When the API stream is truncated mid-tool-call, PartialMessageBuilder
emits a toolcall_end event with { _raw: "<broken json>" } in the
arguments — but the event looks identical to a healthy tool completion.
Downstream consumers (error classifiers, tool handlers, activity log)
have no way to distinguish a truncated call from a completed one.
Add a malformedArguments: boolean flag to the toolcall_end event variant
in AssistantMessageEvent. The flag is set to true only in the JSON parse
catch path, so existing consumers (which do not check for it) are
unaffected. New consumers like classifyProviderError can use it to
handle truncated tool calls appropriately.
Closes#2574
Server errors (500/502/503/504) are server-side failures — rotating
credentials doesn't help. Only rate_limit and quota_exhausted are
meaningfully credential-scoped. This prevents the cascading backoff
where a single 500 backs off the sole API key for 20s, causing all
subsequent retries to fail with "All credentials temporarily backed off".
Closes#2588
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
When a custom provider (e.g. claude-code-cli) registers a streamSimple
handler with the same api type as a built-in (e.g. 'anthropic-messages'),
the global API provider registry was overwritten, routing ALL models of
that api type through the custom handler.
This caused anthropic/claude-opus-4-6 requests to be dispatched through
the Claude Code SDK subprocess instead of the Anthropic API, resulting
in 'Tool not found' errors for Glob, Read, Edit, Bash (SDK tool names
not present in pi's tool registry).
Fix: wrap the registered handler with a model.provider guard so it only
fires for models from the registering provider, delegating to the
previous handler for all other providers.
Closes#2536
The insertChildBefore approach doesn't fix tool ordering because the
message component is already live-streaming text when tool_execution
events arrive. Proper fix requires T3 Code-style session-lifetime
architecture. Revert to simple addChild for now.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add insertChildBefore() to Box component for positional insertion
- In chat controller, insert tool_execution components before the last
assistant message component (instead of appending after) when tools
were executed externally
- Simplify agent-loop externalToolExecution path back to basic
tool_execution_start/end emission
- Toolcall streaming events are filtered in the Claude Code adapter
to prevent duplicate rendering via message_update
Result: externally-executed tool calls render above the text response,
matching the expected visual flow.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds `externalToolExecution` flag to AgentLoopConfig. When true, the
agent loop emits tool_execution_start/end events for TUI rendering but
skips local tool dispatch. Used by providers that handle tool execution
internally (e.g., Claude Code CLI via Agent SDK).
The flag is dynamically evaluated per-loop via a callback on
AgentOptions, so model switches mid-session are handled correctly.
Providers with authMode "externalCli" automatically use this mode.
Also updates the Claude Code CLI stream adapter to preserve tool call
blocks in the final message instead of stripping them.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The 13 test files in packages/pi-coding-agent/src/core/ were never executed
in CI or by `npm test`. The test:unit glob only covers src/resources/extensions/gsd/tests/
and src/tests/, leaving lifecycle-hooks, model-registry-auth-mode, auth-storage,
and 10 other suites with zero enforcement.
- Add `test:packages` script that runs compiled dist tests after build
- Wire into both the linux build job and windows-portability job in CI
- Fix two env-isolation bugs in auth-storage.test.ts: the "returns undefined"
and "falls through to fallback resolver" tests were not clearing
OPENROUTER_API_KEY before calling getApiKey, causing failures when the
env var is set in the caller's environment
The napi StreamState fields (utf8Pending, ansiPending) expect plain arrays
(Vec<u8>), not Buffers. Passing Buffer.from() caused 'Given napi value is
not an array on StreamState.utf8Pending' crash on multi-chunk bash output.
Added regression test for multi-chunk state passing.
AI-assisted: This change was authored with Claude (AI pair programming).
Shows absolute timestamps (date + time) on user prompts (right-aligned
above the message) and assistant replies (below the response). Format
is configurable via /settings → Timestamp format:
- date-time-iso: 2026-03-24 10:34 (default)
- date-time-us: 03-24-2026 10:34 AM
Setting persists in settings.json as timestampFormat.
- Added formatTimestamp utility with ISO and US format support
- Updated UserMessageComponent and AssistantMessageComponent
- Added timestampFormat to SettingsManager with getter/setter
- Added to /settings UI for runtime switching
- Unit tests for all format variants including AM/PM edge cases
AI-assisted: This change was authored with Claude (AI pair programming).
* feat: complete offline mode support for local-only model setups
- Add isLocalModel() to detect localhost/127.0.0.1/0.0.0.0/::1/unix sockets
- Add isAllLocalChain() to verify all registry models are local
- Validate --offline flag rejects remote models with clear error
- Auto-enable PI_OFFLINE when all configured models are local
- Return dummy API key for local models to skip auth validation
- Filter web search results in offline mode (chat-controller + tool-execution)
- Add ECONNREFUSED/ENOTFOUND/ENETUNREACH to INFRA_ERROR_CODES for immediate
failure (no retry) when network is intentionally unavailable
- Add comprehensive test suite (17 tests)
Fixes#2341
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix(test): update infra-error test for new offline-mode error codes
The offline mode feature added ECONNREFUSED, ENOTFOUND, and ENETUNREACH
to INFRA_ERROR_CODES but the test still asserted size === 6. Update the
count to 9 and add detection tests for the three new codes.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat(core): add generic native post-install hooks for package install
* feat(core): add before/after install/remove lifecycle hooks
* refactor(core): remove postInstall alias from lifecycle hook fallback
* feat(core): complete authMode support for keyless providers
The initial authMode implementation fixed model-registry, sdk, and
fallback-resolver but missed agent-session.ts (6 callsites) and
compaction-orchestrator.ts (2 callsites) that block externalCli
providers at runtime.
Architecture: separate readiness gating from credential retrieval.
- isProviderRequestReady(): authMode-aware readiness check
- getApiKey()/getApiKeyForProvider(): return undefined for
externalCli/none providers instead of triggering auth errors
- All 8 callsites in agent-session and compaction-orchestrator
now gate on readiness, not key presence
- Downstream signatures (compaction, branch-summarization) accept
apiKey: string | undefined
- Replaced hardcoded ollama exception in discoverModels with
isProviderRequestReady
Zero behavioral change for classic apiKey/oauth providers.
* feat(core): add isReady callback for provider readiness verification
Extensions can now provide an isReady() callback when registering any
provider. isProviderRequestReady() calls it before default auth checks,
allowing providers to verify actual reachability (CLI authenticated,
API key valid, service online) rather than relying solely on credential
presence.
* test(core): expand authMode test coverage
Cover all four auth modes (apiKey, oauth, externalCli, none),
isReady callback behavior, getProviderAuthMode defaults,
isProviderRequestReady for each mode, getAvailable filtering,
and getApiKey early-return for keyless providers.
* chore: remove provider-api-bridge files from this branch
These files implement GSD core → provider-api wiring (deps + tool
registry) and belong in a separate PR. Reverts register-extension.ts
to upstream state.
When a user creates a .js extension file but writes TypeScript syntax in it,
the loader now detects common TS patterns (type annotations, interfaces, enums,
generics) and provides a clear error message suggesting to rename the file to
.ts, instead of the previous cryptic "Extension does not export a valid factory
function" or opaque jiti parse errors.
Fixes#2381
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix(memory): fix memory and resource leaks across TUI, LSP, DB, and automation
Addresses all findings from a systematic memory leak audit across five
dimensions: event listeners, timers, file system handles, subscriptions/
closures, and GSD automation lifecycle.
Critical fixes:
rpc-client.ts: stderr .on("data") handler attached in start() was never
removed in stop(). Now stored as _stderrHandler and removed via
removeListener() on stop.
lsp/client.ts: Three process.on() handlers (beforeExit, SIGINT, SIGTERM)
registered at module load time with anonymous functions — impossible to
remove. Now stored as named references; new removeProcessHandlers() export
allows graceful teardown. stdout/stderr stream listeners in
startMessageReader/startStderrReader also stored per-client in
clientStreamHandlers map and removed in shutdownClient() and shutdownAll().
parallel-orchestrator.ts: spawnWorker() attached 5 listeners to child
process streams on every spawn with no removal on worker stop/respawn,
accumulating listeners indefinitely. Added cleanup() field to WorkerInfo;
called via removeAllListeners() on exit, graceful stop, stale detection,
and dead PID cleanup paths. Also: module-level state.workers Map was never
cleared between orchestration runs; startParallel() and resetOrchestrator()
now iterate and clean up all WorkerInfo entries before reassigning state.
scripts/watch-resources.js: fs.watch() return value was discarded (OS
watcher never closed) and the fallback setInterval handle was also
discarded (timer ran forever). Both now stored; process.on("exit") handler
closes/clears them.
gsd-db.ts: closeDatabase() did not checkpoint the WAL before closing —
.db-shm/.db-wal files accumulated on disk across crash-recovery cycles.
Now runs PRAGMA wal_checkpoint(TRUNCATE) before close. Also added a
one-time process.on("exit") handler in openDatabase() so the handle is
always closed even on unclean exits.
Medium fixes:
bg-shell/overlay.ts: 1-second refresh setInterval only cleared in
keyboard exit handler; abnormal teardown leaked the timer. Added dispose()
method that unconditionally clears it.
file-watcher.ts: pending debounce Map was scoped inside startFileWatcher()
making it inaccessible to stopFileWatcher(). Moved to module scope;
stopFileWatcher() now clears all pending timers and empties the map before
closing the watcher.
auto-supervisor.ts: registerSigtermHandler() could accumulate multiple
SIGTERM handlers if called without passing back the previous reference.
Added module-level _currentSigtermHandler; old handler is always removed
before registering the new one regardless of whether caller passes it.
Low-severity fixes:
print-mode.ts: session.subscribe() return value was discarded. Now stored
and called in a finally block to guarantee cleanup on both normal
completion and errors.
rpc-mode.ts: same — subscribe() unsubscribe now called in the shutdown
path before process.exit().
theme.ts: onThemeChangeCallback singleton silently overwrote any previous
subscriber. Converted to Set<() => void>; onThemeChange() now returns a
cleanup function. All four internal call sites updated to forEach().
Backward-compatible — existing callers that discard the return are unaffected.
* fix: ensure unsubscribe is called on error/abort in print-mode
The PR #2314 added unsubscribe storage but still called process.exit(1)
directly, bypassing the unsubscribe. Wrapped in try/finally to guarantee
cleanup runs before exit.
The alibaba-coding-plan provider (8 models) was silently dropped when
models.generated.ts was regenerated from models.dev in PR #2118. This
provider uses a proprietary DashScope endpoint not tracked by models.dev,
so regeneration removes it every time.
Add models.custom.ts for manually-maintained providers that don't exist
in models.dev. The model registry (models.ts) now merges both generated
and custom models at startup. Custom entries are additive and never
overwrite generated ones.
Restores: qwen3.5-plus, qwen3-max-2026-01-23, qwen3-coder-next,
qwen3-coder-plus, MiniMax-M2.5, glm-5, glm-4.7, kimi-k2.5
Fixes#2339
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds opt-in per-prompt cost display to the interactive footer. Users
enable it by setting `show_token_cost: true` in their preferences.md.
Disabled by default — the footer behavior is unchanged unless opted in.
Fixes#1515
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Fixes#2083
When an OpenRouter API key is stored in auth.json as type:"oauth" (instead
of type:"api_key"), getApiKey() calls getOAuthProvider("openrouter") which
returns undefined — OpenRouter is not a registered OAuth provider. Previously,
resolveCredentialApiKey returned undefined and getApiKey returned that directly,
never reaching the env-var or fallback-resolver paths.
Now, when resolveCredentialApiKey returns undefined, getApiKey falls through
to OPENROUTER_API_KEY env var and the fallback resolver instead of silently
failing with "Authentication failed."
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Skip jiti JIT compilation for bundled extensions that have pre-compiled .js
siblings, enable V8 bytecode caching on Node 22+, and batch directory
discovery to reduce syscalls during resource loading.
Fixes#2108
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Fix three sources of unbounded memory growth in the LSP client:
1. Message buffer: Add a 10 MB cap on client.messageBuffer. If an LSP
server sends incomplete or malformed data that causes the buffer to
exceed this limit, the buffer is discarded and reset to prevent
runaway memory usage.
2. Client/lock map eviction: clientLocks and fileOperationLocks entries
were never removed when a client was shut down via shutdownClient().
Now both maps are cleaned up alongside the clients map on shutdown.
3. Idle checker lifecycle: The idle check interval now stops itself when
no clients remain, and shutdownAll() explicitly stops it and clears
all global maps (clients, clientLocks, fileOperationLocks).
The dispose() method was not cleaning up _extensionErrorUnsubscriber,
causing the extension error handler to remain subscribed after session
disposal. This leads to memory leaks across session reloads as old
error handlers accumulate on the extension runner.
Also wrap the unsubscriber call in _applyExtensionBindings() with
try-catch so that if the previous unsubscriber throws, the new
subscription is still set up correctly.
- Wrap handleCtrlZ() suspend logic in try-catch so the SIGINT listener
is removed if process.kill() or ui.stop() throws
- Dispose previous extension selector in showExtensionSelector() before
creating a new one, preventing promise leaks on rapid calls
Four related fixes in the extension/resource management subsystem:
1. Resource sync now tracks and prunes subdirectory extensions (e.g. mcporter/)
that are removed from the bundle, preventing stale copies from persisting
in ~/.gsd/agent/extensions/ and causing tool name conflicts.
2. isBuiltIn heuristic in detectExtensionConflicts now checks the extension
name against the canonical bundled extensions list instead of using a path
heuristic that could never match (all extensions are synced into the same
directory).
3. Skill catalog in system prompt is now gated on the Skill tool presence
(in addition to the read tool), matching the current architecture where
Skill is a real built-in tool.
4. Doctor provider checks suppress "not configured" messages for alternative
search providers (e.g. Brave) when another search provider (e.g. Tavily)
is already active.
Closes#1955, closes#2075, closes#1949, closes#2027
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
When iTerm2's Left Option Key is set to "Normal" (the default), Ctrl+Alt+G
sends only Ctrl+G, triggering the external editor action instead of the GSD
dashboard. This adds an iTerm2-specific hint to the "No editor configured"
warning and documents the fix in troubleshooting and keyboard shortcuts docs.
Closes#1563
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- blob-store: Replace non-atomic check-then-act (existsSync + writeFileSync)
with writeFileSync using 'wx' flag for atomic exclusive creation
- discovery-cache: Re-read from disk before mutations to avoid stale overwrites,
and use temp file + rename for atomic saves
- agent-loop: Deep copy messages array in agentLoopContinue to prevent shared
reference mutations from affecting the original context
Fix two memory leaks in the OpenAI Codex Responses WebSocket code:
1. parseWebSocket() onMessage handler: The fire-and-forget async IIFE
could error after the await on decodeWebSocketData(), swallowing the
error and leaving all four event listeners attached to the socket
indefinitely. Wrap the entire handler body in try/catch, signal the
error to the generator loop via `failed`/`done`, and call cleanup()
to remove listeners immediately. JSON SyntaxErrors are treated as
non-fatal (malformed message skipped).
2. websocketSessionCache: The Map grows without bound when many distinct
session IDs are used over the lifetime of a process. Add a
MAX_WEBSOCKET_CACHE_SIZE (10) constant and evict the oldest entry
(first key in insertion order) before inserting a new one, closing
the evicted socket and clearing its idle timer.
Also extract the duplicated removeEventListener calls in parseWebSocket
into a shared cleanup() helper used by both the onMessage error path
and the finally block.
Fix three bugs in the RPC subsystem:
1. rpc-client.ts: Remove duplicate `pendingRequests.set(id, ...)` call
that immediately gets overwritten. The first set stored bare
resolve/reject without timeout cleanup, creating a race window where
timeout could fire with the wrong handler.
2. rpc-mode.ts: Unknown command error response now preserves the
request's id instead of returning `id: undefined`, fixing
request-response correlation for unrecognized commands.
3. jsonl.ts: Add missing `error` event handler on the input stream to
prevent unhandled exceptions, and include it in the cleanup function
returned by `attachJsonlLineReader`.
* fix(footer): display active inference model instead of configured model (#1844)
The footer read state.model which updates immediately on model selection,
but the running agent loop captures the model at _runLoop() start time.
This caused the footer to show the wrong model when the user switched
models mid-inference.
Add activeInferenceModel to AgentState, set it when _runLoop begins, and
clear it when the loop ends. The footer now prefers activeInferenceModel
over model, so it always shows the model actually being used for the
current inference.
Bug 2 follow-up to PR #1975 which fixed Bug 1 (queued messages cancel
tool calls).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* ci: retrigger after stale check
* fix(test): rewrite agent test to use structural assertions
The mock StreamFn returned a plain AsyncGenerator but
AssistantMessageEventStream requires additional properties,
causing CI build failure. Rewrote tests as source-verification
assertions (matching other GSD test patterns) and excluded
test files from tsconfig build.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix(gsd extension): detect initialized projects in health widget
Use .gsd presence plus project-state detection for the health widget so bootstrapped projects no longer appear as unloaded before metrics exist.
* fix(gsd extension): detect initialized projects in health widget
Use .gsd presence plus project-state detection for the health widget so bootstrapped projects no longer appear as unloaded before metrics exist.
* fix(pi-ai): correct Copilot context window and output token limits
- Remove github-copilot from 1M contextWindow override in generate-models.ts
- Add runtime fetching of model limits from Copilot /models API
- Apply fetched limits in modifyModels and refreshToken flows
- Regenerate models.generated.ts with corrected values
- Fix models.ts type constraints for providers not in MODELS
Fixes#2115
* fix(pi-ai): address QA round 1
- Use strict type/bounds checks for API limit values (QA-R1-001/005)
- Add caller-level try/catch in refreshToken for defense-in-depth (QA-R1-009)
* fix(pi-coding-agent): refresh model registry after OAuth token refresh
ModelRegistry.modifyModels() only ran at load time, so model limits
fetched during token refresh were persisted to auth.json but never
applied to the in-memory model objects. Users saw stale contextWindow
values (e.g., 144K from models.dev instead of 200K from the Copilot API).
Add credential change notification to AuthStorage: after a successful
OAuth token refresh, listeners are notified via queueMicrotask. The
ModelRegistry now registers a listener at construction that triggers
a full model reload, picking up the new limits from modifyModels().
Root cause: addAutoDiscoveredResources loaded ~/.gsd/agent/skills/
before ~/.agents/skills/, so the legacy directory always won skill
name collisions. After the one-time migration copied skills to
~/.agents/skills/, both directories had identical skills, producing
collision warnings on every boot.
Two fixes:
1. Swap loading order so ~/.agents/skills/ takes precedence
2. Check .migrated-to-agents marker — when present, skip
auto-discovery of the legacy dir entirely (no collisions)
Applied consistently across package-manager, skills.ts,
preferences-skills, and skill-telemetry.
