wave-agent-sdk 0.16.10 → 0.16.12

package/dist/services/authService.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"authService.d.ts","sourceRoot":"","sources":["../../src/services/authService.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAiBH,OAAO,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAO7D,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAc;IACrC,OAAO,CAAC,UAAU,CAAqB;IACvC,OAAO,CAAC,qBAAqB,CACxB;IAEL,MAAM,CAAC,WAAW,IAAI,WAAW;IAOjC;;;OAGG;IACH,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IAI/B;;;OAGG;IACH,YAAY,CAAC,QAAQ,EAAE,CAAC,KAAK,EAAE,OAAO,GAAG,QAAQ,KAAK,IAAI,GAAG,MAAM,IAAI;IASvE,OAAO,CAAC,gBAAgB;IAUxB,WAAW,IAAI,MAAM;IAKrB,QAAQ,IAAI,UAAU;IAatB,QAAQ,CAAC,MAAM,EAAE,UAAU,GAAG,IAAI;IAUlC,SAAS,IAAI,IAAI;IAcjB,WAAW,IAAI,MAAM,GAAG,SAAS;IAKjC,YAAY,IAAI,MAAM;IAUhB,KAAK,CAAC,OAAO,CAAC,EAAE;QACpB,6DAA6D;QAC7D,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;QAClC,mGAAmG;QACnG,SAAS,CAAC,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC;QAClC,oFAAoF;QACpF,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,GAAG,OAAO,CAAC,MAAM,CAAC;IAqBnB;;;OAGG;YACW,YAAY;IA0B1B,OAAO,CAAC,oBAAoB;YAoGd,WAAW;IAmBzB,kBAAkB,IAAI,OAAO;IAI7B,WAAW,IAAI,QAAQ,GAAG,SAAS;CAIpC;AAED,eAAO,MAAM,WAAW,aAA4B,CAAC;AAErD;;;;;;GAMG;AACH,wBAAgB,sBAAsB,IAAI,MAAM,CAsC/C;AAED,4DAA4D;AAC5D,wBAAgB,4BAA4B,IAAI,IAAI,CAEnD"}
+{"version":3,"file":"authService.d.ts","sourceRoot":"","sources":["../../src/services/authService.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAkBH,OAAO,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAiB,MAAM,kBAAkB,CAAC;AAQ5E,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAc;IACrC,OAAO,CAAC,UAAU,CAAqB;IACvC,OAAO,CAAC,qBAAqB,CACxB;IACL,OAAO,CAAC,eAAe,CAAiC;IACxD,OAAO,CAAC,cAAc,CAAa;IACnC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,iBAAiB,CAAiB;IAE1D,MAAM,CAAC,WAAW,IAAI,WAAW;IAOjC;;;OAGG;IACH,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IAI/B;;;OAGG;IACH,YAAY,CAAC,QAAQ,EAAE,CAAC,KAAK,EAAE,OAAO,GAAG,QAAQ,KAAK,IAAI,GAAG,MAAM,IAAI;IASvE,OAAO,CAAC,gBAAgB;IAUxB,WAAW,IAAI,MAAM;IAKrB,QAAQ,IAAI,UAAU;IAmBtB,QAAQ,CAAC,MAAM,EAAE,UAAU,GAAG,IAAI;IAgBlC,SAAS,IAAI,IAAI;IAgBjB,WAAW,IAAI,MAAM,GAAG,SAAS;IAKjC,YAAY,IAAI,MAAM;IAUhB,KAAK,CAAC,OAAO,CAAC,EAAE;QACpB,6DAA6D;QAC7D,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;QAClC,mGAAmG;QACnG,SAAS,CAAC,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC;QAClC,oFAAoF;QACpF,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,GAAG,OAAO,CAAC,MAAM,CAAC;IAgCnB;;;OAGG;YACW,YAAY;IAyB1B,OAAO,CAAC,oBAAoB;YAoGd,WAAW;IAmBzB,kBAAkB,IAAI,OAAO;IAW7B;;;OAGG;IACH,cAAc,IAAI,OAAO;IAgBzB;;;OAGG;IACG,4BAA4B,IAAI,OAAO,CAAC,OAAO,CAAC;IAkBtD;;;OAGG;YACW,YAAY;IA4D1B;;;OAGG;IACH,yEAAyE;IACzE,6BAA6B,IAAI,OAAO;IAwBxC,WAAW,IAAI,QAAQ,GAAG,SAAS;CAIpC;AAED,eAAO,MAAM,WAAW,aAA4B,CAAC;AAErD;;;;;;GAMG;AACH,wBAAgB,oBAAoB,CAAC,UAAU,EAAE,OAAO,KAAK,GAAG,OAAO,KAAK,CA+C3E;AAED;;;;;;GAMG;AACH,wBAAgB,sBAAsB,IAAI,MAAM,CAsC/C;AAED,4DAA4D;AAC5D,wBAAgB,4BAA4B,IAAI,IAAI,CAEnD"}

package/dist/services/authService.js

@@ -4,7 +4,7 @@
  * Handles SSO authentication via the admin server.
  * Manages auth token storage in ~/.wave/auth.json.
  */
-import { readFileSync, writeFileSync, existsSync, chmodSync, rmSync, mkdirSync, } from "fs";
+import { readFileSync, writeFileSync, existsSync, chmodSync, rmSync, mkdirSync, statSync, } from "fs";
 import * as path from "path";
 import * as os from "os";
 import { randomBytes } from "crypto";
@@ -12,12 +12,15 @@ import { createServer } from "http";
 import { URL } from "url";
 import { execFile } from "child_process";
 import { promisify } from "util";
+import { logger } from "../utils/globalLogger.js";
 /** Persistent anonymous ID for telemetry fallback when SSO is not authenticated. */
 let _anonymousId;
 const execFileAsync = promisify(execFile);
 export class AuthService {
     constructor() {
         this.onAuthChangeCallbacks = [];
+        this._refreshPromise = null;
+        this._authFileMtime = 0;
     }
     static getInstance() {
         if (!AuthService.instance) {
@@ -63,6 +66,13 @@ export class AuthService {
         }
         try {
             const content = readFileSync(authPath, "utf-8");
+            // Best-effort mtime tracking for multi-process detection
+            try {
+                this._authFileMtime = statSync(authPath).mtimeMs;
+            }
+            catch {
+                // ignore stat errors
+            }
             return JSON.parse(content);
         }
         catch {
@@ -77,10 +87,19 @@ export class AuthService {
         }
         writeFileSync(authPath, JSON.stringify(config, null, 2), "utf-8");
         chmodSync(authPath, 0o600);
+        // Update mtime after write
+        try {
+            this._authFileMtime = statSync(authPath).mtimeMs;
+        }
+        catch {
+            // ignore stat errors
+        }
     }
     clearAuth() {
         const config = this.loadAuth();
         delete config.SSO_TOKEN;
+        delete config.SSO_REFRESH_TOKEN;
+        delete config.SSO_TOKEN_EXPIRES_AT;
         if (Object.keys(config).length === 0) {
             const authPath = this.getAuthPath();
             if (existsSync(authPath)) {
@@ -111,33 +130,41 @@ export class AuthService {
             readToken: options?.readToken,
         });
         // Exchange authorization code for JWT (includes user info)
-        const { token, user } = await this.exchangeCode(serverUrl, code);
+        const { token, refreshToken, expiresIn, user } = await this.exchangeCode(serverUrl, code);
         // Save the token and user info (preserve existing keys)
         const existing = this.loadAuth();
-        this.saveAuth({ ...existing, SSO_TOKEN: token, user });
+        this.saveAuth({
+            ...existing,
+            SSO_TOKEN: token,
+            SSO_REFRESH_TOKEN: refreshToken,
+            SSO_TOKEN_EXPIRES_AT: expiresIn
+                ? Date.now() + expiresIn * 1000
+                : undefined,
+            user,
+        });
         this.notifyAuthChange("login");
         return token;
     }
     /**
      * Exchange a short-lived authorization code for a JWT token.
-     * Returns both the token and user info.
+     * Returns token, optional refresh token, optional expiresIn, and user info.
      */
     async exchangeCode(serverUrl, code) {
-        const exchangeUrl = `${serverUrl}/api/auth/exchange`;
+        const exchangeUrl = `${serverUrl}/api/auth/token`;
+        logger.info(`[Auth] Exchanging authorization code at ${exchangeUrl}`);
         const response = await fetch(exchangeUrl, {
             method: "POST",
             headers: { "Content-Type": "application/json" },
-            body: JSON.stringify({ code }),
+            body: JSON.stringify({ grant_type: "authorization_code", code }),
         });
         if (!response.ok) {
             const text = await response.text();
+            logger.info(`[Auth] Authorization code exchange failed (${response.status}): ${text}`);
             throw new Error(`Token exchange failed (${response.status}): ${text}`);
         }
         const data = (await response.json());
-        return {
-            token: data.token,
-            user: { id: data.user.id, email: data.user.email },
-        };
+        logger.info("[Auth] Authorization code exchanged successfully");
+        return data;
     }
     startLocalAuthServer(serverUrl, options) {
         return new Promise((resolve, reject) => {
@@ -233,14 +260,188 @@ export class AuthService {
         await execFileAsync(command, args);
     }
     isSSOAuthenticated() {
-        return this.getSSOToken() !== undefined;
+        const config = this.loadAuth();
+        if (!config.SSO_TOKEN)
+            return false;
+        if (config.SSO_TOKEN_EXPIRES_AT &&
+            Date.now() >= config.SSO_TOKEN_EXPIRES_AT)
+            return false;
+        return true;
+    }
+    /**
+     * Check if the current token is expired or within the refresh buffer.
+     * Returns false if no expiry info (backward compat — treated as never-expiring).
+     */
+    isTokenExpired() {
+        const config = this.loadAuth();
+        if (!config.SSO_TOKEN_EXPIRES_AT)
+            return false;
+        const expiresAt = config.SSO_TOKEN_EXPIRES_AT;
+        const bufferMs = AuthService.REFRESH_BUFFER_MS;
+        const now = Date.now();
+        const remaining = expiresAt - now;
+        const expired = now >= expiresAt - bufferMs;
+        if (expired) {
+            logger.info(`[Auth] Token expired or within refresh buffer: remaining=${Math.round(remaining / 1000)}s, buffer=${bufferMs / 1000}s`);
+        }
+        return expired;
+    }
+    /**
+     * Check if the token needs refresh and refresh it if possible.
+     * Deduplicates concurrent refresh calls (401 dedup).
+     */
+    async checkAndRefreshTokenIfNeeded() {
+        if (!this.isTokenExpired())
+            return true;
+        // Dedup: if a refresh is already in-flight, reuse the same promise
+        if (this._refreshPromise) {
+            logger.info("[Auth] Token refresh already in-flight, reusing existing promise");
+            return this._refreshPromise;
+        }
+        logger.info("[Auth] Starting token refresh");
+        this._refreshPromise = this.refreshToken();
+        try {
+            return await this._refreshPromise;
+        }
+        finally {
+            this._refreshPromise = null;
+        }
+    }
+    /**
+     * Refresh the access token using the stored refresh token.
+     * Returns true on success, false on failure.
+     */
+    async refreshToken() {
+        const config = this.loadAuth();
+        if (!config.SSO_REFRESH_TOKEN) {
+            logger.info("[Auth] No refresh token available, cannot refresh");
+            return false;
+        }
+        const serverUrl = this.getServerUrl();
+        try {
+            logger.info(`[Auth] Refreshing token via ${serverUrl}/api/auth/token`);
+            const response = await fetch(`${serverUrl}/api/auth/token`, {
+                method: "POST",
+                headers: { "Content-Type": "application/json" },
+                body: JSON.stringify({
+                    grant_type: "refresh_token",
+                    refresh_token: config.SSO_REFRESH_TOKEN,
+                }),
+            });
+            if (response.status === 400 || response.status === 401) {
+                // Refresh token revoked — clear auth
+                logger.info(`[Auth] Refresh token rejected (${response.status}), clearing auth`);
+                this.clearAuth();
+                return false;
+            }
+            if (!response.ok) {
+                logger.info(`[Auth] Token refresh failed with status ${response.status}`);
+                return false;
+            }
+            const data = (await response.json());
+            const newExpiresAt = data.expiresIn
+                ? Date.now() + data.expiresIn * 1000
+                : undefined;
+            this.saveAuth({
+                ...config,
+                SSO_TOKEN: data.token,
+                SSO_REFRESH_TOKEN: data.refreshToken ?? config.SSO_REFRESH_TOKEN,
+                SSO_TOKEN_EXPIRES_AT: newExpiresAt,
+                user: data.user
+                    ? { id: data.user.id, email: data.user.email }
+                    : config.user,
+            });
+            logger.info(`[Auth] Token refreshed successfully, new token expires at ${newExpiresAt ? new Date(newExpiresAt).toISOString() : "never"}`);
+            this.notifyAuthChange("login");
+            return true;
+        }
+        catch (err) {
+            // Network error — don't clear auth (might be transient)
+            logger.info(`[Auth] Token refresh failed with network error: ${err}`);
+            return false;
+        }
+    }
+    /**
+     * Check if another process has refreshed the token on disk.
+     * Returns true if a fresh token was found and loaded.
+     */
+    /** @internal Check if another process has refreshed the token on disk */
+    tryReadRefreshedTokenFromDisk() {
+        try {
+            const authPath = this.getAuthPath();
+            if (!existsSync(authPath))
+                return false;
+            const stat = statSync(authPath);
+            if (stat.mtimeMs <= this._authFileMtime)
+                return false;
+            // File was modified by another process — check if token is fresh
+            const config = this.loadAuth();
+            if (config.SSO_TOKEN_EXPIRES_AT &&
+                Date.now() < config.SSO_TOKEN_EXPIRES_AT) {
+                logger.info(`[Auth] Detected token refreshed by another process (auth.json mtime changed)`);
+                this._authFileMtime = stat.mtimeMs;
+                return true;
+            }
+            return false;
+        }
+        catch {
+            return false;
+        }
     }
     getAuthUser() {
         const config = this.loadAuth();
         return config.user;
     }
 }
+AuthService.REFRESH_BUFFER_MS = 5 * 60 * 1000;
 export const authService = AuthService.getInstance();
+/**
+ * Create a fetch wrapper that handles SSO token refresh transparently.
+ *
+ * 1. Proactive refresh: calls checkAndRefreshTokenIfNeeded() before each request
+ * 2. Updates Authorization header with fresh token
+ * 3. Reactive 401/403 recovery: tries disk refresh then force refresh, retries once
+ */
+export function createAuthAwareFetch(innerFetch) {
+    return async (input, init) => {
+        // Proactive refresh
+        await authService.checkAndRefreshTokenIfNeeded();
+        // Update Authorization header with fresh token
+        const freshToken = authService.getSSOToken();
+        const headers = new Headers(init?.headers);
+        if (freshToken) {
+            headers.set("Authorization", `Bearer ${freshToken}`);
+        }
+        const modifiedInit = { ...init, headers };
+        const response = await innerFetch(input, modifiedInit);
+        // Reactive 401/403 recovery (single retry)
+        if (response.status === 401 || response.status === 403) {
+            logger.info(`[Auth] Received ${response.status}, attempting token recovery`);
+            // Try disk refresh first (another process may have refreshed)
+            if (authService.tryReadRefreshedTokenFromDisk()) {
+                const retryToken = authService.getSSOToken();
+                const retryHeaders = new Headers(init?.headers);
+                if (retryToken) {
+                    retryHeaders.set("Authorization", `Bearer ${retryToken}`);
+                }
+                logger.info("[Auth] Retrying request with disk-refreshed token");
+                return innerFetch(input, { ...init, headers: retryHeaders });
+            }
+            // Try force refresh
+            if (await authService.checkAndRefreshTokenIfNeeded()) {
+                const retryToken = authService.getSSOToken();
+                if (retryToken) {
+                    const retryHeaders = new Headers(init?.headers);
+                    retryHeaders.set("Authorization", `Bearer ${retryToken}`);
+                    logger.info("[Auth] Retrying request with force-refreshed token");
+                    return innerFetch(input, { ...init, headers: retryHeaders });
+                }
+            }
+            logger.info("[Auth] Token recovery failed, returning original response");
+        }
+        return response;
+    };
+}
 /**
  * Get or create a persistent anonymous ID for telemetry.
  *

package/dist/services/configurationService.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"configurationService.d.ts","sourceRoot":"","sources":["../../src/services/configurationService.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAOH,OAAO,KAAK,EACV,uBAAuB,EACvB,gBAAgB,EAChB,kBAAkB,EAClB,iBAAiB,EACjB,KAAK,EACL,iBAAiB,EAClB,MAAM,2BAA2B,CAAC;AAOnC,OAAO,EACL,KAAK,2BAA2B,EAChC,KAAK,wBAAwB,EAC7B,KAAK,uBAAuB,EAE7B,MAAM,yBAAyB,CAAC;AACjC,OAAO,EACL,aAAa,EACb,WAAW,EAGX,cAAc,EACd,YAAY,EACb,MAAM,mBAAmB,CAAC;AAK3B,OAAO,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC;AAOvC;;;;;GAKG;AACH,qBAAa,oBAAoB;IAC/B,OAAO,CAAC,oBAAoB,CAAkC;IAC9D,OAAO,CAAC,OAAO,CAAoB;IACnC,OAAO,CAAC,kBAAkB,CAAqB;IAE/C;;OAEG;IACH,UAAU,CAAC,OAAO,EAAE,YAAY,GAAG,IAAI;IAMvC;;OAEG;IACG,uBAAuB,CAC3B,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,uBAAuB,CAAC;IAkEnC;;OAEG;IACH,qBAAqB,CAAC,MAAM,EAAE,iBAAiB,GAAG,gBAAgB;IAkLlE;;OAEG;IACH,yBAAyB,CAAC,QAAQ,EAAE,MAAM,GAAG,gBAAgB;IAwC7D;;;OAGG;IACH,kBAAkB,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,IAAI;IAcrD;;OAEG;IACH,OAAO,CAAC,YAAY;IAepB;;;;;;;;;;OAUG;IACH,oBAAoB,CAClB,MAAM,CAAC,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,MAAM,EAChB,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EACvC,YAAY,CAAC,EAAE,aAAa,CAAC,cAAc,CAAC,EAC5C,KAAK,CAAC,EAAE,aAAa,CAAC,OAAO,CAAC,GAC7B,aAAa;IA0EhB;;;;;;;;OAQG;IACH,kBAAkB,CAChB,KAAK,CAAC,EAAE,MAAM,EACd,SAAS,CAAC,EAAE,MAAM,EAClB,SAAS,CAAC,EAAE,MAAM,EAClB,cAAc,CAAC,EAAE,cAAc,GAC9B,WAAW;IAuDd;;;;;OAKG;IACH,qBAAqB,CAAC,gBAAgB,CAAC,EAAE,MAAM,GAAG,MAAM;IAwBxD;;;;;OAKG;IACH,eAAe,CAAC,mBAAmB,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS;IAmBjE;;;;OAIG;IACH,wBAAwB,IAAI,OAAO;IAkBnC;;;;OAIG;IACH,0BAA0B,IAAI,MAAM;IAqBpC;;;;;OAKG;IACH,sBAAsB,CAAC,gBAAgB,CAAC,EAAE,MAAM,GAAG,MAAM;IAwBzD;;OAEG;IACH,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;YAKf,sBAAsB;IAqBpC;;OAEG;IACH,mBAAmB,IAAI,MAAM,EAAE;IAwB/B;;OAEG;IACH,sBAAsB,IAClB,OAAO,CAAC,OAAO,uBAAuB,EAAE,eAAe,CAAC,GACxD,SAAS;IAIb;;OAEG;IACH,qBAAqB,CAAC,OAAO,EAAE,MAAM,GAAG,kBAAkB;IAa1D;;OAEG;IACG,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAoClE;;OAEG;IACG,mBAAmB,CACvB,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,KAAK,EACZ,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,OAAO,GACf,OAAO,CAAC,IAAI,CAAC;IAuChB;;OAEG;IACH,qBAAqB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,iBAAiB,CAAC;IAKzE;;OAEG;IACH,qBAAqB,CACnB,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,KAAK,GACX,MAAM,CAAC,MAAM,EAAE,iBAAiB,CAAC;IAapC;;OAEG;IACG,qBAAqB,CACzB,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,KAAK,EACZ,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,iBAAiB,GACxB,OAAO,CAAC,IAAI,CAAC;IAyChB;;OAEG;IACG,0BAA0B,CAC9B,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,KAAK,EACZ,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,IAAI,CAAC;IAmChB;;OAEG;IACG,mBAAmB,CACvB,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,KAAK,EACZ,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,IAAI,CAAC;IAmChB;;OAEG;IACH,uBAAuB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IAKjE;;;OAGG;IACH,sBAAsB,CAAC,QAAQ,EAAE,MAAM,GAAG,iBAAiB,GAAG,IAAI;CAGnE;AAKD;;GAEG;AACH,wBAAgB,yBAAyB,CACvC,GAAG,EAAE,OAAO,EACZ,UAAU,CAAC,EAAE,MAAM,GAClB,2BAA2B,CAsD7B;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CACpC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,SAAS,EAC3C,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,SAAS,EAC9C,OAAO,GAAE,uBAA4B,GACpC,wBAAwB,CAoC1B;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CACpC,QAAQ,EAAE,MAAM,GACf,iBAAiB,GAAG,IAAI,CA+B1B;AAED;;;;GAIG;AACH,wBAAgB,oBAAoB,CAClC,OAAO,EAAE,MAAM,GACd,iBAAiB,GAAG,IAAI,CA0K1B"}
+{"version":3,"file":"configurationService.d.ts","sourceRoot":"","sources":["../../src/services/configurationService.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAOH,OAAO,KAAK,EACV,uBAAuB,EACvB,gBAAgB,EAChB,kBAAkB,EAClB,iBAAiB,EACjB,KAAK,EACL,iBAAiB,EAClB,MAAM,2BAA2B,CAAC;AAOnC,OAAO,EACL,KAAK,2BAA2B,EAChC,KAAK,wBAAwB,EAC7B,KAAK,uBAAuB,EAE7B,MAAM,yBAAyB,CAAC;AACjC,OAAO,EACL,aAAa,EACb,WAAW,EAGX,cAAc,EACd,YAAY,EACb,MAAM,mBAAmB,CAAC;AAK3B,OAAO,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC;AAQvC;;;;;GAKG;AACH,qBAAa,oBAAoB;IAC/B,OAAO,CAAC,oBAAoB,CAAkC;IAC9D,OAAO,CAAC,OAAO,CAAoB;IACnC,OAAO,CAAC,kBAAkB,CAAqB;IAE/C;;OAEG;IACH,UAAU,CAAC,OAAO,EAAE,YAAY,GAAG,IAAI;IAMvC;;OAEG;IACG,uBAAuB,CAC3B,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,uBAAuB,CAAC;IAkEnC;;OAEG;IACH,qBAAqB,CAAC,MAAM,EAAE,iBAAiB,GAAG,gBAAgB;IAkLlE;;OAEG;IACH,yBAAyB,CAAC,QAAQ,EAAE,MAAM,GAAG,gBAAgB;IAwC7D;;;OAGG;IACH,kBAAkB,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,IAAI;IAcrD;;OAEG;IACH,OAAO,CAAC,YAAY;IAepB;;;;;;;;;;OAUG;IACH,oBAAoB,CAClB,MAAM,CAAC,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,MAAM,EAChB,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EACvC,YAAY,CAAC,EAAE,aAAa,CAAC,cAAc,CAAC,EAC5C,KAAK,CAAC,EAAE,aAAa,CAAC,OAAO,CAAC,GAC7B,aAAa;IA8EhB;;;;;;;;OAQG;IACH,kBAAkB,CAChB,KAAK,CAAC,EAAE,MAAM,EACd,SAAS,CAAC,EAAE,MAAM,EAClB,SAAS,CAAC,EAAE,MAAM,EAClB,cAAc,CAAC,EAAE,cAAc,GAC9B,WAAW;IAuDd;;;;;OAKG;IACH,qBAAqB,CAAC,gBAAgB,CAAC,EAAE,MAAM,GAAG,MAAM;IAwBxD;;;;;OAKG;IACH,eAAe,CAAC,mBAAmB,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS;IAmBjE;;;;OAIG;IACH,wBAAwB,IAAI,OAAO;IAkBnC;;;;OAIG;IACH,0BAA0B,IAAI,MAAM;IAqBpC;;;;;OAKG;IACH,sBAAsB,CAAC,gBAAgB,CAAC,EAAE,MAAM,GAAG,MAAM;IAwBzD;;OAEG;IACH,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;YAKf,sBAAsB;IAqBpC;;OAEG;IACH,mBAAmB,IAAI,MAAM,EAAE;IAwB/B;;OAEG;IACH,sBAAsB,IAClB,OAAO,CAAC,OAAO,uBAAuB,EAAE,eAAe,CAAC,GACxD,SAAS;IAIb;;OAEG;IACH,qBAAqB,CAAC,OAAO,EAAE,MAAM,GAAG,kBAAkB;IAa1D;;OAEG;IACG,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAoClE;;OAEG;IACG,mBAAmB,CACvB,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,KAAK,EACZ,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,OAAO,GACf,OAAO,CAAC,IAAI,CAAC;IAuChB;;OAEG;IACH,qBAAqB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,iBAAiB,CAAC;IAKzE;;OAEG;IACH,qBAAqB,CACnB,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,KAAK,GACX,MAAM,CAAC,MAAM,EAAE,iBAAiB,CAAC;IAapC;;OAEG;IACG,qBAAqB,CACzB,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,KAAK,EACZ,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,iBAAiB,GACxB,OAAO,CAAC,IAAI,CAAC;IAyChB;;OAEG;IACG,0BAA0B,CAC9B,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,KAAK,EACZ,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,IAAI,CAAC;IAmChB;;OAEG;IACG,mBAAmB,CACvB,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,KAAK,EACZ,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,IAAI,CAAC;IAmChB;;OAEG;IACH,uBAAuB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IAKjE;;;OAGG;IACH,sBAAsB,CAAC,QAAQ,EAAE,MAAM,GAAG,iBAAiB,GAAG,IAAI;CAGnE;AAKD;;GAEG;AACH,wBAAgB,yBAAyB,CACvC,GAAG,EAAE,OAAO,EACZ,UAAU,CAAC,EAAE,MAAM,GAClB,2BAA2B,CAsD7B;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CACpC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,SAAS,EAC3C,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,SAAS,EAC9C,OAAO,GAAE,uBAA4B,GACpC,wBAAwB,CAoC1B;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CACpC,QAAQ,EAAE,MAAM,GACf,iBAAiB,GAAG,IAAI,CA+B1B;AAED;;;;GAIG;AACH,wBAAgB,oBAAoB,CAClC,OAAO,EAAE,MAAM,GACd,iBAAiB,GAAG,IAAI,CA0K1B"}

package/dist/services/configurationService.js

@@ -15,6 +15,7 @@ import { ConfigurationError, CONFIG_ERRORS, } from "../types/index.js";
 import { DEFAULT_WAVE_MAX_INPUT_TOKENS, DEFAULT_WAVE_MAX_OUTPUT_TOKENS, } from "../utils/constants.js";
 import { parseCustomHeaders } from "../utils/stringUtils.js";
 import { getRemoteSettingsSync, mergeRemoteSettings, } from "./remoteSettingsService.js";
+import { createAuthAwareFetch } from "./authService.js";
 /**
  * Default ConfigurationService implementation
  *
@@ -327,6 +328,8 @@ export class ConfigurationService {
         const ssoToken = this.readSSOToken();
         const serverUrl = this.options.serverUrl || process.env.WAVE_SERVER_URL;
         if (ssoToken && serverUrl) {
+            const baseFetch = fetch ?? this.options.fetch ?? globalThis.fetch;
+            const authAwareFetch = createAuthAwareFetch(baseFetch);
             return {
                 apiKey: ssoToken,
                 baseURL: `${serverUrl}/api/v1`,
@@ -334,7 +337,7 @@ export class ConfigurationService {
                     ? defaultHeaders
                     : undefined,
                 fetchOptions: fetchOptions ?? this.options.fetchOptions,
-                fetch: fetch ?? this.options.fetch,
+                fetch: authAwareFetch,
             };
         }
         // Resolve API key: override > options > env (settings.json) > process.env

package/dist/services/hook.d.ts

@@ -14,6 +14,10 @@ export declare function executeCommand(command: string, context: HookExecutionCo
  * Execute multiple commands in sequence
  */
 export declare function executeCommands(commands: string[], context: HookExecutionContext | ExtendedHookExecutionContext, options?: HookExecutionOptions): Promise<HookExecutionResult[]>;
+/**
+ * Execute a CwdChanged hook
+ */
+export declare function executeCwdChangedHooks(oldCwd: string, newCwd: string, context: ExtendedHookExecutionContext): Promise<HookExecutionResult[]>;
 /**
  * Validate command safety (basic checks)
  */

package/dist/services/hook.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"hook.d.ts","sourceRoot":"","sources":["../../src/services/hook.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,EACL,KAAK,oBAAoB,EACzB,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,EACzB,KAAK,4BAA4B,EAElC,MAAM,mBAAmB,CAAC;AA2F3B;;GAEG;AACH,wBAAsB,cAAc,CAClC,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,oBAAoB,GAAG,4BAA4B,EAC5D,OAAO,CAAC,EAAE,oBAAoB,GAC7B,OAAO,CAAC,mBAAmB,CAAC,CA6I9B;AAED;;GAEG;AACH,wBAAsB,eAAe,CACnC,QAAQ,EAAE,MAAM,EAAE,EAClB,OAAO,EAAE,oBAAoB,GAAG,4BAA4B,EAC5D,OAAO,CAAC,EAAE,oBAAoB,GAC7B,OAAO,CAAC,mBAAmB,EAAE,CAAC,CAchC;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAsBtD"}
+{"version":3,"file":"hook.d.ts","sourceRoot":"","sources":["../../src/services/hook.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,EACL,KAAK,oBAAoB,EACzB,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,EACzB,KAAK,4BAA4B,EAElC,MAAM,mBAAmB,CAAC;AA2F3B;;GAEG;AACH,wBAAsB,cAAc,CAClC,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,oBAAoB,GAAG,4BAA4B,EAC5D,OAAO,CAAC,EAAE,oBAAoB,GAC7B,OAAO,CAAC,mBAAmB,CAAC,CA6I9B;AAED;;GAEG;AACH,wBAAsB,eAAe,CACnC,QAAQ,EAAE,MAAM,EAAE,EAClB,OAAO,EAAE,oBAAoB,GAAG,4BAA4B,EAC5D,OAAO,CAAC,EAAE,oBAAoB,GAC7B,OAAO,CAAC,mBAAmB,EAAE,CAAC,CAchC;AAED;;GAEG;AACH,wBAAsB,sBAAsB,CAC1C,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,4BAA4B,GACpC,OAAO,CAAC,mBAAmB,EAAE,CAAC,CAMhC;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAsBtD"}

package/dist/services/hook.js

@@ -223,6 +223,16 @@ export async function executeCommands(commands, context, options) {
     }
     return results;
 }
+/**
+ * Execute a CwdChanged hook
+ */
+export async function executeCwdChangedHooks(oldCwd, newCwd, context) {
+    // CwdChanged hooks are executed through HookManager.executeCwdChangedHooks()
+    void context;
+    void oldCwd;
+    void newCwd;
+    return [];
+}
 /**
  * Validate command safety (basic checks)
  */

package/dist/services/interactionService.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"interactionService.d.ts","sourceRoot":"","sources":["../../src/services/interactionService.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAC9D,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AACpE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AAC9E,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AAC9D,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AACtE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AACtE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAGpD,MAAM,WAAW,kBAAkB;IACjC,cAAc,EAAE,cAAc,CAAC;IAC/B,mBAAmB,EAAE,mBAAmB,CAAC;IACzC,WAAW,EAAE,WAAW,CAAC;IACzB,OAAO,EAAE,MAAM,CAAC;IAChB,oBAAoB,EAAE,oBAAoB,CAAC;IAC3C,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,SAAS,CAAC;IACrB,eAAe,EAAE,eAAe,CAAC;IACjC,WAAW,EAAE,WAAW,CAAC;IACzB,OAAO,EAAE,YAAY,CAAC;IACtB,YAAY,EAAE,MAAM,IAAI,CAAC;CAC1B;AAED,qBAAa,kBAAkB;WACT,WAAW,CAC7B,OAAO,EAAE,kBAAkB,EAC3B,OAAO,EAAE,MAAM,EACf,MAAM,CAAC,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC,GACjD,OAAO,CAAC,IAAI,CAAC;WA8GI,cAAc,CAChC,OAAO,EAAE,kBAAkB,EAC3B,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,IAAI,CAAC;CAiDjB"}
+{"version":3,"file":"interactionService.d.ts","sourceRoot":"","sources":["../../src/services/interactionService.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAC9D,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AACpE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AAC9E,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AAC9D,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AACtE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AACtE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAEpD,MAAM,WAAW,kBAAkB;IACjC,cAAc,EAAE,cAAc,CAAC;IAC/B,mBAAmB,EAAE,mBAAmB,CAAC;IACzC,WAAW,EAAE,WAAW,CAAC;IACzB,OAAO,EAAE,MAAM,CAAC;IAChB,oBAAoB,EAAE,oBAAoB,CAAC;IAC3C,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,SAAS,CAAC;IACrB,eAAe,EAAE,eAAe,CAAC;IACjC,WAAW,EAAE,WAAW,CAAC;IACzB,OAAO,EAAE,YAAY,CAAC;IACtB,YAAY,EAAE,MAAM,IAAI,CAAC;CAC1B;AAED,qBAAa,kBAAkB;WACT,WAAW,CAC7B,OAAO,EAAE,kBAAkB,EAC3B,OAAO,EAAE,MAAM,EACf,MAAM,CAAC,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC,GACjD,OAAO,CAAC,IAAI,CAAC;WA6FI,cAAc,CAChC,OAAO,EAAE,kBAAkB,EAC3B,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,IAAI,CAAC;CAiDjB"}

package/dist/services/interactionService.js

@@ -21,18 +21,6 @@ export class InteractionService {
                 // If command doesn't exist, continue as normal message processing
                 // Don't add to history, let normal message processing logic below handle it
             }
-            // Inject pending notifications from background tasks
-            const notificationQueue = context.aiManager["container"].has("NotificationQueue")
-                ? context.aiManager["container"].get("NotificationQueue")
-                : undefined;
-            if (notificationQueue && notificationQueue.hasPending()) {
-                const notifications = notificationQueue.dequeueAll();
-                for (const notification of notifications) {
-                    messageManager.addUserMessage({
-                        content: notification,
-                    });
-                }
-            }
             // Handle normal AI message
             // Add user message first, will automatically sync to UI
             messageManager.addUserMessage({

package/dist/services/remoteSettingsService.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"remoteSettingsService.d.ts","sourceRoot":"","sources":["../../src/services/remoteSettingsService.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAEV,yBAAyB,EAE1B,MAAM,2BAA2B,CAAC;AACnC,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AA0JnE,wBAAgB,UAAU,IAAI,IAAI,CASjC;AAED,wBAAgB,qBAAqB,IAAI,iBAAiB,GAAG,IAAI,CAEhE;AAED,wBAAsB,OAAO,IAAI,OAAO,CAAC,yBAAyB,CAAC,CAKlE;AAED,wBAAgB,KAAK,IAAI,IAAI,CAO5B;AAED,wBAAgB,QAAQ,IAAI,IAAI,CAK/B;AAqCD,wBAAgB,mBAAmB,CACjC,WAAW,EAAE,iBAAiB,EAC9B,MAAM,EAAE,iBAAiB,GACxB,iBAAiB,CA4DnB;AAED;;;GAGG;AACH,eAAO,MAAM,qBAAqB;;;;;;;CAOxB,CAAC"}
+{"version":3,"file":"remoteSettingsService.d.ts","sourceRoot":"","sources":["../../src/services/remoteSettingsService.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAEV,yBAAyB,EAE1B,MAAM,2BAA2B,CAAC;AACnC,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AA2JnE,wBAAgB,UAAU,IAAI,IAAI,CASjC;AAED,wBAAgB,qBAAqB,IAAI,iBAAiB,GAAG,IAAI,CAEhE;AAED,wBAAsB,OAAO,IAAI,OAAO,CAAC,yBAAyB,CAAC,CAKlE;AAED,wBAAgB,KAAK,IAAI,IAAI,CAO5B;AAED,wBAAgB,QAAQ,IAAI,IAAI,CAK/B;AAqCD,wBAAgB,mBAAmB,CACjC,WAAW,EAAE,iBAAiB,EAC9B,MAAM,EAAE,iBAAiB,GACxB,iBAAiB,CA4DnB;AAED;;;GAGG;AACH,eAAO,MAAM,qBAAqB;;;;;;;CAOxB,CAAC"}

package/dist/services/remoteSettingsService.js

@@ -1,7 +1,7 @@
 import * as fs from "node:fs";
 import { homedir } from "node:os";
 import * as path from "node:path";
-import { authService } from "./authService.js";
+import { authService, createAuthAwareFetch } from "./authService.js";
 import { logger } from "../utils/globalLogger.js";
 const CACHE_FILE = path.join(homedir(), ".wave", "remote-settings.json");
 const POLLING_INTERVAL_MS = 60 * 60 * 1000; // 60 minutes
@@ -71,7 +71,8 @@ async function fetchRemoteSettings() {
         headers["If-None-Match"] = _cachedSettings.checksum;
     }
     try {
-        const response = await fetch(`${serverUrl}/api/wave/settings`, {
+        const authFetch = createAuthAwareFetch(globalThis.fetch);
+        const response = await authFetch(`${serverUrl}/api/wave/settings`, {
             method: "GET",
             headers,
             signal: AbortSignal.timeout(FETCH_TIMEOUT_MS),

package/dist/tools/bashTool.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"bashTool.d.ts","sourceRoot":"","sources":["../../src/tools/bashTool.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,UAAU,EAA2B,MAAM,YAAY,CAAC;AAwCtE;;GAEG;AACH,eAAO,MAAM,QAAQ,EAAE,UAkbtB,CAAC"}
+{"version":3,"file":"bashTool.d.ts","sourceRoot":"","sources":["../../src/tools/bashTool.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,UAAU,EAA2B,MAAM,YAAY,CAAC;AAYtE;;GAEG;AACH,eAAO,MAAM,QAAQ,EAAE,UA4etB,CAAC"}

package/dist/tools/bashTool.js

@@ -4,30 +4,10 @@ import * as path from "path";
 import * as os from "os";
 import { logger } from "../utils/globalLogger.js";
 import { stripAnsiColors } from "../utils/stringUtils.js";
+import { processToolResult } from "../utils/toolResultStorage.js";
+import { BASH_MAX_OUTPUT_CHARS } from "../constants/toolLimits.js";
 import { BASH_TOOL_NAME, GLOB_TOOL_NAME, GREP_TOOL_NAME, READ_TOOL_NAME, EDIT_TOOL_NAME, WRITE_TOOL_NAME, } from "../constants/tools.js";
-const MAX_OUTPUT_LENGTH = 30000;
 const BASH_DEFAULT_TIMEOUT_MS = 120000;
-/**
- * Helper function to handle large output by truncation and persistence to a temporary file.
- */
-function processOutput(output) {
-    if (output.length <= MAX_OUTPUT_LENGTH) {
-        return output;
-    }
-    try {
-        const tempDir = os.tmpdir();
-        const fileName = `bash_output_${Date.now()}_${Math.random().toString(36).substring(2, 11)}.txt`;
-        const filePath = path.join(tempDir, fileName);
-        fs.writeFileSync(filePath, output, "utf8");
-        return (output.substring(0, MAX_OUTPUT_LENGTH) +
-            `\n\n... (output truncated)\nFull output persisted to: ${filePath}`);
-    }
-    catch (error) {
-        logger.error("Failed to persist large bash output:", error);
-        return (output.substring(0, MAX_OUTPUT_LENGTH) +
-            "\n\n... (output truncated, failed to persist full output)");
-    }
-}
 /**
  * Bash command execution tool - supports both foreground and background execution
  */
@@ -87,7 +67,7 @@ Usage notes:
   - The command argument is required.
   - You can specify an optional timeout in milliseconds (up to ${BASH_DEFAULT_TIMEOUT_MS}ms / ${BASH_DEFAULT_TIMEOUT_MS / 60000} minutes). If not specified, commands will timeout after ${BASH_DEFAULT_TIMEOUT_MS}ms (${BASH_DEFAULT_TIMEOUT_MS / 60000} minutes).
   - It is very helpful if you write a clear, concise description of what this command does in 5-10 words.
-  - If the output exceeds ${MAX_OUTPUT_LENGTH} characters, output will be truncated and the full output will be persisted to a temporary file.
+  - If the output exceeds ${BASH_MAX_OUTPUT_CHARS.toLocaleString()} characters, output will be truncated and the full output will be persisted to a file you can read with the Read tool.
   - You can use the \`run_in_background\` parameter to run the command in the background, which allows you to continue working while the command runs. You can monitor the output using the ${READ_TOOL_NAME} tool as it becomes available. You do not need to use '&' at the end of the command when using this parameter.
   - Avoid using ${BASH_TOOL_NAME} with the \`find\`, \`sed\`, \`awk\`, or \`echo\` commands, unless explicitly instructed or when these commands are truly necessary for the task. Instead, always prefer using the dedicated tools for these commands:
     - File search: Use ${GLOB_TOOL_NAME} (NOT find or ls)
@@ -122,7 +102,10 @@ Use the gh command via the Bash tool for GitHub-related tasks including working
 - Do not retry failing commands in a sleep loop — diagnose the root cause.
 - If waiting for a background task you started with \`run_in_background\`, you will be notified when it completes — do not poll.
 - If you must poll an external process, use a check command (e.g. \`gh run view\`) rather than sleeping first.
-- If you must sleep, keep the duration short (1-5 seconds) to avoid blocking the user.`,
+- If you must sleep, keep the duration short (1-5 seconds) to avoid blocking the user.
+
+# CWD management
+The working directory persists between commands. Try to maintain your current working directory throughout the session by using absolute paths and avoiding usage of \`cd\`. You may use \`cd\` if the User explicitly requests it.`,
     execute: async (args, context) => {
         const command = args.command;
         const runInBackground = args.run_in_background;
@@ -201,7 +184,10 @@ Use the gh command via the Bash tool for GitHub-related tasks including working
         }
         // Foreground execution (original behavior)
         return new Promise((resolve) => {
-            const child = spawn(command, {
+            // Create a temporary file to store the CWD
+            const tempCwdFile = path.join(os.tmpdir(), `wave_cwd_${Date.now()}_${Math.random().toString(36).substring(2, 11)}.tmp`);
+            const wrappedCommand = `${command} && pwd -P >| ${tempCwdFile}`;
+            const child = spawn(wrappedCommand, {
                 shell: true,
                 stdio: "pipe",
                 detached: true,
@@ -228,11 +214,11 @@ Use the gh command via the Bash tool for GitHub-related tasks including working
                         : `... +${lines.length - 3} lines\n` + lines.slice(-3).join("\n");
                     context.onShortResultUpdate(shortResult);
                 }
-                // Update full result
+                // Update full result (simple truncation for streaming — persistence happens at final result)
                 if (context.onResultUpdate) {
-                    const content = combinedOutput.length <= MAX_OUTPUT_LENGTH
+                    const content = combinedOutput.length <= BASH_MAX_OUTPUT_CHARS
                         ? combinedOutput
-                        : combinedOutput.substring(0, MAX_OUTPUT_LENGTH) +
+                        : combinedOutput.substring(0, BASH_MAX_OUTPUT_CHARS) +
                             "\n\n... (output truncated)";
                     context.onResultUpdate(content);
                 }
@@ -313,7 +299,7 @@ Use the gh command via the Bash tool for GitHub-related tasks including working
                             }
                         }
                     }
-                    const processedOutput = processOutput(outputBuffer + (errorBuffer ? "\n" + errorBuffer : ""));
+                    const processedOutput = processToolResult(outputBuffer + (errorBuffer ? "\n" + errorBuffer : ""), BASH_MAX_OUTPUT_CHARS, "bash");
                     resolve({
                         success: false,
                         content: processedOutput
@@ -357,11 +343,51 @@ Use the gh command via the Bash tool for GitHub-related tasks including working
                     if (timeoutHandle) {
                         clearTimeout(timeoutHandle);
                     }
+                    // Read the new CWD from the temporary file
+                    let newCwd;
+                    try {
+                        if (fs.existsSync(tempCwdFile)) {
+                            newCwd = fs.readFileSync(tempCwdFile, "utf8").trim();
+                            // Validate the path exists before calling the callback
+                            fs.accessSync(newCwd, fs.constants.F_OK);
+                        }
+                    }
+                    catch (fileError) {
+                        logger.warn(`Could not read or validate new CWD from temp file ${tempCwdFile}:`, fileError);
+                        newCwd = undefined;
+                    }
+                    finally {
+                        // Ensure temp file is cleaned up even if reading fails
+                        try {
+                            if (fs.existsSync(tempCwdFile)) {
+                                fs.unlinkSync(tempCwdFile);
+                            }
+                        }
+                        catch (fileError) {
+                            logger.error("Failed to clean up temp CWD file:", fileError);
+                        }
+                    }
+                    // If CWD changed, call the onCwdChange callback and add notification
+                    let cwdResetMessage;
+                    if (newCwd && newCwd !== context.workdir && context.onCwdChange) {
+                        const isInSafeZone = context.permissionManager?.isPathInSafeZone?.(newCwd) ?? true;
+                        if (isInSafeZone) {
+                            context.onCwdChange(newCwd);
+                        }
+                        else if (context.originalWorkdir) {
+                            context.onCwdChange(context.originalWorkdir);
+                            cwdResetMessage = `Shell cwd was reset to ${context.originalWorkdir}`;
+                        }
+                        else {
+                            context.onCwdChange(newCwd);
+                        }
+                    }
                     const exitCode = code ?? 0;
                     const combinedOutput = outputBuffer + (errorBuffer ? "\n" + errorBuffer : "");
-                    // Handle large output by truncation and persistence if needed
-                    const finalOutput = combinedOutput || `Command executed with exit code: ${exitCode}`;
-                    const content = processOutput(finalOutput);
+                    // Prepend CWD reset message to output if present (like Claude Code's stderr approach)
+                    const finalOutput = (cwdResetMessage ? cwdResetMessage + "\n" : "") +
+                        (combinedOutput || `Command executed with exit code: ${exitCode}`);
+                    const content = processToolResult(finalOutput, BASH_MAX_OUTPUT_CHARS, "bash");
                     const lines = combinedOutput.trim().split("\n");
                     const shortResult = lines.length <= 3
                         ? lines.join("\n")

package/dist/tools/types.d.ts

@@ -90,5 +90,9 @@ export interface ToolContext {
     }>;
     /** Hook manager instance for executing hooks */
     hookManager?: import("../managers/hookManager.js").HookManager;
+    /** Callback to notify when the current working directory changes */
+    onCwdChange?: (newCwd: string) => void;
+    /** Original working directory (before any cd changes) for CWD reset */
+    originalWorkdir?: string;
 }
 //# sourceMappingURL=types.d.ts.map

package/dist/tools/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/tools/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,0BAA0B,EAAE,MAAM,qBAAqB,CAAC;AACjE,OAAO,KAAK,EACV,cAAc,EACd,kBAAkB,EACnB,MAAM,yBAAyB,CAAC;AAEjC,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACxE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAExD,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,0BAA0B,CAAC;IACnC,OAAO,EAAE,CACP,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC7B,OAAO,EAAE,WAAW,KACjB,OAAO,CAAC,UAAU,CAAC,CAAC;IACzB,mBAAmB,CAAC,EAAE,CACpB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,OAAO,EAAE,WAAW,KACjB,MAAM,CAAC;IACZ;;OAEG;IACH,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE;QACf,kBAAkB,CAAC,EAAE,qBAAqB,EAAE,CAAC;QAC7C,eAAe,CAAC,EAAE,aAAa,EAAE,CAAC;QAClC,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,UAAU,CAAC,EAAE,OAAO,CAAC;KACtB,KAAK,MAAM,CAAC;CACd;AAED,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,eAAe,CAAC,EAAE,MAAM,CAAC;IAEzB,MAAM,CAAC,EAAE,KAAK,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,CAAC,CAAC;IAEH,sBAAsB,CAAC,EAAE,OAAO,CAAC;IAEjC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,WAAW;IAC1B,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,qBAAqB,CAAC,EAAE,OAAO,sCAAsC,EAAE,qBAAqB,CAAC;IAC7F,OAAO,EAAE,MAAM,CAAC;IAChB,wEAAwE;IACxE,WAAW,CAAC,EAAE,OAAO,4BAA4B,EAAE,WAAW,CAAC;IAC/D,8CAA8C;IAC9C,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC,iCAAiC;IACjC,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IACxC,wDAAwD;IACxD,iBAAiB,CAAC,EAAE,OAAO,kCAAkC,EAAE,iBAAiB,CAAC;IACjF,iDAAiD;IACjD,UAAU,CAAC,EAAE,OAAO,2BAA2B,EAAE,UAAU,CAAC;IAC5D,iDAAiD;IACjD,UAAU,CAAC,EAAE,OAAO,iBAAiB,EAAE,WAAW,CAAC;IACnD,oDAAoD;IACpD,gBAAgB,CAAC,EAAE,OAAO,iCAAiC,EAAE,gBAAgB,CAAC;IAC9E,mDAAmD;IACnD,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,sDAAsD;IACtD,qBAAqB,CAAC,EAAE,OAAO,uBAAuB,EAAE,sBAAsB,CAAC;IAC/E,gDAAgD;IAChD,WAAW,EAAE,OAAO,4BAA4B,EAAE,WAAW,CAAC;IAC9D,qDAAqD;IACrD,eAAe,CAAC,EAAE,OAAO,gCAAgC,EAAE,eAAe,CAAC;IAC3E,kDAAkD;IAClD,YAAY,CAAC,EAAE,OAAO,6BAA6B,EAAE,YAAY,CAAC;IAClE,iDAAiD;IACjD,WAAW,CAAC,EAAE,OAAO,4BAA4B,EAAE,WAAW,CAAC;IAC/D,4CAA4C;IAC5C,SAAS,CAAC,EAAE,OAAO,0BAA0B,EAAE,SAAS,CAAC;IACzD,4CAA4C;IAC5C,SAAS,CAAC,EAAE,cAAc,0BAA0B,CAAC,CAAC;IACtD,sDAAsD;IACtD,cAAc,CAAC,EAAE,OAAO,+BAA+B,EAAE,cAAc,CAAC;IACxE,yBAAyB;IACzB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,sCAAsC;IACtC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,oEAAoE;IACpE,mBAAmB,CAAC,EAAE,CAAC,WAAW,EAAE,MAAM,KAAK,IAAI,CAAC;IACpD,mEAAmE;IACnE,cAAc,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,IAAI,CAAC;IAC1C,yCAAyC;IACzC,iBAAiB,CAAC,EAAE;QAClB,YAAY,EAAE,MAAM,CAAC;QACrB,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;IACF,mEAAmE;IACnE,aAAa,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC7D,gDAAgD;IAChD,WAAW,CAAC,EAAE,OAAO,4BAA4B,EAAE,WAAW,CAAC;CAChE"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/tools/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,0BAA0B,EAAE,MAAM,qBAAqB,CAAC;AACjE,OAAO,KAAK,EACV,cAAc,EACd,kBAAkB,EACnB,MAAM,yBAAyB,CAAC;AAEjC,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACxE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAExD,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,0BAA0B,CAAC;IACnC,OAAO,EAAE,CACP,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC7B,OAAO,EAAE,WAAW,KACjB,OAAO,CAAC,UAAU,CAAC,CAAC;IACzB,mBAAmB,CAAC,EAAE,CACpB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,OAAO,EAAE,WAAW,KACjB,MAAM,CAAC;IACZ;;OAEG;IACH,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE;QACf,kBAAkB,CAAC,EAAE,qBAAqB,EAAE,CAAC;QAC7C,eAAe,CAAC,EAAE,aAAa,EAAE,CAAC;QAClC,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,UAAU,CAAC,EAAE,OAAO,CAAC;KACtB,KAAK,MAAM,CAAC;CACd;AAED,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,eAAe,CAAC,EAAE,MAAM,CAAC;IAEzB,MAAM,CAAC,EAAE,KAAK,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,CAAC,CAAC;IAEH,sBAAsB,CAAC,EAAE,OAAO,CAAC;IAEjC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,WAAW;IAC1B,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,qBAAqB,CAAC,EAAE,OAAO,sCAAsC,EAAE,qBAAqB,CAAC;IAC7F,OAAO,EAAE,MAAM,CAAC;IAChB,wEAAwE;IACxE,WAAW,CAAC,EAAE,OAAO,4BAA4B,EAAE,WAAW,CAAC;IAC/D,8CAA8C;IAC9C,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC,iCAAiC;IACjC,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IACxC,wDAAwD;IACxD,iBAAiB,CAAC,EAAE,OAAO,kCAAkC,EAAE,iBAAiB,CAAC;IACjF,iDAAiD;IACjD,UAAU,CAAC,EAAE,OAAO,2BAA2B,EAAE,UAAU,CAAC;IAC5D,iDAAiD;IACjD,UAAU,CAAC,EAAE,OAAO,iBAAiB,EAAE,WAAW,CAAC;IACnD,oDAAoD;IACpD,gBAAgB,CAAC,EAAE,OAAO,iCAAiC,EAAE,gBAAgB,CAAC;IAC9E,mDAAmD;IACnD,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,sDAAsD;IACtD,qBAAqB,CAAC,EAAE,OAAO,uBAAuB,EAAE,sBAAsB,CAAC;IAC/E,gDAAgD;IAChD,WAAW,EAAE,OAAO,4BAA4B,EAAE,WAAW,CAAC;IAC9D,qDAAqD;IACrD,eAAe,CAAC,EAAE,OAAO,gCAAgC,EAAE,eAAe,CAAC;IAC3E,kDAAkD;IAClD,YAAY,CAAC,EAAE,OAAO,6BAA6B,EAAE,YAAY,CAAC;IAClE,iDAAiD;IACjD,WAAW,CAAC,EAAE,OAAO,4BAA4B,EAAE,WAAW,CAAC;IAC/D,4CAA4C;IAC5C,SAAS,CAAC,EAAE,OAAO,0BAA0B,EAAE,SAAS,CAAC;IACzD,4CAA4C;IAC5C,SAAS,CAAC,EAAE,cAAc,0BAA0B,CAAC,CAAC;IACtD,sDAAsD;IACtD,cAAc,CAAC,EAAE,OAAO,+BAA+B,EAAE,cAAc,CAAC;IACxE,yBAAyB;IACzB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,sCAAsC;IACtC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,oEAAoE;IACpE,mBAAmB,CAAC,EAAE,CAAC,WAAW,EAAE,MAAM,KAAK,IAAI,CAAC;IACpD,mEAAmE;IACnE,cAAc,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,IAAI,CAAC;IAC1C,yCAAyC;IACzC,iBAAiB,CAAC,EAAE;QAClB,YAAY,EAAE,MAAM,CAAC;QACrB,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;IACF,mEAAmE;IACnE,aAAa,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC7D,gDAAgD;IAChD,WAAW,CAAC,EAAE,OAAO,4BAA4B,EAAE,WAAW,CAAC;IAC/D,oEAAoE;IACpE,WAAW,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,IAAI,CAAC;IACvC,uEAAuE;IACvE,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B"}

package/dist/types/agent.d.ts

@@ -5,6 +5,7 @@ import type { MessageManagerCallbacks } from "../managers/messageManager.js";
 import type { BackgroundTaskManagerCallbacks } from "../managers/backgroundTaskManager.js";
 import type { McpManagerCallbacks } from "../managers/mcpManager.js";
 import type { SubagentManagerCallbacks } from "../managers/subagentManager.js";
+import type { PartialHookConfiguration } from "./configuration.js";
 import type { ToolPlugin } from "../tools/types.js";
 /**
  * Configuration options for Agent instances
@@ -76,6 +77,11 @@ export interface AgentOptions {
     mcpServers?: Record<string, McpServerConfig>;
     /** Custom tools provided by the SDK user, registered alongside built-in tools */
     customTools?: ToolPlugin[];
+    /**
+     * Optional hook configuration to inject at creation time.
+     * File-based hooks (from config.json/.waverc.json) merge on top of these.
+     */
+    hooks?: PartialHookConfiguration;
     [key: string]: unknown;
 }
 export interface AgentCallbacks extends MessageManagerCallbacks, BackgroundTaskManagerCallbacks, McpManagerCallbacks, SubagentManagerCallbacks {
@@ -88,6 +94,7 @@ export interface AgentCallbacks extends MessageManagerCallbacks, BackgroundTaskM
     onConfiguredModelsChange?: (models: string[]) => void;
     onLoadingChange?: (loading: boolean) => void;
     onCommandRunningChange?: (running: boolean) => void;
+    onWorkdirChange?: (newCwd: string) => void;
     onQueuedMessagesChange?: (messages: QueuedMessage[]) => void;
 }
 //# sourceMappingURL=agent.d.ts.map