Backdrop was painting empty lines with dark gray background (48;5;233),
making the entire screen go black. Now uses dim + gray foreground only.
Message truncation now measures actual prefix width with visibleWidth()
instead of hardcoded 20-char estimate, and uses truncateToWidth() for
proper Unicode handling.
Differential renderer can't clear old overlay positions when height
changes between filter cycles. Pad to maxVisibleRows so the overlay
stays the same size regardless of filter state.
Use dark gray background + dim foreground for visible backdrop effect
instead of barely-perceptible SGR dim. Size overlay box to content
instead of padding to fill the entire viewport.
- Overlay layout: verify backdrop dims base lines, no dim without flag,
overlay composites on top of dimmed background
- Notification store: verify markAllRead and clearNotifications do not
delete a foreign process's lock file
_withLock() was unconditionally unlinking the lock file in finally,
even when lock acquisition failed. This could delete another process's
lock and allow unlocked concurrent writes. Now tracks ownership and
only cleans up locks we created.
The notification overlay was rendering too small with few entries, allowing
underlying content to bleed through. Added viewport padding to fill the
overlay box and a new `backdrop` option to OverlayOptions that dims the
background behind modal overlays.
Notifications from ctx.ui.notify() and workflow-logger now persist to
.gsd/notifications.jsonl instead of evaporating as transient toasts.
- notification-store: JSONL persistence with 500-entry rotation, atomic
temp+rename rewrites, ref-counted suppress API, disk-synced counters
- notify-interceptor: WeakSet-guarded monkey-patch on ctx.ui.notify
installed at session_start and session_switch
- notification-widget: always-on belowEditor strip showing unread count
- notification-overlay: scrollable Ctrl+Alt+N panel with severity filter
- /gsd notifications command: clear, tail, filter subcommands
- workflow-logger: warnings now also persist to notification store
- web API: GET/DELETE /api/notifications with ?countOnly support
- 16 unit tests covering store, suppress, project isolation, resync
1. Post-execution retry bypass (auto-verification.ts)
- When postExecBlockingFailure is true, skip retry and pause immediately
- Post-exec failures are cross-task consistency issues that retrying won't fix
- Added test in post-exec-retry-bypass.test.ts
2. File path normalization (pre-execution-checks.ts)
- Added normalizeFilePath() to handle ./path vs path equivalence
- Normalizes backslashes, removes duplicate slashes, strips leading ./
- Applied to checkFilePathConsistency() and checkTaskOrdering()
- Added tests for path normalization in pre-execution-checks.test.ts
3. Pre-exec fail-closed (auto-post-unit.ts)
- Added try/catch around runPreExecutionChecks() inside runSafely block
- If runPreExecutionChecks throws, set preExecPauseNeeded = true
- Used logError from workflow-logger (not raw stderr)
- Added test in pre-execution-fail-closed.test.ts
autoStartTime was never saved to paused-session.json, so cross-session
resume always started with autoStartTime=0 and the widget showed no
elapsed timer. Now saved on pause, restored on resume with Date.now()
fallback for old files.
Also fixes widget layout: elapsed/ETA stays on the header line above
the milestone/branch info line.
The enhanced_verification_* preferences were validated and typed but not
included in mergePreferences(), causing project-level overrides to be
silently ignored. This fix ensures project preferences properly merge
with user-level defaults.
Integrates pre/post-execution checks into auto-mode:
- auto-verification.ts: runEnhancedPreChecks/runEnhancedPostChecks integration
- auto-post-unit.ts: pause control flow when blocking checks fail
- Respects enhanced_verification_strict preference for blocking vs warning
Control flow: blocking failures trigger auto-mode pause for user review.
Adds 3 post-execution checks that run after task completion:
- Import resolution: verifies relative imports resolve to existing files
- Export verification: confirms exported symbols are defined
- Type consistency: validates function return types match declarations
All checks follow the permissive-by-default pattern (R012) - warnings don't block.
Adds 4 pre-execution checks that run before each task:
- File ops review: surfaces create/edit/delete intent for manual review
- Read-before-create guard: fails when plan reads a file before creating it
- Package existence: verifies npm packages exist before install attempts
- Interface contract: warns on mismatched function signatures
Includes preference types and validation for enhanced_verification settings.
The welcome screen lines stopped short on wide terminals because
termWidth was capped at 200 columns. Remove the cap so separator
lines extend to the full terminal width.
- Use `git reset --hard <sha>` for rollback instead of `git branch -f`
which fails on checked-out branches and worktrees
- Clear pendingProviderRegistrations after preflush to prevent duplicate
registration when bindCore() runs
- Process Ollama stream content on terminal `done:true` chunks to avoid
truncating trailing assistant text
The system prompt hardcoded ~/.gsd/agent/skills/ paths for bundled skills,
causing ENOENT loops when skills weren't installed at those locations. The
auto-mode loop treated ENOENT as transient and retried indefinitely.
- Replace hardcoded skill paths in system.md with {{bundledSkillsTable}} template
variable, resolved dynamically via resolveSkillReference() at runtime
- Replace hardcoded templates dir path with {{templatesDir}} variable
- Add buildBundledSkillsTable() to system-context.ts — only includes skills
that actually exist on disk
- Export getTemplatesDir() from prompt-loader.ts
- Add Rule 4 to detect-stuck.ts: same ENOENT path seen twice in the sliding
window triggers immediate stuck detection (missing files don't self-heal)
- Add 4 tests for Rule 4 coverage
Closes#3575
- Move new coercion tests to standalone file using node:test +
node:assert/strict (per CONTRIBUTING testing standards)
- Remove tests from legacy complete-slice.test.ts to avoid mixing
test frameworks in the same file
LLMs sometimes pass plain strings instead of the expected object shape
for array fields like filesModified and requires, causing TypeBox
validation to reject the input before the execute function runs. This
adds Type.Union schemas to accept both formats and normalizes strings
to objects with sensible defaults in the execute functions.
Closes#3565
The flat-rate provider guard from #3552 can fail open in two scenarios:
1. Provider alias mismatch — isFlatRateProvider only matched the exact
string "github-copilot", but "copilot" appears as a provider alias
in the codebase. Case variations could also bypass the check.
Fix: add "copilot" alias and lowercase input before set membership.
2. Unresolved primary model — when resolveModelId returns undefined
(stale model ID, registry mismatch), the guard was skipped entirely,
allowing dynamic routing to downgrade models on a flat-rate backend.
Fix: fall back to autoModeStartModel.provider and ctx.model.provider
when primary resolution fails, disabling routing if either indicates
a flat-rate provider.
Ref: #3453
