Replace the flat 9-option provider list with a two-step flow:
1. How to sign in? (Browser login / API key / Skip)
2. Which provider? (filtered by auth method)
This reduces cognitive load on first launch — users pick their
auth method first, then see only the relevant providers.
- Fix cat rule to exclude heredoc syntax (cat <<EOF) via negative lookahead
- Fix write rule: exclude >> append and digit-prefixed fd redirects (2>)
using lookbehind (?<![|>\d])>(?!>)
- Add compileInterceptor() — pre-compiles rules once at construction time
instead of on every bash call; export CompiledInterceptor type
- Update createBashTool to use pre-compiled interceptor instance
- Add 33 unit tests covering all rules, edge cases, and pass-throughs
The merge conflict auto-resolution only handled RUNTIME_EXCLUSION_PATHS
(.gsd/activity/, .gsd/runtime/, .gsd/metrics.json, etc). Planning
artifacts like DECISIONS.md, REQUIREMENTS.md, PROJECT.md, and
ROADMAP.md were not covered, causing the merge to fail and auto-mode
to loop when both main and the slice branch modified these files.
Now any conflict limited to .gsd/ files is auto-resolved by taking
the slice branch version (--theirs), since the LLM just finished
updating these artifacts during complete-slice.
macos-13 runners are deprecated on GitHub Actions. Use macos-14 (ARM64)
and cross-compile for x86_64-apple-darwin instead.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Regex-based pre-execution check in the bash tool blocks shell commands
(grep, cat, sed -i, etc.) when the dedicated replacement tool is available
in the session. Configurable via bashInterceptor settings.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Rename all platform packages from @gsd/engine-* to @gsd-build/engine-*
to match the npm org. Remove the darwin-arm64 binary from git and
native/addon from files — production binaries come exclusively from
CI-published platform packages.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Support multiple API keys per provider with automatic rotation:
- AuthStorageData accepts single credential or array per provider
- Round-robin selection across credentials (no sessionId)
- Session-sticky hashing when sessionId is provided
- Credential backoff on rate limits (30s), quota exhaustion (30min),
server errors (20s)
- markUsageLimitReached() backs off failing credential and returns
whether an alternate is available
- Login accumulation: duplicate provider logins append API keys
instead of replacing
- Agent retry handler tries credential fallback before counting
against retry budget (immediate retry, no delay)
- All getApiKey call sites thread sessionId for sticky selection
Backward compatible: single credentials work unchanged.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Use CARGO_ENCODED_RUSTFLAGS="" to override target-specific rustflags
in .cargo/config.toml (RUSTFLAGS env var doesn't override [target.*])
- Fix sync script filename: .cjs not .js
- Fail hard when no library found instead of silent exit 0
- Only tolerate "already published" errors, fail on real publish errors
- Use --ignore-scripts for main package publish to skip redundant build
- Use cd "$GITHUB_WORKSPACE" instead of cd - for reliability
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add the esbuild/swc pattern for distributing platform-specific native
binaries via npm optional dependencies. Each supported platform gets its
own @gsd/engine-{platform} package containing just the .node binary.
- 5 platform package stubs (darwin-arm64, darwin-x64, linux-x64-gnu,
linux-arm64-gnu, win32-x64-msvc) with os/cpu filters
- Rewritten native loader: tries npm package first, then local build
- Version sync script keeps platform packages in lock-step with root
- GitHub Actions workflow for cross-platform build + publish on tag push
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The native .node binary was excluded from npm pack due to native/.gitignore
ignoring addon/. Add native/.npmignore (overrides .gitignore for npm) and
include native/addon in the files whitelist. Also improve the error message
in the native loader to list supported platforms and link to issues.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Closes community discussion (#86) about potential ToS implications
of using subscription OAuth tokens outside native applications.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Implements a Rust napi-rs module that parses YAML-like frontmatter,
markdown sections, and roadmap structures from .gsd/ files. Provides
parseFrontmatter, extractSection, extractAllSections, batchParseGsdFiles,
and parseRoadmapFile functions exposed via @gsd/native. The JS parsers
in files.ts fall back transparently when the native module is unavailable.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Move the edit tool's hot-path diffing operations from JS to native Rust:
- `normalizeForFuzzyMatch`: single-pass Unicode normalization (smart quotes,
dashes, special spaces, trailing whitespace)
- `fuzzyFindText`: exact-then-fuzzy substring search with UTF-16 index
conversion for JS compatibility
- `generateDiff`: unified diff generation using the `similar` crate
(Myers' algorithm with optimizations)
The Rust module at `native/crates/engine/src/diff.rs` exposes three napi
functions. The TypeScript wrapper at `packages/native/src/diff/` follows
the existing module pattern. `edit-diff.ts` now delegates to native
implementations while keeping line-ending handling and file I/O in JS.
18 tests covering normalization, fuzzy matching (including UTF-16 index
correctness with emoji/surrogate pairs), and diff generation.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@gsd/native shipped raw .ts files in node_modules, which Node.js
refuses to import (ERR_UNSUPPORTED_NODE_MODULES_TYPE_STRIPPING on
Node 22/24, ERR_UNKNOWN_FILE_EXTENSION on Node 20). Add tsc build
step, point exports at dist/, and add to bundleDependencies.
Closes#248
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
TTSR's checkDelta() runs O(rules x conditions) regex evaluations per
streaming token — the hottest path in GSD. This adds a Rust native
module that compiles all condition patterns into a single RegexSet,
testing them in one DFA pass instead of sequential JS RegExp iteration.
The TtsrManager transparently uses the native engine when available and
falls back to the existing JS regex loop when it is not.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace manual binary header parsing (PNG/JPEG/GIF/WebP) in terminal-image.ts
with the native @gsd/native/image module, and replace photon-node (WASM) with
native N-API calls for image resize and format conversion.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The autocomplete file search no longer spawns the external `fd` binary via
spawnSync. It calls the in-process Rust fuzzyFind() function from @gsd/native,
which handles directory walking, gitignore, hidden files, and fuzzy scoring
in a single native call. The fdPath constructor parameter and ensureTool("fd")
download are removed since the binary is no longer needed.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Swap visibleWidth, wrapTextWithAnsi, truncateToWidth, sliceWithWidth, and
extractSegments to delegate to the native Rust text module. Adapter maps
the JS ellipsis string API to the native EllipsisKind enum. Functions
without native equivalents (getSegmenter, extractAnsiCode, applyBackgroundToLine,
isWhitespaceChar, isPunctuationChar) are retained. Reduces utils.ts from
~900 lines to ~180 lines.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Use the Rust-backed arboard clipboard (via @gsd/native/clipboard) for
text copy and image read, replacing the platform-tool shelling
(pbcopy/xclip/xsel) and @mariozechner/clipboard optional dependency.
OSC 52 is preserved as a fallback for SSH/mosh sessions. Linux Wayland
still falls back to wl-paste/xclip for image reads since arboard may
lack compositor access from a terminal.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
