).
@@ -473,7 +475,7 @@ function openStructured({ id, model, resume, log, commands }) {
         process.stderr.write(`\n  ◆ saved session expired — starting fresh (transcript kept).\n`)
         try { entry.session?.end() } catch { /* noop */ }
         sessions.delete(id)
-        openStructured({ id, model, log: entry.log, commands: entry.commands })
+        openStructured({ id, model, log: entry.log, commands: entry.commands, mode: entry.mode })
         return
       }
       // Stamp a wall-clock ts on every transcript event so the web client can
@@ -497,8 +499,11 @@ function openStructured({ id, model, resume, log, commands }) {
       if (!chrome) persist()
     },
     requestPermission: (req) => new Promise((resolve) => {
-      entry.pending.set(req.id, resolve)
-      bcast('code-perm-req', { term: id, id: req.id, toolName: req.toolName, input: req.input, risk: req.risk, plan: req.plan, questions: req.questions })
+      // Keep the broadcast payload with the resolver so a reconnect can re-send it
+      // (replay-request handler) — pending cards never enter the replayed event log.
+      const payload = { term: id, id: req.id, toolName: req.toolName, input: req.input, risk: req.risk, plan: req.plan, questions: req.questions }
+      entry.pending.set(req.id, { resolve, payload })
+      bcast('code-perm-req', payload)
       process.stderr.write(req.risk === 'plan'
         ? `\n  ${A.mag}◆ plan ready — approve in the room.${A.rst}\n`
         : req.risk === 'ask'
@@ -580,8 +585,8 @@ channel
       if (agent?.resume) { try { if (agent.resume.probe()) args = [...agent.resume.args] } catch { /* fresh */ } }
     }
     if (wantStructured(payload.cmd)) {
-      openStructured({ id: payload.id })
-      process.stderr.write(`\n  ◆ web opened a structured "${payload.cmd}" session.\n`)
+      openStructured({ id: payload.id, mode: payload.mode })
+      process.stderr.write(`\n  ◆ web opened a structured "${payload.cmd}" session (${payload.mode || 'default'}).\n`)
       return
     }
     openTerm({ id: payload.id, cmd: payload.cmd, args })
@@ -607,6 +612,15 @@ channel
       if (!s.log.length) continue
       bcast('code-replay', { to: payload?.to ?? null, term: id, events: s.log })
     }
+    // Re-send any still-pending permission/question cards. They ride a one-shot
+    // code-perm-req broadcast (NOT the replayed event log), so a reconnect/refresh
+    // would otherwise lose the answerable card while the transcript still shows the
+    // (unanswered) tool row — the AskUserQuestion "vanished on reconnect" bug. Only
+    // truly-unresolved cards remain in `pending` (resolved ones are deleted), and
+    // the client dedupes code-perm-req by id, so this can't resurrect an answered one.
+    for (const [, s] of sessions) {
+      for (const [, p] of s.pending) bcast('code-perm-req', p.payload)
+    }
     announce()
   })
   .on('broadcast', { event: 'file-put' }, ({ payload }) => {
@@ -632,7 +646,7 @@ channel
   // ── structured-session control (Phase 2) ──
   .on('broadcast', { event: 'code-open' }, ({ payload }) => {
     if (payload?.host && payload.host !== name) return
-    openStructured({ id: payload?.id || randomUUID(), model: payload?.model, resume: payload?.resume })
+    openStructured({ id: payload?.id || randomUUID(), model: payload?.model, resume: payload?.resume, mode: payload?.mode })
   })
   .on('broadcast', { event: 'code-turn' }, ({ payload }) => {
     const s = payload?.term && sessions.get(payload.term)
@@ -675,10 +689,10 @@ channel
   })
   .on('broadcast', { event: 'code-perm' }, ({ payload }) => {
     const s = payload?.term && sessions.get(payload.term)
-    const resolve = s && payload.id && s.pending.get(payload.id)
+    const p = s && payload.id && s.pending.get(payload.id)
     // Pass the raw decision through — normal tools use allow/deny, plan cards
     // use run/accept/keep (claude-session interprets). Default deny on missing.
-    if (resolve) { s.pending.delete(payload.id); resolve(payload.decision || 'deny') }
+    if (p) { s.pending.delete(payload.id); p.resolve(payload.decision || 'deny') }
   })
   .on('broadcast', { event: 'code-abort' }, ({ payload }) => {
     const s = payload?.term && sessions.get(payload.term)
@@ -686,7 +700,7 @@ channel
   })
   .on('broadcast', { event: 'code-mode' }, ({ payload }) => {
     const s = payload?.term && sessions.get(payload.term)
-    if (s) s.session.setMode(payload.mode)
+    if (s) { s.mode = payload.mode; s.session.setMode(payload.mode) }  // track for persist/restore
   })
   .on('broadcast', { event: 'code-close' }, ({ payload }) => {
     const s = payload?.id && sessions.get(payload.id)
@@ -704,7 +718,7 @@ channel
         // replay its transcript + resume the live SDK context if recent enough.
         if (wantStructured(startCmd)) {
           const prev = loadLatest(room)
-          if (prev && (prev.log?.length || prev.sessionId)) openStructured({ id: prev.id, resume: canResume(prev) ? prev.sessionId : undefined, log: prev.log, commands: prev.commands })
+          if (prev && (prev.log?.length || prev.sessionId)) openStructured({ id: prev.id, resume: canResume(prev) ? prev.sessionId : undefined, log: prev.log, commands: prev.commands, mode: prev.mode })
           else openStructured({ id: randomUUID() })
         }
         else openTerm({ id: randomUUID(), cmd: startCmd, args: attachedArgs, attached: !autoAgent })

package/claude-session.mjs

@@ -113,20 +113,37 @@ const simplifyBlocks = (blocks = []) => blocks.map((b) => {
  */
 const MODES = new Set(['default', 'acceptEdits', 'plan', 'bypassPermissions'])
 
-export function startClaudeSession({ cwd, model, resume, onEvent, requestPermission }) {
+export function startClaudeSession({ cwd, model, resume, mode: initialMode = 'default', onEvent, requestPermission }) {
   const ac = new AbortController()
   const input = makeInputStream()
   let sessionId = resume || null
   let closed = false
   let q = null            // the live Query — control requests (interrupt /
                           // setPermissionMode) route through it once streaming.
-  let mode = 'default'    // mirrors Claude Code's ⇧⇥ cycle
+  // The session is CREATED in the caller's chosen mode (not hard-coded default):
+  // a bypass session must start in bypass so the agent never enters plan mode and
+  // never throws an ExitPlanMode card. Falls back to 'default' for unknown values.
+  let mode = MODES.has(initialMode) ? initialMode : 'default'  // mirrors ⇧⇥ cycle
   const alwaysAllow = new Set()  // tool:risk signatures the user chose "don't ask again" for
   const toolStart = new Map()     // tool_use id → start time, for the duration badge
   let effort = null               // active reasoning effort for the turn (from the hook input)
 
   const emit = (evt) => { try { onEvent?.(evt) } catch { /* never let a consumer throw into the loop */ } }
 
+  // Apply a permission-mode change to the live SDK *outside* any hook callback.
+  // setPermissionMode is a streaming control request; awaiting it from INSIDE the
+  // PreToolUse hook (which the SDK is itself awaiting) jams the control channel —
+  // the call throws, and when that was silently swallowed the SDK stayed in plan
+  // mode, so the agent got bounced back to planning after every approved edit
+  // (the "PLAN READY every turn" loop). Deferring to the next tick lets the hook
+  // return first, freeing the channel. Errors are logged to the bridge, not eaten.
+  const scheduleSdkMode = (next) => {
+    setTimeout(() => {
+      Promise.resolve(q?.setPermissionMode?.(next)).catch((e) =>
+        console.error(`[claude-session] setPermissionMode(${next}) failed:`, e?.message || e))
+    }, 0)
+  }
+
   // PreToolUse — fires on EVERY tool call (the universal gate). The mode policy
   // mirrors Claude Code exactly: reads never prompt (any mode); Auto-accept
   // edits auto-approves non-destructive writes; Bash / network / destructive
@@ -150,8 +167,8 @@ export function startClaudeSession({ cwd, model, resume, onEvent, requestPermiss
       catch { choice = 'keep' }
       if (choice === 'run' || choice === 'accept') {
         const next = choice === 'accept' ? 'acceptEdits' : 'default'
-        mode = next
-        try { await q?.setPermissionMode?.(next) } catch { /* only valid mid-stream */ }
+        mode = next            // our auto-allow gate updates immediately
+        scheduleSdkMode(next)  // flip the SDK AFTER this hook returns (see above)
         emit({ kind: 'mode', mode: next })
         return { continue: true, hookSpecificOutput: { hookEventName: 'PreToolUse', permissionDecision: 'allow', permissionDecisionReason: `Plan approved in the ThinkPool room — proceed (${next} mode).` } }
       }
@@ -211,7 +228,7 @@ export function startClaudeSession({ cwd, model, resume, onEvent, requestPermiss
 
   const opts = {
     abortController: ac,
-    permissionMode: 'default',
+    permissionMode: mode,
     hooks: { PreToolUse: [{ hooks: [preTool] }] },
     // Load the host's REAL Claude environment — user + project + local settings —
     // so custom slash commands (.claude/commands/*.md), CLAUDE.md and agents work
@@ -298,8 +315,10 @@ export function startClaudeSession({ cwd, model, resume, onEvent, requestPermiss
     // `mode` drives our PreToolUse auto-approve policy. Echo so the room syncs.
     async setMode(m) {
       if (!MODES.has(m) || closed) return
-      mode = m
-      try { await q?.setPermissionMode?.(m) } catch { /* only valid mid-stream */ }
+      mode = m              // gate is authoritative immediately
+      scheduleSdkMode(m)    // defer the SDK control request — a mode toggle can
+                            // land while a perm card is pending (hook in flight),
+                            // which is exactly the re-entrancy that jams it.
       emit({ kind: 'mode', mode })
     },
     // /model is disabled in headless SDK — switch via the setModel control

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "thinkpool-pair",
-  "version": "0.7.7",
+  "version": "0.7.9",
   "description": "Share a local coding-agent CLI (Claude Code, Codex, Gemini, Aider, …) into a ThinkPool Code room, live.",
   "type": "module",
   "bin": {