npm - wholestack - Versions diffs - 0.4.0 - Mend

wholestack 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/cli.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ #!/usr/bin/env node

package/dist/cli.js ADDED Viewed

@@ -0,0 +1,673 @@
+#!/usr/bin/env node
+import {
+  Agent,
+  CommandRegistry,
+  HookRunner,
+  InputController,
+  PROPERTY_KINDS,
+  Permissions,
+  Session,
+  announcePlanMode,
+  banner,
+  buildWebTools,
+  c,
+  isPermissionMode,
+  killRunningApps,
+  line,
+  loadHookFiles,
+  loadMcpTools,
+  loadPlugins,
+  loadProjectMemory,
+  mergeHookSets,
+  modelContextWindow,
+  modelLabel,
+  resolveModel,
+  resolveModelKey,
+  runProver,
+  statusLine,
+  supportsThinking,
+  userBox
+} from "./chunk-7DJJXUV4.js";
+// src/cli.ts
+import { createInterface } from "readline/promises";
+import { stdin, stdout, argv, exit, cwd } from "process";
+// src/config.ts
+import { readFileSync, writeFileSync, mkdirSync, existsSync, chmodSync } from "fs";
+import { homedir } from "os";
+import { join } from "path";
+var CONFIG_DIR = join(homedir(), ".zeta-g");
+var CONFIG_PATH = join(CONFIG_DIR, "config.json");
+function parseDotenv(text) {
+  const out = {};
+  for (const raw of text.split("\n")) {
+    const l = raw.trim();
+    if (!l || l.startsWith("#")) continue;
+    const eq = l.indexOf("=");
+    if (eq < 0) continue;
+    const k = l.slice(0, eq).trim();
+    let v = l.slice(eq + 1).trim();
+    if (v.startsWith('"') && v.endsWith('"') || v.startsWith("'") && v.endsWith("'")) {
+      v = v.slice(1, -1);
+    }
+    if (k) out[k] = v;
+  }
+  return out;
+}
+function fill(src) {
+  for (const [k, v] of Object.entries(src)) {
+    if (v && process.env[k] === void 0) process.env[k] = v;
+  }
+}
+function loadStoredEnv() {
+  const localEnv = join(process.cwd(), ".env");
+  if (existsSync(localEnv)) {
+    try {
+      fill(parseDotenv(readFileSync(localEnv, "utf8")));
+    } catch {
+    }
+  }
+  if (existsSync(CONFIG_PATH)) {
+    try {
+      const json = JSON.parse(readFileSync(CONFIG_PATH, "utf8"));
+      const flat = {};
+      for (const [k, v] of Object.entries(json)) if (typeof v === "string") flat[k] = v;
+      fill(flat);
+    } catch {
+    }
+  }
+}
+function saveKey(name, value) {
+  mkdirSync(CONFIG_DIR, { recursive: true });
+  let current = {};
+  if (existsSync(CONFIG_PATH)) {
+    try {
+      current = JSON.parse(readFileSync(CONFIG_PATH, "utf8"));
+    } catch {
+      current = {};
+    }
+  }
+  current[name] = value;
+  writeFileSync(CONFIG_PATH, JSON.stringify(current, null, 2) + "\n", { mode: 384 });
+  chmodSync(CONFIG_PATH, 384);
+  return CONFIG_PATH;
+}
+// src/cli-login.ts
+import { createServer } from "http";
+import { spawn } from "child_process";
+import { randomBytes } from "crypto";
+import { hostname, platform } from "os";
+var SUCCESS_HTML = `<!doctype html><meta charset="utf-8"><title>Wholestack CLI</title>
+<body style="margin:0;background:#06070b;color:#e8eef2;font:15px/1.5 system-ui,sans-serif;display:grid;place-items:center;height:100vh">
+<div style="text-align:center"><div style="font-size:42px">\u2713</div>
+<h1 style="font-size:18px;margin:.4rem 0">CLI authorized</h1>
+<p style="opacity:.6">You can close this tab and return to your terminal.</p></div></body>`;
+function openBrowser(url) {
+  const p = platform();
+  const cmd = p === "darwin" ? "open" : p === "win32" ? "cmd" : "xdg-open";
+  const args = p === "win32" ? ["/c", "start", "", url] : [url];
+  try {
+    const child = spawn(cmd, args, { stdio: "ignore", detached: true });
+    child.on("error", () => {
+    });
+    child.unref();
+  } catch {
+  }
+}
+async function loginBrowser(opts) {
+  const state = randomBytes(16).toString("hex");
+  const device = hostname().slice(0, 60);
+  const timeoutMs = (opts.timeoutSec ?? 240) * 1e3;
+  return new Promise((resolve) => {
+    let settled = false;
+    const finish = (token) => {
+      if (settled) return;
+      settled = true;
+      clearTimeout(timer);
+      try {
+        server.close();
+      } catch {
+      }
+      resolve(token);
+    };
+    const server = createServer((req, res) => {
+      const url = new URL(req.url ?? "/", "http://127.0.0.1");
+      if (url.pathname !== "/callback") {
+        res.writeHead(404).end();
+        return;
+      }
+      if (url.searchParams.get("state") !== state) {
+        res.writeHead(400).end("state mismatch");
+        return;
+      }
+      const token = url.searchParams.get("token")?.trim();
+      res.writeHead(token ? 200 : 400, { "content-type": "text/html; charset=utf-8" });
+      res.end(token ? SUCCESS_HTML : "missing token");
+      if (token) {
+        const path = saveKey("ZETA_API_KEY", token);
+        line(c.green("  \u2713 logged in") + c.dim(`  \u2192 ${path} (chmod 600)`));
+        finish(token);
+      }
+    });
+    server.on("error", (e) => {
+      line(c.red(`  could not start loopback listener: ${e.message}`));
+      finish(null);
+    });
+    server.listen(0, "127.0.0.1", () => {
+      const addr = server.address();
+      const port = typeof addr === "object" && addr ? addr.port : 0;
+      if (!port) {
+        finish(null);
+        return;
+      }
+      const authUrl = `${opts.webBase.replace(/\/$/, "")}/cli/authorize?port=${port}&state=${state}&device=${encodeURIComponent(device)}`;
+      line();
+      line(c.cyan("  \u259F Wholestack login"));
+      line(c.dim("  Opening your browser to approve this device\u2026"));
+      line(c.dim("  If it doesn't open, visit:"));
+      line("  " + c.underline(authUrl));
+      line();
+      if (!opts.noBrowser) openBrowser(authUrl);
+    });
+    const timer = setTimeout(() => {
+      line(c.red("  login timed out \u2014 run `zeta login` again."));
+      finish(null);
+    }, timeoutMs);
+  });
+}
+function loginWithToken(token) {
+  const t = token.trim();
+  if (!/^vbfl_[A-Za-z0-9]{8}_[A-Za-z0-9_-]+$/.test(t)) {
+    line(c.red("  that doesn't look like a Wholestack token (expected vbfl_\u2026)."));
+    return null;
+  }
+  const path = saveKey("ZETA_API_KEY", t);
+  line(c.green("  \u2713 logged in") + c.dim(`  \u2192 ${path} (chmod 600)`));
+  return t;
+}
+// src/checkpoints.ts
+import { readFile, writeFile, mkdir, rm } from "fs/promises";
+import { dirname } from "path";
+var CheckpointStore = class {
+  undoStack = [];
+  redoStack = [];
+  seq = 0;
+  /** Snaps accumulated for the in-flight tool call (multi_edit groups several). */
+  pending = [];
+  /** Begin a new group; call before a mutating tool touches any file. */
+  begin() {
+    this.pending = [];
+  }
+  /** Record a file's pre-edit state once per path within the current group. */
+  capture(path, before) {
+    if (!this.pending.some((s) => s.path === path)) this.pending.push({ path, before });
+  }
+  /** Seal the group into an undoable checkpoint. A redo stack is invalidated by new edits. */
+  commit(label) {
+    if (!this.pending.length) return;
+    this.undoStack.push({ id: ++this.seq, label, at: Date.now(), snaps: this.pending });
+    this.pending = [];
+    this.redoStack = [];
+  }
+  get canUndo() {
+    return this.undoStack.length > 0;
+  }
+  get canRedo() {
+    return this.redoStack.length > 0;
+  }
+  list(limit = 20) {
+    return this.undoStack.slice(-limit).reverse();
+  }
+  /** Restore the most recent checkpoint; the displaced state becomes redoable. */
+  async undo() {
+    const cp = this.undoStack.pop();
+    if (!cp) return { ok: false, error: "nothing to undo" };
+    const redoSnaps = await this.captureCurrent(cp.snaps);
+    const applied = await this.apply(cp.snaps);
+    this.redoStack.push({ ...cp, snaps: redoSnaps });
+    return { ok: true, label: cp.label, ...applied };
+  }
+  /** Re-apply the most recently undone checkpoint. */
+  async redo() {
+    const cp = this.redoStack.pop();
+    if (!cp) return { ok: false, error: "nothing to redo" };
+    const undoSnaps = await this.captureCurrent(cp.snaps);
+    const applied = await this.apply(cp.snaps);
+    this.undoStack.push({ ...cp, snaps: undoSnaps });
+    return { ok: true, label: cp.label, ...applied };
+  }
+  /** Read the current on-disk state of each path so it can be re-applied later. */
+  async captureCurrent(snaps) {
+    return Promise.all(
+      snaps.map(async (s) => ({
+        path: s.path,
+        before: await readFile(s.path, "utf8").catch(() => null)
+      }))
+    );
+  }
+  /** Write each snap's `before` back to disk (or delete when it was absent). */
+  async apply(snaps) {
+    const restored = [];
+    const deleted = [];
+    for (const s of snaps) {
+      if (s.before === null) {
+        await rm(s.path, { force: true });
+        deleted.push(s.path);
+      } else {
+        await mkdir(dirname(s.path), { recursive: true });
+        await writeFile(s.path, s.before, "utf8");
+        restored.push(s.path);
+      }
+    }
+    return { restored, deleted };
+  }
+};
+// src/cli.ts
+function parse(raw) {
+  const a = {
+    zetaUrl: process.env.ZETA_API_URL ?? "https://wholestack.ai",
+    buildMode: "auto",
+    yes: false,
+    plan: false,
+    noMcp: false,
+    noPlugins: false,
+    print: false,
+    cont: false,
+    help: false,
+    version: false,
+    prompt: ""
+  };
+  const rest = [];
+  for (let i = 0; i < raw.length; i++) {
+    const t = raw[i];
+    if (t === "--model" || t === "-m") a.model = raw[++i];
+    else if (t === "--zeta-url") a.zetaUrl = raw[++i];
+    else if (t === "--build-mode") a.buildMode = raw[++i];
+    else if (t === "--local") a.buildMode = "local";
+    else if (t === "--http") a.buildMode = "http";
+    else if (t === "--yes" || t === "-y") a.yes = true;
+    else if (t === "--mode") {
+      const m = raw[++i];
+      if (isPermissionMode(m)) a.mode = m;
+    } else if (t === "--plan") a.plan = true;
+    else if (t === "--think") a.think = true;
+    else if (t === "--no-think") a.think = false;
+    else if (t === "--mcp") a.mcp = (raw[++i] ?? "").split(",").map((s) => s.trim()).filter(Boolean);
+    else if (t === "--no-mcp") a.noMcp = true;
+    else if (t === "--no-plugins") a.noPlugins = true;
+    else if (t === "--print" || t === "-p") a.print = true;
+    else if (t === "--continue") a.cont = true;
+    else if (t === "--resume") {
+      const next = raw[i + 1];
+      if (next && !next.startsWith("-")) a.resume = raw[++i];
+      else a.resume = "";
+    } else if (t === "--help" || t === "-h") a.help = true;
+    else if (t === "--version" || t === "-v") a.version = true;
+    else rest.push(t);
+  }
+  a.prompt = rest.join(" ").trim();
+  return a;
+}
+var HELP = `${c.cyan("zeta-g")} \u2014 conversational coding agent for the ZETA engine
+${c.bold("Usage")}
+  zeta-g                       start an interactive session
+  zeta-g "build me a todo app" run one prompt and exit
+  zeta-g -m zeta-g1-max "..."  drive it with the most capable brain
+${c.bold("Web3 security")} ${c.dim("(forge \xB7 slither \xB7 firewall \xB7 halmos \xB7 signed cert)")}
+  zeta-g audit  <dir> <Contract>                 full auto-detect security sweep
+  zeta-g prove  <dir> <Contract> --property <k>  prove one invariant
+  zeta-g verify <dir> <Contract> --cert c.json   passthrough + signed certificate
+  ${c.dim("kinds: reentrancy-safety, access-control, conservation, no-value-extraction, \u2026")}
+${c.bold("Session")}
+  -m, --model <key>   zeta-g1-lite | zeta-g1 | zeta-g1-max
+                      (lite = light \xB7 g1 = default \xB7 max = most capable)
+      --mode <m>      default | acceptEdits | plan | yolo (permission mode)
+      --plan          start in read-only plan mode
+      --think/--no-think  toggle extended thinking (when a tier supports it)
+      --continue      resume the most recent session
+      --resume [id]   resume a session (id, or the latest)
+  -p, --print         one-shot: print the answer and exit
+  -y, --yes           skip all confirmations (yolo mode)
+${c.bold("Extensibility")}
+      --mcp a,b,c     only mount these MCP servers (else all from .mcp.json)
+      --no-mcp        skip MCP servers      --no-plugins   skip plugins
+${c.bold("Build engine")}
+      --zeta-url <u>  ZETA engine base URL (default http://localhost:3000)
+      --local         build via the in-repo worker (no server needed)
+      --http          build via the running ZETA engine only
+${c.bold("Auth")} ${c.dim("(set once, then just run zeta-g)")}
+  zeta-g login                     interactive \u2014 pick member/brain/engine, paste key
+  zeta-g login --member <key>      membership key (keep + deploy generated apps)
+  zeta-g login --brain <key>       brain key (powers the Zeta-G1.0 tiers)
+  zeta-g login --build <key>       ZETA build-engine key (for /build)
+${c.bold("In a session")} ${c.dim("(type /help for the full list)")}
+  /model /cost /tools /undo /redo /checkpoints /compact /resume /memory /mcp /mode /think /init /doctor /clear /exit`;
+async function runSecuritySubcommand(raw) {
+  const verb = raw[0];
+  if (verb !== "audit" && verb !== "prove" && verb !== "verify") return null;
+  const rest = raw.slice(1);
+  const proverArgs = verb === "verify" && rest[0]?.endsWith(".json") ? ["verify", ...rest] : [...rest];
+  if (verb === "prove" && !proverArgs.includes("--property")) {
+    line(c.red("  prove needs --property <kind>"));
+    line(c.dim(`  kinds: ${PROPERTY_KINDS.join(", ")}`));
+    return 1;
+  }
+  line();
+  line(c.cyan(`  \u259F ShipGate ${verb}`) + c.dim("  \xB7 forge \xB7 slither \xB7 firewall \xB7 halmos"));
+  line();
+  const r = await runProver(proverArgs, { cwd: cwd(), inherit: true });
+  if (r.missing) {
+    line(c.red(`  ${r.out}`));
+    return 1;
+  }
+  line();
+  line(r.ok ? c.green("  \u2713 verified") : c.red("  \u2717 NOT verified"));
+  return r.code;
+}
+function webBaseUrl() {
+  return process.env.ZETA_WEB_URL?.trim() || process.env.ZETA_API_URL?.trim() || "https://wholestack.ai";
+}
+async function runLogin(raw) {
+  if (raw[0] !== "login" && raw[0] !== "logout") return null;
+  const rest = raw.slice(1);
+  if (raw[0] === "logout") {
+    saveKey("ZETA_API_KEY", "");
+    line(c.green("  \u2713 logged out") + c.dim("  (token cleared)"));
+    return 0;
+  }
+  const tokenIdx = rest.indexOf("--token");
+  if (tokenIdx >= 0) {
+    const tok = rest[tokenIdx + 1];
+    if (!tok) {
+      line(c.red("  usage: zeta login --token <vbfl_\u2026>"));
+      return 1;
+    }
+    return loginWithToken(tok) ? 0 : 1;
+  }
+  const pick = (flag) => {
+    const i = rest.indexOf(flag);
+    return i >= 0 ? rest[i + 1] : void 0;
+  };
+  let name;
+  let value;
+  const brainFlags = ["--brain", "--smart", "--openrouter"];
+  const buildFlags = ["--build", "--fast", "--cerebras"];
+  const memberFlags = ["--member", "--key", "--subscribe"];
+  const hit = (flags) => flags.find((f) => rest.includes(f));
+  if (!hit(memberFlags) && !hit(brainFlags) && !hit(buildFlags)) {
+    const noBrowser = rest.includes("--no-browser");
+    const token = await loginBrowser({ webBase: webBaseUrl(), noBrowser });
+    return token ? 0 : 1;
+  }
+  if (hit(memberFlags)) {
+    name = "ZETA_API_KEY";
+    value = pick(hit(memberFlags));
+  } else if (hit(brainFlags)) {
+    name = "CEREBRAS_API_KEY";
+    value = pick(hit(brainFlags));
+  } else if (hit(buildFlags)) {
+    name = "CEREBRAS_API_KEY";
+    value = pick(hit(buildFlags));
+  }
+  if (!name || !value) {
+    if (!stdin.isTTY) {
+      line(c.red("  usage: zeta-g login --member <key> | --brain <key> | --build <key>"));
+      return 1;
+    }
+    const rl = createInterface({ input: stdin, output: stdout });
+    if (!name) {
+      const which = (await rl.question(c.cyan("  key for [member/brain/engine]: "))).trim().toLowerCase();
+      name = which.startsWith("m") ? "ZETA_API_KEY" : "CEREBRAS_API_KEY";
+    }
+    value = (await rl.question(c.cyan("  paste key: "))).trim();
+    rl.close();
+  }
+  if (!value) {
+    line(c.red("  no key provided."));
+    return 1;
+  }
+  const what = name === "ZETA_API_KEY" ? "membership (keep + deploy your apps)" : name === "OPENROUTER_API_KEY" ? "brain (Zeta-G1.0 tiers)" : "ZETA build engine";
+  const path = saveKey(name, value);
+  line(c.green(`  \u2713 saved key for the ${what}`) + c.dim(`  \u2192 ${path} (chmod 600)`));
+  line(c.dim("  now just run `zeta-g`."));
+  return 0;
+}
+var EMPTY_PLUGINS = {
+  plugins: [],
+  systemText: "",
+  commands: [],
+  mcpServers: {},
+  hooks: {},
+  failed: []
+};
+function bootSummary(memory, plugins, mcp, mode, thinking) {
+  const bits = [`mode ${c.yellow(mode)}`];
+  if (thinking) bits.push("thinking on");
+  if (memory.sources.length) bits.push(`${memory.sources.length} memory file${memory.sources.length === 1 ? "" : "s"}`);
+  if (plugins.plugins.length) bits.push(`${plugins.plugins.length} plugin${plugins.plugins.length === 1 ? "" : "s"}`);
+  if (mcp.mounted.length) bits.push(`${mcp.mounted.length} mcp`);
+  line("  " + c.dim(bits.join("  \xB7  ")));
+  for (const s of memory.sources) line("  " + c.dim(`  memory: ${s.path}`));
+  for (const p of plugins.plugins) line("  " + c.dim(`  plugin: ${p.name} (${p.dir})`));
+  for (const f of mcp.failed) line("  " + c.dim(`mcp ${f.key} unavailable: ${f.error}`));
+  for (const f of plugins.failed) line("  " + c.dim(`plugin ${f.dir} failed: ${f.error}`));
+  line();
+}
+async function main() {
+  loadStoredEnv();
+  const rawArgs = argv.slice(2);
+  const loggedIn = await runLogin(rawArgs);
+  if (loggedIn !== null) exit(loggedIn);
+  const sub = await runSecuritySubcommand(rawArgs);
+  if (sub !== null) exit(sub);
+  const args = parse(rawArgs);
+  if (args.version) {
+    line("wholestack 0.4.0");
+    return;
+  }
+  if (args.help) {
+    line(HELP);
+    return;
+  }
+  let modelKey;
+  try {
+    modelKey = resolveModelKey(args.model);
+  } catch (e) {
+    line(c.red(e.message));
+    exit(1);
+  }
+  let model;
+  try {
+    model = resolveModel(modelKey);
+  } catch (e) {
+    line(c.red(e.message));
+    exit(1);
+  }
+  const isTty = !!stdin.isTTY;
+  const oneShot = args.prompt.length > 0;
+  const workdir = cwd();
+  const mode = args.plan ? "plan" : args.mode ? args.mode : args.yes ? "yolo" : isTty ? "default" : "acceptEdits";
+  const memory = await loadProjectMemory(workdir);
+  const plugins = args.noPlugins ? EMPTY_PLUGINS : loadPlugins(workdir);
+  const memoryText = [memory.text, plugins.systemText].filter(Boolean).join("\n\n") || void 0;
+  const mcp = await loadMcpTools({
+    cwd: workdir,
+    only: args.mcp,
+    disabled: args.noMcp,
+    extraServers: plugins.mcpServers
+  });
+  const extraTools = { ...buildWebTools(), ...mcp.tools };
+  const hooks = new HookRunner(mergeHookSets(loadHookFiles(workdir), plugins.hooks), workdir);
+  const registry = new CommandRegistry();
+  registry.loadCustom(workdir);
+  for (const cmd of plugins.commands) registry.register(cmd);
+  let ic = null;
+  let shuttingDown = false;
+  const shutdown = async (code = 0) => {
+    if (shuttingDown) return;
+    shuttingDown = true;
+    killRunningApps();
+    await mcp.close().catch(() => {
+    });
+    ic?.close();
+    exit(code);
+  };
+  if (isTty) {
+    ic = new InputController({
+      commandNames: () => registry.names(),
+      onExit: () => {
+        line(c.dim("  bye."));
+        void shutdown(0);
+      }
+    });
+  }
+  const confirm = isTty && ic ? ic.confirm.bind(ic) : void 0;
+  const permissions = new Permissions(mode, confirm);
+  const checkpoints = new CheckpointStore();
+  let session;
+  let resumedMessages = null;
+  if (args.resume !== void 0 || args.cont) {
+    const id = args.resume || Session.latestId(workdir);
+    const r = id ? Session.resume(id) : null;
+    if (r) {
+      session = r.session;
+      resumedMessages = r.messages;
+    } else {
+      line(c.dim("  no session to resume \u2014 starting fresh."));
+      session = Session.create(workdir, modelLabel(modelKey));
+    }
+  } else {
+    session = Session.create(workdir, modelLabel(modelKey));
+  }
+  const thinking = args.think ?? false;
+  const agent = new Agent({
+    model,
+    modelKey,
+    ctx: { cwd: workdir, zetaApiUrl: args.zetaUrl, buildMode: args.buildMode, permissions, checkpoints },
+    extraTools,
+    hooks,
+    memoryText,
+    thinking,
+    maxSteps: 16,
+    contextWindow: modelContextWindow(modelKey),
+    session
+  });
+  if (resumedMessages) agent.replaceHistory(resumedMessages);
+  if (oneShot) {
+    if (ic) await ic.runInterruptible((sig) => agent.send(args.prompt, sig));
+    else await agent.send(args.prompt);
+    await shutdown(0);
+    return;
+  }
+  if (!ic) {
+    line(c.red("  no prompt given and stdin is not a TTY \u2014 nothing to do."));
+    await shutdown(1);
+    return;
+  }
+  banner();
+  bootSummary(memory, plugins, mcp, mode, thinking);
+  if (mode === "plan") announcePlanMode();
+  if (resumedMessages) line("  " + c.dim(`resumed ${session.meta.id} \xB7 ${resumedMessages.length} messages`) + "\n");
+  const baseCtx = () => ({
+    cwd: workdir,
+    modelKey,
+    modelLabel: modelLabel(modelKey),
+    thinkingOn: agent.thinkingOn,
+    permissions,
+    usage: agent.usage,
+    memory,
+    mcp,
+    toolNames: agent.toolNames,
+    capabilities: agent.capabilities(),
+    checkpoints,
+    print: (s = "") => line(s)
+  });
+  const runTurn = async (text) => {
+    const t0 = Date.now();
+    await ic.runInterruptible((sig) => agent.send(text, sig));
+    statusLine({
+      model: modelLabel(modelKey),
+      tokens: agent.usage.totalTokens,
+      tps: agent.lastTps,
+      elapsedMs: Date.now() - t0,
+      cost: agent.usage.totalCost,
+      mode: permissions.mode,
+      contextPct: agent.contextPct()
+    });
+  };
+  for (; ; ) {
+    const input = await ic.readLine(c.cyan("  \u203A "));
+    if (!input) continue;
+    if (input.startsWith("/")) {
+      const res = await registry.dispatch(input, baseCtx());
+      if (!res || res.type === "handled") continue;
+      if (res.type === "exit") break;
+      if (res.type === "clear") {
+        agent.reset();
+        session = Session.create(workdir, modelLabel(modelKey));
+        agent.setSession(session);
+        line(c.dim("  context cleared \u2014 new session.\n"));
+      } else if (res.type === "compact") {
+        await agent.runCompaction(true);
+      } else if (res.type === "prompt") {
+        await runTurn(res.text);
+      } else if (res.type === "switchModel") {
+        try {
+          const m = resolveModel(res.modelKey);
+          modelKey = res.modelKey;
+          agent.setModel(m, modelKey, modelContextWindow(modelKey));
+          agent.setThinking(supportsThinking(modelKey) ? args.think ?? false : false);
+          line(
+            "  " + c.green(`\u2192 ${modelLabel(modelKey)}`) + (agent.thinkingOn ? c.dim("  \xB7 thinking on") : "") + "\n"
+          );
+        } catch (e) {
+          line("  " + c.red(e.message));
+        }
+      } else if (res.type === "setMode") {
+        permissions.setMode(res.mode);
+        line("  " + c.dim(`mode: ${res.mode}`) + "\n");
+        if (res.mode === "plan") announcePlanMode();
+      } else if (res.type === "toggleThinking") {
+        if (supportsThinking(modelKey)) {
+          agent.setThinking(res.on);
+          line("  " + c.dim(`thinking ${res.on ? "on" : "off"}`) + "\n");
+        } else {
+          line("  " + c.dim(`${modelLabel(modelKey)} has no thinking mode`) + "\n");
+        }
+      } else if (res.type === "resume") {
+        const r = Session.resume(res.sessionId);
+        if (r) {
+          agent.replaceHistory(r.messages);
+          agent.setSession(r.session);
+          session = r.session;
+          line("  " + c.green(`resumed ${res.sessionId} \xB7 ${r.messages.length} messages`) + "\n");
+        } else {
+          line("  " + c.red(`no session ${res.sessionId}`) + "\n");
+        }
+      }
+      continue;
+    }
+    userBox(input);
+    await runTurn(input);
+  }
+  killRunningApps();
+  await mcp.close().catch(() => {
+  });
+  ic.close();
+  line(c.dim("  bye."));
+}
+main().catch((e) => {
+  line(c.red(String(e?.stack ?? e)));
+  exit(1);
+});