npm - wave-agent-sdk - Versions diffs - 0.10.3 → 0.11.0 - Mend

wave-agent-sdk 0.10.3 → 0.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (136) hide show

package/dist/agent.d.ts +8 -6
package/dist/agent.d.ts.map +1 -1
package/dist/agent.js +12 -9
package/dist/builtin-skills/builtin-skills/loop/SKILL.md +53 -0
package/dist/builtin-skills/builtin-skills/loop/parsing.ts +159 -0
package/dist/builtin-skills/builtin-skills/settings/HOOKS.md +82 -0
package/dist/builtin-skills/{settings → builtin-skills/settings}/SKILL.md +1 -1
package/dist/builtin-skills/loop/parsing.d.ts +13 -0
package/dist/builtin-skills/loop/parsing.d.ts.map +1 -0
package/dist/builtin-skills/loop/parsing.js +125 -0
package/dist/constants/tools.d.ts +3 -0
package/dist/constants/tools.d.ts.map +1 -1
package/dist/constants/tools.js +3 -0
package/dist/index.d.ts +1 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +1 -0
package/dist/managers/aiManager.d.ts +0 -2
package/dist/managers/aiManager.d.ts.map +1 -1
package/dist/managers/aiManager.js +53 -14
package/dist/managers/cronManager.d.ts +19 -0
package/dist/managers/cronManager.d.ts.map +1 -0
package/dist/managers/cronManager.js +124 -0
package/dist/managers/hookManager.d.ts.map +1 -1
package/dist/managers/hookManager.js +21 -13
package/dist/managers/liveConfigManager.js +1 -1
package/dist/managers/mcpManager.d.ts +1 -1
package/dist/managers/mcpManager.d.ts.map +1 -1
package/dist/managers/mcpManager.js +10 -2
package/dist/managers/messageManager.d.ts +0 -1
package/dist/managers/messageManager.d.ts.map +1 -1
package/dist/managers/permissionManager.d.ts +27 -7
package/dist/managers/permissionManager.d.ts.map +1 -1
package/dist/managers/permissionManager.js +119 -14
package/dist/managers/slashCommandManager.d.ts.map +1 -1
package/dist/managers/slashCommandManager.js +11 -0
package/dist/managers/subagentManager.d.ts +3 -0
package/dist/managers/subagentManager.d.ts.map +1 -1
package/dist/managers/subagentManager.js +10 -17
package/dist/managers/toolManager.d.ts +1 -1
package/dist/managers/toolManager.d.ts.map +1 -1
package/dist/managers/toolManager.js +28 -4
package/dist/services/configurationService.d.ts.map +1 -1
package/dist/services/configurationService.js +8 -7
package/dist/services/hook.d.ts.map +1 -1
package/dist/services/hook.js +3 -10
package/dist/services/initializationService.js +2 -2
package/dist/services/jsonlHandler.d.ts.map +1 -1
package/dist/services/jsonlHandler.js +3 -0
package/dist/services/reversionService.d.ts +2 -2
package/dist/services/reversionService.d.ts.map +1 -1
package/dist/services/reversionService.js +3 -3
package/dist/services/session.d.ts.map +1 -1
package/dist/services/session.js +18 -11
package/dist/tools/agentTool.js +1 -1
package/dist/tools/bashTool.d.ts.map +1 -1
package/dist/tools/bashTool.js +33 -12
package/dist/tools/cronCreateTool.d.ts +3 -0
package/dist/tools/cronCreateTool.d.ts.map +1 -0
package/dist/tools/cronCreateTool.js +59 -0
package/dist/tools/cronDeleteTool.d.ts +3 -0
package/dist/tools/cronDeleteTool.d.ts.map +1 -0
package/dist/tools/cronDeleteTool.js +38 -0
package/dist/tools/cronListTool.d.ts +3 -0
package/dist/tools/cronListTool.d.ts.map +1 -0
package/dist/tools/cronListTool.js +30 -0
package/dist/tools/readTool.d.ts.map +1 -1
package/dist/tools/readTool.js +8 -32
package/dist/tools/skillTool.d.ts +0 -3
package/dist/tools/skillTool.d.ts.map +1 -1
package/dist/tools/skillTool.js +4 -3
package/dist/tools/taskOutputTool.d.ts.map +1 -1
package/dist/tools/taskOutputTool.js +15 -8
package/dist/tools/types.d.ts +2 -0
package/dist/tools/types.d.ts.map +1 -1
package/dist/types/agent.d.ts +10 -0
package/dist/types/agent.d.ts.map +1 -1
package/dist/types/configuration.d.ts +1 -1
package/dist/types/configuration.d.ts.map +1 -1
package/dist/types/cron.d.ts +10 -0
package/dist/types/cron.d.ts.map +1 -0
package/dist/types/cron.js +1 -0
package/dist/types/hooks.d.ts +1 -5
package/dist/types/hooks.d.ts.map +1 -1
package/dist/types/hooks.js +1 -1
package/dist/types/index.d.ts +1 -0
package/dist/types/index.d.ts.map +1 -1
package/dist/types/index.js +1 -0
package/dist/types/messaging.d.ts +1 -1
package/dist/types/messaging.d.ts.map +1 -1
package/dist/utils/containerSetup.d.ts.map +1 -1
package/dist/utils/containerSetup.js +40 -13
package/dist/utils/mcpUtils.d.ts +2 -2
package/dist/utils/mcpUtils.d.ts.map +1 -1
package/dist/utils/mcpUtils.js +1 -5
package/package.json +2 -1
package/src/agent.ts +17 -12
package/src/builtin-skills/loop/SKILL.md +53 -0
package/src/builtin-skills/loop/parsing.ts +159 -0
package/src/builtin-skills/settings/HOOKS.md +44 -57
package/src/builtin-skills/settings/SKILL.md +1 -1
package/src/constants/tools.ts +3 -0
package/src/index.ts +1 -0
package/src/managers/aiManager.ts +72 -24
package/src/managers/cronManager.ts +167 -0
package/src/managers/hookManager.ts +27 -13
package/src/managers/liveConfigManager.ts +2 -2
package/src/managers/mcpManager.ts +23 -2
package/src/managers/messageManager.ts +0 -6
package/src/managers/permissionManager.ts +154 -18
package/src/managers/slashCommandManager.ts +12 -0
package/src/managers/subagentManager.ts +15 -19
package/src/managers/toolManager.ts +37 -4
package/src/services/configurationService.ts +8 -7
package/src/services/hook.ts +5 -11
package/src/services/initializationService.ts +3 -3
package/src/services/jsonlHandler.ts +4 -0
package/src/services/reversionService.ts +9 -4
package/src/services/session.ts +19 -12
package/src/tools/agentTool.ts +1 -1
package/src/tools/bashTool.ts +43 -14
package/src/tools/cronCreateTool.ts +73 -0
package/src/tools/cronDeleteTool.ts +47 -0
package/src/tools/cronListTool.ts +38 -0
package/src/tools/readTool.ts +11 -33
package/src/tools/skillTool.ts +6 -4
package/src/tools/taskOutputTool.ts +14 -8
package/src/tools/types.ts +2 -0
package/src/types/agent.ts +10 -0
package/src/types/configuration.ts +1 -1
package/src/types/cron.ts +9 -0
package/src/types/hooks.ts +5 -9
package/src/types/index.ts +1 -0
package/src/types/messaging.ts +1 -1
package/src/utils/containerSetup.ts +50 -16
package/src/utils/mcpUtils.ts +2 -5
package/dist/builtin-skills/settings/HOOKS.md +0 -95

package/src/managers/messageManager.ts CHANGED Viewed

@@ -45,12 +45,6 @@ export interface MessageManagerCallbacks {
   onErrorBlockAdded?: (error: string) => void;
   onCompressBlockAdded?: (content: string) => void;
   onCompressionStateChange?: (isCompressing: boolean) => void;
-  onMemoryBlockAdded?: (
-    content: string,
-    success: boolean,
-    type: "project" | "user",
-    storagePath: string,
-  ) => void;
   // Bang callback
   onAddBangMessage?: (command: string) => void;
   onUpdateBangMessage?: (command: string, output: string) => void;

package/src/managers/permissionManager.ts CHANGED Viewed

@@ -92,12 +92,16 @@ const DEFAULT_ALLOWED_RULES = [
 import { logger } from "../utils/globalLogger.js";
 export interface PermissionManagerOptions {
-  /** Configured default permission mode from settings */
-  configuredDefaultMode?: PermissionMode;
+  /** Configured permission mode from settings */
+  configuredPermissionMode?: PermissionMode;
   /** Allowed rules from settings */
   allowedRules?: string[];
   /** Denied rules from settings */
   deniedRules?: string[];
+  /** Instance-specific allowed rules (from AgentOptions) */
+  instanceAllowedRules?: string[];
+  /** Instance-specific denied rules (from AgentOptions) */
+  instanceDeniedRules?: string[];
   /** Additional directories considered part of the Safe Zone */
   additionalDirectories?: string[];
   /** The main working directory */
@@ -109,61 +113,70 @@ export interface PermissionManagerOptions {
 }
 export class PermissionManager {
-  private configuredDefaultMode?: PermissionMode;
+  private configuredPermissionMode?: PermissionMode;
   private allowedRules: string[] = [];
   private deniedRules: string[] = [];
+  private instanceAllowedRules: string[] = [];
+  private instanceDeniedRules: string[] = [];
   private temporaryRules: string[] = [];
   private additionalDirectories: string[] = [];
   private systemAdditionalDirectories: string[] = [];
   private workdir?: string;
   private planFilePath?: string;
-  private onConfiguredDefaultModeChange?: (mode: PermissionMode) => void;
+  private worktreeName?: string;
+  private mainRepoRoot?: string;
+  private onConfiguredPermissionModeChange?: (mode: PermissionMode) => void;
   private _logger?: Logger;
   constructor(
     private container: Container,
     options: PermissionManagerOptions = {},
   ) {
-    this.configuredDefaultMode = options.configuredDefaultMode;
+    this.configuredPermissionMode = options.configuredPermissionMode;
     this.allowedRules = options.allowedRules || [];
     this.deniedRules = options.deniedRules || [];
+    this.instanceAllowedRules = options.instanceAllowedRules || [];
+    this.instanceDeniedRules = options.instanceDeniedRules || [];
     this.workdir = options.workdir;
     this.planFilePath = options.planFilePath;
     this._logger = options.logger;
     this.updateAdditionalDirectories(options.additionalDirectories || []);
+    this.worktreeName = this.container.get<string>("WorktreeName");
+    this.mainRepoRoot = this.container.get<string>("MainRepoRoot");
   }
   /**
    * Set a callback to be notified when the effective permission mode changes due to configuration updates
    */
-  public setOnConfiguredDefaultModeChange(
+  public setOnConfiguredPermissionModeChange(
     callback: (mode: PermissionMode) => void,
   ): void {
-    this.onConfiguredDefaultModeChange = callback;
+    this.onConfiguredPermissionModeChange = callback;
   }
   /**
    * Update the configured default mode (e.g., when configuration reloads)
    */
-  updateConfiguredDefaultMode(defaultMode?: PermissionMode): void {
+  updateConfiguredPermissionMode(permissionMode?: PermissionMode): void {
     const oldEffectiveMode = this.getCurrentEffectiveMode();
-    this.configuredDefaultMode = defaultMode;
+    this.configuredPermissionMode = permissionMode;
     const newEffectiveMode = this.getCurrentEffectiveMode();
     if (
       oldEffectiveMode !== newEffectiveMode &&
-      this.onConfiguredDefaultModeChange
+      this.onConfiguredPermissionModeChange
     ) {
-      this.onConfiguredDefaultModeChange(newEffectiveMode);
+      this.onConfiguredPermissionModeChange(newEffectiveMode);
     }
   }
   /**
    * Get the configured default mode
    */
-  public getConfiguredDefaultMode(): PermissionMode | undefined {
-    return this.configuredDefaultMode;
+  public getConfiguredPermissionMode(): PermissionMode | undefined {
+    return this.configuredPermissionMode;
   }
   /**
@@ -180,6 +193,20 @@ export class PermissionManager {
     return [...this.deniedRules];
   }
+  /**
+   * Get all instance-specific allowed rules
+   */
+  public getInstanceAllowedRules(): string[] {
+    return [...this.instanceAllowedRules];
+  }
+  /**
+   * Get all instance-specific denied rules
+   */
+  public getInstanceDeniedRules(): string[] {
+    return [...this.instanceDeniedRules];
+  }
   /**
    * Get all additional directories
    */
@@ -325,8 +352,8 @@ export class PermissionManager {
     }
     // Use configured default mode if available
-    if (this.configuredDefaultMode !== undefined) {
-      return this.configuredDefaultMode;
+    if (this.configuredPermissionMode !== undefined) {
+      return this.configuredPermissionMode;
     }
     // Fall back to system default
@@ -340,6 +367,54 @@ export class PermissionManager {
   async checkPermission(
     context: ToolPermissionContext,
   ): Promise<PermissionDecision> {
+    // 0. Check instance-specific denied rules first - Deny always takes precedence
+    for (const rule of this.instanceDeniedRules) {
+      if (this.matchesRule(context, rule)) {
+        logger?.warn("Permission denied by instance rule", {
+          toolName: context.toolName,
+          rule,
+        });
+        return {
+          behavior: "deny",
+          message: `Access to tool '${context.toolName}' is explicitly denied by instance rule: ${rule}`,
+        };
+      }
+    }
+    // 0. Check worktree safety for Write and Edit tools
+    if (
+      this.worktreeName &&
+      this.mainRepoRoot &&
+      this.workdir &&
+      (context.toolName === WRITE_TOOL_NAME ||
+        context.toolName === EDIT_TOOL_NAME)
+    ) {
+      const targetPath = context.toolInput?.file_path as string | undefined;
+      if (targetPath) {
+        const absoluteTargetPath = path.resolve(this.workdir, targetPath);
+        const isInsideMainRepo = isPathInside(
+          absoluteTargetPath,
+          this.mainRepoRoot,
+        );
+        const isInsideWorktree = isPathInside(absoluteTargetPath, this.workdir);
+        // If it's inside the main repo but NOT inside the current worktree
+        if (isInsideMainRepo && !isInsideWorktree) {
+          logger?.warn("Worktree safety violation", {
+            toolName: context.toolName,
+            targetPath,
+            worktreeName: this.worktreeName,
+            mainRepoRoot: this.mainRepoRoot,
+            workdir: this.workdir,
+          });
+          return {
+            behavior: "deny",
+            message: `Access denied: You are currently in a worktree session ("${this.worktreeName}"). Modifying files in the main repository (outside the worktree) is not allowed. Please only modify files within the worktree directory: ${this.workdir}`,
+          };
+        }
+      }
+    }
     // 0. Check denied rules first - Deny always takes precedence
     for (const rule of this.deniedRules) {
       if (this.matchesRule(context, rule)) {
@@ -359,7 +434,7 @@ export class PermissionManager {
       return { behavior: "allow" };
     }
-    // 1.1 If acceptEdits mode, allow Edit, Write
+    // 1.1 If acceptEdits mode, allow Edit, Write, and mkdir in safe zone
     if (context.permissionMode === "acceptEdits") {
       const autoAcceptedTools = [EDIT_TOOL_NAME, WRITE_TOOL_NAME];
       if (autoAcceptedTools.includes(context.toolName)) {
@@ -387,6 +462,40 @@ export class PermissionManager {
           }
         }
       }
+      // Special case for mkdir in Bash tool
+      if (context.toolName === BASH_TOOL_NAME && context.toolInput?.command) {
+        const command = String(context.toolInput.command).trim();
+        if (command.startsWith("mkdir ")) {
+          const parts = splitBashCommand(command);
+          // Check if it's a simple mkdir command (first part is mkdir)
+          if (parts.length === 1) {
+            const processedPart = stripEnvVars(parts[0]);
+            if (processedPart.startsWith("mkdir ")) {
+              const args = processedPart.slice(6).trim();
+              const pathArgs =
+                (args.match(/(?:[^\s"']+|"[^"]*"|'[^']*')+/g) || []).filter(
+                  (arg) => !arg.startsWith("-"),
+                ) || [];
+              if (pathArgs.length > 0) {
+                const allPathsSafe = pathArgs.every((pathArg) => {
+                  const cleanPath = pathArg.replace(/^['"](.*)['"]$/, "$1");
+                  const { isInside } = this.isInsideSafeZone(
+                    cleanPath,
+                    context.toolInput?.workdir as string | undefined,
+                  );
+                  return isInside;
+                });
+                if (allPathsSafe) {
+                  return { behavior: "allow" };
+                }
+              }
+            }
+          }
+        }
+      }
     }
     // 1.2 Check if tool call is allowed by persistent or temporary rules
@@ -475,7 +584,27 @@ export class PermissionManager {
    * Determine if a tool requires permission checks based on its name
    */
   isRestrictedTool(toolName: string): boolean {
-    return (RESTRICTED_TOOLS as readonly string[]).includes(toolName);
+    return (
+      (RESTRICTED_TOOLS as readonly string[]).includes(toolName) ||
+      toolName.startsWith("mcp__")
+    );
+  }
+  /**
+   * Check if a tool is completely denied by name in instance or global rules
+   */
+  public isToolDenied(toolName: string): boolean {
+    // Check instance-specific denied rules
+    if (this.instanceDeniedRules.includes(toolName)) {
+      return true;
+    }
+    // Check global denied rules
+    if (this.deniedRules.includes(toolName)) {
+      return true;
+    }
+    return false;
   }
   /**
@@ -497,6 +626,8 @@ export class PermissionManager {
         const processedPart = stripRedirections(stripEnvVars(parts[0]));
         suggestedPrefix = getSmartPrefix(processedPart) ?? undefined;
       }
+    } else if (toolName.startsWith("mcp__")) {
+      suggestedPrefix = toolName;
     }
     const context: ToolPermissionContext = {
@@ -742,7 +873,12 @@ export class PermissionManager {
       return rules.some((rule) => this.matchesRule(ctx, rule));
     };
-    // Check temporary rules first
+    // Check instance-specific allowed rules first
+    if (isAllowedByRuleList(context, this.instanceAllowedRules)) {
+      return true;
+    }
+    // Check temporary rules
     if (isAllowedByRuleList(context, this.temporaryRules)) {
       return true;
     }

package/src/managers/slashCommandManager.ts CHANGED Viewed

@@ -90,6 +90,18 @@ export class SlashCommandManager {
         await this.aiManager.sendAIMessage();
       },
     });
+    // Register built-in clear command
+    this.registerCommand({
+      id: "clear",
+      name: "clear",
+      description: "Clear conversation history and reset session",
+      handler: async () => {
+        this.aiManager.abortAIMessage();
+        this.messageManager.clearMessages();
+        await this.taskManager.syncWithSession();
+      },
+    });
   }
   /**

package/src/managers/subagentManager.ts CHANGED Viewed

@@ -80,6 +80,7 @@ export interface SubagentManagerOptions {
   workdir: string;
   callbacks?: SubagentManagerCallbacks; // Use SubagentManagerCallbacks instead of parentCallbacks
   onUsageAdded?: (usage: Usage) => void;
+  stream: boolean;
 }
 export class SubagentManager {
@@ -90,12 +91,14 @@ export class SubagentManager {
   private callbacks?: SubagentManagerCallbacks; // Use SubagentManagerCallbacks instead of parentCallbacks
   private onUsageAdded?: (usage: Usage) => void;
   private container: Container;
+  private stream: boolean;
   constructor(container: Container, options: SubagentManagerOptions) {
     this.container = container;
     this.workdir = options.workdir;
     this.callbacks = options.callbacks; // Store SubagentManagerCallbacks
     this.onUsageAdded = options.onUsageAdded;
+    this.stream = options.stream;
   }
   private get configurationService(): ConfigurationService {
@@ -155,6 +158,7 @@ export class SubagentManager {
       subagent_type: string;
       allowedTools?: string[];
       model?: string;
+      stream?: boolean;
     },
     runInBackground?: boolean,
     onUpdate?: () => void,
@@ -178,10 +182,16 @@ export class SubagentManager {
       this.container.get<PermissionManager>("PermissionManager");
     const subagentPermissionManager = new PermissionManager(subagentContainer, {
       workdir: this.workdir,
-      configuredDefaultMode:
-        parentPermissionManager?.getConfiguredDefaultMode(),
+      configuredPermissionMode:
+        parentPermissionManager?.getConfiguredPermissionMode(),
       allowedRules: parentPermissionManager?.getAllowedRules(),
       deniedRules: parentPermissionManager?.getDeniedRules(),
+      instanceAllowedRules:
+        parentPermissionManager?.getInstanceAllowedRules?.(),
+      instanceDeniedRules: [
+        ...(parentPermissionManager?.getInstanceDeniedRules?.() || []),
+        AGENT_TOOL_NAME, // Always deny Agent tool in subagents to prevent recursion
+      ],
       additionalDirectories:
         parentPermissionManager?.getAdditionalDirectories(),
       planFilePath: parentPermissionManager?.getPlanFilePath(),
@@ -222,6 +232,7 @@ export class SubagentManager {
       systemPrompt: configuration.systemPrompt,
       subagentType: parameters.subagent_type, // Pass subagent type for hook context
       modelOverride: parameters.model || configuration.model, // Pass model override
+      stream: parameters.stream ?? this.stream, // Pass streaming mode flag
       callbacks: {
         onUsageAdded: this.onUsageAdded,
       },
@@ -410,24 +421,9 @@ export class SubagentManager {
       // Add the user's prompt as a message
       instance.messageManager.addUserMessage({ content: prompt });
-      // Create enabled tools list - always exclude Agent tool to prevent subagent recursion
-      // Use instance.configuration.tools if provided, otherwise fallback to all tools
-      let enabledTools = instance.configuration.tools;
-      // Always filter out the Agent tool to prevent subagents from creating sub-subagents
-      if (enabledTools) {
-        enabledTools = enabledTools.filter((tool) => tool !== AGENT_TOOL_NAME);
-      } else {
-        // If no tools specified, get all tools except Agent
-        const allTools = instance.toolManager.list().map((tool) => tool.name);
-        enabledTools = allTools.filter((tool) => tool !== AGENT_TOOL_NAME);
-      }
-      // Execute the AI request with tool restrictions
+      // Execute the AI request
       // The AIManager will handle abort signals through its own abort controllers
-      const executeAI = instance.aiManager.sendAIMessage({
-        tools: enabledTools,
-      });
+      const executeAI = instance.aiManager.sendAIMessage();
       // If we have an abort signal, race against it using utilities to prevent listener accumulation
       if (abortSignal && !instance.backgroundTaskId) {

package/src/managers/toolManager.ts CHANGED Viewed

@@ -6,6 +6,9 @@ import { editTool } from "../tools/editTool.js";
 import { writeTool } from "../tools/writeTool.js";
 import { exitPlanModeTool } from "../tools/exitPlanMode.js";
 import { askUserQuestionTool } from "../tools/askUserQuestion.js";
+import { cronCreateTool } from "../tools/cronCreateTool.js";
+import { cronDeleteTool } from "../tools/cronDeleteTool.js";
+import { cronListTool } from "../tools/cronListTool.js";
 // New tools
 import { globTool } from "../tools/globTool.js";
 import { grepTool } from "../tools/grepTool.js";
@@ -114,6 +117,9 @@ class ToolManager {
       taskGetTool,
       taskUpdateTool,
       taskListTool,
+      cronCreateTool,
+      cronDeleteTool,
+      cronListTool,
     ];
     for (const tool of builtInTools) {
@@ -124,9 +130,17 @@ class ToolManager {
   }
   /**
-   * Check if a tool should be enabled based on tools configuration
+   * Check if a tool should be enabled based on tools configuration and permission rules
    */
   private shouldEnableTool(name: string): boolean {
+    const permissionManager =
+      this.container.get<PermissionManager>("PermissionManager");
+    // If tool is explicitly denied by name in permission rules, filter it out
+    if (permissionManager?.isToolDenied(name)) {
+      return false;
+    }
     if (!this.tools) {
       return true;
     }
@@ -194,6 +208,11 @@ class ToolManager {
       skillManager: this.container.has("SkillManager")
         ? this.container.get<SkillManager>("SkillManager")
         : undefined,
+      cronManager: this.container.has("CronManager")
+        ? this.container.get<import("./cronManager.js").CronManager>(
+            "CronManager",
+          )
+        : undefined,
       sessionId: context.sessionId,
       toolCallId: context.toolCallId,
     };
@@ -241,8 +260,14 @@ class ToolManager {
   }
   list(): ToolPlugin[] {
-    const builtInTools = Array.from(this.toolsRegistry.values());
-    const mcpTools = this.mcpManager.getMcpToolPlugins();
+    const permissionManager =
+      this.container.get<PermissionManager>("PermissionManager");
+    const builtInTools = Array.from(this.toolsRegistry.values()).filter(
+      (tool) => !permissionManager?.isToolDenied(tool.name),
+    );
+    const mcpTools = this.mcpManager
+      .getMcpToolPlugins()
+      .filter((tool) => !permissionManager?.isToolDenied(tool.name));
     return [...builtInTools, ...mcpTools];
   }
@@ -251,9 +276,15 @@ class ToolManager {
     availableSkills?: SkillMetadata[];
     workdir?: string;
   }): ChatCompletionFunctionTool[] {
+    const permissionManager =
+      this.container.get<PermissionManager>("PermissionManager");
     const effectivePermissionMode = this.getPermissionMode();
     const builtInToolsConfig = Array.from(this.toolsRegistry.values())
       .filter((tool) => {
+        // If tool is explicitly denied by name in permission rules, filter it out
+        if (permissionManager?.isToolDenied(tool.name)) {
+          return false;
+        }
         if (effectivePermissionMode === "bypassPermissions") {
           if (tool.name === "ExitPlanMode" || tool.name === "AskUserQuestion") {
             return false;
@@ -278,7 +309,9 @@ class ToolManager {
         }
         return config;
       });
-    const mcpToolsConfig = this.mcpManager.getMcpToolsConfig();
+    const mcpToolsConfig = this.mcpManager
+      .getMcpToolsConfig()
+      .filter((tool) => !permissionManager?.isToolDenied(tool.function.name));
     return [...builtInToolsConfig, ...mcpToolsConfig];
   }

package/src/services/configurationService.ts CHANGED Viewed

@@ -248,18 +248,18 @@ export class ConfigurationService {
           }
         }
-        // Validate defaultMode if present
-        if (config.permissions.defaultMode !== undefined) {
+        // Validate permissionMode if present
+        if (config.permissions.permissionMode !== undefined) {
           const validModes: PermissionMode[] = [
             "default",
             "bypassPermissions",
             "acceptEdits",
             "plan",
           ];
-          if (!validModes.includes(config.permissions.defaultMode)) {
+          if (!validModes.includes(config.permissions.permissionMode)) {
             result.isValid = false;
             result.errors.push(
-              `Invalid defaultMode: "${config.permissions.defaultMode}". Must be one of: ${validModes.join(", ")}`,
+              `Invalid permissionMode: "${config.permissions.permissionMode}". Must be one of: ${validModes.join(", ")}`,
             );
           }
         }
@@ -967,9 +967,10 @@ export function loadMergedWaveConfig(
         ];
       }
-      // Merge defaultMode (last one wins)
-      if (config.permissions.defaultMode !== undefined) {
-        mergedConfig.permissions.defaultMode = config.permissions.defaultMode;
+      // Merge permissionMode (last one wins)
+      if (config.permissions.permissionMode !== undefined) {
+        mergedConfig.permissions.permissionMode =
+          config.permissions.permissionMode;
       }
       // Merge additionalDirectories

package/src/services/hook.ts CHANGED Viewed

@@ -48,7 +48,11 @@ async function buildHookJsonInput(
   };
   // Add optional fields based on event type
-  if (context.event === "PreToolUse" || context.event === "PostToolUse") {
+  if (
+    context.event === "PreToolUse" ||
+    context.event === "PostToolUse" ||
+    context.event === "PermissionRequest"
+  ) {
     if (context.toolName) {
       jsonInput.tool_name = context.toolName;
     }
@@ -73,16 +77,6 @@ async function buildHookJsonInput(
     jsonInput.subagent_type = context.subagentType;
   }
-  // Add notification fields for Notification events
-  if (context.event === "Notification") {
-    if (context.message !== undefined) {
-      jsonInput.message = context.message;
-    }
-    if (context.notificationType !== undefined) {
-      jsonInput.notification_type = context.notificationType;
-    }
-  }
   // Add name field for WorktreeCreate events
   if (context.event === "WorktreeCreate") {
     if (context.worktreeName !== undefined) {

package/src/services/initializationService.ts CHANGED Viewed

@@ -146,9 +146,9 @@ export class InitializationService {
               configResult.configuration.permissions.deny,
             );
           }
-          if (configResult.configuration.permissions.defaultMode) {
-            permissionManager.updateConfiguredDefaultMode(
-              configResult.configuration.permissions.defaultMode,
+          if (configResult.configuration.permissions.permissionMode) {
+            permissionManager.updateConfiguredPermissionMode(
+              configResult.configuration.permissions.permissionMode,
             );
           }
           if (configResult.configuration.permissions.additionalDirectories) {

package/src/services/jsonlHandler.ts CHANGED Viewed

@@ -194,6 +194,10 @@ export class JsonlHandler {
     for (let i = 0; i < messages.length; i++) {
       const message = messages[i];
+      if (!message.id) {
+        throw new Error(`Message at index ${i} is missing required field: id`);
+      }
       if (!message.role) {
         throw new Error(
           `Message at index ${i} is missing required field: role`,

package/src/services/reversionService.ts CHANGED Viewed

@@ -6,11 +6,16 @@ import { FileSnapshot } from "../types/reversion.js";
 export class ReversionService {
   private historyBaseDir: string;
-  private sessionId: string;
+  private rootSessionId: string;
-  constructor(sessionId: string) {
-    this.sessionId = sessionId;
-    this.historyBaseDir = join(homedir(), ".wave", "file-history", sessionId);
+  constructor(rootSessionId: string) {
+    this.rootSessionId = rootSessionId;
+    this.historyBaseDir = join(
+      homedir(),
+      ".wave",
+      "file-history",
+      rootSessionId || "default",
+    );
   }
   private getFilePathHash(filePath: string): string {

package/src/services/session.ts CHANGED Viewed

@@ -294,14 +294,21 @@ export async function loadSessionFromJsonl(
       sessionType,
     );
-    const messages = await jsonlHandler.read(filePath);
-    if (messages.length === 0) {
-      return null;
+    // Check if file exists
+    try {
+      await fs.access(filePath);
+    } catch (error) {
+      if ((error as NodeJS.ErrnoException).code === "ENOENT") {
+        return null;
+      }
+      throw error;
     }
+    const messages = await jsonlHandler.read(filePath);
     // Extract metadata from messages
-    const lastMessage = messages[messages.length - 1];
+    const lastMessage =
+      messages.length > 0 ? messages[messages.length - 1] : null;
     // Try to get rootSessionId and parentSessionId from index
     let rootSessionId: string | undefined;
@@ -333,8 +340,10 @@ export async function loadSessionFromJsonl(
       }),
       metadata: {
         workdir,
-        lastActiveAt: lastMessage.timestamp,
-        latestTotalTokens: lastMessage.usage
+        lastActiveAt: lastMessage
+          ? lastMessage.timestamp
+          : new Date().toISOString(),
+        latestTotalTokens: lastMessage?.usage
           ? extractLatestTotalTokens([lastMessage])
           : 0,
       },
@@ -963,15 +972,13 @@ export async function handleSessionRestoration(
       // Use only JSONL format - no legacy support
       sessionToRestore = await loadSessionFromJsonl(restoreSessionId, workdir);
       if (!sessionToRestore) {
-        console.error(`Session not found: ${restoreSessionId}`);
-        process.exit(1);
+        throw new Error(`Session not found: ${restoreSessionId}`);
       }
     } else if (continueLastSession) {
       // Use only JSONL format - no legacy support
       sessionToRestore = await getLatestSessionFromJsonl(workdir);
       if (!sessionToRestore) {
-        console.error(`No previous session found for workdir: ${workdir}`);
-        process.exit(1);
+        throw new Error(`No previous session found for workdir: ${workdir}`);
       }
     }
@@ -984,7 +991,7 @@ export async function handleSessionRestoration(
     }
   } catch (error) {
     console.error("Failed to restore session:", error);
-    process.exit(1);
+    throw error;
   }
 }