diff --git a/src/components/AutoUpdater.tsx b/src/components/AutoUpdater.tsx index 09b523fc4..f5dc19586 100644 --- a/src/components/AutoUpdater.tsx +++ b/src/components/AutoUpdater.tsx @@ -68,8 +68,8 @@ export function AutoUpdater({ } if ( - "production" === 'test' || - "production" === 'development' + process.env.NODE_ENV === 'test' || + process.env.NODE_ENV === 'development' ) { logForDebugging( 'AutoUpdater: Skipping update check in test/dev environment', diff --git a/src/components/DevBar.tsx b/src/components/DevBar.tsx index 95ff6b983..6e093840e 100644 --- a/src/components/DevBar.tsx +++ b/src/components/DevBar.tsx @@ -6,7 +6,7 @@ import { Text, useInterval } from '../ink.js' // Show DevBar for dev builds or all ants function shouldShowDevBar(): boolean { return ( - "production" === 'development' || process.env.USER_TYPE === 'ant' + process.env.NODE_ENV === 'development' || process.env.USER_TYPE === 'ant' ) } diff --git a/src/components/NativeAutoUpdater.tsx b/src/components/NativeAutoUpdater.tsx index fcb448ade..0a96bd506 100644 --- a/src/components/NativeAutoUpdater.tsx +++ b/src/components/NativeAutoUpdater.tsx @@ -83,8 +83,8 @@ export function NativeAutoUpdater({ } if ( - "production" === 'test' || - "production" === 'development' + process.env.NODE_ENV === 'test' || + process.env.NODE_ENV === 'development' ) { logForDebugging( 'NativeAutoUpdater: Skipping update check in test/dev environment', diff --git a/src/components/PackageManagerAutoUpdater.tsx b/src/components/PackageManagerAutoUpdater.tsx index e97d32b12..5aa996018 100644 --- a/src/components/PackageManagerAutoUpdater.tsx +++ b/src/components/PackageManagerAutoUpdater.tsx @@ -33,8 +33,8 @@ export function PackageManagerAutoUpdater({ verbose }: Props): React.ReactNode { const checkForUpdates = React.useCallback(async () => { if ( - "production" === 'test' || - "production" === 'development' + process.env.NODE_ENV === 'test' || + process.env.NODE_ENV === 'development' ) { return } diff --git a/src/hooks/useTypeahead.tsx b/src/hooks/useTypeahead.tsx index 3e2dbd220..0623c2fb4 100644 --- a/src/hooks/useTypeahead.tsx +++ b/src/hooks/useTypeahead.tsx @@ -623,7 +623,7 @@ export function useTypeahead({ // subsequent tests in the shard. The subscriber still registers so // fileSuggestions tests that trigger a refresh directly work correctly. useEffect(() => { - if ("production" !== 'test') { + if (process.env.NODE_ENV !== 'test') { startBackgroundCacheRefresh() } return onIndexBuildComplete(() => { diff --git a/src/interactiveHelpers.tsx b/src/interactiveHelpers.tsx index 72bf5e7be..4efd14124 100644 --- a/src/interactiveHelpers.tsx +++ b/src/interactiveHelpers.tsx @@ -153,7 +153,7 @@ export async function showSetupScreens( devChannels?: ChannelEntry[], ): Promise { if ( - "production" === 'test' || + process.env.NODE_ENV === 'test' || isEnvTruthy(false) || process.env.IS_DEMO // Skip onboarding in demo mode ) { diff --git a/src/main.tsx b/src/main.tsx index 5ceb6405d..a86ab89c7 100644 --- a/src/main.tsx +++ b/src/main.tsx @@ -6,449 +6,452 @@ // key) in parallel — isRemoteManagedSettingsEligible() otherwise reads them // sequentially via sync spawn inside applySafeConfigEnvironmentVariables() // (~65ms on every macOS startup) -import { profileCheckpoint, profileReport } from './utils/startupProfiler.js' +import { profileCheckpoint, profileReport } from "./utils/startupProfiler.js"; // eslint-disable-next-line custom-rules/no-top-level-side-effects -profileCheckpoint('main_tsx_entry') +profileCheckpoint("main_tsx_entry"); -import { startMdmRawRead } from './utils/settings/mdm/rawRead.js' +import { startMdmRawRead } from "./utils/settings/mdm/rawRead.js"; // eslint-disable-next-line custom-rules/no-top-level-side-effects -startMdmRawRead() +startMdmRawRead(); import { - ensureKeychainPrefetchCompleted, - startKeychainPrefetch, -} from './utils/secureStorage/keychainPrefetch.js' + ensureKeychainPrefetchCompleted, + startKeychainPrefetch, +} from "./utils/secureStorage/keychainPrefetch.js"; // eslint-disable-next-line custom-rules/no-top-level-side-effects -startKeychainPrefetch() +startKeychainPrefetch(); -import { feature } from 'bun:bundle' +import { feature } from "bun:bundle"; import { - Command as CommanderCommand, - InvalidArgumentError, - Option, -} from '@commander-js/extra-typings' -import chalk from 'chalk' -import { readFileSync } from 'fs' -import mapValues from 'lodash-es/mapValues.js' -import pickBy from 'lodash-es/pickBy.js' -import uniqBy from 'lodash-es/uniqBy.js' -import React from 'react' -import { getOauthConfig } from './constants/oauth.js' -import { getRemoteSessionUrl } from './constants/product.js' -import { getSystemContext, getUserContext } from './context.js' -import { init, initializeTelemetryAfterTrust } from './entrypoints/init.js' -import { addToHistory } from './history.js' -import type { Root } from './ink.js' -import { launchRepl } from './replLauncher.js' + Command as CommanderCommand, + InvalidArgumentError, + Option, +} from "@commander-js/extra-typings"; +import chalk from "chalk"; +import { readFileSync } from "fs"; +import mapValues from "lodash-es/mapValues.js"; +import pickBy from "lodash-es/pickBy.js"; +import uniqBy from "lodash-es/uniqBy.js"; +import React from "react"; +import { getOauthConfig } from "./constants/oauth.js"; +import { getRemoteSessionUrl } from "./constants/product.js"; +import { getSystemContext, getUserContext } from "./context.js"; +import { init, initializeTelemetryAfterTrust } from "./entrypoints/init.js"; +import { addToHistory } from "./history.js"; +import type { Root } from "./ink.js"; +import { launchRepl } from "./replLauncher.js"; import { - hasGrowthBookEnvOverride, - initializeGrowthBook, - refreshGrowthBookAfterAuthChange, -} from './services/analytics/growthbook.js' -import { fetchBootstrapData } from './services/api/bootstrap.js' + hasGrowthBookEnvOverride, + initializeGrowthBook, + refreshGrowthBookAfterAuthChange, +} from "./services/analytics/growthbook.js"; +import { fetchBootstrapData } from "./services/api/bootstrap.js"; import { - type DownloadResult, - downloadSessionFiles, - type FilesApiConfig, - parseFileSpecs, -} from './services/api/filesApi.js' -import { prefetchPassesEligibility } from './services/api/referral.js' -import { prefetchOfficialMcpUrls } from './services/mcp/officialRegistry.js' + type DownloadResult, + downloadSessionFiles, + type FilesApiConfig, + parseFileSpecs, +} from "./services/api/filesApi.js"; +import { prefetchPassesEligibility } from "./services/api/referral.js"; +import { prefetchOfficialMcpUrls } from "./services/mcp/officialRegistry.js"; import type { - McpSdkServerConfig, - McpServerConfig, - ScopedMcpServerConfig, -} from './services/mcp/types.js' + McpSdkServerConfig, + McpServerConfig, + ScopedMcpServerConfig, +} from "./services/mcp/types.js"; import { - isPolicyAllowed, - loadPolicyLimits, - refreshPolicyLimits, - waitForPolicyLimitsToLoad, -} from './services/policyLimits/index.js' + isPolicyAllowed, + loadPolicyLimits, + refreshPolicyLimits, + waitForPolicyLimitsToLoad, +} from "./services/policyLimits/index.js"; import { - loadRemoteManagedSettings, - refreshRemoteManagedSettings, -} from './services/remoteManagedSettings/index.js' -import type { ToolInputJSONSchema } from './Tool.js' + loadRemoteManagedSettings, + refreshRemoteManagedSettings, +} from "./services/remoteManagedSettings/index.js"; +import type { ToolInputJSONSchema } from "./Tool.js"; import { - createSyntheticOutputTool, - isSyntheticOutputToolEnabled, -} from './tools/SyntheticOutputTool/SyntheticOutputTool.js' -import { getTools } from './tools.js' + createSyntheticOutputTool, + isSyntheticOutputToolEnabled, +} from "./tools/SyntheticOutputTool/SyntheticOutputTool.js"; +import { getTools } from "./tools.js"; import { - canUserConfigureAdvisor, - getInitialAdvisorSetting, - isAdvisorEnabled, - isValidAdvisorModel, - modelSupportsAdvisor, -} from './utils/advisor.js' -import { isAgentSwarmsEnabled } from './utils/agentSwarmsEnabled.js' -import { count, uniq } from './utils/array.js' -import { installAsciicastRecorder } from './utils/asciicast.js' + canUserConfigureAdvisor, + getInitialAdvisorSetting, + isAdvisorEnabled, + isValidAdvisorModel, + modelSupportsAdvisor, +} from "./utils/advisor.js"; +import { isAgentSwarmsEnabled } from "./utils/agentSwarmsEnabled.js"; +import { count, uniq } from "./utils/array.js"; +import { installAsciicastRecorder } from "./utils/asciicast.js"; import { - getSubscriptionType, - isClaudeAISubscriber, - prefetchAwsCredentialsAndBedRockInfoIfSafe, - prefetchGcpCredentialsIfSafe, - validateForceLoginOrg, -} from './utils/auth.js' + getSubscriptionType, + isClaudeAISubscriber, + prefetchAwsCredentialsAndBedRockInfoIfSafe, + prefetchGcpCredentialsIfSafe, + validateForceLoginOrg, +} from "./utils/auth.js"; import { - checkHasTrustDialogAccepted, - getGlobalConfig, - getRemoteControlAtStartup, - isAutoUpdaterDisabled, - saveGlobalConfig, -} from './utils/config.js' -import { seedEarlyInput, stopCapturingEarlyInput } from './utils/earlyInput.js' -import { getInitialEffortSetting, parseEffortValue } from './utils/effort.js' + checkHasTrustDialogAccepted, + getGlobalConfig, + getRemoteControlAtStartup, + isAutoUpdaterDisabled, + saveGlobalConfig, +} from "./utils/config.js"; +import { seedEarlyInput, stopCapturingEarlyInput } from "./utils/earlyInput.js"; +import { getInitialEffortSetting, parseEffortValue } from "./utils/effort.js"; import { - getInitialFastModeSetting, - isFastModeEnabled, - prefetchFastModeStatus, - resolveFastModeStatusFromCache, -} from './utils/fastMode.js' -import { applyConfigEnvironmentVariables } from './utils/managedEnv.js' -import { createSystemMessage, createUserMessage } from './utils/messages.js' -import { getPlatform } from './utils/platform.js' -import { getBaseRenderOptions } from './utils/renderOptions.js' -import { getSessionIngressAuthToken } from './utils/sessionIngressAuth.js' -import { settingsChangeDetector } from './utils/settings/changeDetector.js' -import { skillChangeDetector } from './utils/skills/skillChangeDetector.js' -import { jsonParse, writeFileSync_DEPRECATED } from './utils/slowOperations.js' -import { computeInitialTeamContext } from './utils/swarm/reconnection.js' -import { initializeWarningHandler } from './utils/warningHandler.js' -import { isWorktreeModeEnabled } from './utils/worktreeModeEnabled.js' + getInitialFastModeSetting, + isFastModeEnabled, + prefetchFastModeStatus, + resolveFastModeStatusFromCache, +} from "./utils/fastMode.js"; +import { applyConfigEnvironmentVariables } from "./utils/managedEnv.js"; +import { createSystemMessage, createUserMessage } from "./utils/messages.js"; +import { getPlatform } from "./utils/platform.js"; +import { getBaseRenderOptions } from "./utils/renderOptions.js"; +import { getSessionIngressAuthToken } from "./utils/sessionIngressAuth.js"; +import { settingsChangeDetector } from "./utils/settings/changeDetector.js"; +import { skillChangeDetector } from "./utils/skills/skillChangeDetector.js"; +import { jsonParse, writeFileSync_DEPRECATED } from "./utils/slowOperations.js"; +import { computeInitialTeamContext } from "./utils/swarm/reconnection.js"; +import { initializeWarningHandler } from "./utils/warningHandler.js"; +import { isWorktreeModeEnabled } from "./utils/worktreeModeEnabled.js"; // Lazy require to avoid circular dependency: teammate.ts -> AppState.tsx -> ... -> main.tsx /* eslint-disable @typescript-eslint/no-require-imports */ const getTeammateUtils = () => - require('./utils/teammate.js') as typeof import('./utils/teammate.js') + require("./utils/teammate.js") as typeof import("./utils/teammate.js"); const getTeammatePromptAddendum = () => - require('./utils/swarm/teammatePromptAddendum.js') as typeof import('./utils/swarm/teammatePromptAddendum.js') + require("./utils/swarm/teammatePromptAddendum.js") as typeof import("./utils/swarm/teammatePromptAddendum.js"); const getTeammateModeSnapshot = () => - require('./utils/swarm/backends/teammateModeSnapshot.js') as typeof import('./utils/swarm/backends/teammateModeSnapshot.js') + require("./utils/swarm/backends/teammateModeSnapshot.js") as typeof import("./utils/swarm/backends/teammateModeSnapshot.js"); /* eslint-enable @typescript-eslint/no-require-imports */ // Dead code elimination: conditional import for COORDINATOR_MODE /* eslint-disable @typescript-eslint/no-require-imports */ -const coordinatorModeModule = feature('COORDINATOR_MODE') - ? (require('./coordinator/coordinatorMode.js') as typeof import('./coordinator/coordinatorMode.js')) - : null +const coordinatorModeModule = feature("COORDINATOR_MODE") + ? (require("./coordinator/coordinatorMode.js") as typeof import("./coordinator/coordinatorMode.js")) + : null; /* eslint-enable @typescript-eslint/no-require-imports */ // Dead code elimination: conditional import for KAIROS (assistant mode) /* eslint-disable @typescript-eslint/no-require-imports */ -const assistantModule = feature('KAIROS') - ? (require('./assistant/index.js') as typeof import('./assistant/index.js')) - : null -const kairosGate = feature('KAIROS') - ? (require('./assistant/gate.js') as typeof import('./assistant/gate.js')) - : null +const assistantModule = feature("KAIROS") + ? (require("./assistant/index.js") as typeof import("./assistant/index.js")) + : null; +const kairosGate = feature("KAIROS") + ? (require("./assistant/gate.js") as typeof import("./assistant/gate.js")) + : null; -import { relative, resolve } from 'path' -import { isAnalyticsDisabled } from 'src/services/analytics/config.js' -import { getFeatureValue_CACHED_MAY_BE_STALE } from 'src/services/analytics/growthbook.js' +import { relative, resolve } from "path"; +import { isAnalyticsDisabled } from "src/services/analytics/config.js"; +import { getFeatureValue_CACHED_MAY_BE_STALE } from "src/services/analytics/growthbook.js"; import { - type AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - logEvent, -} from 'src/services/analytics/index.js' -import { initializeAnalyticsGates } from 'src/services/analytics/sink.js' + type AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + logEvent, +} from "src/services/analytics/index.js"; +import { initializeAnalyticsGates } from "src/services/analytics/sink.js"; import { - getOriginalCwd, - setAdditionalDirectoriesForClaudeMd, - setIsRemoteMode, - setMainLoopModelOverride, - setMainThreadAgentType, - setTeleportedSessionInfo, -} from './bootstrap/state.js' -import { filterCommandsForRemoteMode, getCommands } from './commands.js' -import type { StatsStore } from './context/stats.js' + getOriginalCwd, + setAdditionalDirectoriesForClaudeMd, + setIsRemoteMode, + setMainLoopModelOverride, + setMainThreadAgentType, + setTeleportedSessionInfo, +} from "./bootstrap/state.js"; +import { filterCommandsForRemoteMode, getCommands } from "./commands.js"; +import type { StatsStore } from "./context/stats.js"; import { - launchAssistantInstallWizard, - launchAssistantSessionChooser, - launchInvalidSettingsDialog, - launchResumeChooser, - launchSnapshotUpdateDialog, - launchTeleportRepoMismatchDialog, - launchTeleportResumeWrapper, -} from './dialogLaunchers.js' -import { SHOW_CURSOR } from './ink/termio/dec.js' + launchAssistantInstallWizard, + launchAssistantSessionChooser, + launchInvalidSettingsDialog, + launchResumeChooser, + launchSnapshotUpdateDialog, + launchTeleportRepoMismatchDialog, + launchTeleportResumeWrapper, +} from "./dialogLaunchers.js"; +import { SHOW_CURSOR } from "./ink/termio/dec.js"; import { - exitWithError, - exitWithMessage, - getRenderContext, - renderAndRun, - showSetupScreens, -} from './interactiveHelpers.js' -import { initBuiltinPlugins } from './plugins/bundled/index.js' + exitWithError, + exitWithMessage, + getRenderContext, + renderAndRun, + showSetupScreens, +} from "./interactiveHelpers.js"; +import { initBuiltinPlugins } from "./plugins/bundled/index.js"; /* eslint-enable @typescript-eslint/no-require-imports */ -import { checkQuotaStatus } from './services/claudeAiLimits.js' +import { checkQuotaStatus } from "./services/claudeAiLimits.js"; import { - getMcpToolsCommandsAndResources, - prefetchAllMcpResources, -} from './services/mcp/client.js' + getMcpToolsCommandsAndResources, + prefetchAllMcpResources, +} from "./services/mcp/client.js"; import { - VALID_INSTALLABLE_SCOPES, - VALID_UPDATE_SCOPES, -} from './services/plugins/pluginCliCommands.js' -import { initBundledSkills } from './skills/bundled/index.js' -import type { AgentColorName } from './tools/AgentTool/agentColorManager.js' + VALID_INSTALLABLE_SCOPES, + VALID_UPDATE_SCOPES, +} from "./services/plugins/pluginCliCommands.js"; +import { initBundledSkills } from "./skills/bundled/index.js"; +import type { AgentColorName } from "./tools/AgentTool/agentColorManager.js"; import { - getActiveAgentsFromList, - getAgentDefinitionsWithOverrides, - isBuiltInAgent, - isCustomAgent, - parseAgentsFromJson, -} from './tools/AgentTool/loadAgentsDir.js' -import type { LogOption } from './types/logs.js' -import type { Message as MessageType } from './types/message.js' -import { assertMinVersion } from './utils/autoUpdater.js' + getActiveAgentsFromList, + getAgentDefinitionsWithOverrides, + isBuiltInAgent, + isCustomAgent, + parseAgentsFromJson, +} from "./tools/AgentTool/loadAgentsDir.js"; +import type { LogOption } from "./types/logs.js"; +import type { Message as MessageType } from "./types/message.js"; +import { assertMinVersion } from "./utils/autoUpdater.js"; import { - CLAUDE_IN_CHROME_SKILL_HINT, - CLAUDE_IN_CHROME_SKILL_HINT_WITH_WEBBROWSER, -} from './utils/claudeInChrome/prompt.js' + CLAUDE_IN_CHROME_SKILL_HINT, + CLAUDE_IN_CHROME_SKILL_HINT_WITH_WEBBROWSER, +} from "./utils/claudeInChrome/prompt.js"; import { - setupClaudeInChrome, - shouldAutoEnableClaudeInChrome, - shouldEnableClaudeInChrome, -} from './utils/claudeInChrome/setup.js' -import { getContextWindowForModel } from './utils/context.js' -import { loadConversationForResume } from './utils/conversationRecovery.js' -import { buildDeepLinkBanner } from './utils/deepLink/banner.js' + setupClaudeInChrome, + shouldAutoEnableClaudeInChrome, + shouldEnableClaudeInChrome, +} from "./utils/claudeInChrome/setup.js"; +import { getContextWindowForModel } from "./utils/context.js"; +import { loadConversationForResume } from "./utils/conversationRecovery.js"; +import { buildDeepLinkBanner } from "./utils/deepLink/banner.js"; import { - hasNodeOption, - isBareMode, - isEnvTruthy, - isInProtectedNamespace, -} from './utils/envUtils.js' -import { refreshExampleCommands } from './utils/exampleCommands.js' -import type { FpsMetrics } from './utils/fpsTracker.js' -import { getWorktreePaths } from './utils/getWorktreePaths.js' + hasNodeOption, + isBareMode, + isEnvTruthy, + isInProtectedNamespace, +} from "./utils/envUtils.js"; +import { refreshExampleCommands } from "./utils/exampleCommands.js"; +import type { FpsMetrics } from "./utils/fpsTracker.js"; +import { getWorktreePaths } from "./utils/getWorktreePaths.js"; import { - findGitRoot, - getBranch, - getIsGit, - getWorktreeCount, -} from './utils/git.js' -import { getGhAuthStatus } from './utils/github/ghAuthStatus.js' -import { safeParseJSON } from './utils/json.js' -import { logError } from './utils/log.js' -import { getModelDeprecationWarning } from './utils/model/deprecation.js' + findGitRoot, + getBranch, + getIsGit, + getWorktreeCount, +} from "./utils/git.js"; +import { getGhAuthStatus } from "./utils/github/ghAuthStatus.js"; +import { safeParseJSON } from "./utils/json.js"; +import { logError } from "./utils/log.js"; +import { getModelDeprecationWarning } from "./utils/model/deprecation.js"; import { - getDefaultMainLoopModel, - getUserSpecifiedModelSetting, - normalizeModelStringForAPI, - parseUserSpecifiedModel, -} from './utils/model/model.js' -import { ensureModelStringsInitialized } from './utils/model/modelStrings.js' -import { PERMISSION_MODES } from './utils/permissions/PermissionMode.js' + getDefaultMainLoopModel, + getUserSpecifiedModelSetting, + normalizeModelStringForAPI, + parseUserSpecifiedModel, +} from "./utils/model/model.js"; +import { ensureModelStringsInitialized } from "./utils/model/modelStrings.js"; +import { PERMISSION_MODES } from "./utils/permissions/PermissionMode.js"; import { - checkAndDisableBypassPermissions, - getAutoModeEnabledStateIfCached, - initializeToolPermissionContext, - initialPermissionModeFromCLI, - isDefaultPermissionModeAuto, - parseToolListFromCLI, - removeDangerousPermissions, - stripDangerousPermissionsForAutoMode, - verifyAutoModeGateAccess, -} from './utils/permissions/permissionSetup.js' -import { cleanupOrphanedPluginVersionsInBackground } from './utils/plugins/cacheUtils.js' -import { initializeVersionedPlugins } from './utils/plugins/installedPluginsManager.js' -import { getManagedPluginNames } from './utils/plugins/managedPlugins.js' -import { getGlobExclusionsForPluginCache } from './utils/plugins/orphanedPluginFilter.js' -import { getPluginSeedDirs } from './utils/plugins/pluginDirectories.js' -import { countFilesRoundedRg } from './utils/ripgrep.js' + checkAndDisableBypassPermissions, + getAutoModeEnabledStateIfCached, + initializeToolPermissionContext, + initialPermissionModeFromCLI, + isDefaultPermissionModeAuto, + parseToolListFromCLI, + removeDangerousPermissions, + stripDangerousPermissionsForAutoMode, + verifyAutoModeGateAccess, +} from "./utils/permissions/permissionSetup.js"; +import { cleanupOrphanedPluginVersionsInBackground } from "./utils/plugins/cacheUtils.js"; +import { initializeVersionedPlugins } from "./utils/plugins/installedPluginsManager.js"; +import { getManagedPluginNames } from "./utils/plugins/managedPlugins.js"; +import { getGlobExclusionsForPluginCache } from "./utils/plugins/orphanedPluginFilter.js"; +import { getPluginSeedDirs } from "./utils/plugins/pluginDirectories.js"; +import { countFilesRoundedRg } from "./utils/ripgrep.js"; import { - processSessionStartHooks, - processSetupHooks, -} from './utils/sessionStart.js' + processSessionStartHooks, + processSetupHooks, +} from "./utils/sessionStart.js"; import { - cacheSessionTitle, - getSessionIdFromLog, - loadTranscriptFromFile, - saveAgentSetting, - saveMode, - searchSessionsByCustomTitle, - sessionIdExists, -} from './utils/sessionStorage.js' -import { ensureMdmSettingsLoaded } from './utils/settings/mdm/settings.js' + cacheSessionTitle, + getSessionIdFromLog, + loadTranscriptFromFile, + saveAgentSetting, + saveMode, + searchSessionsByCustomTitle, + sessionIdExists, +} from "./utils/sessionStorage.js"; +import { ensureMdmSettingsLoaded } from "./utils/settings/mdm/settings.js"; import { - getInitialSettings, - getManagedSettingsKeysForLogging, - getSettingsForSource, - getSettingsWithErrors, -} from './utils/settings/settings.js' -import { resetSettingsCache } from './utils/settings/settingsCache.js' -import type { ValidationError } from './utils/settings/validation.js' + getInitialSettings, + getManagedSettingsKeysForLogging, + getSettingsForSource, + getSettingsWithErrors, +} from "./utils/settings/settings.js"; +import { resetSettingsCache } from "./utils/settings/settingsCache.js"; +import type { ValidationError } from "./utils/settings/validation.js"; import { - DEFAULT_TASKS_MODE_TASK_LIST_ID, - TASK_STATUSES, -} from './utils/tasks.js' + DEFAULT_TASKS_MODE_TASK_LIST_ID, + TASK_STATUSES, +} from "./utils/tasks.js"; import { - logPluginLoadErrors, - logPluginsEnabledForSession, -} from './utils/telemetry/pluginTelemetry.js' -import { logSkillsLoaded } from './utils/telemetry/skillLoadedEvent.js' -import { generateTempFilePath } from './utils/tempfile.js' -import { validateUuid } from './utils/uuid.js' + logPluginLoadErrors, + logPluginsEnabledForSession, +} from "./utils/telemetry/pluginTelemetry.js"; +import { logSkillsLoaded } from "./utils/telemetry/skillLoadedEvent.js"; +import { generateTempFilePath } from "./utils/tempfile.js"; +import { validateUuid } from "./utils/uuid.js"; // Plugin startup checks are now handled non-blockingly in REPL.tsx -import { registerMcpAddCommand } from 'src/commands/mcp/addCommand.js' -import { registerMcpXaaIdpCommand } from 'src/commands/mcp/xaaIdpCommand.js' -import { logPermissionContextForAnts } from 'src/services/internalLogging.js' -import { fetchClaudeAIMcpConfigsIfEligible } from 'src/services/mcp/claudeai.js' -import { clearServerCache } from 'src/services/mcp/client.js' +import { registerMcpAddCommand } from "src/commands/mcp/addCommand.js"; +import { registerMcpXaaIdpCommand } from "src/commands/mcp/xaaIdpCommand.js"; +import { logPermissionContextForAnts } from "src/services/internalLogging.js"; +import { fetchClaudeAIMcpConfigsIfEligible } from "src/services/mcp/claudeai.js"; +import { clearServerCache } from "src/services/mcp/client.js"; import { - areMcpConfigsAllowedWithEnterpriseMcpConfig, - dedupClaudeAiMcpServers, - doesEnterpriseMcpConfigExist, - filterMcpServersByPolicy, - getClaudeCodeMcpConfigs, - getMcpServerSignature, - parseMcpConfig, - parseMcpConfigFromFilePath, -} from 'src/services/mcp/config.js' + areMcpConfigsAllowedWithEnterpriseMcpConfig, + dedupClaudeAiMcpServers, + doesEnterpriseMcpConfigExist, + filterMcpServersByPolicy, + getClaudeCodeMcpConfigs, + getMcpServerSignature, + parseMcpConfig, + parseMcpConfigFromFilePath, +} from "src/services/mcp/config.js"; import { - excludeCommandsByServer, - excludeResourcesByServer, -} from 'src/services/mcp/utils.js' -import { isXaaEnabled } from 'src/services/mcp/xaaIdpLogin.js' -import { getRelevantTips } from 'src/services/tips/tipRegistry.js' -import { logContextMetrics } from 'src/utils/api.js' + excludeCommandsByServer, + excludeResourcesByServer, +} from "src/services/mcp/utils.js"; +import { isXaaEnabled } from "src/services/mcp/xaaIdpLogin.js"; +import { getRelevantTips } from "src/services/tips/tipRegistry.js"; +import { logContextMetrics } from "src/utils/api.js"; import { - CLAUDE_IN_CHROME_MCP_SERVER_NAME, - isClaudeInChromeMCPServer, -} from 'src/utils/claudeInChrome/common.js' -import { registerCleanup } from 'src/utils/cleanupRegistry.js' -import { eagerParseCliFlag } from 'src/utils/cliArgs.js' -import { createEmptyAttributionState } from 'src/utils/commitAttribution.js' + CLAUDE_IN_CHROME_MCP_SERVER_NAME, + isClaudeInChromeMCPServer, +} from "src/utils/claudeInChrome/common.js"; +import { registerCleanup } from "src/utils/cleanupRegistry.js"; +import { eagerParseCliFlag } from "src/utils/cliArgs.js"; +import { createEmptyAttributionState } from "src/utils/commitAttribution.js"; import { - countConcurrentSessions, - registerSession, - updateSessionName, -} from 'src/utils/concurrentSessions.js' -import { getCwd } from 'src/utils/cwd.js' -import { logForDebugging, setHasFormattedOutput } from 'src/utils/debug.js' + countConcurrentSessions, + registerSession, + updateSessionName, +} from "src/utils/concurrentSessions.js"; +import { getCwd } from "src/utils/cwd.js"; +import { logForDebugging, setHasFormattedOutput } from "src/utils/debug.js"; import { - errorMessage, - getErrnoCode, - isENOENT, - TeleportOperationError, - toError, -} from 'src/utils/errors.js' -import { getFsImplementation, safeResolvePath } from 'src/utils/fsOperations.js' + errorMessage, + getErrnoCode, + isENOENT, + TeleportOperationError, + toError, +} from "src/utils/errors.js"; import { - gracefulShutdown, - gracefulShutdownSync, -} from 'src/utils/gracefulShutdown.js' -import { setAllHookEventsEnabled } from 'src/utils/hooks/hookEvents.js' -import { refreshModelCapabilities } from 'src/utils/model/modelCapabilities.js' -import { peekForStdinData, writeToStderr } from 'src/utils/process.js' -import { setCwd } from 'src/utils/Shell.js' + getFsImplementation, + safeResolvePath, +} from "src/utils/fsOperations.js"; import { - type ProcessedResume, - processResumedConversation, -} from 'src/utils/sessionRestore.js' -import { parseSettingSourcesFlag } from 'src/utils/settings/constants.js' -import { plural } from 'src/utils/stringUtils.js' + gracefulShutdown, + gracefulShutdownSync, +} from "src/utils/gracefulShutdown.js"; +import { setAllHookEventsEnabled } from "src/utils/hooks/hookEvents.js"; +import { refreshModelCapabilities } from "src/utils/model/modelCapabilities.js"; +import { peekForStdinData, writeToStderr } from "src/utils/process.js"; +import { setCwd } from "src/utils/Shell.js"; import { - type ChannelEntry, - getInitialMainLoopModel, - getIsNonInteractiveSession, - getSdkBetas, - getSessionId, - getUserMsgOptIn, - setAllowedChannels, - setAllowedSettingSources, - setChromeFlagOverride, - setClientType, - setCwdState, - setDirectConnectServerUrl, - setFlagSettingsPath, - setInitialMainLoopModel, - setInlinePlugins, - setIsInteractive, - setKairosActive, - setOriginalCwd, - setQuestionPreviewFormat, - setSdkBetas, - setSessionBypassPermissionsMode, - setSessionPersistenceDisabled, - setSessionSource, - setUserMsgOptIn, - switchSession, -} from './bootstrap/state.js' + type ProcessedResume, + processResumedConversation, +} from "src/utils/sessionRestore.js"; +import { parseSettingSourcesFlag } from "src/utils/settings/constants.js"; +import { plural } from "src/utils/stringUtils.js"; +import { + type ChannelEntry, + getInitialMainLoopModel, + getIsNonInteractiveSession, + getSdkBetas, + getSessionId, + getUserMsgOptIn, + setAllowedChannels, + setAllowedSettingSources, + setChromeFlagOverride, + setClientType, + setCwdState, + setDirectConnectServerUrl, + setFlagSettingsPath, + setInitialMainLoopModel, + setInlinePlugins, + setIsInteractive, + setKairosActive, + setOriginalCwd, + setQuestionPreviewFormat, + setSdkBetas, + setSessionBypassPermissionsMode, + setSessionPersistenceDisabled, + setSessionSource, + setUserMsgOptIn, + switchSession, +} from "./bootstrap/state.js"; /* eslint-disable @typescript-eslint/no-require-imports */ -const autoModeStateModule = feature('TRANSCRIPT_CLASSIFIER') - ? (require('./utils/permissions/autoModeState.js') as typeof import('./utils/permissions/autoModeState.js')) - : null +const autoModeStateModule = feature("TRANSCRIPT_CLASSIFIER") + ? (require("./utils/permissions/autoModeState.js") as typeof import("./utils/permissions/autoModeState.js")) + : null; // TeleportRepoMismatchDialog, TeleportResumeWrapper dynamically imported at call sites -import { migrateAutoUpdatesToSettings } from './migrations/migrateAutoUpdatesToSettings.js' -import { migrateBypassPermissionsAcceptedToSettings } from './migrations/migrateBypassPermissionsAcceptedToSettings.js' -import { migrateEnableAllProjectMcpServersToSettings } from './migrations/migrateEnableAllProjectMcpServersToSettings.js' -import { migrateFennecToOpus } from './migrations/migrateFennecToOpus.js' -import { migrateLegacyOpusToCurrent } from './migrations/migrateLegacyOpusToCurrent.js' -import { migrateOpusToOpus1m } from './migrations/migrateOpusToOpus1m.js' -import { migrateReplBridgeEnabledToRemoteControlAtStartup } from './migrations/migrateReplBridgeEnabledToRemoteControlAtStartup.js' -import { migrateSonnet1mToSonnet45 } from './migrations/migrateSonnet1mToSonnet45.js' -import { migrateSonnet45ToSonnet46 } from './migrations/migrateSonnet45ToSonnet46.js' -import { resetAutoModeOptInForDefaultOffer } from './migrations/resetAutoModeOptInForDefaultOffer.js' -import { resetProToOpusDefault } from './migrations/resetProToOpusDefault.js' -import { createRemoteSessionConfig } from './remote/RemoteSessionManager.js' +import { migrateAutoUpdatesToSettings } from "./migrations/migrateAutoUpdatesToSettings.js"; +import { migrateBypassPermissionsAcceptedToSettings } from "./migrations/migrateBypassPermissionsAcceptedToSettings.js"; +import { migrateEnableAllProjectMcpServersToSettings } from "./migrations/migrateEnableAllProjectMcpServersToSettings.js"; +import { migrateFennecToOpus } from "./migrations/migrateFennecToOpus.js"; +import { migrateLegacyOpusToCurrent } from "./migrations/migrateLegacyOpusToCurrent.js"; +import { migrateOpusToOpus1m } from "./migrations/migrateOpusToOpus1m.js"; +import { migrateReplBridgeEnabledToRemoteControlAtStartup } from "./migrations/migrateReplBridgeEnabledToRemoteControlAtStartup.js"; +import { migrateSonnet1mToSonnet45 } from "./migrations/migrateSonnet1mToSonnet45.js"; +import { migrateSonnet45ToSonnet46 } from "./migrations/migrateSonnet45ToSonnet46.js"; +import { resetAutoModeOptInForDefaultOffer } from "./migrations/resetAutoModeOptInForDefaultOffer.js"; +import { resetProToOpusDefault } from "./migrations/resetProToOpusDefault.js"; +import { createRemoteSessionConfig } from "./remote/RemoteSessionManager.js"; /* eslint-enable @typescript-eslint/no-require-imports */ // teleportWithProgress dynamically imported at call site import { - createDirectConnectSession, - DirectConnectError, -} from './server/createDirectConnectSession.js' -import { initializeLspServerManager } from './services/lsp/manager.js' -import { shouldEnablePromptSuggestion } from './services/PromptSuggestion/promptSuggestion.js' + createDirectConnectSession, + DirectConnectError, +} from "./server/createDirectConnectSession.js"; +import { initializeLspServerManager } from "./services/lsp/manager.js"; +import { shouldEnablePromptSuggestion } from "./services/PromptSuggestion/promptSuggestion.js"; import { - type AppState, - getDefaultAppState, - IDLE_SPECULATION_STATE, -} from './state/AppStateStore.js' -import { onChangeAppState } from './state/onChangeAppState.js' -import { createStore } from './state/store.js' -import { asSessionId } from './types/ids.js' -import { filterAllowedSdkBetas } from './utils/betas.js' -import { isInBundledMode, isRunningWithBun } from './utils/bundledMode.js' -import { logForDiagnosticsNoPII } from './utils/diagLogs.js' + type AppState, + getDefaultAppState, + IDLE_SPECULATION_STATE, +} from "./state/AppStateStore.js"; +import { onChangeAppState } from "./state/onChangeAppState.js"; +import { createStore } from "./state/store.js"; +import { asSessionId } from "./types/ids.js"; +import { filterAllowedSdkBetas } from "./utils/betas.js"; +import { isInBundledMode, isRunningWithBun } from "./utils/bundledMode.js"; +import { logForDiagnosticsNoPII } from "./utils/diagLogs.js"; import { - filterExistingPaths, - getKnownPathsForRepo, -} from './utils/githubRepoPathMapping.js' + filterExistingPaths, + getKnownPathsForRepo, +} from "./utils/githubRepoPathMapping.js"; import { - clearPluginCache, - loadAllPluginsCacheOnly, -} from './utils/plugins/pluginLoader.js' -import { migrateChangelogFromConfig } from './utils/releaseNotes.js' -import { SandboxManager } from './utils/sandbox/sandbox-adapter.js' -import { fetchSession, prepareApiRequest } from './utils/teleport/api.js' + clearPluginCache, + loadAllPluginsCacheOnly, +} from "./utils/plugins/pluginLoader.js"; +import { migrateChangelogFromConfig } from "./utils/releaseNotes.js"; +import { SandboxManager } from "./utils/sandbox/sandbox-adapter.js"; +import { fetchSession, prepareApiRequest } from "./utils/teleport/api.js"; import { - checkOutTeleportedSessionBranch, - processMessagesForTeleportResume, - teleportToRemoteWithErrorHandling, - validateGitState, - validateSessionRepository, -} from './utils/teleport.js' + checkOutTeleportedSessionBranch, + processMessagesForTeleportResume, + teleportToRemoteWithErrorHandling, + validateGitState, + validateSessionRepository, +} from "./utils/teleport.js"; import { - shouldEnableThinkingByDefault, - type ThinkingConfig, -} from './utils/thinking.js' -import { initUser, resetUserCache } from './utils/user.js' + shouldEnableThinkingByDefault, + type ThinkingConfig, +} from "./utils/thinking.js"; +import { initUser, resetUserCache } from "./utils/user.js"; import { - getTmuxInstallInstructions, - isTmuxAvailable, - parsePRReference, -} from './utils/worktree.js' + getTmuxInstallInstructions, + isTmuxAvailable, + parsePRReference, +} from "./utils/worktree.js"; // eslint-disable-next-line custom-rules/no-top-level-side-effects -profileCheckpoint('main_tsx_imports_loaded') +profileCheckpoint("main_tsx_imports_loaded"); /** * Log managed settings keys to Statsig for analytics. @@ -456,64 +459,64 @@ profileCheckpoint('main_tsx_imports_loaded') * and environment variables are applied before model resolution. */ function logManagedSettings(): void { - try { - const policySettings = getSettingsForSource('policySettings') - if (policySettings) { - const allKeys = getManagedSettingsKeysForLogging(policySettings) - logEvent('tengu_managed_settings_loaded', { - keyCount: allKeys.length, - keys: allKeys.join( - ',', - ) as unknown as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - }) - } - } catch { - // Silently ignore errors - this is just for analytics - } + try { + const policySettings = getSettingsForSource("policySettings"); + if (policySettings) { + const allKeys = getManagedSettingsKeysForLogging(policySettings); + logEvent("tengu_managed_settings_loaded", { + keyCount: allKeys.length, + keys: allKeys.join( + ",", + ) as unknown as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + }); + } + } catch { + // Silently ignore errors - this is just for analytics + } } // Check if running in debug/inspection mode function isBeingDebugged() { - const isBun = isRunningWithBun() + const isBun = isRunningWithBun(); - // Check for inspect flags in process arguments (including all variants) - const hasInspectArg = process.execArgv.some(arg => { - if (isBun) { - // Note: Bun has an issue with single-file executables where application arguments - // from process.argv leak into process.execArgv (similar to https://github.com/oven-sh/bun/issues/11673) - // This breaks use of --debug mode if we omit this branch - // We're fine to skip that check, because Bun doesn't support Node.js legacy --debug or --debug-brk flags - return /--inspect(-brk)?/.test(arg) - } else { - // In Node.js, check for both --inspect and legacy --debug flags - return /--inspect(-brk)?|--debug(-brk)?/.test(arg) - } - }) + // Check for inspect flags in process arguments (including all variants) + const hasInspectArg = process.execArgv.some((arg) => { + if (isBun) { + // Note: Bun has an issue with single-file executables where application arguments + // from process.argv leak into process.execArgv (similar to https://github.com/oven-sh/bun/issues/11673) + // This breaks use of --debug mode if we omit this branch + // We're fine to skip that check, because Bun doesn't support Node.js legacy --debug or --debug-brk flags + return /--inspect(-brk)?/.test(arg); + } else { + // In Node.js, check for both --inspect and legacy --debug flags + return /--inspect(-brk)?|--debug(-brk)?/.test(arg); + } + }); - // Check if NODE_OPTIONS contains inspect flags - const hasInspectEnv = - process.env.NODE_OPTIONS && - /--inspect(-brk)?|--debug(-brk)?/.test(process.env.NODE_OPTIONS) + // Check if NODE_OPTIONS contains inspect flags + const hasInspectEnv = + process.env.NODE_OPTIONS && + /--inspect(-brk)?|--debug(-brk)?/.test(process.env.NODE_OPTIONS); - // Check if inspector is available and active (indicates debugging) - try { - // Dynamic import would be better but is async - use global object instead - // eslint-disable-next-line @typescript-eslint/no-explicit-any - const inspector = (global as any).require('inspector') - const hasInspectorUrl = !!inspector.url() - return hasInspectorUrl || hasInspectArg || hasInspectEnv - } catch { - // Ignore error and fall back to argument detection - return hasInspectArg || hasInspectEnv - } + // Check if inspector is available and active (indicates debugging) + try { + // Dynamic import would be better but is async - use global object instead + // eslint-disable-next-line @typescript-eslint/no-explicit-any + const inspector = (global as any).require("inspector"); + const hasInspectorUrl = !!inspector.url(); + return hasInspectorUrl || hasInspectArg || hasInspectEnv; + } catch { + // Ignore error and fall back to argument detection + return hasInspectArg || hasInspectEnv; + } } // Exit if we detect node debugging or inspection -if ("external" !== 'ant' && isBeingDebugged()) { - // Use process.exit directly here since we're in the top-level code before imports - // and gracefulShutdown is not yet available - // eslint-disable-next-line custom-rules/no-top-level-side-effects - process.exit(1) +if ("external" !== "ant" && isBeingDebugged()) { + // Use process.exit directly here since we're in the top-level code before imports + // and gracefulShutdown is not yet available + // eslint-disable-next-line custom-rules/no-top-level-side-effects + process.exit(1); } /** @@ -523,90 +526,98 @@ if ("external" !== 'ant' && isBeingDebugged()) { * call sites here rather than one here + one in QueryEngine. */ function logSessionTelemetry(): void { - const model = parseUserSpecifiedModel( - getInitialMainLoopModel() ?? getDefaultMainLoopModel(), - ) - void logSkillsLoaded(getCwd(), getContextWindowForModel(model, getSdkBetas())) - void loadAllPluginsCacheOnly() - .then(({ enabled, errors }) => { - const managedNames = getManagedPluginNames() - logPluginsEnabledForSession(enabled, managedNames, getPluginSeedDirs()) - logPluginLoadErrors(errors, managedNames) - }) - .catch(err => logError(err)) + const model = parseUserSpecifiedModel( + getInitialMainLoopModel() ?? getDefaultMainLoopModel(), + ); + void logSkillsLoaded( + getCwd(), + getContextWindowForModel(model, getSdkBetas()), + ); + void loadAllPluginsCacheOnly() + .then(({ enabled, errors }) => { + const managedNames = getManagedPluginNames(); + logPluginsEnabledForSession( + enabled, + managedNames, + getPluginSeedDirs(), + ); + logPluginLoadErrors(errors, managedNames); + }) + .catch((err) => logError(err)); } function getCertEnvVarTelemetry(): Record { - const result: Record = {} - if (process.env.NODE_EXTRA_CA_CERTS) { - result.has_node_extra_ca_certs = true - } - if (process.env.CLAUDE_CODE_CLIENT_CERT) { - result.has_client_cert = true - } - if (hasNodeOption('--use-system-ca')) { - result.has_use_system_ca = true - } - if (hasNodeOption('--use-openssl-ca')) { - result.has_use_openssl_ca = true - } - return result + const result: Record = {}; + if (process.env.NODE_EXTRA_CA_CERTS) { + result.has_node_extra_ca_certs = true; + } + if (process.env.CLAUDE_CODE_CLIENT_CERT) { + result.has_client_cert = true; + } + if (hasNodeOption("--use-system-ca")) { + result.has_use_system_ca = true; + } + if (hasNodeOption("--use-openssl-ca")) { + result.has_use_openssl_ca = true; + } + return result; } async function logStartupTelemetry(): Promise { - if (isAnalyticsDisabled()) return - const [isGit, worktreeCount, ghAuthStatus] = await Promise.all([ - getIsGit(), - getWorktreeCount(), - getGhAuthStatus(), - ]) + if (isAnalyticsDisabled()) return; + const [isGit, worktreeCount, ghAuthStatus] = await Promise.all([ + getIsGit(), + getWorktreeCount(), + getGhAuthStatus(), + ]); - logEvent('tengu_startup_telemetry', { - is_git: isGit, - worktree_count: worktreeCount, - gh_auth_status: - ghAuthStatus as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - sandbox_enabled: SandboxManager.isSandboxingEnabled(), - are_unsandboxed_commands_allowed: - SandboxManager.areUnsandboxedCommandsAllowed(), - is_auto_bash_allowed_if_sandbox_enabled: - SandboxManager.isAutoAllowBashIfSandboxedEnabled(), - auto_updater_disabled: isAutoUpdaterDisabled(), - prefers_reduced_motion: getInitialSettings().prefersReducedMotion ?? false, - ...getCertEnvVarTelemetry(), - }) + logEvent("tengu_startup_telemetry", { + is_git: isGit, + worktree_count: worktreeCount, + gh_auth_status: + ghAuthStatus as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + sandbox_enabled: SandboxManager.isSandboxingEnabled(), + are_unsandboxed_commands_allowed: + SandboxManager.areUnsandboxedCommandsAllowed(), + is_auto_bash_allowed_if_sandbox_enabled: + SandboxManager.isAutoAllowBashIfSandboxedEnabled(), + auto_updater_disabled: isAutoUpdaterDisabled(), + prefers_reduced_motion: + getInitialSettings().prefersReducedMotion ?? false, + ...getCertEnvVarTelemetry(), + }); } // @[MODEL LAUNCH]: Consider any migrations you may need for model strings. See migrateSonnet1mToSonnet45.ts for an example. // Bump this when adding a new sync migration so existing users re-run the set. -const CURRENT_MIGRATION_VERSION = 11 +const CURRENT_MIGRATION_VERSION = 11; function runMigrations(): void { - if (getGlobalConfig().migrationVersion !== CURRENT_MIGRATION_VERSION) { - migrateAutoUpdatesToSettings() - migrateBypassPermissionsAcceptedToSettings() - migrateEnableAllProjectMcpServersToSettings() - resetProToOpusDefault() - migrateSonnet1mToSonnet45() - migrateLegacyOpusToCurrent() - migrateSonnet45ToSonnet46() - migrateOpusToOpus1m() - migrateReplBridgeEnabledToRemoteControlAtStartup() - if (feature('TRANSCRIPT_CLASSIFIER')) { - resetAutoModeOptInForDefaultOffer() - } - if (process.env.USER_TYPE === 'ant') { - migrateFennecToOpus() - } - saveGlobalConfig(prev => - prev.migrationVersion === CURRENT_MIGRATION_VERSION - ? prev - : { ...prev, migrationVersion: CURRENT_MIGRATION_VERSION }, - ) - } - // Async migration - fire and forget since it's non-blocking - migrateChangelogFromConfig().catch(() => { - // Silently ignore migration errors - will retry on next startup - }) + if (getGlobalConfig().migrationVersion !== CURRENT_MIGRATION_VERSION) { + migrateAutoUpdatesToSettings(); + migrateBypassPermissionsAcceptedToSettings(); + migrateEnableAllProjectMcpServersToSettings(); + resetProToOpusDefault(); + migrateSonnet1mToSonnet45(); + migrateLegacyOpusToCurrent(); + migrateSonnet45ToSonnet46(); + migrateOpusToOpus1m(); + migrateReplBridgeEnabledToRemoteControlAtStartup(); + if (feature("TRANSCRIPT_CLASSIFIER")) { + resetAutoModeOptInForDefaultOffer(); + } + if (process.env.USER_TYPE === "ant") { + migrateFennecToOpus(); + } + saveGlobalConfig((prev) => + prev.migrationVersion === CURRENT_MIGRATION_VERSION + ? prev + : { ...prev, migrationVersion: CURRENT_MIGRATION_VERSION }, + ); + } + // Async migration - fire and forget since it's non-blocking + migrateChangelogFromConfig().catch(() => { + // Silently ignore migration errors - will retry on next startup + }); } /** @@ -616,25 +627,31 @@ function runMigrations(): void { * non-interactive mode where trust is implicit. */ function prefetchSystemContextIfSafe(): void { - const isNonInteractiveSession = getIsNonInteractiveSession() + const isNonInteractiveSession = getIsNonInteractiveSession(); - // In non-interactive mode (--print), trust dialog is skipped and - // execution is considered trusted (as documented in help text) - if (isNonInteractiveSession) { - logForDiagnosticsNoPII('info', 'prefetch_system_context_non_interactive') - void getSystemContext() - return - } + // In non-interactive mode (--print), trust dialog is skipped and + // execution is considered trusted (as documented in help text) + if (isNonInteractiveSession) { + logForDiagnosticsNoPII( + "info", + "prefetch_system_context_non_interactive", + ); + void getSystemContext(); + return; + } - // In interactive mode, only prefetch if trust has already been established - const hasTrust = checkHasTrustDialogAccepted() - if (hasTrust) { - logForDiagnosticsNoPII('info', 'prefetch_system_context_has_trust') - void getSystemContext() - } else { - logForDiagnosticsNoPII('info', 'prefetch_system_context_skipped_no_trust') - } - // Otherwise, don't prefetch - wait for trust to be established first + // In interactive mode, only prefetch if trust has already been established + const hasTrust = checkHasTrustDialogAccepted(); + if (hasTrust) { + logForDiagnosticsNoPII("info", "prefetch_system_context_has_trust"); + void getSystemContext(); + } else { + logForDiagnosticsNoPII( + "info", + "prefetch_system_context_skipped_no_trust", + ); + } + // Otherwise, don't prefetch - wait for trust to be established first } /** @@ -644,141 +661,143 @@ function prefetchSystemContextIfSafe(): void { * Call this after the REPL has been rendered. */ export function startDeferredPrefetches(): void { - // This function runs after first render, so it doesn't block the initial paint. - // However, the spawned processes and async work still contend for CPU and event - // loop time, which skews startup benchmarks (CPU profiles, time-to-first-render - // measurements). Skip all of it when we're only measuring startup performance. - if ( - isEnvTruthy(process.env.CLAUDE_CODE_EXIT_AFTER_FIRST_RENDER) || - // --bare: skip ALL prefetches. These are cache-warms for the REPL's - // first-turn responsiveness (initUser, getUserContext, tips, countFiles, - // modelCapabilities, change detectors). Scripted -p calls don't have a - // "user is typing" window to hide this work in — it's pure overhead on - // the critical path. - isBareMode() - ) { - return - } + // This function runs after first render, so it doesn't block the initial paint. + // However, the spawned processes and async work still contend for CPU and event + // loop time, which skews startup benchmarks (CPU profiles, time-to-first-render + // measurements). Skip all of it when we're only measuring startup performance. + if ( + isEnvTruthy(process.env.CLAUDE_CODE_EXIT_AFTER_FIRST_RENDER) || + // --bare: skip ALL prefetches. These are cache-warms for the REPL's + // first-turn responsiveness (initUser, getUserContext, tips, countFiles, + // modelCapabilities, change detectors). Scripted -p calls don't have a + // "user is typing" window to hide this work in — it's pure overhead on + // the critical path. + isBareMode() + ) { + return; + } - // Process-spawning prefetches (consumed at first API call, user is still typing) - void initUser() - void getUserContext() - prefetchSystemContextIfSafe() - void getRelevantTips() - if ( - isEnvTruthy(process.env.CLAUDE_CODE_USE_BEDROCK) && - !isEnvTruthy(process.env.CLAUDE_CODE_SKIP_BEDROCK_AUTH) - ) { - void prefetchAwsCredentialsAndBedRockInfoIfSafe() - } - if ( - isEnvTruthy(process.env.CLAUDE_CODE_USE_VERTEX) && - !isEnvTruthy(process.env.CLAUDE_CODE_SKIP_VERTEX_AUTH) - ) { - void prefetchGcpCredentialsIfSafe() - } - void countFilesRoundedRg(getCwd(), AbortSignal.timeout(3000), []) + // Process-spawning prefetches (consumed at first API call, user is still typing) + void initUser(); + void getUserContext(); + prefetchSystemContextIfSafe(); + void getRelevantTips(); + if ( + isEnvTruthy(process.env.CLAUDE_CODE_USE_BEDROCK) && + !isEnvTruthy(process.env.CLAUDE_CODE_SKIP_BEDROCK_AUTH) + ) { + void prefetchAwsCredentialsAndBedRockInfoIfSafe(); + } + if ( + isEnvTruthy(process.env.CLAUDE_CODE_USE_VERTEX) && + !isEnvTruthy(process.env.CLAUDE_CODE_SKIP_VERTEX_AUTH) + ) { + void prefetchGcpCredentialsIfSafe(); + } + void countFilesRoundedRg(getCwd(), AbortSignal.timeout(3000), []); - // Analytics and feature flag initialization - void initializeAnalyticsGates() - void prefetchOfficialMcpUrls() + // Analytics and feature flag initialization + void initializeAnalyticsGates(); + void prefetchOfficialMcpUrls(); - void refreshModelCapabilities() + void refreshModelCapabilities(); - // File change detectors deferred from init() to unblock first render - void settingsChangeDetector.initialize() - if (!isBareMode()) { - void skillChangeDetector.initialize() - } + // File change detectors deferred from init() to unblock first render + void settingsChangeDetector.initialize(); + if (!isBareMode()) { + void skillChangeDetector.initialize(); + } - // Event loop stall detector — logs when the main thread is blocked >500ms - if (process.env.USER_TYPE === 'ant') { - void import('./utils/eventLoopStallDetector.js').then(m => - m.startEventLoopStallDetector(), - ) - } + // Event loop stall detector — logs when the main thread is blocked >500ms + if (process.env.USER_TYPE === "ant") { + void import("./utils/eventLoopStallDetector.js").then((m) => + m.startEventLoopStallDetector(), + ); + } } function loadSettingsFromFlag(settingsFile: string): void { - try { - const trimmedSettings = settingsFile.trim() - const looksLikeJson = - trimmedSettings.startsWith('{') && trimmedSettings.endsWith('}') + try { + const trimmedSettings = settingsFile.trim(); + const looksLikeJson = + trimmedSettings.startsWith("{") && trimmedSettings.endsWith("}"); - let settingsPath: string + let settingsPath: string; - if (looksLikeJson) { - // It's a JSON string - validate and create temp file - const parsedJson = safeParseJSON(trimmedSettings) - if (!parsedJson) { - process.stderr.write( - chalk.red('Error: Invalid JSON provided to --settings\n'), - ) - process.exit(1) - } + if (looksLikeJson) { + // It's a JSON string - validate and create temp file + const parsedJson = safeParseJSON(trimmedSettings); + if (!parsedJson) { + process.stderr.write( + chalk.red("Error: Invalid JSON provided to --settings\n"), + ); + process.exit(1); + } - // Create a temporary file and write the JSON to it. - // Use a content-hash-based path instead of random UUID to avoid - // busting the Anthropic API prompt cache. The settings path ends up - // in the Bash tool's sandbox denyWithinAllow list, which is part of - // the tool description sent to the API. A random UUID per subprocess - // changes the tool description on every query() call, invalidating - // the cache prefix and causing a 12x input token cost penalty. - // The content hash ensures identical settings produce the same path - // across process boundaries (each SDK query() spawns a new process). - settingsPath = generateTempFilePath('claude-settings', '.json', { - contentHash: trimmedSettings, - }) - writeFileSync_DEPRECATED(settingsPath, trimmedSettings, 'utf8') - } else { - // It's a file path - resolve and validate by attempting to read - const { resolvedPath: resolvedSettingsPath } = safeResolvePath( - getFsImplementation(), - settingsFile, - ) - try { - readFileSync(resolvedSettingsPath, 'utf8') - } catch (e) { - if (isENOENT(e)) { - process.stderr.write( - chalk.red( - `Error: Settings file not found: ${resolvedSettingsPath}\n`, - ), - ) - process.exit(1) - } - throw e - } - settingsPath = resolvedSettingsPath - } + // Create a temporary file and write the JSON to it. + // Use a content-hash-based path instead of random UUID to avoid + // busting the Anthropic API prompt cache. The settings path ends up + // in the Bash tool's sandbox denyWithinAllow list, which is part of + // the tool description sent to the API. A random UUID per subprocess + // changes the tool description on every query() call, invalidating + // the cache prefix and causing a 12x input token cost penalty. + // The content hash ensures identical settings produce the same path + // across process boundaries (each SDK query() spawns a new process). + settingsPath = generateTempFilePath("claude-settings", ".json", { + contentHash: trimmedSettings, + }); + writeFileSync_DEPRECATED(settingsPath, trimmedSettings, "utf8"); + } else { + // It's a file path - resolve and validate by attempting to read + const { resolvedPath: resolvedSettingsPath } = safeResolvePath( + getFsImplementation(), + settingsFile, + ); + try { + readFileSync(resolvedSettingsPath, "utf8"); + } catch (e) { + if (isENOENT(e)) { + process.stderr.write( + chalk.red( + `Error: Settings file not found: ${resolvedSettingsPath}\n`, + ), + ); + process.exit(1); + } + throw e; + } + settingsPath = resolvedSettingsPath; + } - setFlagSettingsPath(settingsPath) - resetSettingsCache() - } catch (error) { - if (error instanceof Error) { - logError(error) - } - process.stderr.write( - chalk.red(`Error processing settings: ${errorMessage(error)}\n`), - ) - process.exit(1) - } + setFlagSettingsPath(settingsPath); + resetSettingsCache(); + } catch (error) { + if (error instanceof Error) { + logError(error); + } + process.stderr.write( + chalk.red(`Error processing settings: ${errorMessage(error)}\n`), + ); + process.exit(1); + } } function loadSettingSourcesFromFlag(settingSourcesArg: string): void { - try { - const sources = parseSettingSourcesFlag(settingSourcesArg) - setAllowedSettingSources(sources) - resetSettingsCache() - } catch (error) { - if (error instanceof Error) { - logError(error) - } - process.stderr.write( - chalk.red(`Error processing --setting-sources: ${errorMessage(error)}\n`), - ) - process.exit(1) - } + try { + const sources = parseSettingSourcesFlag(settingSourcesArg); + setAllowedSettingSources(sources); + resetSettingsCache(); + } catch (error) { + if (error instanceof Error) { + logError(error); + } + process.stderr.write( + chalk.red( + `Error processing --setting-sources: ${errorMessage(error)}\n`, + ), + ); + process.exit(1); + } } /** @@ -786,5818 +805,6190 @@ function loadSettingSourcesFromFlag(settingSourcesArg: string): void { * This ensures settings are filtered from the start of initialization */ function eagerLoadSettings(): void { - profileCheckpoint('eagerLoadSettings_start') - // Parse --settings flag early to ensure settings are loaded before init() - const settingsFile = eagerParseCliFlag('--settings') - if (settingsFile) { - loadSettingsFromFlag(settingsFile) - } + profileCheckpoint("eagerLoadSettings_start"); + // Parse --settings flag early to ensure settings are loaded before init() + const settingsFile = eagerParseCliFlag("--settings"); + if (settingsFile) { + loadSettingsFromFlag(settingsFile); + } - // Parse --setting-sources flag early to control which sources are loaded - const settingSourcesArg = eagerParseCliFlag('--setting-sources') - if (settingSourcesArg !== undefined) { - loadSettingSourcesFromFlag(settingSourcesArg) - } - profileCheckpoint('eagerLoadSettings_end') + // Parse --setting-sources flag early to control which sources are loaded + const settingSourcesArg = eagerParseCliFlag("--setting-sources"); + if (settingSourcesArg !== undefined) { + loadSettingSourcesFromFlag(settingSourcesArg); + } + profileCheckpoint("eagerLoadSettings_end"); } function initializeEntrypoint(isNonInteractive: boolean): void { - // Skip if already set (e.g., by SDK or other entrypoints) - if (process.env.CLAUDE_CODE_ENTRYPOINT) { - return - } + // Skip if already set (e.g., by SDK or other entrypoints) + if (process.env.CLAUDE_CODE_ENTRYPOINT) { + return; + } - const cliArgs = process.argv.slice(2) + const cliArgs = process.argv.slice(2); - // Check for MCP serve command (handle flags before mcp serve, e.g., --debug mcp serve) - const mcpIndex = cliArgs.indexOf('mcp') - if (mcpIndex !== -1 && cliArgs[mcpIndex + 1] === 'serve') { - process.env.CLAUDE_CODE_ENTRYPOINT = 'mcp' - return - } + // Check for MCP serve command (handle flags before mcp serve, e.g., --debug mcp serve) + const mcpIndex = cliArgs.indexOf("mcp"); + if (mcpIndex !== -1 && cliArgs[mcpIndex + 1] === "serve") { + process.env.CLAUDE_CODE_ENTRYPOINT = "mcp"; + return; + } - if (isEnvTruthy(process.env.CLAUDE_CODE_ACTION)) { - process.env.CLAUDE_CODE_ENTRYPOINT = 'claude-code-github-action' - return - } + if (isEnvTruthy(process.env.CLAUDE_CODE_ACTION)) { + process.env.CLAUDE_CODE_ENTRYPOINT = "claude-code-github-action"; + return; + } - // Note: 'local-agent' entrypoint is set by the local agent mode launcher - // via CLAUDE_CODE_ENTRYPOINT env var (handled by early return above) + // Note: 'local-agent' entrypoint is set by the local agent mode launcher + // via CLAUDE_CODE_ENTRYPOINT env var (handled by early return above) - // Set based on interactive status - process.env.CLAUDE_CODE_ENTRYPOINT = isNonInteractive ? 'sdk-cli' : 'cli' + // Set based on interactive status + process.env.CLAUDE_CODE_ENTRYPOINT = isNonInteractive ? "sdk-cli" : "cli"; } // Set by early argv processing when `claude open ` is detected (interactive mode only) type PendingConnect = { - url: string | undefined - authToken: string | undefined - dangerouslySkipPermissions: boolean -} -const _pendingConnect: PendingConnect | undefined = feature('DIRECT_CONNECT') - ? { url: undefined, authToken: undefined, dangerouslySkipPermissions: false } - : undefined + url: string | undefined; + authToken: string | undefined; + dangerouslySkipPermissions: boolean; +}; +const _pendingConnect: PendingConnect | undefined = feature("DIRECT_CONNECT") + ? { + url: undefined, + authToken: undefined, + dangerouslySkipPermissions: false, + } + : undefined; // Set by early argv processing when `claude assistant [sessionId]` is detected -type PendingAssistantChat = { sessionId?: string; discover: boolean } +type PendingAssistantChat = { sessionId?: string; discover: boolean }; const _pendingAssistantChat: PendingAssistantChat | undefined = feature( - 'KAIROS', + "KAIROS", ) - ? { sessionId: undefined, discover: false } - : undefined + ? { sessionId: undefined, discover: false } + : undefined; // `claude ssh [dir]` — parsed from argv early (same pattern as // DIRECT_CONNECT above) so the main command path can pick it up and hand // the REPL an SSH-backed session instead of a local one. type PendingSSH = { - host: string | undefined - cwd: string | undefined - permissionMode: string | undefined - dangerouslySkipPermissions: boolean - /** --local: spawn the child CLI directly, skip ssh/probe/deploy. e2e test mode. */ - local: boolean - /** Extra CLI args to forward to the remote CLI on initial spawn (--resume, -c). */ - extraCliArgs: string[] -} -const _pendingSSH: PendingSSH | undefined = feature('SSH_REMOTE') - ? { - host: undefined, - cwd: undefined, - permissionMode: undefined, - dangerouslySkipPermissions: false, - local: false, - extraCliArgs: [], - } - : undefined + host: string | undefined; + cwd: string | undefined; + permissionMode: string | undefined; + dangerouslySkipPermissions: boolean; + /** --local: spawn the child CLI directly, skip ssh/probe/deploy. e2e test mode. */ + local: boolean; + /** Extra CLI args to forward to the remote CLI on initial spawn (--resume, -c). */ + extraCliArgs: string[]; +}; +const _pendingSSH: PendingSSH | undefined = feature("SSH_REMOTE") + ? { + host: undefined, + cwd: undefined, + permissionMode: undefined, + dangerouslySkipPermissions: false, + local: false, + extraCliArgs: [], + } + : undefined; export async function main() { - profileCheckpoint('main_function_start') + profileCheckpoint("main_function_start"); - // SECURITY: Prevent Windows from executing commands from current directory - // This must be set before ANY command execution to prevent PATH hijacking attacks - // See: https://docs.microsoft.com/en-us/windows/win32/api/processenv/nf-processenv-searchpathw - process.env.NoDefaultCurrentDirectoryInExePath = '1' + // SECURITY: Prevent Windows from executing commands from current directory + // This must be set before ANY command execution to prevent PATH hijacking attacks + // See: https://docs.microsoft.com/en-us/windows/win32/api/processenv/nf-processenv-searchpathw + process.env.NoDefaultCurrentDirectoryInExePath = "1"; - // Initialize warning handler early to catch warnings - initializeWarningHandler() + // Initialize warning handler early to catch warnings + initializeWarningHandler(); - process.on('exit', () => { - resetCursor() - }) - process.on('SIGINT', () => { - // In print mode, print.ts registers its own SIGINT handler that aborts - // the in-flight query and calls gracefulShutdown; skip here to avoid - // preempting it with a synchronous process.exit(). - if (process.argv.includes('-p') || process.argv.includes('--print')) { - return - } - process.exit(0) - }) - profileCheckpoint('main_warning_handler_initialized') + process.on("exit", () => { + resetCursor(); + }); + process.on("SIGINT", () => { + // In print mode, print.ts registers its own SIGINT handler that aborts + // the in-flight query and calls gracefulShutdown; skip here to avoid + // preempting it with a synchronous process.exit(). + if (process.argv.includes("-p") || process.argv.includes("--print")) { + return; + } + process.exit(0); + }); + profileCheckpoint("main_warning_handler_initialized"); - // Check for cc:// or cc+unix:// URL in argv — rewrite so the main command - // handles it, giving the full interactive TUI instead of a stripped-down subcommand. - // For headless (-p), we rewrite to the internal `open` subcommand. - if (feature('DIRECT_CONNECT')) { - const rawCliArgs = process.argv.slice(2) - const ccIdx = rawCliArgs.findIndex( - a => a.startsWith('cc://') || a.startsWith('cc+unix://'), - ) - if (ccIdx !== -1 && _pendingConnect) { - const ccUrl = rawCliArgs[ccIdx]! - const { parseConnectUrl } = await import('./server/parseConnectUrl.js') - const parsed = parseConnectUrl(ccUrl) - _pendingConnect.dangerouslySkipPermissions = rawCliArgs.includes( - '--dangerously-skip-permissions', - ) + // Check for cc:// or cc+unix:// URL in argv — rewrite so the main command + // handles it, giving the full interactive TUI instead of a stripped-down subcommand. + // For headless (-p), we rewrite to the internal `open` subcommand. + if (feature("DIRECT_CONNECT")) { + const rawCliArgs = process.argv.slice(2); + const ccIdx = rawCliArgs.findIndex( + (a) => a.startsWith("cc://") || a.startsWith("cc+unix://"), + ); + if (ccIdx !== -1 && _pendingConnect) { + const ccUrl = rawCliArgs[ccIdx]!; + const { parseConnectUrl } = + await import("./server/parseConnectUrl.js"); + const parsed = parseConnectUrl(ccUrl); + _pendingConnect.dangerouslySkipPermissions = rawCliArgs.includes( + "--dangerously-skip-permissions", + ); - if (rawCliArgs.includes('-p') || rawCliArgs.includes('--print')) { - // Headless: rewrite to internal `open` subcommand - const stripped = rawCliArgs.filter((_, i) => i !== ccIdx) - const dspIdx = stripped.indexOf('--dangerously-skip-permissions') - if (dspIdx !== -1) { - stripped.splice(dspIdx, 1) - } - process.argv = [ - process.argv[0]!, - process.argv[1]!, - 'open', - ccUrl, - ...stripped, - ] - } else { - // Interactive: strip cc:// URL and flags, run main command - _pendingConnect.url = parsed.serverUrl - _pendingConnect.authToken = parsed.authToken - const stripped = rawCliArgs.filter((_, i) => i !== ccIdx) - const dspIdx = stripped.indexOf('--dangerously-skip-permissions') - if (dspIdx !== -1) { - stripped.splice(dspIdx, 1) - } - process.argv = [process.argv[0]!, process.argv[1]!, ...stripped] - } - } - } + if (rawCliArgs.includes("-p") || rawCliArgs.includes("--print")) { + // Headless: rewrite to internal `open` subcommand + const stripped = rawCliArgs.filter((_, i) => i !== ccIdx); + const dspIdx = stripped.indexOf( + "--dangerously-skip-permissions", + ); + if (dspIdx !== -1) { + stripped.splice(dspIdx, 1); + } + process.argv = [ + process.argv[0]!, + process.argv[1]!, + "open", + ccUrl, + ...stripped, + ]; + } else { + // Interactive: strip cc:// URL and flags, run main command + _pendingConnect.url = parsed.serverUrl; + _pendingConnect.authToken = parsed.authToken; + const stripped = rawCliArgs.filter((_, i) => i !== ccIdx); + const dspIdx = stripped.indexOf( + "--dangerously-skip-permissions", + ); + if (dspIdx !== -1) { + stripped.splice(dspIdx, 1); + } + process.argv = [ + process.argv[0]!, + process.argv[1]!, + ...stripped, + ]; + } + } + } - // Handle deep link URIs early — this is invoked by the OS protocol handler - // and should bail out before full init since it only needs to parse the URI - // and open a terminal. - if (feature('LODESTONE')) { - const handleUriIdx = process.argv.indexOf('--handle-uri') - if (handleUriIdx !== -1 && process.argv[handleUriIdx + 1]) { - const { enableConfigs } = await import('./utils/config.js') - enableConfigs() - const uri = process.argv[handleUriIdx + 1]! - const { handleDeepLinkUri } = await import( - './utils/deepLink/protocolHandler.js' - ) - const exitCode = await handleDeepLinkUri(uri) - process.exit(exitCode) - } + // Handle deep link URIs early — this is invoked by the OS protocol handler + // and should bail out before full init since it only needs to parse the URI + // and open a terminal. + if (feature("LODESTONE")) { + const handleUriIdx = process.argv.indexOf("--handle-uri"); + if (handleUriIdx !== -1 && process.argv[handleUriIdx + 1]) { + const { enableConfigs } = await import("./utils/config.js"); + enableConfigs(); + const uri = process.argv[handleUriIdx + 1]!; + const { handleDeepLinkUri } = + await import("./utils/deepLink/protocolHandler.js"); + const exitCode = await handleDeepLinkUri(uri); + process.exit(exitCode); + } - // macOS URL handler: when LaunchServices launches our .app bundle, the - // URL arrives via Apple Event (not argv). LaunchServices overwrites - // __CFBundleIdentifier to the launching bundle's ID, which is a precise - // positive signal — cheaper than importing and guessing with heuristics. - if ( - process.platform === 'darwin' && - process.env.__CFBundleIdentifier === - 'com.anthropic.claude-code-url-handler' - ) { - const { enableConfigs } = await import('./utils/config.js') - enableConfigs() - const { handleUrlSchemeLaunch } = await import( - './utils/deepLink/protocolHandler.js' - ) - const urlSchemeResult = await handleUrlSchemeLaunch() - process.exit(urlSchemeResult ?? 1) - } - } + // macOS URL handler: when LaunchServices launches our .app bundle, the + // URL arrives via Apple Event (not argv). LaunchServices overwrites + // __CFBundleIdentifier to the launching bundle's ID, which is a precise + // positive signal — cheaper than importing and guessing with heuristics. + if ( + process.platform === "darwin" && + process.env.__CFBundleIdentifier === + "com.anthropic.claude-code-url-handler" + ) { + const { enableConfigs } = await import("./utils/config.js"); + enableConfigs(); + const { handleUrlSchemeLaunch } = + await import("./utils/deepLink/protocolHandler.js"); + const urlSchemeResult = await handleUrlSchemeLaunch(); + process.exit(urlSchemeResult ?? 1); + } + } - // `claude assistant [sessionId]` — stash and strip so the main - // command handles it, giving the full interactive TUI. Position-0 only - // (matching the ssh pattern below) — indexOf would false-positive on - // `claude -p "explain assistant"`. Root-flag-before-subcommand - // (e.g. `--debug assistant`) falls through to the stub, which - // prints usage. - if (feature('KAIROS') && _pendingAssistantChat) { - const rawArgs = process.argv.slice(2) - if (rawArgs[0] === 'assistant') { - const nextArg = rawArgs[1] - if (nextArg && !nextArg.startsWith('-')) { - _pendingAssistantChat.sessionId = nextArg - rawArgs.splice(0, 2) // drop 'assistant' and sessionId - process.argv = [process.argv[0]!, process.argv[1]!, ...rawArgs] - } else if (!nextArg) { - _pendingAssistantChat.discover = true - rawArgs.splice(0, 1) // drop 'assistant' - process.argv = [process.argv[0]!, process.argv[1]!, ...rawArgs] - } - // else: `claude assistant --help` → fall through to stub - } - } + // `claude assistant [sessionId]` — stash and strip so the main + // command handles it, giving the full interactive TUI. Position-0 only + // (matching the ssh pattern below) — indexOf would false-positive on + // `claude -p "explain assistant"`. Root-flag-before-subcommand + // (e.g. `--debug assistant`) falls through to the stub, which + // prints usage. + if (feature("KAIROS") && _pendingAssistantChat) { + const rawArgs = process.argv.slice(2); + if (rawArgs[0] === "assistant") { + const nextArg = rawArgs[1]; + if (nextArg && !nextArg.startsWith("-")) { + _pendingAssistantChat.sessionId = nextArg; + rawArgs.splice(0, 2); // drop 'assistant' and sessionId + process.argv = [process.argv[0]!, process.argv[1]!, ...rawArgs]; + } else if (!nextArg) { + _pendingAssistantChat.discover = true; + rawArgs.splice(0, 1); // drop 'assistant' + process.argv = [process.argv[0]!, process.argv[1]!, ...rawArgs]; + } + // else: `claude assistant --help` → fall through to stub + } + } - // `claude ssh [dir]` — strip from argv so the main command handler - // runs (full interactive TUI), stash the host/dir for the REPL branch at - // ~line 3720 to pick up. Headless (-p) mode not supported in v1: SSH - // sessions need the local REPL to drive them (interrupt, permissions). - if (feature('SSH_REMOTE') && _pendingSSH) { - const rawCliArgs = process.argv.slice(2) - // SSH-specific flags can appear before the host positional (e.g. - // `ssh --permission-mode auto host /tmp` — standard POSIX flags-before- - // positionals). Pull them all out BEFORE checking whether a host was - // given, so `claude ssh --permission-mode auto host` and `claude ssh host - // --permission-mode auto` are equivalent. The host check below only needs - // to guard against `-h`/`--help` (which commander should handle). - if (rawCliArgs[0] === 'ssh') { - const localIdx = rawCliArgs.indexOf('--local') - if (localIdx !== -1) { - _pendingSSH.local = true - rawCliArgs.splice(localIdx, 1) - } - const dspIdx = rawCliArgs.indexOf('--dangerously-skip-permissions') - if (dspIdx !== -1) { - _pendingSSH.dangerouslySkipPermissions = true - rawCliArgs.splice(dspIdx, 1) - } - const pmIdx = rawCliArgs.indexOf('--permission-mode') - if ( - pmIdx !== -1 && - rawCliArgs[pmIdx + 1] && - !rawCliArgs[pmIdx + 1]!.startsWith('-') - ) { - _pendingSSH.permissionMode = rawCliArgs[pmIdx + 1] - rawCliArgs.splice(pmIdx, 2) - } - const pmEqIdx = rawCliArgs.findIndex(a => - a.startsWith('--permission-mode='), - ) - if (pmEqIdx !== -1) { - _pendingSSH.permissionMode = rawCliArgs[pmEqIdx]!.split('=')[1] - rawCliArgs.splice(pmEqIdx, 1) - } - // Forward session-resume + model flags to the remote CLI's initial spawn. - // --continue/-c and --resume operate on the REMOTE session history - // (which persists under the remote's ~/.claude/projects//). - // --model controls which model the remote uses. - const extractFlag = ( - flag: string, - opts: { hasValue?: boolean; as?: string } = {}, - ) => { - const i = rawCliArgs.indexOf(flag) - if (i !== -1) { - _pendingSSH.extraCliArgs.push(opts.as ?? flag) - const val = rawCliArgs[i + 1] - if (opts.hasValue && val && !val.startsWith('-')) { - _pendingSSH.extraCliArgs.push(val) - rawCliArgs.splice(i, 2) - } else { - rawCliArgs.splice(i, 1) - } - } - const eqI = rawCliArgs.findIndex(a => a.startsWith(`${flag}=`)) - if (eqI !== -1) { - _pendingSSH.extraCliArgs.push( - opts.as ?? flag, - rawCliArgs[eqI]!.slice(flag.length + 1), - ) - rawCliArgs.splice(eqI, 1) - } - } - extractFlag('-c', { as: '--continue' }) - extractFlag('--continue') - extractFlag('--resume', { hasValue: true }) - extractFlag('--model', { hasValue: true }) - } - // After pre-extraction, any remaining dash-arg at [1] is either -h/--help - // (commander handles) or an unknown-to-ssh flag (fall through to commander - // so it surfaces a proper error). Only a non-dash arg is the host. - if ( - rawCliArgs[0] === 'ssh' && - rawCliArgs[1] && - !rawCliArgs[1].startsWith('-') - ) { - _pendingSSH.host = rawCliArgs[1] - // Optional positional cwd. - let consumed = 2 - if (rawCliArgs[2] && !rawCliArgs[2].startsWith('-')) { - _pendingSSH.cwd = rawCliArgs[2] - consumed = 3 - } - const rest = rawCliArgs.slice(consumed) + // `claude ssh [dir]` — strip from argv so the main command handler + // runs (full interactive TUI), stash the host/dir for the REPL branch at + // ~line 3720 to pick up. Headless (-p) mode not supported in v1: SSH + // sessions need the local REPL to drive them (interrupt, permissions). + if (feature("SSH_REMOTE") && _pendingSSH) { + const rawCliArgs = process.argv.slice(2); + // SSH-specific flags can appear before the host positional (e.g. + // `ssh --permission-mode auto host /tmp` — standard POSIX flags-before- + // positionals). Pull them all out BEFORE checking whether a host was + // given, so `claude ssh --permission-mode auto host` and `claude ssh host + // --permission-mode auto` are equivalent. The host check below only needs + // to guard against `-h`/`--help` (which commander should handle). + if (rawCliArgs[0] === "ssh") { + const localIdx = rawCliArgs.indexOf("--local"); + if (localIdx !== -1) { + _pendingSSH.local = true; + rawCliArgs.splice(localIdx, 1); + } + const dspIdx = rawCliArgs.indexOf("--dangerously-skip-permissions"); + if (dspIdx !== -1) { + _pendingSSH.dangerouslySkipPermissions = true; + rawCliArgs.splice(dspIdx, 1); + } + const pmIdx = rawCliArgs.indexOf("--permission-mode"); + if ( + pmIdx !== -1 && + rawCliArgs[pmIdx + 1] && + !rawCliArgs[pmIdx + 1]!.startsWith("-") + ) { + _pendingSSH.permissionMode = rawCliArgs[pmIdx + 1]; + rawCliArgs.splice(pmIdx, 2); + } + const pmEqIdx = rawCliArgs.findIndex((a) => + a.startsWith("--permission-mode="), + ); + if (pmEqIdx !== -1) { + _pendingSSH.permissionMode = rawCliArgs[pmEqIdx]!.split("=")[1]; + rawCliArgs.splice(pmEqIdx, 1); + } + // Forward session-resume + model flags to the remote CLI's initial spawn. + // --continue/-c and --resume operate on the REMOTE session history + // (which persists under the remote's ~/.claude/projects//). + // --model controls which model the remote uses. + const extractFlag = ( + flag: string, + opts: { hasValue?: boolean; as?: string } = {}, + ) => { + const i = rawCliArgs.indexOf(flag); + if (i !== -1) { + _pendingSSH.extraCliArgs.push(opts.as ?? flag); + const val = rawCliArgs[i + 1]; + if (opts.hasValue && val && !val.startsWith("-")) { + _pendingSSH.extraCliArgs.push(val); + rawCliArgs.splice(i, 2); + } else { + rawCliArgs.splice(i, 1); + } + } + const eqI = rawCliArgs.findIndex((a) => + a.startsWith(`${flag}=`), + ); + if (eqI !== -1) { + _pendingSSH.extraCliArgs.push( + opts.as ?? flag, + rawCliArgs[eqI]!.slice(flag.length + 1), + ); + rawCliArgs.splice(eqI, 1); + } + }; + extractFlag("-c", { as: "--continue" }); + extractFlag("--continue"); + extractFlag("--resume", { hasValue: true }); + extractFlag("--model", { hasValue: true }); + } + // After pre-extraction, any remaining dash-arg at [1] is either -h/--help + // (commander handles) or an unknown-to-ssh flag (fall through to commander + // so it surfaces a proper error). Only a non-dash arg is the host. + if ( + rawCliArgs[0] === "ssh" && + rawCliArgs[1] && + !rawCliArgs[1].startsWith("-") + ) { + _pendingSSH.host = rawCliArgs[1]; + // Optional positional cwd. + let consumed = 2; + if (rawCliArgs[2] && !rawCliArgs[2].startsWith("-")) { + _pendingSSH.cwd = rawCliArgs[2]; + consumed = 3; + } + const rest = rawCliArgs.slice(consumed); - // Headless (-p) mode is not supported with SSH in v1 — reject early - // so the flag doesn't silently cause local execution. - if (rest.includes('-p') || rest.includes('--print')) { - process.stderr.write( - 'Error: headless (-p/--print) mode is not supported with claude ssh\n', - ) - gracefulShutdownSync(1) - return - } + // Headless (-p) mode is not supported with SSH in v1 — reject early + // so the flag doesn't silently cause local execution. + if (rest.includes("-p") || rest.includes("--print")) { + process.stderr.write( + "Error: headless (-p/--print) mode is not supported with claude ssh\n", + ); + gracefulShutdownSync(1); + return; + } - // Rewrite argv so the main command sees remaining flags but not `ssh`. - process.argv = [process.argv[0]!, process.argv[1]!, ...rest] - } - } + // Rewrite argv so the main command sees remaining flags but not `ssh`. + process.argv = [process.argv[0]!, process.argv[1]!, ...rest]; + } + } - // Check for -p/--print and --init-only flags early to set isInteractiveSession before init() - // This is needed because telemetry initialization calls auth functions that need this flag - const cliArgs = process.argv.slice(2) - const hasPrintFlag = cliArgs.includes('-p') || cliArgs.includes('--print') - const hasInitOnlyFlag = cliArgs.includes('--init-only') - const hasSdkUrl = cliArgs.some(arg => arg.startsWith('--sdk-url')) - const isNonInteractive = - hasPrintFlag || hasInitOnlyFlag || hasSdkUrl || !process.stdout.isTTY + // Check for -p/--print and --init-only flags early to set isInteractiveSession before init() + // This is needed because telemetry initialization calls auth functions that need this flag + const cliArgs = process.argv.slice(2); + const hasPrintFlag = cliArgs.includes("-p") || cliArgs.includes("--print"); + const hasInitOnlyFlag = cliArgs.includes("--init-only"); + const hasSdkUrl = cliArgs.some((arg) => arg.startsWith("--sdk-url")); + const isNonInteractive = + hasPrintFlag || hasInitOnlyFlag || hasSdkUrl || !process.stdout.isTTY; - // Stop capturing early input for non-interactive modes - if (isNonInteractive) { - stopCapturingEarlyInput() - } + // Stop capturing early input for non-interactive modes + if (isNonInteractive) { + stopCapturingEarlyInput(); + } - // Set simplified tracking fields - const isInteractive = !isNonInteractive - setIsInteractive(isInteractive) + // Set simplified tracking fields + const isInteractive = !isNonInteractive; + setIsInteractive(isInteractive); - // Initialize entrypoint based on mode - needs to be set before any event is logged - initializeEntrypoint(isNonInteractive) + // Initialize entrypoint based on mode - needs to be set before any event is logged + initializeEntrypoint(isNonInteractive); - // Determine client type - const clientType = (() => { - if (isEnvTruthy(process.env.GITHUB_ACTIONS)) return 'github-action' - if (process.env.CLAUDE_CODE_ENTRYPOINT === 'sdk-ts') return 'sdk-typescript' - if (process.env.CLAUDE_CODE_ENTRYPOINT === 'sdk-py') return 'sdk-python' - if (process.env.CLAUDE_CODE_ENTRYPOINT === 'sdk-cli') return 'sdk-cli' - if (process.env.CLAUDE_CODE_ENTRYPOINT === 'claude-vscode') - return 'claude-vscode' - if (process.env.CLAUDE_CODE_ENTRYPOINT === 'local-agent') - return 'local-agent' - if (process.env.CLAUDE_CODE_ENTRYPOINT === 'claude-desktop') - return 'claude-desktop' + // Determine client type + const clientType = (() => { + if (isEnvTruthy(process.env.GITHUB_ACTIONS)) return "github-action"; + if (process.env.CLAUDE_CODE_ENTRYPOINT === "sdk-ts") + return "sdk-typescript"; + if (process.env.CLAUDE_CODE_ENTRYPOINT === "sdk-py") + return "sdk-python"; + if (process.env.CLAUDE_CODE_ENTRYPOINT === "sdk-cli") return "sdk-cli"; + if (process.env.CLAUDE_CODE_ENTRYPOINT === "claude-vscode") + return "claude-vscode"; + if (process.env.CLAUDE_CODE_ENTRYPOINT === "local-agent") + return "local-agent"; + if (process.env.CLAUDE_CODE_ENTRYPOINT === "claude-desktop") + return "claude-desktop"; - // Check if session-ingress token is provided (indicates remote session) - const hasSessionIngressToken = - process.env.CLAUDE_CODE_SESSION_ACCESS_TOKEN || - process.env.CLAUDE_CODE_WEBSOCKET_AUTH_FILE_DESCRIPTOR - if ( - process.env.CLAUDE_CODE_ENTRYPOINT === 'remote' || - hasSessionIngressToken - ) { - return 'remote' - } + // Check if session-ingress token is provided (indicates remote session) + const hasSessionIngressToken = + process.env.CLAUDE_CODE_SESSION_ACCESS_TOKEN || + process.env.CLAUDE_CODE_WEBSOCKET_AUTH_FILE_DESCRIPTOR; + if ( + process.env.CLAUDE_CODE_ENTRYPOINT === "remote" || + hasSessionIngressToken + ) { + return "remote"; + } - return 'cli' - })() - setClientType(clientType) + return "cli"; + })(); + setClientType(clientType); - const previewFormat = process.env.CLAUDE_CODE_QUESTION_PREVIEW_FORMAT - if (previewFormat === 'markdown' || previewFormat === 'html') { - setQuestionPreviewFormat(previewFormat) - } else if ( - !clientType.startsWith('sdk-') && - // Desktop and CCR pass previewFormat via toolConfig; when the feature is - // gated off they pass undefined — don't override that with markdown. - clientType !== 'claude-desktop' && - clientType !== 'local-agent' && - clientType !== 'remote' - ) { - setQuestionPreviewFormat('markdown') - } + const previewFormat = process.env.CLAUDE_CODE_QUESTION_PREVIEW_FORMAT; + if (previewFormat === "markdown" || previewFormat === "html") { + setQuestionPreviewFormat(previewFormat); + } else if ( + !clientType.startsWith("sdk-") && + // Desktop and CCR pass previewFormat via toolConfig; when the feature is + // gated off they pass undefined — don't override that with markdown. + clientType !== "claude-desktop" && + clientType !== "local-agent" && + clientType !== "remote" + ) { + setQuestionPreviewFormat("markdown"); + } - // Tag sessions created via `claude remote-control` so the backend can identify them - if (process.env.CLAUDE_CODE_ENVIRONMENT_KIND === 'bridge') { - setSessionSource('remote-control') - } + // Tag sessions created via `claude remote-control` so the backend can identify them + if (process.env.CLAUDE_CODE_ENVIRONMENT_KIND === "bridge") { + setSessionSource("remote-control"); + } - profileCheckpoint('main_client_type_determined') + profileCheckpoint("main_client_type_determined"); - // Parse and load settings flags early, before init() - eagerLoadSettings() + // Parse and load settings flags early, before init() + eagerLoadSettings(); - profileCheckpoint('main_before_run') + profileCheckpoint("main_before_run"); - await run() - profileCheckpoint('main_after_run') + await run(); + profileCheckpoint("main_after_run"); } async function getInputPrompt( - prompt: string, - inputFormat: 'text' | 'stream-json', + prompt: string, + inputFormat: "text" | "stream-json", ): Promise> { - if ( - !process.stdin.isTTY && - // Input hijacking breaks MCP. - !process.argv.includes('mcp') - ) { - if (inputFormat === 'stream-json') { - return process.stdin - } - process.stdin.setEncoding('utf8') - let data = '' - const onData = (chunk: string) => { - data += chunk - } - process.stdin.on('data', onData) - // If no data arrives in 3s, stop waiting and warn. Stdin is likely an - // inherited pipe from a parent that isn't writing (subprocess spawned - // without explicit stdin handling). 3s covers slow producers like curl, - // jq on large files, python with import overhead. The warning makes - // silent data loss visible for the rare producer that's slower still. - const timedOut = await peekForStdinData(process.stdin, 3000) - process.stdin.off('data', onData) - if (timedOut) { - process.stderr.write( - 'Warning: no stdin data received in 3s, proceeding without it. ' + - 'If piping from a slow command, redirect stdin explicitly: < /dev/null to skip, or wait longer.\n', - ) - } - return [prompt, data].filter(Boolean).join('\n') - } - return prompt + if ( + !process.stdin.isTTY && + // Input hijacking breaks MCP. + !process.argv.includes("mcp") + ) { + if (inputFormat === "stream-json") { + return process.stdin; + } + process.stdin.setEncoding("utf8"); + let data = ""; + const onData = (chunk: string) => { + data += chunk; + }; + process.stdin.on("data", onData); + // If no data arrives in 3s, stop waiting and warn. Stdin is likely an + // inherited pipe from a parent that isn't writing (subprocess spawned + // without explicit stdin handling). 3s covers slow producers like curl, + // jq on large files, python with import overhead. The warning makes + // silent data loss visible for the rare producer that's slower still. + const timedOut = await peekForStdinData(process.stdin, 3000); + process.stdin.off("data", onData); + if (timedOut) { + process.stderr.write( + "Warning: no stdin data received in 3s, proceeding without it. " + + "If piping from a slow command, redirect stdin explicitly: < /dev/null to skip, or wait longer.\n", + ); + } + return [prompt, data].filter(Boolean).join("\n"); + } + return prompt; } async function run(): Promise { - profileCheckpoint('run_function_start') - - // Create help config that sorts options by long option name. - // Commander supports compareOptions at runtime but @commander-js/extra-typings - // doesn't include it in the type definitions, so we use Object.assign to add it. - function createSortedHelpConfig(): { - sortSubcommands: true - sortOptions: true - } { - const getOptionSortKey = (opt: Option): string => - opt.long?.replace(/^--/, '') ?? opt.short?.replace(/^-/, '') ?? '' - return Object.assign( - { sortSubcommands: true, sortOptions: true } as const, - { - compareOptions: (a: Option, b: Option) => - getOptionSortKey(a).localeCompare(getOptionSortKey(b)), - }, - ) - } - const program = new CommanderCommand() - .configureHelp(createSortedHelpConfig()) - .enablePositionalOptions() - profileCheckpoint('run_commander_initialized') - - // Use preAction hook to run initialization only when executing a command, - // not when displaying help. This avoids the need for env variable signaling. - program.hook('preAction', async thisCommand => { - profileCheckpoint('preAction_start') - // Await async subprocess loads started at module evaluation (lines 12-20). - // Nearly free — subprocesses complete during the ~135ms of imports above. - // Must resolve before init() which triggers the first settings read - // (applySafeConfigEnvironmentVariables → getSettingsForSource('policySettings') - // → isRemoteManagedSettingsEligible → sync keychain reads otherwise ~65ms). - await Promise.all([ - ensureMdmSettingsLoaded(), - ensureKeychainPrefetchCompleted(), - ]) - profileCheckpoint('preAction_after_mdm') - await init() - profileCheckpoint('preAction_after_init') - - // process.title on Windows sets the console title directly; on POSIX, - // terminal shell integration may mirror the process name to the tab. - // After init() so settings.json env can also gate this (gh-4765). - if (!isEnvTruthy(process.env.CLAUDE_CODE_DISABLE_TERMINAL_TITLE)) { - process.title = 'claude' - } - - // Attach logging sinks so subcommand handlers can use logEvent/logError. - // Before PR #11106 logEvent dispatched directly; after, events queue until - // a sink attaches. setup() attaches sinks for the default command, but - // subcommands (doctor, mcp, plugin, auth) never call setup() and would - // silently drop events on process.exit(). Both inits are idempotent. - const { initSinks } = await import('./utils/sinks.js') - initSinks() - profileCheckpoint('preAction_after_sinks') - - // gh-33508: --plugin-dir is a top-level program option. The default - // action reads it from its own options destructure, but subcommands - // (plugin list, plugin install, mcp *) have their own actions and - // never see it. Wire it up here so getInlinePlugins() works everywhere. - // thisCommand.opts() is typed {} here because this hook is attached - // before .option('--plugin-dir', ...) in the chain — extra-typings - // builds the type as options are added. Narrow with a runtime guard; - // the collect accumulator + [] default guarantee string[] in practice. - const pluginDir = thisCommand.getOptionValue('pluginDir') - if ( - Array.isArray(pluginDir) && - pluginDir.length > 0 && - pluginDir.every(p => typeof p === 'string') - ) { - setInlinePlugins(pluginDir) - clearPluginCache('preAction: --plugin-dir inline plugins') - } - - runMigrations() - profileCheckpoint('preAction_after_migrations') - - // Load remote managed settings for enterprise customers (non-blocking) - // Fails open - if fetch fails, continues without remote settings - // Settings are applied via hot-reload when they arrive - // Must happen after init() to ensure config reading is allowed - void loadRemoteManagedSettings() - void loadPolicyLimits() - - profileCheckpoint('preAction_after_remote_settings') - - // Load settings sync (non-blocking, fail-open) - // CLI: uploads local settings to remote (CCR download is handled by print.ts) - if (feature('UPLOAD_USER_SETTINGS')) { - void import('./services/settingsSync/index.js').then(m => - m.uploadUserSettingsInBackground(), - ) - } - - profileCheckpoint('preAction_after_settings_sync') - }) - - program - .name('claude') - .description( - `Claude Code - starts an interactive session by default, use -p/--print for non-interactive output`, - ) - .argument('[prompt]', 'Your prompt', String) - // Subcommands inherit helpOption via commander's copyInheritedSettings — - // setting it once here covers mcp, plugin, auth, and all other subcommands. - .helpOption('-h, --help', 'Display help for command') - .option( - '-d, --debug [filter]', - 'Enable debug mode with optional category filtering (e.g., "api,hooks" or "!1p,!file")', - (_value: string | true) => { - // If value is provided, it will be the filter string - // If not provided but flag is present, value will be true - // The actual filtering is handled in debug.ts by parsing process.argv - return true - }, - ) - .addOption( - new Option('--debug-to-stderr', 'Enable debug mode (to stderr)') - .argParser(Boolean) - .hideHelp(), - ) - .option( - '--debug-file ', - 'Write debug logs to a specific file path (implicitly enables debug mode)', - () => true, - ) - .option( - '--verbose', - 'Override verbose mode setting from config', - () => true, - ) - .option( - '-p, --print', - 'Print response and exit (useful for pipes). Note: The workspace trust dialog is skipped when Claude is run with the -p mode. Only use this flag in directories you trust.', - () => true, - ) - .option( - '--bare', - 'Minimal mode: skip hooks, LSP, plugin sync, attribution, auto-memory, background prefetches, keychain reads, and CLAUDE.md auto-discovery. Sets CLAUDE_CODE_SIMPLE=1. Anthropic auth is strictly ANTHROPIC_API_KEY or apiKeyHelper via --settings (OAuth and keychain are never read). 3P providers (Bedrock/Vertex/Foundry) use their own credentials. Skills still resolve via /skill-name. Explicitly provide context via: --system-prompt[-file], --append-system-prompt[-file], --add-dir (CLAUDE.md dirs), --mcp-config, --settings, --agents, --plugin-dir.', - () => true, - ) - .addOption( - new Option( - '--init', - 'Run Setup hooks with init trigger, then continue', - ).hideHelp(), - ) - .addOption( - new Option( - '--init-only', - 'Run Setup and SessionStart:startup hooks, then exit', - ).hideHelp(), - ) - .addOption( - new Option( - '--maintenance', - 'Run Setup hooks with maintenance trigger, then continue', - ).hideHelp(), - ) - .addOption( - new Option( - '--output-format ', - 'Output format (only works with --print): "text" (default), "json" (single result), or "stream-json" (realtime streaming)', - ).choices(['text', 'json', 'stream-json']), - ) - .addOption( - new Option( - '--json-schema ', - 'JSON Schema for structured output validation. ' + - 'Example: {"type":"object","properties":{"name":{"type":"string"}},"required":["name"]}', - ).argParser(String), - ) - .option( - '--include-hook-events', - 'Include all hook lifecycle events in the output stream (only works with --output-format=stream-json)', - () => true, - ) - .option( - '--include-partial-messages', - 'Include partial message chunks as they arrive (only works with --print and --output-format=stream-json)', - () => true, - ) - .addOption( - new Option( - '--input-format ', - 'Input format (only works with --print): "text" (default), or "stream-json" (realtime streaming input)', - ).choices(['text', 'stream-json']), - ) - .option( - '--mcp-debug', - '[DEPRECATED. Use --debug instead] Enable MCP debug mode (shows MCP server errors)', - () => true, - ) - .option( - '--dangerously-skip-permissions', - 'Bypass all permission checks. Recommended only for sandboxes with no internet access.', - () => true, - ) - .option( - '--allow-dangerously-skip-permissions', - 'Enable bypassing all permission checks as an option, without it being enabled by default. Recommended only for sandboxes with no internet access.', - () => true, - ) - .addOption( - new Option( - '--thinking ', - 'Thinking mode: enabled (equivalent to adaptive), disabled', - ) - .choices(['enabled', 'adaptive', 'disabled']) - .hideHelp(), - ) - .addOption( - new Option( - '--max-thinking-tokens ', - '[DEPRECATED. Use --thinking instead for newer models] Maximum number of thinking tokens (only works with --print)', - ) - .argParser(Number) - .hideHelp(), - ) - .addOption( - new Option( - '--max-turns ', - 'Maximum number of agentic turns in non-interactive mode. This will early exit the conversation after the specified number of turns. (only works with --print)', - ) - .argParser(Number) - .hideHelp(), - ) - .addOption( - new Option( - '--max-budget-usd ', - 'Maximum dollar amount to spend on API calls (only works with --print)', - ).argParser(value => { - const amount = Number(value) - if (isNaN(amount) || amount <= 0) { - throw new Error( - '--max-budget-usd must be a positive number greater than 0', - ) - } - return amount - }), - ) - .addOption( - new Option( - '--task-budget ', - 'API-side task budget in tokens (output_config.task_budget)', - ) - .argParser(value => { - const tokens = Number(value) - if (isNaN(tokens) || tokens <= 0 || !Number.isInteger(tokens)) { - throw new Error('--task-budget must be a positive integer') - } - return tokens - }) - .hideHelp(), - ) - .option( - '--replay-user-messages', - 'Re-emit user messages from stdin back on stdout for acknowledgment (only works with --input-format=stream-json and --output-format=stream-json)', - () => true, - ) - .addOption( - new Option( - '--enable-auth-status', - 'Enable auth status messages in SDK mode', - ) - .default(false) - .hideHelp(), - ) - .option( - '--allowedTools, --allowed-tools ', - 'Comma or space-separated list of tool names to allow (e.g. "Bash(git:*) Edit")', - ) - .option( - '--tools ', - 'Specify the list of available tools from the built-in set. Use "" to disable all tools, "default" to use all tools, or specify tool names (e.g. "Bash,Edit,Read").', - ) - .option( - '--disallowedTools, --disallowed-tools ', - 'Comma or space-separated list of tool names to deny (e.g. "Bash(git:*) Edit")', - ) - .option( - '--mcp-config ', - 'Load MCP servers from JSON files or strings (space-separated)', - ) - .addOption( - new Option( - '--permission-prompt-tool ', - 'MCP tool to use for permission prompts (only works with --print)', - ) - .argParser(String) - .hideHelp(), - ) - .addOption( - new Option( - '--system-prompt ', - 'System prompt to use for the session', - ).argParser(String), - ) - .addOption( - new Option( - '--system-prompt-file ', - 'Read system prompt from a file', - ) - .argParser(String) - .hideHelp(), - ) - .addOption( - new Option( - '--append-system-prompt ', - 'Append a system prompt to the default system prompt', - ).argParser(String), - ) - .addOption( - new Option( - '--append-system-prompt-file ', - 'Read system prompt from a file and append to the default system prompt', - ) - .argParser(String) - .hideHelp(), - ) - .addOption( - new Option( - '--permission-mode ', - 'Permission mode to use for the session', - ) - .argParser(String) - .choices(PERMISSION_MODES), - ) - .option( - '-c, --continue', - 'Continue the most recent conversation in the current directory', - () => true, - ) - .option( - '-r, --resume [value]', - 'Resume a conversation by session ID, or open interactive picker with optional search term', - value => value || true, - ) - .option( - '--fork-session', - 'When resuming, create a new session ID instead of reusing the original (use with --resume or --continue)', - () => true, - ) - .addOption( - new Option( - '--prefill ', - 'Pre-fill the prompt input with text without submitting it', - ).hideHelp(), - ) - .addOption( - new Option( - '--deep-link-origin', - 'Signal that this session was launched from a deep link', - ).hideHelp(), - ) - .addOption( - new Option( - '--deep-link-repo ', - 'Repo slug the deep link ?repo= parameter resolved to the current cwd', - ).hideHelp(), - ) - .addOption( - new Option( - '--deep-link-last-fetch ', - 'FETCH_HEAD mtime in epoch ms, precomputed by the deep link trampoline', - ) - .argParser(v => { - const n = Number(v) - return Number.isFinite(n) ? n : undefined - }) - .hideHelp(), - ) - .option( - '--from-pr [value]', - 'Resume a session linked to a PR by PR number/URL, or open interactive picker with optional search term', - value => value || true, - ) - .option( - '--no-session-persistence', - 'Disable session persistence - sessions will not be saved to disk and cannot be resumed (only works with --print)', - ) - .addOption( - new Option( - '--resume-session-at ', - 'When resuming, only messages up to and including the assistant message with (use with --resume in print mode)', - ) - .argParser(String) - .hideHelp(), - ) - .addOption( - new Option( - '--rewind-files ', - 'Restore files to state at the specified user message and exit (requires --resume)', - ).hideHelp(), - ) - // @[MODEL LAUNCH]: Update the example model ID in the --model help text. - .option( - '--model ', - `Model for the current session. Provide an alias for the latest model (e.g. 'sonnet' or 'opus') or a model's full name (e.g. 'claude-sonnet-4-6').`, - ) - .addOption( - new Option( - '--effort ', - `Effort level for the current session (low, medium, high, max)`, - ).argParser((rawValue: string) => { - const value = rawValue.toLowerCase() - const allowed = ['low', 'medium', 'high', 'max'] - if (!allowed.includes(value)) { - throw new InvalidArgumentError( - `It must be one of: ${allowed.join(', ')}`, - ) - } - return value - }), - ) - .option( - '--agent ', - `Agent for the current session. Overrides the 'agent' setting.`, - ) - .option( - '--betas ', - 'Beta headers to include in API requests (API key users only)', - ) - .option( - '--fallback-model ', - 'Enable automatic fallback to specified model when default model is overloaded (only works with --print)', - ) - .addOption( - new Option( - '--workload ', - 'Workload tag for billing-header attribution (cc_workload). Process-scoped; set by SDK daemon callers that spawn subprocesses for cron work. (only works with --print)', - ).hideHelp(), - ) - .option( - '--settings ', - 'Path to a settings JSON file or a JSON string to load additional settings from', - ) - .option( - '--add-dir ', - 'Additional directories to allow tool access to', - ) - .option( - '--ide', - 'Automatically connect to IDE on startup if exactly one valid IDE is available', - () => true, - ) - .option( - '--strict-mcp-config', - 'Only use MCP servers from --mcp-config, ignoring all other MCP configurations', - () => true, - ) - .option( - '--session-id ', - 'Use a specific session ID for the conversation (must be a valid UUID)', - ) - .option( - '-n, --name ', - 'Set a display name for this session (shown in /resume and terminal title)', - ) - .option( - '--agents ', - 'JSON object defining custom agents (e.g. \'{"reviewer": {"description": "Reviews code", "prompt": "You are a code reviewer"}}\')', - ) - .option( - '--setting-sources ', - 'Comma-separated list of setting sources to load (user, project, local).', - ) - // gh-33508: (variadic) consumed everything until the next - // --flag. `claude --plugin-dir /path mcp add --transport http` swallowed - // `mcp` and `add` as paths, then choked on --transport as an unknown - // top-level option. Single-value + collect accumulator means each - // --plugin-dir takes exactly one arg; repeat the flag for multiple dirs. - .option( - '--plugin-dir ', - 'Load plugins from a directory for this session only (repeatable: --plugin-dir A --plugin-dir B)', - (val: string, prev: string[]) => [...prev, val], - [] as string[], - ) - .option('--disable-slash-commands', 'Disable all skills', () => true) - .option('--chrome', 'Enable Claude in Chrome integration') - .option('--no-chrome', 'Disable Claude in Chrome integration') - .option( - '--file ', - 'File resources to download at startup. Format: file_id:relative_path (e.g., --file file_abc:doc.txt file_def:img.png)', - ) - .action(async (prompt, options) => { - profileCheckpoint('action_handler_start') - - // --bare = one-switch minimal mode. Sets SIMPLE so all the existing - // gates fire (CLAUDE.md, skills, hooks inside executeHooks, agent - // dir-walk). Must be set before setup() / any of the gated work runs. - if ((options as { bare?: boolean }).bare) { - process.env.CLAUDE_CODE_SIMPLE = '1' - } - - // Ignore "code" as a prompt - treat it the same as no prompt - if (prompt === 'code') { - logEvent('tengu_code_prompt_ignored', {}) - // biome-ignore lint/suspicious/noConsole:: intentional console output - console.warn( - chalk.yellow('Tip: You can launch Claude Code with just `claude`'), - ) - prompt = undefined - } - - // Log event for any single-word prompt - if ( - prompt && - typeof prompt === 'string' && - !/\s/.test(prompt) && - prompt.length > 0 - ) { - logEvent('tengu_single_word_prompt', { length: prompt.length }) - } - - // Assistant mode: when .claude/settings.json has assistant: true AND - // the tengu_kairos GrowthBook gate is on, force brief on. Permission - // mode is left to the user — settings defaultMode or --permission-mode - // apply as normal. REPL-typed messages already default to 'next' - // priority (messageQueueManager.enqueue) so they drain mid-turn between - // tool calls. SendUserMessage (BriefTool) is enabled via the brief env - // var. SleepTool stays disabled (its isEnabled() gates on proactive). - // kairosEnabled is computed once here and reused at the - // getAssistantSystemPromptAddendum() call site further down. - // - // Trust gate: .claude/settings.json is attacker-controllable in an - // untrusted clone. We run ~1000 lines before showSetupScreens() shows - // the trust dialog, and by then we've already appended - // .claude/agents/assistant.md to the system prompt. Refuse to activate - // until the directory has been explicitly trusted. - let kairosEnabled = false - let assistantTeamContext: - | Awaited< - ReturnType< - NonNullable['initializeAssistantTeam'] - > - > - | undefined - if ( - feature('KAIROS') && - (options as { assistant?: boolean }).assistant && - assistantModule - ) { - // --assistant (Agent SDK daemon mode): force the latch before - // isAssistantMode() runs below. The daemon has already checked - // entitlement — don't make the child re-check tengu_kairos. - assistantModule.markAssistantForced() - } - if ( - feature('KAIROS') && - assistantModule?.isAssistantMode() && - // Spawned teammates share the leader's cwd + settings.json, so - // isAssistantMode() is true for them too. --agent-id being set - // means we ARE a spawned teammate (extractTeammateOptions runs - // ~170 lines later so check the raw commander option) — don't - // re-init the team or override teammateMode/proactive/brief. - !(options as { agentId?: unknown }).agentId && - kairosGate - ) { - if (!checkHasTrustDialogAccepted()) { - // biome-ignore lint/suspicious/noConsole:: intentional console output - console.warn( - chalk.yellow( - 'Assistant mode disabled: directory is not trusted. Accept the trust dialog and restart.', - ), - ) - } else { - // Blocking gate check — returns cached `true` instantly; if disk - // cache is false/missing, lazily inits GrowthBook and fetches fresh - // (max ~5s). --assistant skips the gate entirely (daemon is - // pre-entitled). - kairosEnabled = - assistantModule.isAssistantForced() || - (await kairosGate.isKairosEnabled()) - if (kairosEnabled) { - const opts = options as { brief?: boolean } - opts.brief = true - setKairosActive(true) - // Pre-seed an in-process team so Agent(name: "foo") spawns - // teammates without TeamCreate. Must run BEFORE setup() captures - // the teammateMode snapshot (initializeAssistantTeam calls - // setCliTeammateModeOverride internally). - assistantTeamContext = - await assistantModule.initializeAssistantTeam() - } - } - } - - const { - debug = false, - debugToStderr = false, - dangerouslySkipPermissions, - allowDangerouslySkipPermissions = false, - tools: baseTools = [], - allowedTools = [], - disallowedTools = [], - mcpConfig = [], - permissionMode: permissionModeCli, - addDir = [], - fallbackModel, - betas = [], - ide = false, - sessionId, - includeHookEvents, - includePartialMessages, - } = options - - if (options.prefill) { - seedEarlyInput(options.prefill) - } - - // Promise for file downloads - started early, awaited before REPL renders - let fileDownloadPromise: Promise | undefined - - const agentsJson = options.agents - const agentCli = options.agent - if (feature('BG_SESSIONS') && agentCli) { - process.env.CLAUDE_CODE_AGENT = agentCli - } - - // NOTE: LSP manager initialization is intentionally deferred until after - // the trust dialog is accepted. This prevents plugin LSP servers from - // executing code in untrusted directories before user consent. - - // Extract these separately so they can be modified if needed - let outputFormat = options.outputFormat - let inputFormat = options.inputFormat - let verbose = options.verbose ?? getGlobalConfig().verbose - let print = options.print - const init = options.init ?? false - const initOnly = options.initOnly ?? false - const maintenance = options.maintenance ?? false - - // Extract disable slash commands flag - const disableSlashCommands = options.disableSlashCommands || false - - // Extract tasks mode options (ant-only) - const tasksOption = - process.env.USER_TYPE === 'ant' && - (options as { tasks?: boolean | string }).tasks - const taskListId = tasksOption - ? typeof tasksOption === 'string' - ? tasksOption - : DEFAULT_TASKS_MODE_TASK_LIST_ID - : undefined - if (process.env.USER_TYPE === 'ant' && taskListId) { - process.env.CLAUDE_CODE_TASK_LIST_ID = taskListId - } - - // Extract worktree option - // worktree can be true (flag without value) or a string (custom name or PR reference) - const worktreeOption = isWorktreeModeEnabled() - ? (options as { worktree?: boolean | string }).worktree - : undefined - let worktreeName = - typeof worktreeOption === 'string' ? worktreeOption : undefined - const worktreeEnabled = worktreeOption !== undefined - - // Check if worktree name is a PR reference (#N or GitHub PR URL) - let worktreePRNumber: number | undefined - if (worktreeName) { - const prNum = parsePRReference(worktreeName) - if (prNum !== null) { - worktreePRNumber = prNum - worktreeName = undefined // slug will be generated in setup() - } - } - - // Extract tmux option (requires --worktree) - const tmuxEnabled = - isWorktreeModeEnabled() && (options as { tmux?: boolean }).tmux === true - - // Validate tmux option - if (tmuxEnabled) { - if (!worktreeEnabled) { - process.stderr.write(chalk.red('Error: --tmux requires --worktree\n')) - process.exit(1) - } - if (getPlatform() === 'windows') { - process.stderr.write( - chalk.red('Error: --tmux is not supported on Windows\n'), - ) - process.exit(1) - } - if (!(await isTmuxAvailable())) { - process.stderr.write( - chalk.red( - `Error: tmux is not installed.\n${getTmuxInstallInstructions()}\n`, - ), - ) - process.exit(1) - } - } - - // Extract teammate options (for tmux-spawned agents) - // Declared outside the if block so it's accessible later for system prompt addendum - let storedTeammateOpts: TeammateOptions | undefined - if (isAgentSwarmsEnabled()) { - // Extract agent identity options (for tmux-spawned agents) - // These replace the CLAUDE_CODE_* environment variables - const teammateOpts = extractTeammateOptions(options) - storedTeammateOpts = teammateOpts - - // If any teammate identity option is provided, all three required ones must be present - const hasAnyTeammateOpt = - teammateOpts.agentId || - teammateOpts.agentName || - teammateOpts.teamName - const hasAllRequiredTeammateOpts = - teammateOpts.agentId && - teammateOpts.agentName && - teammateOpts.teamName - - if (hasAnyTeammateOpt && !hasAllRequiredTeammateOpts) { - process.stderr.write( - chalk.red( - 'Error: --agent-id, --agent-name, and --team-name must all be provided together\n', - ), - ) - process.exit(1) - } - - // If teammate identity is provided via CLI, set up dynamicTeamContext - if ( - teammateOpts.agentId && - teammateOpts.agentName && - teammateOpts.teamName - ) { - getTeammateUtils().setDynamicTeamContext?.({ - agentId: teammateOpts.agentId, - agentName: teammateOpts.agentName, - teamName: teammateOpts.teamName, - color: teammateOpts.agentColor, - planModeRequired: teammateOpts.planModeRequired ?? false, - parentSessionId: teammateOpts.parentSessionId, - }) - } - - // Set teammate mode CLI override if provided - // This must be done before setup() captures the snapshot - if (teammateOpts.teammateMode) { - getTeammateModeSnapshot().setCliTeammateModeOverride?.( - teammateOpts.teammateMode, - ) - } - } - - // Extract remote sdk options - const sdkUrl = (options as { sdkUrl?: string }).sdkUrl ?? undefined - - // Allow env var to enable partial messages (used by sandbox gateway for baku) - const effectiveIncludePartialMessages = - includePartialMessages || - isEnvTruthy(process.env.CLAUDE_CODE_INCLUDE_PARTIAL_MESSAGES) - - // Enable all hook event types when explicitly requested via SDK option - // or when running in CLAUDE_CODE_REMOTE mode (CCR needs them). - // Without this, only SessionStart and Setup events are emitted. - if (includeHookEvents || isEnvTruthy(process.env.CLAUDE_CODE_REMOTE)) { - setAllHookEventsEnabled(true) - } - - // Auto-set input/output formats, verbose mode, and print mode when SDK URL is provided - if (sdkUrl) { - // If SDK URL is provided, automatically use stream-json formats unless explicitly set - if (!inputFormat) { - inputFormat = 'stream-json' - } - if (!outputFormat) { - outputFormat = 'stream-json' - } - // Auto-enable verbose mode unless explicitly disabled or already set - if (options.verbose === undefined) { - verbose = true - } - // Auto-enable print mode unless explicitly disabled - if (!options.print) { - print = true - } - } - - // Extract teleport option - const teleport = - (options as { teleport?: string | true }).teleport ?? null - - // Extract remote option (can be true if no description provided, or a string) - const remoteOption = (options as { remote?: string | true }).remote - const remote = remoteOption === true ? '' : (remoteOption ?? null) - - // Extract --remote-control / --rc flag (enable bridge in interactive session) - const remoteControlOption = - (options as { remoteControl?: string | true }).remoteControl ?? - (options as { rc?: string | true }).rc - // Actual bridge check is deferred to after showSetupScreens() so that - // trust is established and GrowthBook has auth headers. - let remoteControl = false - const remoteControlName = - typeof remoteControlOption === 'string' && - remoteControlOption.length > 0 - ? remoteControlOption - : undefined - - // Validate session ID if provided - if (sessionId) { - // Check for conflicting flags - // --session-id can be used with --continue or --resume when --fork-session is also provided - // (to specify a custom ID for the forked session) - if ((options.continue || options.resume) && !options.forkSession) { - process.stderr.write( - chalk.red( - 'Error: --session-id can only be used with --continue or --resume if --fork-session is also specified.\n', - ), - ) - process.exit(1) - } - - // When --sdk-url is provided (bridge/remote mode), the session ID is a - // server-assigned tagged ID (e.g. "session_local_01...") rather than a - // UUID. Skip UUID validation and local existence checks in that case. - if (!sdkUrl) { - const validatedSessionId = validateUuid(sessionId) - if (!validatedSessionId) { - process.stderr.write( - chalk.red('Error: Invalid session ID. Must be a valid UUID.\n'), - ) - process.exit(1) - } - - // Check if session ID already exists - if (sessionIdExists(validatedSessionId)) { - process.stderr.write( - chalk.red( - `Error: Session ID ${validatedSessionId} is already in use.\n`, - ), - ) - process.exit(1) - } - } - } - - // Download file resources if specified via --file flag - const fileSpecs = (options as { file?: string[] }).file - if (fileSpecs && fileSpecs.length > 0) { - // Get session ingress token (provided by EnvManager via CLAUDE_CODE_SESSION_ACCESS_TOKEN) - const sessionToken = getSessionIngressAuthToken() - if (!sessionToken) { - process.stderr.write( - chalk.red( - 'Error: Session token required for file downloads. CLAUDE_CODE_SESSION_ACCESS_TOKEN must be set.\n', - ), - ) - process.exit(1) - } - - // Resolve session ID: prefer remote session ID, fall back to internal session ID - const fileSessionId = - process.env.CLAUDE_CODE_REMOTE_SESSION_ID || getSessionId() - - const files = parseFileSpecs(fileSpecs) - if (files.length > 0) { - // Use ANTHROPIC_BASE_URL if set (by EnvManager), otherwise use OAuth config - // This ensures consistency with session ingress API in all environments - const config: FilesApiConfig = { - baseUrl: - process.env.ANTHROPIC_BASE_URL || getOauthConfig().BASE_API_URL, - oauthToken: sessionToken, - sessionId: fileSessionId, - } - - // Start download without blocking startup - await before REPL renders - fileDownloadPromise = downloadSessionFiles(files, config) - } - } - - // Get isNonInteractiveSession from state (was set before init()) - const isNonInteractiveSession = getIsNonInteractiveSession() - - // Validate that fallback model is different from main model - if (fallbackModel && options.model && fallbackModel === options.model) { - process.stderr.write( - chalk.red( - 'Error: Fallback model cannot be the same as the main model. Please specify a different model for --fallback-model.\n', - ), - ) - process.exit(1) - } - - // Handle system prompt options - let systemPrompt = options.systemPrompt - if (options.systemPromptFile) { - if (options.systemPrompt) { - process.stderr.write( - chalk.red( - 'Error: Cannot use both --system-prompt and --system-prompt-file. Please use only one.\n', - ), - ) - process.exit(1) - } - - try { - const filePath = resolve(options.systemPromptFile) - systemPrompt = readFileSync(filePath, 'utf8') - } catch (error) { - const code = getErrnoCode(error) - if (code === 'ENOENT') { - process.stderr.write( - chalk.red( - `Error: System prompt file not found: ${resolve(options.systemPromptFile)}\n`, - ), - ) - process.exit(1) - } - process.stderr.write( - chalk.red( - `Error reading system prompt file: ${errorMessage(error)}\n`, - ), - ) - process.exit(1) - } - } - - // Handle append system prompt options - let appendSystemPrompt = options.appendSystemPrompt - if (options.appendSystemPromptFile) { - if (options.appendSystemPrompt) { - process.stderr.write( - chalk.red( - 'Error: Cannot use both --append-system-prompt and --append-system-prompt-file. Please use only one.\n', - ), - ) - process.exit(1) - } - - try { - const filePath = resolve(options.appendSystemPromptFile) - appendSystemPrompt = readFileSync(filePath, 'utf8') - } catch (error) { - const code = getErrnoCode(error) - if (code === 'ENOENT') { - process.stderr.write( - chalk.red( - `Error: Append system prompt file not found: ${resolve(options.appendSystemPromptFile)}\n`, - ), - ) - process.exit(1) - } - process.stderr.write( - chalk.red( - `Error reading append system prompt file: ${errorMessage(error)}\n`, - ), - ) - process.exit(1) - } - } - - // Add teammate-specific system prompt addendum for tmux teammates - if ( - isAgentSwarmsEnabled() && - storedTeammateOpts?.agentId && - storedTeammateOpts?.agentName && - storedTeammateOpts?.teamName - ) { - const addendum = - getTeammatePromptAddendum().TEAMMATE_SYSTEM_PROMPT_ADDENDUM - appendSystemPrompt = appendSystemPrompt - ? `${appendSystemPrompt}\n\n${addendum}` - : addendum - } - - const { mode: permissionMode, notification: permissionModeNotification } = - initialPermissionModeFromCLI({ - permissionModeCli, - dangerouslySkipPermissions, - }) - - // Store session bypass permissions mode for trust dialog check - setSessionBypassPermissionsMode(permissionMode === 'bypassPermissions') - if (feature('TRANSCRIPT_CLASSIFIER')) { - // autoModeFlagCli is the "did the user intend auto this session" signal. - // Set when: --enable-auto-mode, --permission-mode auto, resolved mode - // is auto, OR settings defaultMode is auto but the gate denied it - // (permissionMode resolved to default with no explicit CLI override). - // Used by verifyAutoModeGateAccess to decide whether to notify on - // auto-unavailable, and by tengu_auto_mode_config opt-in carousel. - if ( - (options as { enableAutoMode?: boolean }).enableAutoMode || - permissionModeCli === 'auto' || - permissionMode === 'auto' || - (!permissionModeCli && isDefaultPermissionModeAuto()) - ) { - autoModeStateModule?.setAutoModeFlagCli(true) - } - } - - // Parse the MCP config files/strings if provided - let dynamicMcpConfig: Record = {} - - if (mcpConfig && mcpConfig.length > 0) { - // Process mcpConfig array - const processedConfigs = mcpConfig - .map(config => config.trim()) - .filter(config => config.length > 0) - - let allConfigs: Record = {} - const allErrors: ValidationError[] = [] - - for (const configItem of processedConfigs) { - let configs: Record | null = null - let errors: ValidationError[] = [] - - // First try to parse as JSON string - const parsedJson = safeParseJSON(configItem) - if (parsedJson) { - const result = parseMcpConfig({ - configObject: parsedJson, - filePath: 'command line', - expandVars: true, - scope: 'dynamic', - }) - if (result.config) { - configs = result.config.mcpServers - } else { - errors = result.errors - } - } else { - // Try as file path - const configPath = resolve(configItem) - const result = parseMcpConfigFromFilePath({ - filePath: configPath, - expandVars: true, - scope: 'dynamic', - }) - if (result.config) { - configs = result.config.mcpServers - } else { - errors = result.errors - } - } - - if (errors.length > 0) { - allErrors.push(...errors) - } else if (configs) { - // Merge configs, later ones override earlier ones - allConfigs = { ...allConfigs, ...configs } - } - } - - if (allErrors.length > 0) { - const formattedErrors = allErrors - .map(err => `${err.path ? err.path + ': ' : ''}${err.message}`) - .join('\n') - logForDebugging( - `--mcp-config validation failed (${allErrors.length} errors): ${formattedErrors}`, - { level: 'error' }, - ) - process.stderr.write( - `Error: Invalid MCP configuration:\n${formattedErrors}\n`, - ) - process.exit(1) - } - - if (Object.keys(allConfigs).length > 0) { - // SDK hosts (Nest/Desktop) own their server naming and may reuse - // built-in names — skip reserved-name checks for type:'sdk'. - const nonSdkConfigNames = Object.entries(allConfigs) - .filter(([, config]) => config.type !== 'sdk') - .map(([name]) => name) - - let reservedNameError: string | null = null - if (nonSdkConfigNames.some(isClaudeInChromeMCPServer)) { - reservedNameError = `Invalid MCP configuration: "${CLAUDE_IN_CHROME_MCP_SERVER_NAME}" is a reserved MCP name.` - } else if (feature('CHICAGO_MCP')) { - const { isComputerUseMCPServer, COMPUTER_USE_MCP_SERVER_NAME } = - await import('src/utils/computerUse/common.js') - if (nonSdkConfigNames.some(isComputerUseMCPServer)) { - reservedNameError = `Invalid MCP configuration: "${COMPUTER_USE_MCP_SERVER_NAME}" is a reserved MCP name.` - } - } - if (reservedNameError) { - // stderr+exit(1) — a throw here becomes a silent unhandled - // rejection in stream-json mode (void main() in cli.tsx). - process.stderr.write(`Error: ${reservedNameError}\n`) - process.exit(1) - } - - // Add dynamic scope to all configs. type:'sdk' entries pass through - // unchanged — they're extracted into sdkMcpConfigs downstream and - // passed to print.ts. The Python SDK relies on this path (it doesn't - // send sdkMcpServers in the initialize message). Dropping them here - // broke Coworker (inc-5122). The policy filter below already exempts - // type:'sdk', and the entries are inert without an SDK transport on - // stdin, so there's no bypass risk from letting them through. - const scopedConfigs = mapValues(allConfigs, config => ({ - ...config, - scope: 'dynamic' as const, - })) - - // Enforce managed policy (allowedMcpServers / deniedMcpServers) on - // --mcp-config servers. Without this, the CLI flag bypasses the - // enterprise allowlist that user/project/local configs go through in - // getClaudeCodeMcpConfigs — callers spread dynamicMcpConfig back on - // top of filtered results. Filter here at the source so all - // downstream consumers see the policy-filtered set. - const { allowed, blocked } = filterMcpServersByPolicy(scopedConfigs) - if (blocked.length > 0) { - process.stderr.write( - `Warning: MCP ${plural(blocked.length, 'server')} blocked by enterprise policy: ${blocked.join(', ')}\n`, - ) - } - dynamicMcpConfig = { ...dynamicMcpConfig, ...allowed } - } - } - - // Extract Claude in Chrome option and enforce claude.ai subscriber check (unless user is ant) - const chromeOpts = options as { chrome?: boolean } - // Store the explicit CLI flag so teammates can inherit it - setChromeFlagOverride(chromeOpts.chrome) - const enableClaudeInChrome = - shouldEnableClaudeInChrome(chromeOpts.chrome) && - (process.env.USER_TYPE === 'ant' || isClaudeAISubscriber()) - const autoEnableClaudeInChrome = - !enableClaudeInChrome && shouldAutoEnableClaudeInChrome() - - if (enableClaudeInChrome) { - const platform = getPlatform() - try { - logEvent('tengu_claude_in_chrome_setup', { - platform: - platform as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - }) - - const { - mcpConfig: chromeMcpConfig, - allowedTools: chromeMcpTools, - systemPrompt: chromeSystemPrompt, - } = setupClaudeInChrome() - dynamicMcpConfig = { ...dynamicMcpConfig, ...chromeMcpConfig } - allowedTools.push(...chromeMcpTools) - if (chromeSystemPrompt) { - appendSystemPrompt = appendSystemPrompt - ? `${chromeSystemPrompt}\n\n${appendSystemPrompt}` - : chromeSystemPrompt - } - } catch (error) { - logEvent('tengu_claude_in_chrome_setup_failed', { - platform: - platform as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - }) - logForDebugging(`[Claude in Chrome] Error: ${error}`) - logError(error) - // biome-ignore lint/suspicious/noConsole:: intentional console output - console.error(`Error: Failed to run with Claude in Chrome.`) - process.exit(1) - } - } else if (autoEnableClaudeInChrome) { - try { - const { mcpConfig: chromeMcpConfig } = setupClaudeInChrome() - dynamicMcpConfig = { ...dynamicMcpConfig, ...chromeMcpConfig } - - const hint = - feature('WEB_BROWSER_TOOL') && - typeof Bun !== 'undefined' && - 'WebView' in Bun - ? CLAUDE_IN_CHROME_SKILL_HINT_WITH_WEBBROWSER - : CLAUDE_IN_CHROME_SKILL_HINT - appendSystemPrompt = appendSystemPrompt - ? `${appendSystemPrompt}\n\n${hint}` - : hint - } catch (error) { - // Silently skip any errors for the auto-enable - logForDebugging(`[Claude in Chrome] Error (auto-enable): ${error}`) - } - } - - // Extract strict MCP config flag - const strictMcpConfig = options.strictMcpConfig || false - - // Check if enterprise MCP configuration exists. When it does, only allow dynamic MCP - // configs that contain special server types (sdk) - if (doesEnterpriseMcpConfigExist()) { - if (strictMcpConfig) { - process.stderr.write( - chalk.red( - 'You cannot use --strict-mcp-config when an enterprise MCP config is present', - ), - ) - process.exit(1) - } - - // For --mcp-config, allow if all servers are internal types (sdk) - if ( - dynamicMcpConfig && - !areMcpConfigsAllowedWithEnterpriseMcpConfig(dynamicMcpConfig) - ) { - process.stderr.write( - chalk.red( - 'You cannot dynamically configure MCP servers when an enterprise MCP config is present', - ), - ) - process.exit(1) - } - } - - // chicago MCP: guarded Computer Use (app allowlist + frontmost gate + - // SCContentFilter screenshots). Ant-only, GrowthBook-gated — failures - // are silent (this is dogfooding). Platform + interactive checks inline - // so non-macOS / print-mode ants skip the heavy @ant/computer-use-mcp - // import entirely. gates.js is light (type-only package import). - // - // Placed AFTER the enterprise-MCP-config check: that check rejects any - // dynamicMcpConfig entry with `type !== 'sdk'`, and our config is - // `type: 'stdio'`. An enterprise-config ant with the GB gate on would - // otherwise process.exit(1). Chrome has the same latent issue but has - // shipped without incident; chicago places itself correctly. - if ( - feature('CHICAGO_MCP') && - getPlatform() !== 'unknown' && - !getIsNonInteractiveSession() - ) { - try { - const { getChicagoEnabled } = await import( - 'src/utils/computerUse/gates.js' - ) - if (getChicagoEnabled()) { - const { setupComputerUseMCP } = await import( - 'src/utils/computerUse/setup.js' - ) - const { mcpConfig, allowedTools: cuTools } = setupComputerUseMCP() - dynamicMcpConfig = { ...dynamicMcpConfig, ...mcpConfig } - allowedTools.push(...cuTools) - } - } catch (error) { - logForDebugging( - `[Computer Use MCP] Setup failed: ${errorMessage(error)}`, - ) - } - } - - // Store additional directories for CLAUDE.md loading (controlled by env var) - setAdditionalDirectoriesForClaudeMd(addDir) - - // Channel server allowlist from --channels flag — servers whose - // inbound push notifications should register this session. The option - // is added inside a feature() block so TS doesn't know about it - // on the options type — same pattern as --assistant at main.tsx:1824. - // devChannels is deferred: showSetupScreens shows a confirmation dialog - // and only appends to allowedChannels on accept. - let devChannels: ChannelEntry[] | undefined - if (feature('KAIROS') || feature('KAIROS_CHANNELS')) { - // Parse plugin:name@marketplace / server:Y tags into typed entries. - // Tag decides trust model downstream: plugin-kind hits marketplace - // verification + GrowthBook allowlist, server-kind always fails - // allowlist (schema is plugin-only) unless dev flag is set. - // Untagged or marketplace-less plugin entries are hard errors — - // silently not-matching in the gate would look like channels are - // "on" but nothing ever fires. - const parseChannelEntries = ( - raw: string[], - flag: string, - ): ChannelEntry[] => { - const entries: ChannelEntry[] = [] - const bad: string[] = [] - for (const c of raw) { - if (c.startsWith('plugin:')) { - const rest = c.slice(7) - const at = rest.indexOf('@') - if (at <= 0 || at === rest.length - 1) { - bad.push(c) - } else { - entries.push({ - kind: 'plugin', - name: rest.slice(0, at), - marketplace: rest.slice(at + 1), - }) - } - } else if (c.startsWith('server:') && c.length > 7) { - entries.push({ kind: 'server', name: c.slice(7) }) - } else { - bad.push(c) - } - } - if (bad.length > 0) { - process.stderr.write( - chalk.red( - `${flag} entries must be tagged: ${bad.join(', ')}\n` + - ` plugin:@ — plugin-provided channel (allowlist enforced)\n` + - ` server: — manually configured MCP server\n`, - ), - ) - process.exit(1) - } - return entries - } - - const channelOpts = options as { - channels?: string[] - dangerouslyLoadDevelopmentChannels?: string[] - } - const rawChannels = channelOpts.channels - const rawDev = channelOpts.dangerouslyLoadDevelopmentChannels - // Always parse + set. ChannelsNotice reads getAllowedChannels() and - // renders the appropriate branch (disabled/noAuth/policyBlocked/ - // listening) in the startup screen. gateChannelServer() enforces. - // --channels works in both interactive and print/SDK modes; dev-channels - // stays interactive-only (requires a confirmation dialog). - let channelEntries: ChannelEntry[] = [] - if (rawChannels && rawChannels.length > 0) { - channelEntries = parseChannelEntries(rawChannels, '--channels') - setAllowedChannels(channelEntries) - } - if (!isNonInteractiveSession) { - if (rawDev && rawDev.length > 0) { - devChannels = parseChannelEntries( - rawDev, - '--dangerously-load-development-channels', - ) - } - } - // Flag-usage telemetry. Plugin identifiers are logged (same tier as - // tengu_plugin_installed — public-registry-style names); server-kind - // names are not (MCP-server-name tier, opt-in-only elsewhere). - // Per-server gate outcomes land in tengu_mcp_channel_gate once - // servers connect. Dev entries go through a confirmation dialog after - // this — dev_plugins captures what was typed, not what was accepted. - if (channelEntries.length > 0 || (devChannels?.length ?? 0) > 0) { - const joinPluginIds = (entries: ChannelEntry[]) => { - const ids = entries.flatMap(e => - e.kind === 'plugin' ? [`${e.name}@${e.marketplace}`] : [], - ) - return ids.length > 0 - ? (ids - .sort() - .join( - ',', - ) as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS) - : undefined - } - logEvent('tengu_mcp_channel_flags', { - channels_count: channelEntries.length, - dev_count: devChannels?.length ?? 0, - plugins: joinPluginIds(channelEntries), - dev_plugins: joinPluginIds(devChannels ?? []), - }) - } - } - - // SDK opt-in for SendUserMessage via --tools. All sessions require - // explicit opt-in; listing it in --tools signals intent. Runs BEFORE - // initializeToolPermissionContext so getToolsForDefaultPreset() sees - // the tool as enabled when computing the base-tools disallow filter. - // Conditional require avoids leaking the tool-name string into - // external builds. - if ( - (feature('KAIROS') || feature('KAIROS_BRIEF')) && - baseTools.length > 0 - ) { - /* eslint-disable @typescript-eslint/no-require-imports */ - const { BRIEF_TOOL_NAME, LEGACY_BRIEF_TOOL_NAME } = - require('./tools/BriefTool/prompt.js') as typeof import('./tools/BriefTool/prompt.js') - const { isBriefEntitled } = - require('./tools/BriefTool/BriefTool.js') as typeof import('./tools/BriefTool/BriefTool.js') - /* eslint-enable @typescript-eslint/no-require-imports */ - const parsed = parseToolListFromCLI(baseTools) - if ( - (parsed.includes(BRIEF_TOOL_NAME) || - parsed.includes(LEGACY_BRIEF_TOOL_NAME)) && - isBriefEntitled() - ) { - setUserMsgOptIn(true) - } - } - - // This await replaces blocking existsSync/statSync calls that were already in - // the startup path. Wall-clock time is unchanged; we just yield to the event - // loop during the fs I/O instead of blocking it. See #19661. - const initResult = await initializeToolPermissionContext({ - allowedToolsCli: allowedTools, - disallowedToolsCli: disallowedTools, - baseToolsCli: baseTools, - permissionMode, - allowDangerouslySkipPermissions, - addDirs: addDir, - }) - let toolPermissionContext = initResult.toolPermissionContext - const { warnings, dangerousPermissions, overlyBroadBashPermissions } = - initResult - - // Handle overly broad shell allow rules for ant users (Bash(*), PowerShell(*)) - if ( - process.env.USER_TYPE === 'ant' && - overlyBroadBashPermissions.length > 0 - ) { - for (const permission of overlyBroadBashPermissions) { - logForDebugging( - `Ignoring overly broad shell permission ${permission.ruleDisplay} from ${permission.sourceDisplay}`, - ) - } - toolPermissionContext = removeDangerousPermissions( - toolPermissionContext, - overlyBroadBashPermissions, - ) - } - - if (feature('TRANSCRIPT_CLASSIFIER') && dangerousPermissions.length > 0) { - toolPermissionContext = stripDangerousPermissionsForAutoMode( - toolPermissionContext, - ) - } - - // Print any warnings from initialization - warnings.forEach(warning => { - // biome-ignore lint/suspicious/noConsole:: intentional console output - console.error(warning) - }) - - void assertMinVersion() - - // claude.ai config fetch: -p mode only (interactive uses useManageMCPConnections - // two-phase loading). Kicked off here to overlap with setup(); awaited - // before runHeadless so single-turn -p sees connectors. Skipped under - // enterprise/strict MCP to preserve policy boundaries. - const claudeaiConfigPromise: Promise< - Record - > = - isNonInteractiveSession && - !strictMcpConfig && - !doesEnterpriseMcpConfigExist() && - // --bare / SIMPLE: skip claude.ai proxy servers (datadog, Gmail, - // Slack, BigQuery, PubMed — 6-14s each to connect). Scripted calls - // that need MCP pass --mcp-config explicitly. - !isBareMode() - ? fetchClaudeAIMcpConfigsIfEligible().then(configs => { - const { allowed, blocked } = filterMcpServersByPolicy(configs) - if (blocked.length > 0) { - process.stderr.write( - `Warning: claude.ai MCP ${plural(blocked.length, 'server')} blocked by enterprise policy: ${blocked.join(', ')}\n`, - ) - } - return allowed - }) - : Promise.resolve({}) - - // Kick off MCP config loading early (safe - just reads files, no execution). - // Both interactive and -p use getClaudeCodeMcpConfigs (local file reads only). - // The local promise is awaited later (before prefetchAllMcpResources) to - // overlap config I/O with setup(), commands loading, and trust dialog. - logForDebugging('[STARTUP] Loading MCP configs...') - const mcpConfigStart = Date.now() - let mcpConfigResolvedMs: number | undefined - // --bare skips auto-discovered MCP (.mcp.json, user settings, plugins) — - // only explicit --mcp-config works. dynamicMcpConfig is spread onto - // allMcpConfigs downstream so it survives this skip. - const mcpConfigPromise = ( - strictMcpConfig || isBareMode() - ? Promise.resolve({ - servers: {} as Record, - }) - : getClaudeCodeMcpConfigs(dynamicMcpConfig) - ).then(result => { - mcpConfigResolvedMs = Date.now() - mcpConfigStart - return result - }) - - // NOTE: We do NOT call prefetchAllMcpResources here - that's deferred until after trust dialog - - if ( - inputFormat && - inputFormat !== 'text' && - inputFormat !== 'stream-json' - ) { - // biome-ignore lint/suspicious/noConsole:: intentional console output - console.error(`Error: Invalid input format "${inputFormat}".`) - process.exit(1) - } - if (inputFormat === 'stream-json' && outputFormat !== 'stream-json') { - // biome-ignore lint/suspicious/noConsole:: intentional console output - console.error( - `Error: --input-format=stream-json requires output-format=stream-json.`, - ) - process.exit(1) - } - - // Validate sdkUrl is only used with appropriate formats (formats are auto-set above) - if (sdkUrl) { - if (inputFormat !== 'stream-json' || outputFormat !== 'stream-json') { - // biome-ignore lint/suspicious/noConsole:: intentional console output - console.error( - `Error: --sdk-url requires both --input-format=stream-json and --output-format=stream-json.`, - ) - process.exit(1) - } - } - - // Validate replayUserMessages is only used with stream-json formats - if (options.replayUserMessages) { - if (inputFormat !== 'stream-json' || outputFormat !== 'stream-json') { - // biome-ignore lint/suspicious/noConsole:: intentional console output - console.error( - `Error: --replay-user-messages requires both --input-format=stream-json and --output-format=stream-json.`, - ) - process.exit(1) - } - } - - // Validate includePartialMessages is only used with print mode and stream-json output - if (effectiveIncludePartialMessages) { - if (!isNonInteractiveSession || outputFormat !== 'stream-json') { - writeToStderr( - `Error: --include-partial-messages requires --print and --output-format=stream-json.`, - ) - process.exit(1) - } - } - - // Validate --no-session-persistence is only used with print mode - if (options.sessionPersistence === false && !isNonInteractiveSession) { - writeToStderr( - `Error: --no-session-persistence can only be used with --print mode.`, - ) - process.exit(1) - } - - const effectivePrompt = prompt || '' - let inputPrompt = await getInputPrompt( - effectivePrompt, - (inputFormat ?? 'text') as 'text' | 'stream-json', - ) - profileCheckpoint('action_after_input_prompt') - - // Activate proactive mode BEFORE getTools() so SleepTool.isEnabled() - // (which returns isProactiveActive()) passes and Sleep is included. - // The later REPL-path maybeActivateProactive() calls are idempotent. - maybeActivateProactive(options) - - let tools = getTools(toolPermissionContext) - - // Apply coordinator mode tool filtering for headless path - // (mirrors useMergedTools.ts filtering for REPL/interactive path) - if ( - feature('COORDINATOR_MODE') && - isEnvTruthy(process.env.CLAUDE_CODE_COORDINATOR_MODE) - ) { - const { applyCoordinatorToolFilter } = await import( - './utils/toolPool.js' - ) - tools = applyCoordinatorToolFilter(tools) - } - - profileCheckpoint('action_tools_loaded') - - let jsonSchema: ToolInputJSONSchema | undefined - if ( - isSyntheticOutputToolEnabled({ isNonInteractiveSession }) && - options.jsonSchema - ) { - jsonSchema = jsonParse(options.jsonSchema) as ToolInputJSONSchema - } - - if (jsonSchema) { - const syntheticOutputResult = createSyntheticOutputTool(jsonSchema) - if ('tool' in syntheticOutputResult) { - // Add SyntheticOutputTool to the tools array AFTER getTools() filtering. - // This tool is excluded from normal filtering (see tools.ts) because it's - // an implementation detail for structured output, not a user-controlled tool. - tools = [...tools, syntheticOutputResult.tool] - - logEvent('tengu_structured_output_enabled', { - schema_property_count: Object.keys( - (jsonSchema.properties as Record) || {}, - ) - .length as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - has_required_fields: Boolean( - jsonSchema.required, - ) as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - }) - } else { - logEvent('tengu_structured_output_failure', { - error: - 'Invalid JSON schema' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - }) - } - } - - // IMPORTANT: setup() must be called before any other code that depends on the cwd or worktree setup - profileCheckpoint('action_before_setup') - logForDebugging('[STARTUP] Running setup()...') - const setupStart = Date.now() - const { setup } = await import('./setup.js') - const messagingSocketPath = feature('UDS_INBOX') - ? (options as { messagingSocketPath?: string }).messagingSocketPath - : undefined - // Parallelize setup() with commands+agents loading. setup()'s ~28ms is - // mostly startUdsMessaging (socket bind, ~20ms) — not disk-bound, so it - // doesn't contend with getCommands' file reads. Gated on !worktreeEnabled - // since --worktree makes setup() process.chdir() (setup.ts:203), and - // commands/agents need the post-chdir cwd. - const preSetupCwd = getCwd() - // Register bundled skills/plugins before kicking getCommands() — they're - // pure in-memory array pushes (<1ms, zero I/O) that getBundledSkills() - // reads synchronously. Previously ran inside setup() after ~20ms of - // await points, so the parallel getCommands() memoized an empty list. - if (process.env.CLAUDE_CODE_ENTRYPOINT !== 'local-agent') { - initBuiltinPlugins() - initBundledSkills() - } - const setupPromise = setup( - preSetupCwd, - permissionMode, - allowDangerouslySkipPermissions, - worktreeEnabled, - worktreeName, - tmuxEnabled, - sessionId ? validateUuid(sessionId) : undefined, - worktreePRNumber, - messagingSocketPath, - ) - const commandsPromise = worktreeEnabled ? null : getCommands(preSetupCwd) - const agentDefsPromise = worktreeEnabled - ? null - : getAgentDefinitionsWithOverrides(preSetupCwd) - // Suppress transient unhandledRejection if these reject during the - // ~28ms setupPromise await before Promise.all joins them below. - commandsPromise?.catch(() => {}) - agentDefsPromise?.catch(() => {}) - await setupPromise - logForDebugging( - `[STARTUP] setup() completed in ${Date.now() - setupStart}ms`, - ) - profileCheckpoint('action_after_setup') - - // Replay user messages into stream-json only when the socket was - // explicitly requested. The auto-generated socket is passive — it - // lets tools inject if they want to, but turning it on by default - // shouldn't reshape stream-json for SDK consumers who never touch it. - // Callers who inject and also want those injections visible in the - // stream pass --messaging-socket-path explicitly (or --replay-user-messages). - let effectiveReplayUserMessages = !!options.replayUserMessages - if (feature('UDS_INBOX')) { - if (!effectiveReplayUserMessages && outputFormat === 'stream-json') { - effectiveReplayUserMessages = !!( - options as { messagingSocketPath?: string } - ).messagingSocketPath - } - } - - if (getIsNonInteractiveSession()) { - // Apply full merged settings env now (including project-scoped - // .claude/settings.json PATH/GIT_DIR/GIT_WORK_TREE) so gitExe() and - // the git spawn below see it. Trust is implicit in -p mode; the - // docstring at managedEnv.ts:96-97 says this applies "potentially - // dangerous environment variables such as LD_PRELOAD, PATH" from all - // sources. The later call in the isNonInteractiveSession block below - // is idempotent (Object.assign, configureGlobalAgents ejects prior - // interceptor) and picks up any plugin-contributed env after plugin - // init. Project settings are already loaded here: - // applySafeConfigEnvironmentVariables in init() called - // getSettings_DEPRECATED at managedEnv.ts:86 which merges all enabled - // sources including projectSettings/localSettings. - applyConfigEnvironmentVariables() - - // Spawn git status/log/branch now so the subprocess execution overlaps - // with the getCommands await below and startDeferredPrefetches. After - // setup() so cwd is final (setup.ts:254 may process.chdir(worktreePath) - // for --worktree) and after the applyConfigEnvironmentVariables above - // so PATH/GIT_DIR/GIT_WORK_TREE from all sources (trusted + project) - // are applied. getSystemContext is memoized; the - // prefetchSystemContextIfSafe call in startDeferredPrefetches becomes - // a cache hit. The microtask from await getIsGit() drains at the - // getCommands Promise.all await below. Trust is implicit in -p mode - // (same gate as prefetchSystemContextIfSafe). - void getSystemContext() - // Kick getUserContext now too — its first await (fs.readFile in - // getMemoryFiles) yields naturally, so the CLAUDE.md directory walk - // runs during the ~280ms overlap window before the context - // Promise.all join in print.ts. The void getUserContext() in - // startDeferredPrefetches becomes a memoize cache-hit. - void getUserContext() - // Kick ensureModelStringsInitialized now — for Bedrock this triggers - // a 100-200ms profile fetch that was awaited serially at - // print.ts:739. updateBedrockModelStrings is sequential()-wrapped so - // the await joins the in-flight fetch. Non-Bedrock is a sync - // early-return (zero-cost). - void ensureModelStringsInitialized() - } - - // Apply --name: cache-only so no orphan file is created before the - // session ID is finalized by --continue/--resume. materializeSessionFile - // persists it on the first user message; REPL's useTerminalTitle reads it - // via getCurrentSessionTitle. - const sessionNameArg = options.name?.trim() - if (sessionNameArg) { - cacheSessionTitle(sessionNameArg) - } - - // Ant model aliases (capybara-fast etc.) resolve via the - // tengu_ant_model_override GrowthBook flag. _CACHED_MAY_BE_STALE reads - // disk synchronously; disk is populated by a fire-and-forget write. On a - // cold cache, parseUserSpecifiedModel returns the unresolved alias, the - // API 404s, and -p exits before the async write lands — crashloop on - // fresh pods. Awaiting init here populates the in-memory payload map that - // _CACHED_MAY_BE_STALE now checks first. Gated so the warm path stays - // non-blocking: - // - explicit model via --model or ANTHROPIC_MODEL (both feed alias resolution) - // - no env override (which short-circuits _CACHED_MAY_BE_STALE before disk) - // - flag absent from disk (== null also catches pre-#22279 poisoned null) - const explicitModel = options.model || process.env.ANTHROPIC_MODEL - if ( - process.env.USER_TYPE === 'ant' && - explicitModel && - explicitModel !== 'default' && - !hasGrowthBookEnvOverride('tengu_ant_model_override') && - getGlobalConfig().cachedGrowthBookFeatures?.[ - 'tengu_ant_model_override' - ] == null - ) { - await initializeGrowthBook() - } - - // Special case the default model with the null keyword - // NOTE: Model resolution happens after setup() to ensure trust is established before AWS auth - const userSpecifiedModel = - options.model === 'default' ? getDefaultMainLoopModel() : options.model - const userSpecifiedFallbackModel = - fallbackModel === 'default' ? getDefaultMainLoopModel() : fallbackModel - - // Reuse preSetupCwd unless setup() chdir'd (worktreeEnabled). Saves a - // getCwd() syscall in the common path. - const currentCwd = worktreeEnabled ? getCwd() : preSetupCwd - logForDebugging('[STARTUP] Loading commands and agents...') - const commandsStart = Date.now() - // Join the promises kicked before setup() (or start fresh if - // worktreeEnabled gated the early kick). Both memoized by cwd. - const [commands, agentDefinitionsResult] = await Promise.all([ - commandsPromise ?? getCommands(currentCwd), - agentDefsPromise ?? getAgentDefinitionsWithOverrides(currentCwd), - ]) - logForDebugging( - `[STARTUP] Commands and agents loaded in ${Date.now() - commandsStart}ms`, - ) - profileCheckpoint('action_commands_loaded') - - // Parse CLI agents if provided via --agents flag - let cliAgents: typeof agentDefinitionsResult.activeAgents = [] - if (agentsJson) { - try { - const parsedAgents = safeParseJSON(agentsJson) - if (parsedAgents) { - cliAgents = parseAgentsFromJson(parsedAgents, 'flagSettings') - } - } catch (error) { - logError(error) - } - } - - // Merge CLI agents with existing ones - const allAgents = [...agentDefinitionsResult.allAgents, ...cliAgents] - const agentDefinitions = { - ...agentDefinitionsResult, - allAgents, - activeAgents: getActiveAgentsFromList(allAgents), - } - - // Look up main thread agent from CLI flag or settings - const agentSetting = agentCli ?? getInitialSettings().agent - let mainThreadAgentDefinition: - | (typeof agentDefinitions.activeAgents)[number] - | undefined - if (agentSetting) { - mainThreadAgentDefinition = agentDefinitions.activeAgents.find( - agent => agent.agentType === agentSetting, - ) - if (!mainThreadAgentDefinition) { - logForDebugging( - `Warning: agent "${agentSetting}" not found. ` + - `Available agents: ${agentDefinitions.activeAgents.map(a => a.agentType).join(', ')}. ` + - `Using default behavior.`, - ) - } - } - - // Store the main thread agent type in bootstrap state so hooks can access it - setMainThreadAgentType(mainThreadAgentDefinition?.agentType) - - // Log agent flag usage — only log agent name for built-in agents to avoid leaking custom agent names - if (mainThreadAgentDefinition) { - logEvent('tengu_agent_flag', { - agentType: isBuiltInAgent(mainThreadAgentDefinition) - ? (mainThreadAgentDefinition.agentType as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS) - : ('custom' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS), - ...(agentCli && { - source: - 'cli' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - }), - }) - } - - // Persist agent setting to session transcript for resume view display and restoration - if (mainThreadAgentDefinition?.agentType) { - saveAgentSetting(mainThreadAgentDefinition.agentType) - } - - // Apply the agent's system prompt for non-interactive sessions - // (interactive mode uses buildEffectiveSystemPrompt instead) - if ( - isNonInteractiveSession && - mainThreadAgentDefinition && - !systemPrompt && - !isBuiltInAgent(mainThreadAgentDefinition) - ) { - const agentSystemPrompt = mainThreadAgentDefinition.getSystemPrompt() - if (agentSystemPrompt) { - systemPrompt = agentSystemPrompt - } - } - - // initialPrompt goes first so its slash command (if any) is processed; - // user-provided text becomes trailing context. - // Only concatenate when inputPrompt is a string. When it's an - // AsyncIterable (SDK stream-json mode), template interpolation would - // call .toString() producing "[object Object]". The AsyncIterable case - // is handled in print.ts via structuredIO.prependUserMessage(). - if (mainThreadAgentDefinition?.initialPrompt) { - if (typeof inputPrompt === 'string') { - inputPrompt = inputPrompt - ? `${mainThreadAgentDefinition.initialPrompt}\n\n${inputPrompt}` - : mainThreadAgentDefinition.initialPrompt - } else if (!inputPrompt) { - inputPrompt = mainThreadAgentDefinition.initialPrompt - } - } - - // Compute effective model early so hooks can run in parallel with MCP - // If user didn't specify a model but agent has one, use the agent's model - let effectiveModel = userSpecifiedModel - if ( - !effectiveModel && - mainThreadAgentDefinition?.model && - mainThreadAgentDefinition.model !== 'inherit' - ) { - effectiveModel = parseUserSpecifiedModel( - mainThreadAgentDefinition.model, - ) - } - - setMainLoopModelOverride(effectiveModel) - - // Compute resolved model for hooks (use user-specified model at launch) - setInitialMainLoopModel(getUserSpecifiedModelSetting() || null) - const initialMainLoopModel = getInitialMainLoopModel() - const resolvedInitialModel = parseUserSpecifiedModel( - initialMainLoopModel ?? getDefaultMainLoopModel(), - ) - - let advisorModel: string | undefined - if (isAdvisorEnabled()) { - const advisorOption = canUserConfigureAdvisor() - ? (options as { advisor?: string }).advisor - : undefined - if (advisorOption) { - logForDebugging(`[AdvisorTool] --advisor ${advisorOption}`) - if (!modelSupportsAdvisor(resolvedInitialModel)) { - process.stderr.write( - chalk.red( - `Error: The model "${resolvedInitialModel}" does not support the advisor tool.\n`, - ), - ) - process.exit(1) - } - const normalizedAdvisorModel = normalizeModelStringForAPI( - parseUserSpecifiedModel(advisorOption), - ) - if (!isValidAdvisorModel(normalizedAdvisorModel)) { - process.stderr.write( - chalk.red( - `Error: The model "${advisorOption}" cannot be used as an advisor.\n`, - ), - ) - process.exit(1) - } - } - advisorModel = canUserConfigureAdvisor() - ? (advisorOption ?? getInitialAdvisorSetting()) - : advisorOption - if (advisorModel) { - logForDebugging(`[AdvisorTool] Advisor model: ${advisorModel}`) - } - } - - // For tmux teammates with --agent-type, append the custom agent's prompt - if ( - isAgentSwarmsEnabled() && - storedTeammateOpts?.agentId && - storedTeammateOpts?.agentName && - storedTeammateOpts?.teamName && - storedTeammateOpts?.agentType - ) { - // Look up the custom agent definition - const customAgent = agentDefinitions.activeAgents.find( - a => a.agentType === storedTeammateOpts.agentType, - ) - if (customAgent) { - // Get the prompt - need to handle both built-in and custom agents - let customPrompt: string | undefined - if (customAgent.source === 'built-in') { - // Built-in agents have getSystemPrompt that takes toolUseContext - // We can't access full toolUseContext here, so skip for now - logForDebugging( - `[teammate] Built-in agent ${storedTeammateOpts.agentType} - skipping custom prompt (not supported)`, - ) - } else { - // Custom agents have getSystemPrompt that takes no args - customPrompt = customAgent.getSystemPrompt() - } - - // Log agent memory loaded event for tmux teammates - if (customAgent.memory) { - logEvent('tengu_agent_memory_loaded', { - ...(process.env.USER_TYPE === 'ant' && { - agent_type: - customAgent.agentType as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - }), - scope: - customAgent.memory as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - source: - 'teammate' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - }) - } - - if (customPrompt) { - const customInstructions = `\n# Custom Agent Instructions\n${customPrompt}` - appendSystemPrompt = appendSystemPrompt - ? `${appendSystemPrompt}\n\n${customInstructions}` - : customInstructions - } - } else { - logForDebugging( - `[teammate] Custom agent ${storedTeammateOpts.agentType} not found in available agents`, - ) - } - } - - maybeActivateBrief(options) - // defaultView: 'chat' is a persisted opt-in — check entitlement and set - // userMsgOptIn so the tool + prompt section activate. Interactive-only: - // defaultView is a display preference; SDK sessions have no display, and - // the assistant installer writes defaultView:'chat' to settings.local.json - // which would otherwise leak into --print sessions in the same directory. - // Runs right after maybeActivateBrief() so all startup opt-in paths fire - // BEFORE any isBriefEnabled() read below (proactive prompt's - // briefVisibility). A persisted 'chat' after a GB kill-switch falls - // through (entitlement fails). - if ( - (feature('KAIROS') || feature('KAIROS_BRIEF')) && - !getIsNonInteractiveSession() && - !getUserMsgOptIn() && - getInitialSettings().defaultView === 'chat' - ) { - /* eslint-disable @typescript-eslint/no-require-imports */ - const { isBriefEntitled } = - require('./tools/BriefTool/BriefTool.js') as typeof import('./tools/BriefTool/BriefTool.js') - /* eslint-enable @typescript-eslint/no-require-imports */ - if (isBriefEntitled()) { - setUserMsgOptIn(true) - } - } - // Coordinator mode has its own system prompt and filters out Sleep, so - // the generic proactive prompt would tell it to call a tool it can't - // access and conflict with delegation instructions. - if ( - (feature('PROACTIVE') || feature('KAIROS')) && - ((options as { proactive?: boolean }).proactive || - isEnvTruthy(process.env.CLAUDE_CODE_PROACTIVE)) && - !coordinatorModeModule?.isCoordinatorMode() - ) { - /* eslint-disable @typescript-eslint/no-require-imports */ - const briefVisibility = - feature('KAIROS') || feature('KAIROS_BRIEF') - ? ( - require('./tools/BriefTool/BriefTool.js') as typeof import('./tools/BriefTool/BriefTool.js') - ).isBriefEnabled() - ? 'Call SendUserMessage at checkpoints to mark where things stand.' - : 'The user will see any text you output.' - : 'The user will see any text you output.' - /* eslint-enable @typescript-eslint/no-require-imports */ - const proactivePrompt = `\n# Proactive Mode\n\nYou are in proactive mode. Take initiative — explore, act, and make progress without waiting for instructions.\n\nStart by briefly greeting the user.\n\nYou will receive periodic prompts. These are check-ins. Do whatever seems most useful, or call Sleep if there's nothing to do. ${briefVisibility}` - appendSystemPrompt = appendSystemPrompt - ? `${appendSystemPrompt}\n\n${proactivePrompt}` - : proactivePrompt - } - - if (feature('KAIROS') && kairosEnabled && assistantModule) { - const assistantAddendum = - assistantModule.getAssistantSystemPromptAddendum() - appendSystemPrompt = appendSystemPrompt - ? `${appendSystemPrompt}\n\n${assistantAddendum}` - : assistantAddendum - } - - // Ink root is only needed for interactive sessions — patchConsole in the - // Ink constructor would swallow console output in headless mode. - let root!: Root - let getFpsMetrics!: () => FpsMetrics | undefined - let stats!: StatsStore - - // Show setup screens after commands are loaded - if (!isNonInteractiveSession) { - const ctx = getRenderContext(false) - getFpsMetrics = ctx.getFpsMetrics - stats = ctx.stats - // Install asciicast recorder before Ink mounts (ant-only, opt-in via CLAUDE_CODE_TERMINAL_RECORDING=1) - if (process.env.USER_TYPE === 'ant') { - installAsciicastRecorder() - } - - const { createRoot } = await import('./ink.js') - root = await createRoot(ctx.renderOptions) - - // Log startup time now, before any blocking dialog renders. Logging - // from REPL's first render (the old location) included however long - // the user sat on trust/OAuth/onboarding/resume-picker — p99 was ~70s - // dominated by dialog-wait time, not code-path startup. - logEvent('tengu_timer', { - event: - 'startup' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - durationMs: Math.round(process.uptime() * 1000), - }) - - logForDebugging('[STARTUP] Running showSetupScreens()...') - const setupScreensStart = Date.now() - const onboardingShown = await showSetupScreens( - root, - permissionMode, - allowDangerouslySkipPermissions, - commands, - enableClaudeInChrome, - devChannels, - ) - logForDebugging( - `[STARTUP] showSetupScreens() completed in ${Date.now() - setupScreensStart}ms`, - ) - - // Now that trust is established and GrowthBook has auth headers, - // resolve the --remote-control / --rc entitlement gate. - if (feature('BRIDGE_MODE') && remoteControlOption !== undefined) { - const { getBridgeDisabledReason } = await import( - './bridge/bridgeEnabled.js' - ) - const disabledReason = await getBridgeDisabledReason() - remoteControl = disabledReason === null - if (disabledReason) { - process.stderr.write( - chalk.yellow(`${disabledReason}\n--rc flag ignored.\n`), - ) - } - } - - // Check for pending agent memory snapshot updates (only for --agent mode, ant-only) - if ( - feature('AGENT_MEMORY_SNAPSHOT') && - mainThreadAgentDefinition && - isCustomAgent(mainThreadAgentDefinition) && - mainThreadAgentDefinition.memory && - mainThreadAgentDefinition.pendingSnapshotUpdate - ) { - const agentDef = mainThreadAgentDefinition - const choice = await launchSnapshotUpdateDialog(root, { - agentType: agentDef.agentType, - scope: agentDef.memory!, - snapshotTimestamp: - agentDef.pendingSnapshotUpdate!.snapshotTimestamp, - }) - if (choice === 'merge') { - const { buildMergePrompt } = await import( - './components/agents/SnapshotUpdateDialog.js' - ) - const mergePrompt = buildMergePrompt( - agentDef.agentType, - agentDef.memory!, - ) - inputPrompt = inputPrompt - ? `${mergePrompt}\n\n${inputPrompt}` - : mergePrompt - } - agentDef.pendingSnapshotUpdate = undefined - } - - // Skip executing /login if we just completed onboarding for it - if (onboardingShown && prompt?.trim().toLowerCase() === '/login') { - prompt = '' - } - - if (onboardingShown) { - // Refresh auth-dependent services now that the user has logged in during onboarding. - // Keep in sync with the post-login logic in src/commands/login.tsx - void refreshRemoteManagedSettings() - void refreshPolicyLimits() - // Clear user data cache BEFORE GrowthBook refresh so it picks up fresh credentials - resetUserCache() - // Refresh GrowthBook after login to get updated feature flags (e.g., for claude.ai MCPs) - refreshGrowthBookAfterAuthChange() - // Clear any stale trusted device token then enroll for Remote Control. - // Both self-gate on tengu_sessions_elevated_auth_enforcement internally - // — enrollTrustedDevice() via checkGate_CACHED_OR_BLOCKING (awaits - // the GrowthBook reinit above), clearTrustedDeviceToken() via the - // sync cached check (acceptable since clear is idempotent). - void import('./bridge/trustedDevice.js').then(m => { - m.clearTrustedDeviceToken() - return m.enrollTrustedDevice() - }) - } - - // Validate that the active token's org matches forceLoginOrgUUID (if set - // in managed settings). Runs after onboarding so managed settings and - // login state are fully loaded. - const orgValidation = await validateForceLoginOrg() - if (!orgValidation.valid) { - await exitWithError(root, orgValidation.message) - } - } - - // If gracefulShutdown was initiated (e.g., user rejected trust dialog), - // process.exitCode will be set. Skip all subsequent operations that could - // trigger code execution before the process exits (e.g. we don't want apiKeyHelper - // to run if trust was not established). - if (process.exitCode !== undefined) { - logForDebugging( - 'Graceful shutdown initiated, skipping further initialization', - ) - return - } - - // Initialize LSP manager AFTER trust is established (or in non-interactive mode - // where trust is implicit). This prevents plugin LSP servers from executing - // code in untrusted directories before user consent. - // Must be after inline plugins are set (if any) so --plugin-dir LSP servers are included. - initializeLspServerManager() - - // Show settings validation errors after trust is established - // MCP config errors don't block settings from loading, so exclude them - if (!isNonInteractiveSession) { - const { errors } = getSettingsWithErrors() - const nonMcpErrors = errors.filter(e => !e.mcpErrorMetadata) - if (nonMcpErrors.length > 0) { - await launchInvalidSettingsDialog(root, { - settingsErrors: nonMcpErrors, - onExit: () => gracefulShutdownSync(1), - }) - } - } - - // Check quota status, fast mode, passes eligibility, and bootstrap data - // after trust is established. These make API calls which could trigger - // apiKeyHelper execution. - // --bare / SIMPLE: skip — these are cache-warms for the REPL's - // first-turn responsiveness (quota, passes, fastMode, bootstrap data). Fast - // mode doesn't apply to the Agent SDK anyway (see getFastModeUnavailableReason). - const bgRefreshThrottleMs = getFeatureValue_CACHED_MAY_BE_STALE( - 'tengu_cicada_nap_ms', - 0, - ) - const lastPrefetched = getGlobalConfig().startupPrefetchedAt ?? 0 - const skipStartupPrefetches = - isBareMode() || - (bgRefreshThrottleMs > 0 && - Date.now() - lastPrefetched < bgRefreshThrottleMs) - - if (!skipStartupPrefetches) { - const lastPrefetchedInfo = - lastPrefetched > 0 - ? ` last ran ${Math.round((Date.now() - lastPrefetched) / 1000)}s ago` - : '' - logForDebugging( - `Starting background startup prefetches${lastPrefetchedInfo}`, - ) - - checkQuotaStatus().catch(error => logError(error)) - - // Fetch bootstrap data from the server and update all cache values. - void fetchBootstrapData() - - // TODO: Consolidate other prefetches into a single bootstrap request. - void prefetchPassesEligibility() - if ( - !getFeatureValue_CACHED_MAY_BE_STALE('tengu_miraculo_the_bard', false) - ) { - void prefetchFastModeStatus() - } else { - // Kill switch skips the network call, not org-policy enforcement. - // Resolve from cache so orgStatus doesn't stay 'pending' (which - // getFastModeUnavailableReason treats as permissive). - resolveFastModeStatusFromCache() - } - if (bgRefreshThrottleMs > 0) { - saveGlobalConfig(current => ({ - ...current, - startupPrefetchedAt: Date.now(), - })) - } - } else { - logForDebugging( - `Skipping startup prefetches, last ran ${Math.round((Date.now() - lastPrefetched) / 1000)}s ago`, - ) - // Resolve fast mode org status from cache (no network) - resolveFastModeStatusFromCache() - } - - if (!isNonInteractiveSession) { - void refreshExampleCommands() // Pre-fetch example commands (runs git log, no API call) - } - - // Resolve MCP configs (started early, overlaps with setup/trust dialog work) - const { servers: existingMcpConfigs } = await mcpConfigPromise - logForDebugging( - `[STARTUP] MCP configs resolved in ${mcpConfigResolvedMs}ms (awaited at +${Date.now() - mcpConfigStart}ms)`, - ) - // CLI flag (--mcp-config) should override file-based configs, matching settings precedence - const allMcpConfigs = { ...existingMcpConfigs, ...dynamicMcpConfig } - - // Separate SDK configs from regular MCP configs - const sdkMcpConfigs: Record = {} - const regularMcpConfigs: Record = {} - - for (const [name, config] of Object.entries(allMcpConfigs)) { - const typedConfig = config as ScopedMcpServerConfig | McpSdkServerConfig - if (typedConfig.type === 'sdk') { - sdkMcpConfigs[name] = typedConfig as McpSdkServerConfig - } else { - regularMcpConfigs[name] = typedConfig as ScopedMcpServerConfig - } - } - - profileCheckpoint('action_mcp_configs_loaded') - - // Prefetch MCP resources after trust dialog (this is where execution happens). - // Interactive mode only: print mode defers connects until headlessStore exists - // and pushes per-server (below), so ToolSearch's pending-client handling works - // and one slow server doesn't block the batch. - const localMcpPromise = isNonInteractiveSession - ? Promise.resolve({ clients: [], tools: [], commands: [] }) - : prefetchAllMcpResources(regularMcpConfigs) - const claudeaiMcpPromise = isNonInteractiveSession - ? Promise.resolve({ clients: [], tools: [], commands: [] }) - : claudeaiConfigPromise.then(configs => - Object.keys(configs).length > 0 - ? prefetchAllMcpResources(configs) - : { clients: [], tools: [], commands: [] }, - ) - // Merge with dedup by name: each prefetchAllMcpResources call independently - // adds helper tools (ListMcpResourcesTool, ReadMcpResourceTool) via - // local dedup flags, so merging two calls can yield duplicates. print.ts - // already uniqBy's the final tool pool, but dedup here keeps appState clean. - const mcpPromise = Promise.all([ - localMcpPromise, - claudeaiMcpPromise, - ]).then(([local, claudeai]) => ({ - clients: [...local.clients, ...claudeai.clients], - tools: uniqBy([...local.tools, ...claudeai.tools], 'name'), - commands: uniqBy([...local.commands, ...claudeai.commands], 'name'), - })) - - // Start hooks early so they run in parallel with MCP connections. - // Skip for initOnly/init/maintenance (handled separately), non-interactive - // (handled via setupTrigger), and resume/continue (conversationRecovery.ts - // fires 'resume' instead — without this guard, hooks fire TWICE on /resume - // and the second systemMessage clobbers the first. gh-30825) - const hooksPromise = - initOnly || - init || - maintenance || - isNonInteractiveSession || - options.continue || - options.resume - ? null - : processSessionStartHooks('startup', { - agentType: mainThreadAgentDefinition?.agentType, - model: resolvedInitialModel, - }) - - // MCP never blocks REPL render OR turn 1 TTFT. useManageMCPConnections - // populates appState.mcp async as servers connect (connectToServer is - // memoized — the prefetch calls above and the hook converge on the same - // connections). getToolUseContext reads store.getState() fresh via - // computeTools(), so turn 1 sees whatever's connected by query time. - // Slow servers populate for turn 2+. Matches interactive-no-prompt - // behavior. Print mode: per-server push into headlessStore (below). - const hookMessages: Awaited> = [] - // Suppress transient unhandledRejection — the prefetch warms the - // memoized connectToServer cache but nobody awaits it in interactive. - mcpPromise.catch(() => {}) - - const mcpClients: Awaited['clients'] = [] - const mcpTools: Awaited['tools'] = [] - const mcpCommands: Awaited['commands'] = [] - - let thinkingEnabled = shouldEnableThinkingByDefault() - let thinkingConfig: ThinkingConfig = - thinkingEnabled !== false ? { type: 'adaptive' } : { type: 'disabled' } - - if (options.thinking === 'adaptive' || options.thinking === 'enabled') { - thinkingEnabled = true - thinkingConfig = { type: 'adaptive' } - } else if (options.thinking === 'disabled') { - thinkingEnabled = false - thinkingConfig = { type: 'disabled' } - } else { - const maxThinkingTokens = process.env.MAX_THINKING_TOKENS - ? parseInt(process.env.MAX_THINKING_TOKENS, 10) - : options.maxThinkingTokens - if (maxThinkingTokens !== undefined) { - if (maxThinkingTokens > 0) { - thinkingEnabled = true - thinkingConfig = { - type: 'enabled', - budgetTokens: maxThinkingTokens, - } - } else if (maxThinkingTokens === 0) { - thinkingEnabled = false - thinkingConfig = { type: 'disabled' } - } - } - } - - logForDiagnosticsNoPII('info', 'started', { - version: MACRO.VERSION, - is_native_binary: isInBundledMode(), - }) - - registerCleanup(async () => { - logForDiagnosticsNoPII('info', 'exited') - }) - - void logTenguInit({ - hasInitialPrompt: Boolean(prompt), - hasStdin: Boolean(inputPrompt), - verbose, - debug, - debugToStderr, - print: print ?? false, - outputFormat: outputFormat ?? 'text', - inputFormat: inputFormat ?? 'text', - numAllowedTools: allowedTools.length, - numDisallowedTools: disallowedTools.length, - mcpClientCount: Object.keys(allMcpConfigs).length, - worktreeEnabled, - skipWebFetchPreflight: getInitialSettings().skipWebFetchPreflight, - githubActionInputs: process.env.GITHUB_ACTION_INPUTS, - dangerouslySkipPermissionsPassed: dangerouslySkipPermissions ?? false, - permissionMode, - modeIsBypass: permissionMode === 'bypassPermissions', - allowDangerouslySkipPermissionsPassed: allowDangerouslySkipPermissions, - systemPromptFlag: systemPrompt - ? options.systemPromptFile - ? 'file' - : 'flag' - : undefined, - appendSystemPromptFlag: appendSystemPrompt - ? options.appendSystemPromptFile - ? 'file' - : 'flag' - : undefined, - thinkingConfig, - assistantActivationPath: - feature('KAIROS') && kairosEnabled - ? assistantModule?.getAssistantActivationPath() - : undefined, - }) - - // Log context metrics once at initialization - void logContextMetrics(regularMcpConfigs, toolPermissionContext) - - void logPermissionContextForAnts(null, 'initialization') - - logManagedSettings() - - // Register PID file for concurrent-session detection (~/.claude/sessions/) - // and fire multi-clauding telemetry. Lives here (not init.ts) so only the - // REPL path registers — not subcommands like `claude doctor`. Chained: - // count must run after register's write completes or it misses our own file. - void registerSession().then(registered => { - if (!registered) return - if (sessionNameArg) { - void updateSessionName(sessionNameArg) - } - void countConcurrentSessions().then(count => { - if (count >= 2) { - logEvent('tengu_concurrent_sessions', { num_sessions: count }) - } - }) - }) - - // Initialize versioned plugins system (triggers V1→V2 migration if - // needed). Then run orphan GC, THEN warm the Grep/Glob exclusion cache. - // Sequencing matters: the warmup scans disk for .orphaned_at markers, - // so it must see the GC's Pass 1 (remove markers from reinstalled - // versions) and Pass 2 (stamp unmarked orphans) already applied. The - // warm also lands before autoupdate (fires on first submit in REPL) - // can orphan this session's active version underneath us. - // --bare / SIMPLE: skip plugin version sync + orphan cleanup. These - // are install/upgrade bookkeeping that scripted calls don't need — - // the next interactive session will reconcile. The await here was - // blocking -p on a marketplace round-trip. - if (isBareMode()) { - // skip — no-op - } else if (isNonInteractiveSession) { - // In headless mode, await to ensure plugin sync completes before CLI exits - await initializeVersionedPlugins() - profileCheckpoint('action_after_plugins_init') - void cleanupOrphanedPluginVersionsInBackground().then(() => - getGlobExclusionsForPluginCache(), - ) - } else { - // In interactive mode, fire-and-forget — this is purely bookkeeping - // that doesn't affect runtime behavior of the current session - void initializeVersionedPlugins().then(async () => { - profileCheckpoint('action_after_plugins_init') - await cleanupOrphanedPluginVersionsInBackground() - void getGlobExclusionsForPluginCache() - }) - } - - const setupTrigger = - initOnly || init ? 'init' : maintenance ? 'maintenance' : null - if (initOnly) { - applyConfigEnvironmentVariables() - await processSetupHooks('init', { forceSyncExecution: true }) - await processSessionStartHooks('startup', { forceSyncExecution: true }) - gracefulShutdownSync(0) - return - } - - // --print mode - if (isNonInteractiveSession) { - if (outputFormat === 'stream-json' || outputFormat === 'json') { - setHasFormattedOutput(true) - } - - // Apply full environment variables in print mode since trust dialog is bypassed - // This includes potentially dangerous environment variables from untrusted sources - // but print mode is considered trusted (as documented in help text) - applyConfigEnvironmentVariables() - - // Initialize telemetry after env vars are applied so OTEL endpoint env vars and - // otelHeadersHelper (which requires trust to execute) are available. - initializeTelemetryAfterTrust() - - // Kick SessionStart hooks now so the subprocess spawn overlaps with - // MCP connect + plugin init + print.ts import below. loadInitialMessages - // joins this at print.ts:4397. Guarded same as loadInitialMessages — - // continue/resume/teleport paths don't fire startup hooks (or fire them - // conditionally inside the resume branch, where this promise is - // undefined and the ?? fallback runs). Also skip when setupTrigger is - // set — those paths run setup hooks first (print.ts:544), and session - // start hooks must wait until setup completes. - const sessionStartHooksPromise = - options.continue || options.resume || teleport || setupTrigger - ? undefined - : processSessionStartHooks('startup') - // Suppress transient unhandledRejection if this rejects before - // loadInitialMessages awaits it. Downstream await still observes the - // rejection — this just prevents the spurious global handler fire. - sessionStartHooksPromise?.catch(() => {}) - - profileCheckpoint('before_validateForceLoginOrg') - // Validate org restriction for non-interactive sessions - const orgValidation = await validateForceLoginOrg() - if (!orgValidation.valid) { - process.stderr.write(orgValidation.message + '\n') - process.exit(1) - } - - // Headless mode supports all prompt commands and some local commands - // If disableSlashCommands is true, return empty array - const commandsHeadless = disableSlashCommands - ? [] - : commands.filter( - command => - (command.type === 'prompt' && !command.disableNonInteractive) || - (command.type === 'local' && command.supportsNonInteractive), - ) - - const defaultState = getDefaultAppState() - const headlessInitialState: AppState = { - ...defaultState, - mcp: { - ...defaultState.mcp, - clients: mcpClients, - commands: mcpCommands, - tools: mcpTools, - }, - toolPermissionContext, - effortValue: - parseEffortValue(options.effort) ?? getInitialEffortSetting(), - ...(isFastModeEnabled() && { - fastMode: getInitialFastModeSetting(effectiveModel ?? null), - }), - ...(isAdvisorEnabled() && advisorModel && { advisorModel }), - // kairosEnabled gates the async fire-and-forget path in - // executeForkedSlashCommand (processSlashCommand.tsx:132) and - // AgentTool's shouldRunAsync. The REPL initialState sets this at - // ~3459; headless was defaulting to false, so the daemon child's - // scheduled tasks and Agent-tool calls ran synchronously — N - // overdue cron tasks on spawn = N serial subagent turns blocking - // user input. Computed at :1620, well before this branch. - ...(feature('KAIROS') ? { kairosEnabled } : {}), - } - - // Init app state - const headlessStore = createStore( - headlessInitialState, - onChangeAppState, - ) - - // Check if bypassPermissions should be disabled based on Statsig gate - // This runs in parallel to the code below, to avoid blocking the main loop. - if ( - toolPermissionContext.mode === 'bypassPermissions' || - allowDangerouslySkipPermissions - ) { - void checkAndDisableBypassPermissions(toolPermissionContext) - } - - // Async check of auto mode gate — corrects state and disables auto if needed. - // Gated on TRANSCRIPT_CLASSIFIER (not USER_TYPE) so GrowthBook kill switch runs for external builds too. - if (feature('TRANSCRIPT_CLASSIFIER')) { - void verifyAutoModeGateAccess( - toolPermissionContext, - headlessStore.getState().fastMode, - ).then(({ updateContext }) => { - headlessStore.setState(prev => { - const nextCtx = updateContext(prev.toolPermissionContext) - if (nextCtx === prev.toolPermissionContext) return prev - return { ...prev, toolPermissionContext: nextCtx } - }) - }) - } - - // Set global state for session persistence - if (options.sessionPersistence === false) { - setSessionPersistenceDisabled(true) - } - - // Store SDK betas in global state for context window calculation - // Only store allowed betas (filters by allowlist and subscriber status) - setSdkBetas(filterAllowedSdkBetas(betas)) - - // Print-mode MCP: per-server incremental push into headlessStore. - // Mirrors useManageMCPConnections — push pending first (so ToolSearch's - // pending-check at ToolSearchTool.ts:334 sees them), then replace with - // connected/failed as each server settles. - const connectMcpBatch = ( - configs: Record, - label: string, - ): Promise => { - if (Object.keys(configs).length === 0) return Promise.resolve() - headlessStore.setState(prev => ({ - ...prev, - mcp: { - ...prev.mcp, - clients: [ - ...prev.mcp.clients, - ...Object.entries(configs).map(([name, config]) => ({ - name, - type: 'pending' as const, - config, - })), - ], - }, - })) - return getMcpToolsCommandsAndResources( - ({ client, tools, commands }) => { - headlessStore.setState(prev => ({ - ...prev, - mcp: { - ...prev.mcp, - clients: prev.mcp.clients.some(c => c.name === client.name) - ? prev.mcp.clients.map(c => - c.name === client.name ? client : c, - ) - : [...prev.mcp.clients, client], - tools: uniqBy([...prev.mcp.tools, ...tools], 'name'), - commands: uniqBy([...prev.mcp.commands, ...commands], 'name'), - }, - })) - }, - configs, - ).catch(err => - logForDebugging(`[MCP] ${label} connect error: ${err}`), - ) - } - // Await all MCP configs — print mode is often single-turn, so - // "late-connecting servers visible next turn" doesn't help. SDK init - // message and turn-1 tool list both need configured MCP tools present. - // Zero-server case is free via the early return in connectMcpBatch. - // Connectors parallelize inside getMcpToolsCommandsAndResources - // (processBatched with Promise.all). claude.ai is awaited too — its - // fetch was kicked off early (line ~2558) so only residual time blocks - // here. --bare skips claude.ai entirely for perf-sensitive scripts. - profileCheckpoint('before_connectMcp') - await connectMcpBatch(regularMcpConfigs, 'regular') - profileCheckpoint('after_connectMcp') - // Dedup: suppress plugin MCP servers that duplicate a claude.ai - // connector (connector wins), then connect claude.ai servers. - // Bounded wait — #23725 made this blocking so single-turn -p sees - // connectors, but with 40+ slow connectors tengu_startup_perf p99 - // climbed to 76s. If fetch+connect doesn't finish in time, proceed; - // the promise keeps running and updates headlessStore in the - // background so turn 2+ still sees connectors. - const CLAUDE_AI_MCP_TIMEOUT_MS = 5_000 - const claudeaiConnect = claudeaiConfigPromise.then(claudeaiConfigs => { - if (Object.keys(claudeaiConfigs).length > 0) { - const claudeaiSigs = new Set() - for (const config of Object.values(claudeaiConfigs)) { - const sig = getMcpServerSignature(config) - if (sig) claudeaiSigs.add(sig) - } - const suppressed = new Set() - for (const [name, config] of Object.entries(regularMcpConfigs)) { - if (!name.startsWith('plugin:')) continue - const sig = getMcpServerSignature(config) - if (sig && claudeaiSigs.has(sig)) suppressed.add(name) - } - if (suppressed.size > 0) { - logForDebugging( - `[MCP] Lazy dedup: suppressing ${suppressed.size} plugin server(s) that duplicate claude.ai connectors: ${[...suppressed].join(', ')}`, - ) - // Disconnect before filtering from state. Only connected - // servers need cleanup — clearServerCache on a never-connected - // server triggers a real connect just to kill it (memoize - // cache-miss path, see useManageMCPConnections.ts:870). - for (const c of headlessStore.getState().mcp.clients) { - if (!suppressed.has(c.name) || c.type !== 'connected') continue - c.client.onclose = undefined - void clearServerCache(c.name, c.config).catch(() => {}) - } - headlessStore.setState(prev => { - let { clients, tools, commands, resources } = prev.mcp - clients = clients.filter(c => !suppressed.has(c.name)) - tools = tools.filter( - t => !t.mcpInfo || !suppressed.has(t.mcpInfo.serverName), - ) - for (const name of suppressed) { - commands = excludeCommandsByServer(commands, name) - resources = excludeResourcesByServer(resources, name) - } - return { - ...prev, - mcp: { ...prev.mcp, clients, tools, commands, resources }, - } - }) - } - } - // Suppress claude.ai connectors that duplicate an enabled - // manual server (URL-signature match). Plugin dedup above only - // handles `plugin:*` keys; this catches manual `.mcp.json` entries. - // plugin:* must be excluded here — step 1 already suppressed - // those (claude.ai wins); leaving them in suppresses the - // connector too, and neither survives (gh-39974). - const nonPluginConfigs = pickBy( - regularMcpConfigs, - (_, n) => !n.startsWith('plugin:'), - ) - const { servers: dedupedClaudeAi } = dedupClaudeAiMcpServers( - claudeaiConfigs, - nonPluginConfigs, - ) - return connectMcpBatch(dedupedClaudeAi, 'claudeai') - }) - let claudeaiTimer: ReturnType | undefined - const claudeaiTimedOut = await Promise.race([ - claudeaiConnect.then(() => false), - new Promise(resolve => { - claudeaiTimer = setTimeout( - r => r(true), - CLAUDE_AI_MCP_TIMEOUT_MS, - resolve, - ) - }), - ]) - if (claudeaiTimer) clearTimeout(claudeaiTimer) - if (claudeaiTimedOut) { - logForDebugging( - `[MCP] claude.ai connectors not ready after ${CLAUDE_AI_MCP_TIMEOUT_MS}ms — proceeding; background connection continues`, - ) - } - profileCheckpoint('after_connectMcp_claudeai') - - // In headless mode, start deferred prefetches immediately (no user typing delay) - // --bare / SIMPLE: startDeferredPrefetches early-returns internally. - // backgroundHousekeeping (initExtractMemories, pruneShellSnapshots, - // cleanupOldMessageFiles) and sdkHeapDumpMonitor are all bookkeeping - // that scripted calls don't need — the next interactive session reconciles. - if (!isBareMode()) { - startDeferredPrefetches() - void import('./utils/backgroundHousekeeping.js').then(m => - m.startBackgroundHousekeeping(), - ) - if (process.env.USER_TYPE === 'ant') { - void import('./utils/sdkHeapDumpMonitor.js').then(m => - m.startSdkMemoryMonitor(), - ) - } - } - - logSessionTelemetry() - profileCheckpoint('before_print_import') - const { runHeadless } = await import('src/cli/print.js') - profileCheckpoint('after_print_import') - void runHeadless( - inputPrompt, - () => headlessStore.getState(), - headlessStore.setState, - commandsHeadless, - tools, - sdkMcpConfigs, - agentDefinitions.activeAgents, - { - continue: options.continue, - resume: options.resume, - verbose: verbose, - outputFormat: outputFormat, - jsonSchema, - permissionPromptToolName: options.permissionPromptTool, - allowedTools, - thinkingConfig, - maxTurns: options.maxTurns, - maxBudgetUsd: options.maxBudgetUsd, - taskBudget: options.taskBudget - ? { total: options.taskBudget } - : undefined, - systemPrompt, - appendSystemPrompt, - userSpecifiedModel: effectiveModel, - fallbackModel: userSpecifiedFallbackModel, - teleport, - sdkUrl, - replayUserMessages: effectiveReplayUserMessages, - includePartialMessages: effectiveIncludePartialMessages, - forkSession: options.forkSession || false, - resumeSessionAt: options.resumeSessionAt || undefined, - rewindFiles: options.rewindFiles, - enableAuthStatus: options.enableAuthStatus, - agent: agentCli, - workload: options.workload, - setupTrigger: setupTrigger ?? undefined, - sessionStartHooksPromise, - }, - ) - return - } - - // Log model config at startup - logEvent('tengu_startup_manual_model_config', { - cli_flag: - options.model as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - env_var: process.env - .ANTHROPIC_MODEL as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - settings_file: (getInitialSettings() || {}) - .model as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - subscriptionType: - getSubscriptionType() as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - agent: - agentSetting as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - }) - - // Get deprecation warning for the initial model (resolvedInitialModel computed earlier for hooks parallelization) - const deprecationWarning = - getModelDeprecationWarning(resolvedInitialModel) - - // Build initial notification queue - const initialNotifications: Array<{ - key: string - text: string - color?: 'warning' - priority: 'high' - }> = [] - if (permissionModeNotification) { - initialNotifications.push({ - key: 'permission-mode-notification', - text: permissionModeNotification, - priority: 'high', - }) - } - if (deprecationWarning) { - initialNotifications.push({ - key: 'model-deprecation-warning', - text: deprecationWarning, - color: 'warning', - priority: 'high', - }) - } - if (overlyBroadBashPermissions.length > 0) { - const displayList = uniq( - overlyBroadBashPermissions.map(p => p.ruleDisplay), - ) - const displays = displayList.join(', ') - const sources = uniq( - overlyBroadBashPermissions.map(p => p.sourceDisplay), - ).join(', ') - const n = displayList.length - initialNotifications.push({ - key: 'overly-broad-bash-notification', - text: `${displays} allow ${plural(n, 'rule')} from ${sources} ${plural(n, 'was', 'were')} ignored \u2014 not available for Ants, please use auto-mode instead`, - color: 'warning', - priority: 'high', - }) - } - - const effectiveToolPermissionContext = { - ...toolPermissionContext, - mode: - isAgentSwarmsEnabled() && getTeammateUtils().isPlanModeRequired() - ? ('plan' as const) - : toolPermissionContext.mode, - } - // All startup opt-in paths (--tools, --brief, defaultView) have fired - // above; initialIsBriefOnly just reads the resulting state. - const initialIsBriefOnly = - feature('KAIROS') || feature('KAIROS_BRIEF') ? getUserMsgOptIn() : false - const fullRemoteControl = - remoteControl || getRemoteControlAtStartup() || kairosEnabled - let ccrMirrorEnabled = false - if (feature('CCR_MIRROR') && !fullRemoteControl) { - /* eslint-disable @typescript-eslint/no-require-imports */ - const { isCcrMirrorEnabled } = - require('./bridge/bridgeEnabled.js') as typeof import('./bridge/bridgeEnabled.js') - /* eslint-enable @typescript-eslint/no-require-imports */ - ccrMirrorEnabled = isCcrMirrorEnabled() - } - - const initialState: AppState = { - settings: getInitialSettings(), - tasks: {}, - agentNameRegistry: new Map(), - verbose: verbose ?? getGlobalConfig().verbose ?? false, - mainLoopModel: initialMainLoopModel, - mainLoopModelForSession: null, - isBriefOnly: initialIsBriefOnly, - expandedView: getGlobalConfig().showSpinnerTree - ? 'teammates' - : getGlobalConfig().showExpandedTodos - ? 'tasks' - : 'none', - showTeammateMessagePreview: isAgentSwarmsEnabled() ? false : undefined, - selectedIPAgentIndex: -1, - coordinatorTaskIndex: -1, - viewSelectionMode: 'none', - footerSelection: null, - toolPermissionContext: effectiveToolPermissionContext, - agent: mainThreadAgentDefinition?.agentType, - agentDefinitions, - mcp: { - clients: [], - tools: [], - commands: [], - resources: {}, - pluginReconnectKey: 0, - }, - plugins: { - enabled: [], - disabled: [], - commands: [], - errors: [], - installationStatus: { - marketplaces: [], - plugins: [], - }, - needsRefresh: false, - }, - statusLineText: undefined, - kairosEnabled, - remoteSessionUrl: undefined, - remoteConnectionStatus: 'connecting', - remoteBackgroundTaskCount: 0, - replBridgeEnabled: fullRemoteControl || ccrMirrorEnabled, - replBridgeExplicit: remoteControl, - replBridgeOutboundOnly: ccrMirrorEnabled, - replBridgeConnected: false, - replBridgeSessionActive: false, - replBridgeReconnecting: false, - replBridgeConnectUrl: undefined, - replBridgeSessionUrl: undefined, - replBridgeEnvironmentId: undefined, - replBridgeSessionId: undefined, - replBridgeError: undefined, - replBridgeInitialName: remoteControlName, - showRemoteCallout: false, - notifications: { - current: null, - queue: initialNotifications, - }, - elicitation: { - queue: [], - }, - todos: {}, - remoteAgentTaskSuggestions: [], - fileHistory: { - snapshots: [], - trackedFiles: new Set(), - snapshotSequence: 0, - }, - attribution: createEmptyAttributionState(), - thinkingEnabled, - promptSuggestionEnabled: shouldEnablePromptSuggestion(), - sessionHooks: new Map(), - inbox: { - messages: [], - }, - promptSuggestion: { - text: null, - promptId: null, - shownAt: 0, - acceptedAt: 0, - generationRequestId: null, - }, - speculation: IDLE_SPECULATION_STATE, - speculationSessionTimeSavedMs: 0, - skillImprovement: { - suggestion: null, - }, - workerSandboxPermissions: { - queue: [], - selectedIndex: 0, - }, - pendingWorkerRequest: null, - pendingSandboxRequest: null, - authVersion: 0, - initialMessage: inputPrompt - ? { message: createUserMessage({ content: String(inputPrompt) }) } - : null, - effortValue: - parseEffortValue(options.effort) ?? getInitialEffortSetting(), - activeOverlays: new Set(), - fastMode: getInitialFastModeSetting(resolvedInitialModel), - ...(isAdvisorEnabled() && advisorModel && { advisorModel }), - // Compute teamContext synchronously to avoid useEffect setState during render. - // KAIROS: assistantTeamContext takes precedence — set earlier in the - // KAIROS block so Agent(name: "foo") can spawn in-process teammates - // without TeamCreate. computeInitialTeamContext() is for tmux-spawned - // teammates reading their own identity, not the assistant-mode leader. - teamContext: feature('KAIROS') - ? (assistantTeamContext ?? computeInitialTeamContext?.()) - : computeInitialTeamContext?.(), - } - - // Add CLI initial prompt to history - if (inputPrompt) { - addToHistory(String(inputPrompt)) - } - - const initialTools = mcpTools - - // Increment numStartups synchronously — first-render readers like - // shouldShowEffortCallout (via useState initializer) need the updated - // value before setImmediate fires. Defer only telemetry. - saveGlobalConfig(current => ({ - ...current, - numStartups: (current.numStartups ?? 0) + 1, - })) - setImmediate(() => { - void logStartupTelemetry() - logSessionTelemetry() - }) - - // Set up per-turn session environment data uploader (ant-only build). - // Default-enabled for all ant users when working in an Anthropic-owned - // repo. Captures git/filesystem state (NOT transcripts) at each turn so - // environments can be recreated at any user message index. Gating: - // - Build-time: this import is stubbed in external builds. - // - Runtime: uploader checks github.com/anthropics/* remote + gcloud auth. - // - Safety: CLAUDE_CODE_DISABLE_SESSION_DATA_UPLOAD=1 bypasses (tests set this). - // Import is dynamic + async to avoid adding startup latency. - const sessionUploaderPromise = - process.env.USER_TYPE === 'ant' - ? import('./utils/sessionDataUploader.js') - : null - - // Defer session uploader resolution to the onTurnComplete callback to avoid - // adding a new top-level await in main.tsx (performance-critical path). - // The per-turn auth logic in sessionDataUploader.ts handles unauthenticated - // state gracefully (re-checks each turn, so auth recovery mid-session works). - const uploaderReady = sessionUploaderPromise - ? sessionUploaderPromise - .then(mod => mod.createSessionTurnUploader()) - .catch(() => null) - : null - - const sessionConfig = { - debug: debug || debugToStderr, - commands: [...commands, ...mcpCommands], - initialTools, - mcpClients, - autoConnectIdeFlag: ide, - mainThreadAgentDefinition, - disableSlashCommands, - dynamicMcpConfig, - strictMcpConfig, - systemPrompt, - appendSystemPrompt, - taskListId, - thinkingConfig, - ...(uploaderReady && { - onTurnComplete: (messages: MessageType[]) => { - void uploaderReady.then(uploader => uploader?.(messages)) - }, - }), - } - - // Shared context for processResumedConversation calls - const resumeContext = { - modeApi: coordinatorModeModule, - mainThreadAgentDefinition, - agentDefinitions, - currentCwd, - cliAgents, - initialState, - } - - if (options.continue) { - // Continue the most recent conversation directly - let resumeSucceeded = false - try { - const resumeStart = performance.now() - - // Clear stale caches before resuming to ensure fresh file/skill discovery - const { clearSessionCaches } = await import( - './commands/clear/caches.js' - ) - clearSessionCaches() - - const result = await loadConversationForResume( - undefined /* sessionId */, - undefined /* sourceFile */, - ) - if (!result) { - logEvent('tengu_continue', { - success: false, - }) - return await exitWithError( - root, - 'No conversation found to continue', - ) - } - - const loaded = await processResumedConversation( - result, - { - forkSession: !!options.forkSession, - includeAttribution: true, - transcriptPath: result.fullPath, - }, - resumeContext, - ) - - if (loaded.restoredAgentDef) { - mainThreadAgentDefinition = loaded.restoredAgentDef - } - - maybeActivateProactive(options) - maybeActivateBrief(options) - - logEvent('tengu_continue', { - success: true, - resume_duration_ms: Math.round(performance.now() - resumeStart), - }) - resumeSucceeded = true - - await launchRepl( - root, - { getFpsMetrics, stats, initialState: loaded.initialState }, - { - ...sessionConfig, - mainThreadAgentDefinition: - loaded.restoredAgentDef ?? mainThreadAgentDefinition, - initialMessages: loaded.messages, - initialFileHistorySnapshots: loaded.fileHistorySnapshots, - initialContentReplacements: loaded.contentReplacements, - initialAgentName: loaded.agentName, - initialAgentColor: loaded.agentColor, - }, - renderAndRun, - ) - } catch (error) { - if (!resumeSucceeded) { - logEvent('tengu_continue', { - success: false, - }) - } - logError(error) - process.exit(1) - } - } else if (feature('DIRECT_CONNECT') && _pendingConnect?.url) { - // `claude connect ` — full interactive TUI connected to a remote server - let directConnectConfig - try { - const session = await createDirectConnectSession({ - serverUrl: _pendingConnect.url, - authToken: _pendingConnect.authToken, - cwd: getOriginalCwd(), - dangerouslySkipPermissions: - _pendingConnect.dangerouslySkipPermissions, - }) - if (session.workDir) { - setOriginalCwd(session.workDir) - setCwdState(session.workDir) - } - setDirectConnectServerUrl(_pendingConnect.url) - directConnectConfig = session.config - } catch (err) { - return await exitWithError( - root, - err instanceof DirectConnectError ? err.message : String(err), - () => gracefulShutdown(1), - ) - } - - const connectInfoMessage = createSystemMessage( - `Connected to server at ${_pendingConnect.url}\nSession: ${directConnectConfig.sessionId}`, - 'info', - ) - - await launchRepl( - root, - { getFpsMetrics, stats, initialState }, - { - debug: debug || debugToStderr, - commands, - initialTools: [], - initialMessages: [connectInfoMessage], - mcpClients: [], - autoConnectIdeFlag: ide, - mainThreadAgentDefinition, - disableSlashCommands, - directConnectConfig, - thinkingConfig, - }, - renderAndRun, - ) - return - } else if (feature('SSH_REMOTE') && _pendingSSH?.host) { - // `claude ssh [dir]` — probe remote, deploy binary if needed, - // spawn ssh with unix-socket -R forward to a local auth proxy, hand - // the REPL an SSHSession. Tools run remotely, UI renders locally. - // `--local` skips probe/deploy/ssh and spawns the current binary - // directly with the same env — e2e test of the proxy/auth plumbing. - const { createSSHSession, createLocalSSHSession, SSHSessionError } = - await import('./ssh/createSSHSession.js') - let sshSession - try { - if (_pendingSSH.local) { - process.stderr.write('Starting local ssh-proxy test session...\n') - sshSession = createLocalSSHSession({ - cwd: _pendingSSH.cwd, - permissionMode: _pendingSSH.permissionMode, - dangerouslySkipPermissions: - _pendingSSH.dangerouslySkipPermissions, - }) - } else { - process.stderr.write(`Connecting to ${_pendingSSH.host}…\n`) - // In-place progress: \r + EL0 (erase to end of line). Final \n on - // success so the next message lands on a fresh line. No-op when - // stderr isn't a TTY (piped/redirected) — \r would just emit noise. - const isTTY = process.stderr.isTTY - let hadProgress = false - sshSession = await createSSHSession( - { - host: _pendingSSH.host, - cwd: _pendingSSH.cwd, - localVersion: MACRO.VERSION, - permissionMode: _pendingSSH.permissionMode, - dangerouslySkipPermissions: - _pendingSSH.dangerouslySkipPermissions, - extraCliArgs: _pendingSSH.extraCliArgs, - }, - isTTY - ? { - onProgress: msg => { - hadProgress = true - process.stderr.write(`\r ${msg}\x1b[K`) - }, - } - : {}, - ) - if (hadProgress) process.stderr.write('\n') - } - setOriginalCwd(sshSession.remoteCwd) - setCwdState(sshSession.remoteCwd) - setDirectConnectServerUrl( - _pendingSSH.local ? 'local' : _pendingSSH.host, - ) - } catch (err) { - return await exitWithError( - root, - err instanceof SSHSessionError ? err.message : String(err), - () => gracefulShutdown(1), - ) - } - - const sshInfoMessage = createSystemMessage( - _pendingSSH.local - ? `Local ssh-proxy test session\ncwd: ${sshSession.remoteCwd}\nAuth: unix socket → local proxy` - : `SSH session to ${_pendingSSH.host}\nRemote cwd: ${sshSession.remoteCwd}\nAuth: unix socket -R → local proxy`, - 'info', - ) - - await launchRepl( - root, - { getFpsMetrics, stats, initialState }, - { - debug: debug || debugToStderr, - commands, - initialTools: [], - initialMessages: [sshInfoMessage], - mcpClients: [], - autoConnectIdeFlag: ide, - mainThreadAgentDefinition, - disableSlashCommands, - sshSession, - thinkingConfig, - }, - renderAndRun, - ) - return - } else if ( - feature('KAIROS') && - _pendingAssistantChat && - (_pendingAssistantChat.sessionId || _pendingAssistantChat.discover) - ) { - // `claude assistant [sessionId]` — REPL as a pure viewer client - // of a remote assistant session. The agentic loop runs remotely; this - // process streams live events and POSTs messages. History is lazy- - // loaded by useAssistantHistory on scroll-up (no blocking fetch here). - const { discoverAssistantSessions } = await import( - './assistant/sessionDiscovery.js' - ) - - let targetSessionId = _pendingAssistantChat.sessionId - - // Discovery flow — list bridge environments, filter sessions - if (!targetSessionId) { - let sessions - try { - sessions = await discoverAssistantSessions() - } catch (e) { - return await exitWithError( - root, - `Failed to discover sessions: ${e instanceof Error ? e.message : e}`, - () => gracefulShutdown(1), - ) - } - if (sessions.length === 0) { - let installedDir: string | null - try { - installedDir = await launchAssistantInstallWizard(root) - } catch (e) { - return await exitWithError( - root, - `Assistant installation failed: ${e instanceof Error ? e.message : e}`, - () => gracefulShutdown(1), - ) - } - if (installedDir === null) { - await gracefulShutdown(0) - process.exit(0) - } - // The daemon needs a few seconds to spin up its worker and - // establish a bridge session before discovery will find it. - return await exitWithMessage( - root, - `Assistant installed in ${installedDir}. The daemon is starting up — run \`claude assistant\` again in a few seconds to connect.`, - { exitCode: 0, beforeExit: () => gracefulShutdown(0) }, - ) - } - if (sessions.length === 1) { - targetSessionId = sessions[0]!.id - } else { - const picked = await launchAssistantSessionChooser(root, { - sessions, - }) - if (!picked) { - await gracefulShutdown(0) - process.exit(0) - } - targetSessionId = picked - } - } - - // Auth — call prepareApiRequest() once for orgUUID, but use a - // getAccessToken closure for the token so reconnects get fresh tokens. - const { checkAndRefreshOAuthTokenIfNeeded, getClaudeAIOAuthTokens } = - await import('./utils/auth.js') - await checkAndRefreshOAuthTokenIfNeeded() - let apiCreds - try { - apiCreds = await prepareApiRequest() - } catch (e) { - return await exitWithError( - root, - `Error: ${e instanceof Error ? e.message : 'Failed to authenticate'}`, - () => gracefulShutdown(1), - ) - } - const getAccessToken = (): string => - getClaudeAIOAuthTokens()?.accessToken ?? apiCreds.accessToken - - // Brief mode activation: setKairosActive(true) satisfies BOTH opt-in - // and entitlement for isBriefEnabled() (BriefTool.ts:124-132). - setKairosActive(true) - setUserMsgOptIn(true) - setIsRemoteMode(true) - - const remoteSessionConfig = createRemoteSessionConfig( - targetSessionId, - getAccessToken, - apiCreds.orgUUID, - /* hasInitialPrompt */ false, - /* viewerOnly */ true, - ) - - const infoMessage = createSystemMessage( - `Attached to assistant session ${targetSessionId.slice(0, 8)}…`, - 'info', - ) - - const assistantInitialState: AppState = { - ...initialState, - isBriefOnly: true, - kairosEnabled: false, - replBridgeEnabled: false, - } - - const remoteCommands = filterCommandsForRemoteMode(commands) - await launchRepl( - root, - { getFpsMetrics, stats, initialState: assistantInitialState }, - { - debug: debug || debugToStderr, - commands: remoteCommands, - initialTools: [], - initialMessages: [infoMessage], - mcpClients: [], - autoConnectIdeFlag: ide, - mainThreadAgentDefinition, - disableSlashCommands, - remoteSessionConfig, - thinkingConfig, - }, - renderAndRun, - ) - return - } else if ( - options.resume || - options.fromPr || - teleport || - remote !== null - ) { - // Handle resume flow - from file (ant-only), session ID, or interactive selector - - // Clear stale caches before resuming to ensure fresh file/skill discovery - const { clearSessionCaches } = await import( - './commands/clear/caches.js' - ) - clearSessionCaches() - - let messages: MessageType[] | null = null - let processedResume: ProcessedResume | undefined = undefined - - let maybeSessionId = validateUuid(options.resume) - let searchTerm: string | undefined = undefined - // Store full LogOption when found by custom title (for cross-worktree resume) - let matchedLog: LogOption | null = null - // PR filter for --from-pr flag - let filterByPr: boolean | number | string | undefined = undefined - - // Handle --from-pr flag - if (options.fromPr) { - if (options.fromPr === true) { - // Show all sessions with linked PRs - filterByPr = true - } else if (typeof options.fromPr === 'string') { - // Could be a PR number or URL - filterByPr = options.fromPr - } - } - - // If resume value is not a UUID, try exact match by custom title first - if ( - options.resume && - typeof options.resume === 'string' && - !maybeSessionId - ) { - const trimmedValue = options.resume.trim() - if (trimmedValue) { - const matches = await searchSessionsByCustomTitle(trimmedValue, { - exact: true, - }) - - if (matches.length === 1) { - // Exact match found - store full LogOption for cross-worktree resume - matchedLog = matches[0]! - maybeSessionId = getSessionIdFromLog(matchedLog) ?? null - } else { - // No match or multiple matches - use as search term for picker - searchTerm = trimmedValue - } - } - } - - // --remote and --teleport both create/resume Claude Code Web (CCR) sessions. - // Remote Control (--rc) is a separate feature gated in initReplBridge.ts. - if (remote !== null || teleport) { - await waitForPolicyLimitsToLoad() - if (!isPolicyAllowed('allow_remote_sessions')) { - return await exitWithError( - root, - "Error: Remote sessions are disabled by your organization's policy.", - () => gracefulShutdown(1), - ) - } - } - - if (remote !== null) { - // Create remote session (optionally with initial prompt) - const hasInitialPrompt = remote.length > 0 - - // Check if TUI mode is enabled - description is only optional in TUI mode - const isRemoteTuiEnabled = getFeatureValue_CACHED_MAY_BE_STALE( - 'tengu_remote_backend', - false, - ) - if (!isRemoteTuiEnabled && !hasInitialPrompt) { - return await exitWithError( - root, - 'Error: --remote requires a description.\nUsage: claude --remote "your task description"', - () => gracefulShutdown(1), - ) - } - - logEvent('tengu_remote_create_session', { - has_initial_prompt: String( - hasInitialPrompt, - ) as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - }) - - // Pass current branch so CCR clones the repo at the right revision - const currentBranch = await getBranch() - const createdSession = await teleportToRemoteWithErrorHandling( - root, - hasInitialPrompt ? remote : null, - new AbortController().signal, - currentBranch || undefined, - ) - if (!createdSession) { - logEvent('tengu_remote_create_session_error', { - error: - 'unable_to_create_session' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - }) - return await exitWithError( - root, - 'Error: Unable to create remote session', - () => gracefulShutdown(1), - ) - } - logEvent('tengu_remote_create_session_success', { - session_id: - createdSession.id as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - }) - - // Check if new remote TUI mode is enabled via feature gate - if (!isRemoteTuiEnabled) { - // Original behavior: print session info and exit - process.stdout.write( - `Created remote session: ${createdSession.title}\n`, - ) - process.stdout.write( - `View: ${getRemoteSessionUrl(createdSession.id)}?m=0\n`, - ) - process.stdout.write( - `Resume with: claude --teleport ${createdSession.id}\n`, - ) - await gracefulShutdown(0) - process.exit(0) - } - - // New behavior: start local TUI with CCR engine - // Mark that we're in remote mode for command visibility - setIsRemoteMode(true) - switchSession(asSessionId(createdSession.id)) - - // Get OAuth credentials for remote session - let apiCreds: { accessToken: string; orgUUID: string } - try { - apiCreds = await prepareApiRequest() - } catch (error) { - logError(toError(error)) - return await exitWithError( - root, - `Error: ${errorMessage(error) || 'Failed to authenticate'}`, - () => gracefulShutdown(1), - ) - } - - // Create remote session config for the REPL - const { getClaudeAIOAuthTokens: getTokensForRemote } = await import( - './utils/auth.js' - ) - const getAccessTokenForRemote = (): string => - getTokensForRemote()?.accessToken ?? apiCreds.accessToken - const remoteSessionConfig = createRemoteSessionConfig( - createdSession.id, - getAccessTokenForRemote, - apiCreds.orgUUID, - hasInitialPrompt, - ) - - // Add remote session info as initial system message - const remoteSessionUrl = `${getRemoteSessionUrl(createdSession.id)}?m=0` - const remoteInfoMessage = createSystemMessage( - `/remote-control is active. Code in CLI or at ${remoteSessionUrl}`, - 'info', - ) - - // Create initial user message from the prompt if provided (CCR echoes it back but we ignore that) - const initialUserMessage = hasInitialPrompt - ? createUserMessage({ content: remote }) - : null - - // Set remote session URL in app state for footer indicator - const remoteInitialState = { - ...initialState, - remoteSessionUrl, - } - - // Pre-filter commands to only include remote-safe ones. - // CCR's init response may further refine the list (via handleRemoteInit in REPL). - const remoteCommands = filterCommandsForRemoteMode(commands) - await launchRepl( - root, - { getFpsMetrics, stats, initialState: remoteInitialState }, - { - debug: debug || debugToStderr, - commands: remoteCommands, - initialTools: [], - initialMessages: initialUserMessage - ? [remoteInfoMessage, initialUserMessage] - : [remoteInfoMessage], - mcpClients: [], - autoConnectIdeFlag: ide, - mainThreadAgentDefinition, - disableSlashCommands, - remoteSessionConfig, - thinkingConfig, - }, - renderAndRun, - ) - return - } else if (teleport) { - if (teleport === true || teleport === '') { - // Interactive mode: show task selector and handle resume - logEvent('tengu_teleport_interactive_mode', {}) - logForDebugging( - 'selectAndResumeTeleportTask: Starting teleport flow...', - ) - const teleportResult = await launchTeleportResumeWrapper(root) - if (!teleportResult) { - // User cancelled or error occurred - await gracefulShutdown(0) - process.exit(0) - } - const { branchError } = await checkOutTeleportedSessionBranch( - teleportResult.branch, - ) - messages = processMessagesForTeleportResume( - teleportResult.log, - branchError, - ) - } else if (typeof teleport === 'string') { - logEvent('tengu_teleport_resume_session', { - mode: 'direct' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - }) - try { - // First, fetch session and validate repository before checking git state - const sessionData = await fetchSession(teleport) - const repoValidation = - await validateSessionRepository(sessionData) - - // Handle repo mismatch or not in repo cases - if ( - repoValidation.status === 'mismatch' || - repoValidation.status === 'not_in_repo' - ) { - const sessionRepo = repoValidation.sessionRepo - if (sessionRepo) { - // Check for known paths - const knownPaths = getKnownPathsForRepo(sessionRepo) - const existingPaths = await filterExistingPaths(knownPaths) - - if (existingPaths.length > 0) { - // Show directory switch dialog - const selectedPath = await launchTeleportRepoMismatchDialog( - root, - { - targetRepo: sessionRepo, - initialPaths: existingPaths, - }, - ) - - if (selectedPath) { - // Change to the selected directory - process.chdir(selectedPath) - setCwd(selectedPath) - setOriginalCwd(selectedPath) - } else { - // User cancelled - await gracefulShutdown(0) - } - } else { - // No known paths - show original error - throw new TeleportOperationError( - `You must run claude --teleport ${teleport} from a checkout of ${sessionRepo}.`, - chalk.red( - `You must run claude --teleport ${teleport} from a checkout of ${chalk.bold(sessionRepo)}.\n`, - ), - ) - } - } - } else if (repoValidation.status === 'error') { - throw new TeleportOperationError( - repoValidation.errorMessage || 'Failed to validate session', - chalk.red( - `Error: ${repoValidation.errorMessage || 'Failed to validate session'}\n`, - ), - ) - } - - await validateGitState() - - // Use progress UI for teleport - const { teleportWithProgress } = await import( - './components/TeleportProgress.js' - ) - const result = await teleportWithProgress(root, teleport) - // Track teleported session for reliability logging - setTeleportedSessionInfo({ sessionId: teleport }) - messages = result.messages - } catch (error) { - if (error instanceof TeleportOperationError) { - process.stderr.write(error.formattedMessage + '\n') - } else { - logError(error) - process.stderr.write( - chalk.red(`Error: ${errorMessage(error)}\n`), - ) - } - await gracefulShutdown(1) - } - } - } - if (process.env.USER_TYPE === 'ant') { - if ( - options.resume && - typeof options.resume === 'string' && - !maybeSessionId - ) { - // Check for ccshare URL (e.g. https://go/ccshare/boris-20260311-211036) - const { parseCcshareId, loadCcshare } = await import( - './utils/ccshareResume.js' - ) - const ccshareId = parseCcshareId(options.resume) - if (ccshareId) { - try { - const resumeStart = performance.now() - const logOption = await loadCcshare(ccshareId) - const result = await loadConversationForResume( - logOption, - undefined, - ) - if (result) { - processedResume = await processResumedConversation( - result, - { - forkSession: true, - transcriptPath: result.fullPath, - }, - resumeContext, - ) - if (processedResume.restoredAgentDef) { - mainThreadAgentDefinition = processedResume.restoredAgentDef - } - logEvent('tengu_session_resumed', { - entrypoint: - 'ccshare' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - success: true, - resume_duration_ms: Math.round( - performance.now() - resumeStart, - ), - }) - } else { - logEvent('tengu_session_resumed', { - entrypoint: - 'ccshare' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - success: false, - }) - } - } catch (error) { - logEvent('tengu_session_resumed', { - entrypoint: - 'ccshare' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - success: false, - }) - logError(error) - await exitWithError( - root, - `Unable to resume from ccshare: ${errorMessage(error)}`, - () => gracefulShutdown(1), - ) - } - } else { - const resolvedPath = resolve(options.resume) - try { - const resumeStart = performance.now() - let logOption - try { - // Attempt to load as a transcript file; ENOENT falls through to session-ID handling - logOption = await loadTranscriptFromFile(resolvedPath) - } catch (error) { - if (!isENOENT(error)) throw error - // ENOENT: not a file path — fall through to session-ID handling - } - if (logOption) { - const result = await loadConversationForResume( - logOption, - undefined /* sourceFile */, - ) - if (result) { - processedResume = await processResumedConversation( - result, - { - forkSession: !!options.forkSession, - transcriptPath: result.fullPath, - }, - resumeContext, - ) - if (processedResume.restoredAgentDef) { - mainThreadAgentDefinition = - processedResume.restoredAgentDef - } - logEvent('tengu_session_resumed', { - entrypoint: - 'file' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - success: true, - resume_duration_ms: Math.round( - performance.now() - resumeStart, - ), - }) - } else { - logEvent('tengu_session_resumed', { - entrypoint: - 'file' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - success: false, - }) - } - } - } catch (error) { - logEvent('tengu_session_resumed', { - entrypoint: - 'file' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - success: false, - }) - logError(error) - await exitWithError( - root, - `Unable to load transcript from file: ${options.resume}`, - () => gracefulShutdown(1), - ) - } - } - } - } - - // If not loaded as a file, try as session ID - if (maybeSessionId) { - // Resume specific session by ID - const sessionId = maybeSessionId - try { - const resumeStart = performance.now() - // Use matchedLog if available (for cross-worktree resume by custom title) - // Otherwise fall back to sessionId string (for direct UUID resume) - const result = await loadConversationForResume( - matchedLog ?? sessionId, - undefined, - ) - - if (!result) { - logEvent('tengu_session_resumed', { - entrypoint: - 'cli_flag' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - success: false, - }) - return await exitWithError( - root, - `No conversation found with session ID: ${sessionId}`, - ) - } - - const fullPath = matchedLog?.fullPath ?? result.fullPath - processedResume = await processResumedConversation( - result, - { - forkSession: !!options.forkSession, - sessionIdOverride: sessionId, - transcriptPath: fullPath, - }, - resumeContext, - ) - - if (processedResume.restoredAgentDef) { - mainThreadAgentDefinition = processedResume.restoredAgentDef - } - logEvent('tengu_session_resumed', { - entrypoint: - 'cli_flag' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - success: true, - resume_duration_ms: Math.round(performance.now() - resumeStart), - }) - } catch (error) { - logEvent('tengu_session_resumed', { - entrypoint: - 'cli_flag' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - success: false, - }) - logError(error) - await exitWithError(root, `Failed to resume session ${sessionId}`) - } - } - - // Await file downloads before rendering REPL (files must be available) - if (fileDownloadPromise) { - try { - const results = await fileDownloadPromise - const failedCount = count(results, r => !r.success) - if (failedCount > 0) { - process.stderr.write( - chalk.yellow( - `Warning: ${failedCount}/${results.length} file(s) failed to download.\n`, - ), - ) - } - } catch (error) { - return await exitWithError( - root, - `Error downloading files: ${errorMessage(error)}`, - ) - } - } - - // If we have a processed resume or teleport messages, render the REPL - const resumeData = - processedResume ?? - (Array.isArray(messages) - ? { - messages, - fileHistorySnapshots: undefined, - agentName: undefined, - agentColor: undefined as AgentColorName | undefined, - restoredAgentDef: mainThreadAgentDefinition, - initialState, - contentReplacements: undefined, - } - : undefined) - if (resumeData) { - maybeActivateProactive(options) - maybeActivateBrief(options) - - await launchRepl( - root, - { getFpsMetrics, stats, initialState: resumeData.initialState }, - { - ...sessionConfig, - mainThreadAgentDefinition: - resumeData.restoredAgentDef ?? mainThreadAgentDefinition, - initialMessages: resumeData.messages, - initialFileHistorySnapshots: resumeData.fileHistorySnapshots, - initialContentReplacements: resumeData.contentReplacements, - initialAgentName: resumeData.agentName, - initialAgentColor: resumeData.agentColor, - }, - renderAndRun, - ) - } else { - // Show interactive selector (includes same-repo worktrees) - // Note: ResumeConversation loads logs internally to ensure proper GC after selection - await launchResumeChooser( - root, - { getFpsMetrics, stats, initialState }, - getWorktreePaths(getOriginalCwd()), - { - ...sessionConfig, - initialSearchQuery: searchTerm, - forkSession: options.forkSession, - filterByPr, - }, - ) - } - } else { - // Pass unresolved hooks promise to REPL so it can render immediately - // instead of blocking ~500ms waiting for SessionStart hooks to finish. - // REPL will inject hook messages when they resolve and await them before - // the first API call so the model always sees hook context. - const pendingHookMessages = - hooksPromise && hookMessages.length === 0 ? hooksPromise : undefined - - profileCheckpoint('action_after_hooks') - maybeActivateProactive(options) - maybeActivateBrief(options) - // Persist the current mode for fresh sessions so future resumes know what mode was used - if (feature('COORDINATOR_MODE')) { - saveMode( - coordinatorModeModule?.isCoordinatorMode() - ? 'coordinator' - : 'normal', - ) - } - - // If launched via a deep link, show a provenance banner so the user - // knows the session originated externally. Linux xdg-open and - // browsers with "always allow" set dispatch the link with no OS-level - // confirmation, so this is the only signal the user gets that the - // prompt — and the working directory / CLAUDE.md it implies — came - // from an external source rather than something they typed. - let deepLinkBanner: ReturnType | null = null - if (feature('LODESTONE')) { - if (options.deepLinkOrigin) { - logEvent('tengu_deep_link_opened', { - has_prefill: Boolean(options.prefill), - has_repo: Boolean(options.deepLinkRepo), - }) - deepLinkBanner = createSystemMessage( - buildDeepLinkBanner({ - cwd: getCwd(), - prefillLength: options.prefill?.length, - repo: options.deepLinkRepo, - lastFetch: - options.deepLinkLastFetch !== undefined - ? new Date(options.deepLinkLastFetch) - : undefined, - }), - 'warning', - ) - } else if (options.prefill) { - deepLinkBanner = createSystemMessage( - 'Launched with a pre-filled prompt — review it before pressing Enter.', - 'warning', - ) - } - } - const initialMessages = deepLinkBanner - ? [deepLinkBanner, ...hookMessages] - : hookMessages.length > 0 - ? hookMessages - : undefined - - await launchRepl( - root, - { getFpsMetrics, stats, initialState }, - { - ...sessionConfig, - initialMessages, - pendingHookMessages, - }, - renderAndRun, - ) - } - }) - .version( - `${MACRO.VERSION} (Claude Code)`, - '-v, --version', - 'Output the version number', - ) - - // Worktree flags - program.option( - '-w, --worktree [name]', - 'Create a new git worktree for this session (optionally specify a name)', - ) - program.option( - '--tmux', - 'Create a tmux session for the worktree (requires --worktree). Uses iTerm2 native panes when available; use --tmux=classic for traditional tmux.', - ) - - if (canUserConfigureAdvisor()) { - program.addOption( - new Option( - '--advisor ', - 'Enable the server-side advisor tool with the specified model (alias or full ID).', - ).hideHelp(), - ) - } - - if (process.env.USER_TYPE === 'ant') { - program.addOption( - new Option( - '--delegate-permissions', - '[ANT-ONLY] Alias for --permission-mode auto.', - ).implies({ permissionMode: 'auto' }), - ) - program.addOption( - new Option( - '--dangerously-skip-permissions-with-classifiers', - '[ANT-ONLY] Deprecated alias for --permission-mode auto.', - ) - .hideHelp() - .implies({ permissionMode: 'auto' }), - ) - program.addOption( - new Option( - '--afk', - '[ANT-ONLY] Deprecated alias for --permission-mode auto.', - ) - .hideHelp() - .implies({ permissionMode: 'auto' }), - ) - program.addOption( - new Option( - '--tasks [id]', - '[ANT-ONLY] Tasks mode: watch for tasks and auto-process them. Optional id is used as both the task list ID and agent ID (defaults to "tasklist").', - ) - .argParser(String) - .hideHelp(), - ) - program.option( - '--agent-teams', - '[ANT-ONLY] Force Claude to use multi-agent mode for solving problems', - () => true, - ) - } - - if (feature('TRANSCRIPT_CLASSIFIER')) { - program.addOption( - new Option('--enable-auto-mode', 'Opt in to auto mode').hideHelp(), - ) - } - - if (feature('PROACTIVE') || feature('KAIROS')) { - program.addOption( - new Option('--proactive', 'Start in proactive autonomous mode'), - ) - } - - if (feature('UDS_INBOX')) { - program.addOption( - new Option( - '--messaging-socket-path ', - 'Unix domain socket path for the UDS messaging server (defaults to a tmp path)', - ), - ) - } - - if (feature('KAIROS') || feature('KAIROS_BRIEF')) { - program.addOption( - new Option( - '--brief', - 'Enable SendUserMessage tool for agent-to-user communication', - ), - ) - } - if (feature('KAIROS')) { - program.addOption( - new Option( - '--assistant', - 'Force assistant mode (Agent SDK daemon use)', - ).hideHelp(), - ) - } - if (feature('KAIROS') || feature('KAIROS_CHANNELS')) { - program.addOption( - new Option( - '--channels ', - 'MCP servers whose channel notifications (inbound push) should register this session. Space-separated server names.', - ).hideHelp(), - ) - program.addOption( - new Option( - '--dangerously-load-development-channels ', - 'Load channel servers not on the approved allowlist. For local channel development only. Shows a confirmation dialog at startup.', - ).hideHelp(), - ) - } - - // Teammate identity options (set by leader when spawning tmux teammates) - // These replace the CLAUDE_CODE_* environment variables - program.addOption( - new Option('--agent-id ', 'Teammate agent ID').hideHelp(), - ) - program.addOption( - new Option('--agent-name ', 'Teammate display name').hideHelp(), - ) - program.addOption( - new Option( - '--team-name ', - 'Team name for swarm coordination', - ).hideHelp(), - ) - program.addOption( - new Option('--agent-color ', 'Teammate UI color').hideHelp(), - ) - program.addOption( - new Option( - '--plan-mode-required', - 'Require plan mode before implementation', - ).hideHelp(), - ) - program.addOption( - new Option( - '--parent-session-id ', - 'Parent session ID for analytics correlation', - ).hideHelp(), - ) - program.addOption( - new Option( - '--teammate-mode ', - 'How to spawn teammates: "tmux", "in-process", or "auto"', - ) - .choices(['auto', 'tmux', 'in-process']) - .hideHelp(), - ) - program.addOption( - new Option( - '--agent-type ', - 'Custom agent type for this teammate', - ).hideHelp(), - ) - - // Enable SDK URL for all builds but hide from help - program.addOption( - new Option( - '--sdk-url ', - 'Use remote WebSocket endpoint for SDK I/O streaming (only with -p and stream-json format)', - ).hideHelp(), - ) - - // Enable teleport/remote flags for all builds but keep them undocumented until GA - program.addOption( - new Option( - '--teleport [session]', - 'Resume a teleport session, optionally specify session ID', - ).hideHelp(), - ) - program.addOption( - new Option( - '--remote [description]', - 'Create a remote session with the given description', - ).hideHelp(), - ) - if (feature('BRIDGE_MODE')) { - program.addOption( - new Option( - '--remote-control [name]', - 'Start an interactive session with Remote Control enabled (optionally named)', - ) - .argParser(value => value || true) - .hideHelp(), - ) - program.addOption( - new Option('--rc [name]', 'Alias for --remote-control') - .argParser(value => value || true) - .hideHelp(), - ) - } - - if (feature('HARD_FAIL')) { - program.addOption( - new Option( - '--hard-fail', - 'Crash on logError calls instead of silently logging', - ).hideHelp(), - ) - } - - profileCheckpoint('run_main_options_built') - - // -p/--print mode: skip subcommand registration. The 52 subcommands - // (mcp, auth, plugin, skill, task, config, doctor, update, etc.) are - // never dispatched in print mode — commander routes the prompt to the - // default action. The subcommand registration path was measured at ~65ms - // on baseline — mostly the isBridgeEnabled() call (25ms settings Zod parse - // + 40ms sync keychain subprocess), both hidden by the try/catch that - // always returns false before enableConfigs(). cc:// URLs are rewritten to - // `open` at main() line ~851 BEFORE this runs, so argv check is safe here. - const isPrintMode = - process.argv.includes('-p') || process.argv.includes('--print') - const isCcUrl = process.argv.some( - a => a.startsWith('cc://') || a.startsWith('cc+unix://'), - ) - if (isPrintMode && !isCcUrl) { - profileCheckpoint('run_before_parse') - await program.parseAsync(process.argv) - profileCheckpoint('run_after_parse') - return program - } - - // claude mcp - - const mcp = program - .command('mcp') - .description('Configure and manage MCP servers') - .configureHelp(createSortedHelpConfig()) - .enablePositionalOptions() - - mcp - .command('serve') - .description(`Start the Claude Code MCP server`) - .option('-d, --debug', 'Enable debug mode', () => true) - .option( - '--verbose', - 'Override verbose mode setting from config', - () => true, - ) - .action( - async ({ debug, verbose }: { debug?: boolean; verbose?: boolean }) => { - const { mcpServeHandler } = await import('./cli/handlers/mcp.js') - await mcpServeHandler({ debug, verbose }) - }, - ) - - // Register the mcp add subcommand (extracted for testability) - registerMcpAddCommand(mcp) - - if (isXaaEnabled()) { - registerMcpXaaIdpCommand(mcp) - } - - mcp - .command('remove ') - .description('Remove an MCP server') - .option( - '-s, --scope ', - 'Configuration scope (local, user, or project) - if not specified, removes from whichever scope it exists in', - ) - .action(async (name: string, options: { scope?: string }) => { - const { mcpRemoveHandler } = await import('./cli/handlers/mcp.js') - await mcpRemoveHandler(name, options) - }) - - mcp - .command('list') - .description( - 'List configured MCP servers. Note: The workspace trust dialog is skipped and stdio servers from .mcp.json are spawned for health checks. Only use this command in directories you trust.', - ) - .action(async () => { - const { mcpListHandler } = await import('./cli/handlers/mcp.js') - await mcpListHandler() - }) - - mcp - .command('get ') - .description( - 'Get details about an MCP server. Note: The workspace trust dialog is skipped and stdio servers from .mcp.json are spawned for health checks. Only use this command in directories you trust.', - ) - .action(async (name: string) => { - const { mcpGetHandler } = await import('./cli/handlers/mcp.js') - await mcpGetHandler(name) - }) - - mcp - .command('add-json ') - .description('Add an MCP server (stdio or SSE) with a JSON string') - .option( - '-s, --scope ', - 'Configuration scope (local, user, or project)', - 'local', - ) - .option( - '--client-secret', - 'Prompt for OAuth client secret (or set MCP_CLIENT_SECRET env var)', - ) - .action( - async ( - name: string, - json: string, - options: { scope?: string; clientSecret?: true }, - ) => { - const { mcpAddJsonHandler } = await import('./cli/handlers/mcp.js') - await mcpAddJsonHandler(name, json, options) - }, - ) - - mcp - .command('add-from-claude-desktop') - .description('Import MCP servers from Claude Desktop (Mac and WSL only)') - .option( - '-s, --scope ', - 'Configuration scope (local, user, or project)', - 'local', - ) - .action(async (options: { scope?: string }) => { - const { mcpAddFromDesktopHandler } = await import('./cli/handlers/mcp.js') - await mcpAddFromDesktopHandler(options) - }) - - mcp - .command('reset-project-choices') - .description( - 'Reset all approved and rejected project-scoped (.mcp.json) servers within this project', - ) - .action(async () => { - const { mcpResetChoicesHandler } = await import('./cli/handlers/mcp.js') - await mcpResetChoicesHandler() - }) - - // claude server - if (feature('DIRECT_CONNECT')) { - program - .command('server') - .description('Start a Claude Code session server') - .option('--port ', 'HTTP port', '0') - .option('--host ', 'Bind address', '0.0.0.0') - .option('--auth-token ', 'Bearer token for auth') - .option('--unix ', 'Listen on a unix domain socket') - .option( - '--workspace ', - 'Default working directory for sessions that do not specify cwd', - ) - .option( - '--idle-timeout ', - 'Idle timeout for detached sessions in ms (0 = never expire)', - '600000', - ) - .option( - '--max-sessions ', - 'Maximum concurrent sessions (0 = unlimited)', - '32', - ) - .action( - async (opts: { - port: string - host: string - authToken?: string - unix?: string - workspace?: string - idleTimeout: string - maxSessions: string - }) => { - const { randomBytes } = await import('crypto') - const { startServer } = await import('./server/server.js') - const { SessionManager } = await import('./server/sessionManager.js') - const { DangerousBackend } = await import( - './server/backends/dangerousBackend.js' - ) - const { printBanner } = await import('./server/serverBanner.js') - const { createServerLogger } = await import('./server/serverLog.js') - const { writeServerLock, removeServerLock, probeRunningServer } = - await import('./server/lockfile.js') - - const existing = await probeRunningServer() - if (existing) { - process.stderr.write( - `A claude server is already running (pid ${existing.pid}) at ${existing.httpUrl}\n`, - ) - process.exit(1) - } - - const authToken = - opts.authToken ?? - `sk-ant-cc-${randomBytes(16).toString('base64url')}` - - const config = { - port: parseInt(opts.port, 10), - host: opts.host, - authToken, - unix: opts.unix, - workspace: opts.workspace, - idleTimeoutMs: parseInt(opts.idleTimeout, 10), - maxSessions: parseInt(opts.maxSessions, 10), - } - - const backend = new DangerousBackend() - const sessionManager = new SessionManager(backend, { - idleTimeoutMs: config.idleTimeoutMs, - maxSessions: config.maxSessions, - }) - const logger = createServerLogger() - - const server = startServer(config, sessionManager, logger) - const actualPort = server.port ?? config.port - printBanner(config, authToken, actualPort) - - await writeServerLock({ - pid: process.pid, - port: actualPort, - host: config.host, - httpUrl: config.unix - ? `unix:${config.unix}` - : `http://${config.host}:${actualPort}`, - startedAt: Date.now(), - }) - - let shuttingDown = false - const shutdown = async () => { - if (shuttingDown) return - shuttingDown = true - // Stop accepting new connections before tearing down sessions. - server.stop(true) - await sessionManager.destroyAll() - await removeServerLock() - process.exit(0) - } - process.once('SIGINT', () => void shutdown()) - process.once('SIGTERM', () => void shutdown()) - }, - ) - } - - // `claude ssh [dir]` — registered here only so --help shows it. - // The actual interactive flow is handled by early argv rewriting in main() - // (parallels the DIRECT_CONNECT/cc:// pattern above). If commander reaches - // this action it means the argv rewrite didn't fire (e.g. user ran - // `claude ssh` with no host) — just print usage. - if (feature('SSH_REMOTE')) { - program - .command('ssh [dir]') - .description( - 'Run Claude Code on a remote host over SSH. Deploys the binary and ' + - 'tunnels API auth back through your local machine — no remote setup needed.', - ) - .option( - '--permission-mode ', - 'Permission mode for the remote session', - ) - .option( - '--dangerously-skip-permissions', - 'Skip all permission prompts on the remote (dangerous)', - ) - .option( - '--local', - 'e2e test mode — spawn the child CLI locally (skip ssh/deploy). ' + - 'Exercises the auth proxy and unix-socket plumbing without a remote host.', - ) - .action(async () => { - // Argv rewriting in main() should have consumed `ssh ` before - // commander runs. Reaching here means host was missing or the - // rewrite predicate didn't match. - process.stderr.write( - 'Usage: claude ssh [dir]\n\n' + - "Runs Claude Code on a remote Linux host. You don't need to install\n" + - 'anything on the remote or run `claude auth login` there — the binary is\n' + - 'deployed over SSH and API auth tunnels back through your local machine.\n', - ) - process.exit(1) - }) - } - - // claude connect — subcommand only handles -p (headless) mode. - // Interactive mode (without -p) is handled by early argv rewriting in main() - // which redirects to the main command with full TUI support. - if (feature('DIRECT_CONNECT')) { - program - .command('open ') - .description( - 'Connect to a Claude Code server (internal — use cc:// URLs)', - ) - .option('-p, --print [prompt]', 'Print mode (headless)') - .option( - '--output-format ', - 'Output format: text, json, stream-json', - 'text', - ) - .action( - async ( - ccUrl: string, - opts: { - print?: string | boolean - outputFormat: string - }, - ) => { - const { parseConnectUrl } = await import( - './server/parseConnectUrl.js' - ) - const { serverUrl, authToken } = parseConnectUrl(ccUrl) - - let connectConfig - try { - const session = await createDirectConnectSession({ - serverUrl, - authToken, - cwd: getOriginalCwd(), - dangerouslySkipPermissions: - _pendingConnect?.dangerouslySkipPermissions, - }) - if (session.workDir) { - setOriginalCwd(session.workDir) - setCwdState(session.workDir) - } - setDirectConnectServerUrl(serverUrl) - connectConfig = session.config - } catch (err) { - // biome-ignore lint/suspicious/noConsole: intentional error output - console.error( - err instanceof DirectConnectError ? err.message : String(err), - ) - process.exit(1) - } - - const { runConnectHeadless } = await import( - './server/connectHeadless.js' - ) - - const prompt = typeof opts.print === 'string' ? opts.print : '' - const interactive = opts.print === true - await runConnectHeadless( - connectConfig, - prompt, - opts.outputFormat, - interactive, - ) - }, - ) - } - - // claude auth - - const auth = program - .command('auth') - .description('Manage authentication') - .configureHelp(createSortedHelpConfig()) - - auth - .command('login') - .description('Sign in to your Anthropic account') - .option('--email ', 'Pre-populate email address on the login page') - .option('--sso', 'Force SSO login flow') - .option( - '--console', - 'Use Anthropic Console (API usage billing) instead of Claude subscription', - ) - .option('--claudeai', 'Use Claude subscription (default)') - .action( - async ({ - email, - sso, - console: useConsole, - claudeai, - }: { - email?: string - sso?: boolean - console?: boolean - claudeai?: boolean - }) => { - const { authLogin } = await import('./cli/handlers/auth.js') - await authLogin({ email, sso, console: useConsole, claudeai }) - }, - ) - - auth - .command('status') - .description('Show authentication status') - .option('--json', 'Output as JSON (default)') - .option('--text', 'Output as human-readable text') - .action(async (opts: { json?: boolean; text?: boolean }) => { - const { authStatus } = await import('./cli/handlers/auth.js') - await authStatus(opts) - }) - - auth - .command('logout') - .description('Log out from your Anthropic account') - .action(async () => { - const { authLogout } = await import('./cli/handlers/auth.js') - await authLogout() - }) - - /** - * Helper function to handle marketplace command errors consistently. - * Logs the error and exits the process with status 1. - * @param error The error that occurred - * @param action Description of the action that failed - */ - // Hidden flag on all plugin/marketplace subcommands to target cowork_plugins. - const coworkOption = () => - new Option('--cowork', 'Use cowork_plugins directory').hideHelp() - - // Plugin validate command - const pluginCmd = program - .command('plugin') - .alias('plugins') - .description('Manage Claude Code plugins') - .configureHelp(createSortedHelpConfig()) - - pluginCmd - .command('validate ') - .description('Validate a plugin or marketplace manifest') - .addOption(coworkOption()) - .action(async (manifestPath: string, options: { cowork?: boolean }) => { - const { pluginValidateHandler } = await import( - './cli/handlers/plugins.js' - ) - await pluginValidateHandler(manifestPath, options) - }) - - // Plugin list command - pluginCmd - .command('list') - .description('List installed plugins') - .option('--json', 'Output as JSON') - .option( - '--available', - 'Include available plugins from marketplaces (requires --json)', - ) - .addOption(coworkOption()) - .action( - async (options: { - json?: boolean - available?: boolean - cowork?: boolean - }) => { - const { pluginListHandler } = await import('./cli/handlers/plugins.js') - await pluginListHandler(options) - }, - ) - - // Marketplace subcommands - const marketplaceCmd = pluginCmd - .command('marketplace') - .description('Manage Claude Code marketplaces') - .configureHelp(createSortedHelpConfig()) - - marketplaceCmd - .command('add ') - .description('Add a marketplace from a URL, path, or GitHub repo') - .addOption(coworkOption()) - .option( - '--sparse ', - 'Limit checkout to specific directories via git sparse-checkout (for monorepos). Example: --sparse .claude-plugin plugins', - ) - .option( - '--scope ', - 'Where to declare the marketplace: user (default), project, or local', - ) - .action( - async ( - source: string, - options: { cowork?: boolean; sparse?: string[]; scope?: string }, - ) => { - const { marketplaceAddHandler } = await import( - './cli/handlers/plugins.js' - ) - await marketplaceAddHandler(source, options) - }, - ) - - marketplaceCmd - .command('list') - .description('List all configured marketplaces') - .option('--json', 'Output as JSON') - .addOption(coworkOption()) - .action(async (options: { json?: boolean; cowork?: boolean }) => { - const { marketplaceListHandler } = await import( - './cli/handlers/plugins.js' - ) - await marketplaceListHandler(options) - }) - - marketplaceCmd - .command('remove ') - .alias('rm') - .description('Remove a configured marketplace') - .addOption(coworkOption()) - .action(async (name: string, options: { cowork?: boolean }) => { - const { marketplaceRemoveHandler } = await import( - './cli/handlers/plugins.js' - ) - await marketplaceRemoveHandler(name, options) - }) - - marketplaceCmd - .command('update [name]') - .description( - 'Update marketplace(s) from their source - updates all if no name specified', - ) - .addOption(coworkOption()) - .action(async (name: string | undefined, options: { cowork?: boolean }) => { - const { marketplaceUpdateHandler } = await import( - './cli/handlers/plugins.js' - ) - await marketplaceUpdateHandler(name, options) - }) - - // Plugin install command - pluginCmd - .command('install ') - .alias('i') - .description( - 'Install a plugin from available marketplaces (use plugin@marketplace for specific marketplace)', - ) - .option( - '-s, --scope ', - 'Installation scope: user, project, or local', - 'user', - ) - .addOption(coworkOption()) - .action( - async (plugin: string, options: { scope?: string; cowork?: boolean }) => { - const { pluginInstallHandler } = await import( - './cli/handlers/plugins.js' - ) - await pluginInstallHandler(plugin, options) - }, - ) - - // Plugin uninstall command - pluginCmd - .command('uninstall ') - .alias('remove') - .alias('rm') - .description('Uninstall an installed plugin') - .option( - '-s, --scope ', - 'Uninstall from scope: user, project, or local', - 'user', - ) - .option( - '--keep-data', - "Preserve the plugin's persistent data directory (~/.claude/plugins/data/{id}/)", - ) - .addOption(coworkOption()) - .action( - async ( - plugin: string, - options: { scope?: string; cowork?: boolean; keepData?: boolean }, - ) => { - const { pluginUninstallHandler } = await import( - './cli/handlers/plugins.js' - ) - await pluginUninstallHandler(plugin, options) - }, - ) - - // Plugin enable command - pluginCmd - .command('enable ') - .description('Enable a disabled plugin') - .option( - '-s, --scope ', - `Installation scope: ${VALID_INSTALLABLE_SCOPES.join(', ')} (default: auto-detect)`, - ) - .addOption(coworkOption()) - .action( - async (plugin: string, options: { scope?: string; cowork?: boolean }) => { - const { pluginEnableHandler } = await import( - './cli/handlers/plugins.js' - ) - await pluginEnableHandler(plugin, options) - }, - ) - - // Plugin disable command - pluginCmd - .command('disable [plugin]') - .description('Disable an enabled plugin') - .option('-a, --all', 'Disable all enabled plugins') - .option( - '-s, --scope ', - `Installation scope: ${VALID_INSTALLABLE_SCOPES.join(', ')} (default: auto-detect)`, - ) - .addOption(coworkOption()) - .action( - async ( - plugin: string | undefined, - options: { scope?: string; cowork?: boolean; all?: boolean }, - ) => { - const { pluginDisableHandler } = await import( - './cli/handlers/plugins.js' - ) - await pluginDisableHandler(plugin, options) - }, - ) - - // Plugin update command - pluginCmd - .command('update ') - .description( - 'Update a plugin to the latest version (restart required to apply)', - ) - .option( - '-s, --scope ', - `Installation scope: ${VALID_UPDATE_SCOPES.join(', ')} (default: user)`, - ) - .addOption(coworkOption()) - .action( - async (plugin: string, options: { scope?: string; cowork?: boolean }) => { - const { pluginUpdateHandler } = await import( - './cli/handlers/plugins.js' - ) - await pluginUpdateHandler(plugin, options) - }, - ) - // END ANT-ONLY - - // Setup token command - program - .command('setup-token') - .description( - 'Set up a long-lived authentication token (requires Claude subscription)', - ) - .action(async () => { - const [{ setupTokenHandler }, { createRoot }] = await Promise.all([ - import('./cli/handlers/util.js'), - import('./ink.js'), - ]) - const root = await createRoot(getBaseRenderOptions(false)) - await setupTokenHandler(root) - }) - - // Agents command - list configured agents - program - .command('agents') - .description('List configured agents') - .option( - '--setting-sources ', - 'Comma-separated list of setting sources to load (user, project, local).', - ) - .action(async () => { - const { agentsHandler } = await import('./cli/handlers/agents.js') - await agentsHandler() - process.exit(0) - }) - - if (feature('TRANSCRIPT_CLASSIFIER')) { - // Skip when tengu_auto_mode_config.enabled === 'disabled' (circuit breaker). - // Reads from disk cache — GrowthBook isn't initialized at registration time. - if (getAutoModeEnabledStateIfCached() !== 'disabled') { - const autoModeCmd = program - .command('auto-mode') - .description('Inspect auto mode classifier configuration') - - autoModeCmd - .command('defaults') - .description( - 'Print the default auto mode environment, allow, and deny rules as JSON', - ) - .action(async () => { - const { autoModeDefaultsHandler } = await import( - './cli/handlers/autoMode.js' - ) - autoModeDefaultsHandler() - process.exit(0) - }) - - autoModeCmd - .command('config') - .description( - 'Print the effective auto mode config as JSON: your settings where set, defaults otherwise', - ) - .action(async () => { - const { autoModeConfigHandler } = await import( - './cli/handlers/autoMode.js' - ) - autoModeConfigHandler() - process.exit(0) - }) - - autoModeCmd - .command('critique') - .description('Get AI feedback on your custom auto mode rules') - .option('--model ', 'Override which model is used') - .action(async options => { - const { autoModeCritiqueHandler } = await import( - './cli/handlers/autoMode.js' - ) - await autoModeCritiqueHandler(options) - process.exit() - }) - } - } - - // Remote Control command — connect local environment to claude.ai/code. - // The actual command is intercepted by the fast-path in cli.tsx before - // Commander.js runs, so this registration exists only for help output. - // Always hidden: isBridgeEnabled() at this point (before enableConfigs) - // would throw inside isClaudeAISubscriber → getGlobalConfig and return - // false via the try/catch — but not before paying ~65ms of side effects - // (25ms settings Zod parse + 40ms sync `security` keychain subprocess). - // The dynamic visibility never worked; the command was always hidden. - if (feature('BRIDGE_MODE')) { - program - .command('remote-control', { hidden: true }) - .alias('rc') - .description( - 'Connect your local environment for remote-control sessions via claude.ai/code', - ) - .action(async () => { - // Unreachable — cli.tsx fast-path handles this command before main.tsx loads. - // If somehow reached, delegate to bridgeMain. - const { bridgeMain } = await import('./bridge/bridgeMain.js') - await bridgeMain(process.argv.slice(3)) - }) - } - - if (feature('KAIROS')) { - program - .command('assistant [sessionId]') - .description( - 'Attach the REPL as a client to a running bridge session. Discovers sessions via API if no sessionId given.', - ) - .action(() => { - // Argv rewriting above should have consumed `assistant [id]` - // before commander runs. Reaching here means a root flag came first - // (e.g. `--debug assistant`) and the position-0 predicate - // didn't match. Print usage like the ssh stub does. - process.stderr.write( - 'Usage: claude assistant [sessionId]\n\n' + - 'Attach the REPL as a viewer client to a running bridge session.\n' + - 'Omit sessionId to discover and pick from available sessions.\n', - ) - process.exit(1) - }) - } - - // Doctor command - check installation health - program - .command('doctor') - .description( - 'Check the health of your Claude Code auto-updater. Note: The workspace trust dialog is skipped and stdio servers from .mcp.json are spawned for health checks. Only use this command in directories you trust.', - ) - .action(async () => { - const [{ doctorHandler }, { createRoot }] = await Promise.all([ - import('./cli/handlers/util.js'), - import('./ink.js'), - ]) - const root = await createRoot(getBaseRenderOptions(false)) - await doctorHandler(root) - }) - - // claude update - // - // For SemVer-compliant versioning with build metadata (X.X.X+SHA): - // - We perform exact string comparison (including SHA) to detect any change - // - This ensures users always get the latest build, even when only the SHA changes - // - UI shows both versions including build metadata for clarity - program - .command('update') - .alias('upgrade') - .description('Check for updates and install if available') - .action(async () => { - const { update } = await import('src/cli/update.js') - await update() - }) - - // claude up — run the project's CLAUDE.md "# claude up" setup instructions. - if (process.env.USER_TYPE === 'ant') { - program - .command('up') - .description( - '[ANT-ONLY] Initialize or upgrade the local dev environment using the "# claude up" section of the nearest CLAUDE.md', - ) - .action(async () => { - const { up } = await import('src/cli/up.js') - await up() - }) - } - - // claude rollback (ant-only) - // Rolls back to previous releases - if (process.env.USER_TYPE === 'ant') { - program - .command('rollback [target]') - .description( - '[ANT-ONLY] Roll back to a previous release\n\nExamples:\n claude rollback Go 1 version back from current\n claude rollback 3 Go 3 versions back from current\n claude rollback 2.0.73-dev.20251217.t190658 Roll back to a specific version', - ) - .option('-l, --list', 'List recent published versions with ages') - .option('--dry-run', 'Show what would be installed without installing') - .option( - '--safe', - 'Roll back to the server-pinned safe version (set by oncall during incidents)', - ) - .action( - async ( - target?: string, - options?: { list?: boolean; dryRun?: boolean; safe?: boolean }, - ) => { - const { rollback } = await import('src/cli/rollback.js') - await rollback(target, options) - }, - ) - } - - // claude install - program - .command('install [target]') - .description( - 'Install Claude Code native build. Use [target] to specify version (stable, latest, or specific version)', - ) - .option('--force', 'Force installation even if already installed') - .action( - async (target: string | undefined, options: { force?: boolean }) => { - const { installHandler } = await import('./cli/handlers/util.js') - await installHandler(target, options) - }, - ) - - // ant-only commands - if (process.env.USER_TYPE === 'ant') { - const validateLogId = (value: string) => { - const maybeSessionId = validateUuid(value) - if (maybeSessionId) return maybeSessionId - return Number(value) - } - // claude log - program - .command('log') - .description('[ANT-ONLY] Manage conversation logs.') - .argument( - '[number|sessionId]', - 'A number (0, 1, 2, etc.) to display a specific log, or the sesssion ID (uuid) of a log', - validateLogId, - ) - .action(async (logId: string | number | undefined) => { - const { logHandler } = await import('./cli/handlers/ant.js') - await logHandler(logId) - }) - - // claude error - program - .command('error') - .description( - '[ANT-ONLY] View error logs. Optionally provide a number (0, -1, -2, etc.) to display a specific log.', - ) - .argument( - '[number]', - 'A number (0, 1, 2, etc.) to display a specific log', - parseInt, - ) - .action(async (number: number | undefined) => { - const { errorHandler } = await import('./cli/handlers/ant.js') - await errorHandler(number) - }) - - // claude export - program - .command('export') - .description('[ANT-ONLY] Export a conversation to a text file.') - .usage(' ') - .argument( - '', - 'Session ID, log index (0, 1, 2...), or path to a .json/.jsonl log file', - ) - .argument('', 'Output file path for the exported text') - .addHelpText( - 'after', - ` + profileCheckpoint("run_function_start"); + + // Create help config that sorts options by long option name. + // Commander supports compareOptions at runtime but @commander-js/extra-typings + // doesn't include it in the type definitions, so we use Object.assign to add it. + function createSortedHelpConfig(): { + sortSubcommands: true; + sortOptions: true; + } { + const getOptionSortKey = (opt: Option): string => + opt.long?.replace(/^--/, "") ?? opt.short?.replace(/^-/, "") ?? ""; + return Object.assign( + { sortSubcommands: true, sortOptions: true } as const, + { + compareOptions: (a: Option, b: Option) => + getOptionSortKey(a).localeCompare(getOptionSortKey(b)), + }, + ); + } + const program = new CommanderCommand() + .configureHelp(createSortedHelpConfig()) + .enablePositionalOptions(); + profileCheckpoint("run_commander_initialized"); + + // Use preAction hook to run initialization only when executing a command, + // not when displaying help. This avoids the need for env variable signaling. + program.hook("preAction", async (thisCommand) => { + profileCheckpoint("preAction_start"); + // Await async subprocess loads started at module evaluation (lines 12-20). + // Nearly free — subprocesses complete during the ~135ms of imports above. + // Must resolve before init() which triggers the first settings read + // (applySafeConfigEnvironmentVariables → getSettingsForSource('policySettings') + // → isRemoteManagedSettingsEligible → sync keychain reads otherwise ~65ms). + await Promise.all([ + ensureMdmSettingsLoaded(), + ensureKeychainPrefetchCompleted(), + ]); + profileCheckpoint("preAction_after_mdm"); + await init(); + profileCheckpoint("preAction_after_init"); + + // process.title on Windows sets the console title directly; on POSIX, + // terminal shell integration may mirror the process name to the tab. + // After init() so settings.json env can also gate this (gh-4765). + if (!isEnvTruthy(process.env.CLAUDE_CODE_DISABLE_TERMINAL_TITLE)) { + process.title = "claude"; + } + + // Attach logging sinks so subcommand handlers can use logEvent/logError. + // Before PR #11106 logEvent dispatched directly; after, events queue until + // a sink attaches. setup() attaches sinks for the default command, but + // subcommands (doctor, mcp, plugin, auth) never call setup() and would + // silently drop events on process.exit(). Both inits are idempotent. + const { initSinks } = await import("./utils/sinks.js"); + initSinks(); + profileCheckpoint("preAction_after_sinks"); + + // gh-33508: --plugin-dir is a top-level program option. The default + // action reads it from its own options destructure, but subcommands + // (plugin list, plugin install, mcp *) have their own actions and + // never see it. Wire it up here so getInlinePlugins() works everywhere. + // thisCommand.opts() is typed {} here because this hook is attached + // before .option('--plugin-dir', ...) in the chain — extra-typings + // builds the type as options are added. Narrow with a runtime guard; + // the collect accumulator + [] default guarantee string[] in practice. + const pluginDir = thisCommand.getOptionValue("pluginDir"); + if ( + Array.isArray(pluginDir) && + pluginDir.length > 0 && + pluginDir.every((p) => typeof p === "string") + ) { + setInlinePlugins(pluginDir); + clearPluginCache("preAction: --plugin-dir inline plugins"); + } + + runMigrations(); + profileCheckpoint("preAction_after_migrations"); + + // Load remote managed settings for enterprise customers (non-blocking) + // Fails open - if fetch fails, continues without remote settings + // Settings are applied via hot-reload when they arrive + // Must happen after init() to ensure config reading is allowed + void loadRemoteManagedSettings(); + void loadPolicyLimits(); + + profileCheckpoint("preAction_after_remote_settings"); + + // Load settings sync (non-blocking, fail-open) + // CLI: uploads local settings to remote (CCR download is handled by print.ts) + if (feature("UPLOAD_USER_SETTINGS")) { + void import("./services/settingsSync/index.js").then((m) => + m.uploadUserSettingsInBackground(), + ); + } + + profileCheckpoint("preAction_after_settings_sync"); + }); + + program + .name("claude") + .description( + `Claude Code - starts an interactive session by default, use -p/--print for non-interactive output`, + ) + .argument("[prompt]", "Your prompt", String) + // Subcommands inherit helpOption via commander's copyInheritedSettings — + // setting it once here covers mcp, plugin, auth, and all other subcommands. + .helpOption("-h, --help", "Display help for command") + .option( + "-d, --debug [filter]", + 'Enable debug mode with optional category filtering (e.g., "api,hooks" or "!1p,!file")', + (_value: string | true) => { + // If value is provided, it will be the filter string + // If not provided but flag is present, value will be true + // The actual filtering is handled in debug.ts by parsing process.argv + return true; + }, + ) + .addOption( + new Option("--debug-to-stderr", "Enable debug mode (to stderr)") + .argParser(Boolean) + .hideHelp(), + ) + .option( + "--debug-file ", + "Write debug logs to a specific file path (implicitly enables debug mode)", + () => true, + ) + .option( + "--verbose", + "Override verbose mode setting from config", + () => true, + ) + .option( + "-p, --print", + "Print response and exit (useful for pipes). Note: The workspace trust dialog is skipped when Claude is run with the -p mode. Only use this flag in directories you trust.", + () => true, + ) + .option( + "--bare", + "Minimal mode: skip hooks, LSP, plugin sync, attribution, auto-memory, background prefetches, keychain reads, and CLAUDE.md auto-discovery. Sets CLAUDE_CODE_SIMPLE=1. Anthropic auth is strictly ANTHROPIC_API_KEY or apiKeyHelper via --settings (OAuth and keychain are never read). 3P providers (Bedrock/Vertex/Foundry) use their own credentials. Skills still resolve via /skill-name. Explicitly provide context via: --system-prompt[-file], --append-system-prompt[-file], --add-dir (CLAUDE.md dirs), --mcp-config, --settings, --agents, --plugin-dir.", + () => true, + ) + .addOption( + new Option( + "--init", + "Run Setup hooks with init trigger, then continue", + ).hideHelp(), + ) + .addOption( + new Option( + "--init-only", + "Run Setup and SessionStart:startup hooks, then exit", + ).hideHelp(), + ) + .addOption( + new Option( + "--maintenance", + "Run Setup hooks with maintenance trigger, then continue", + ).hideHelp(), + ) + .addOption( + new Option( + "--output-format ", + 'Output format (only works with --print): "text" (default), "json" (single result), or "stream-json" (realtime streaming)', + ).choices(["text", "json", "stream-json"]), + ) + .addOption( + new Option( + "--json-schema ", + "JSON Schema for structured output validation. " + + 'Example: {"type":"object","properties":{"name":{"type":"string"}},"required":["name"]}', + ).argParser(String), + ) + .option( + "--include-hook-events", + "Include all hook lifecycle events in the output stream (only works with --output-format=stream-json)", + () => true, + ) + .option( + "--include-partial-messages", + "Include partial message chunks as they arrive (only works with --print and --output-format=stream-json)", + () => true, + ) + .addOption( + new Option( + "--input-format ", + 'Input format (only works with --print): "text" (default), or "stream-json" (realtime streaming input)', + ).choices(["text", "stream-json"]), + ) + .option( + "--mcp-debug", + "[DEPRECATED. Use --debug instead] Enable MCP debug mode (shows MCP server errors)", + () => true, + ) + .option( + "--dangerously-skip-permissions", + "Bypass all permission checks. Recommended only for sandboxes with no internet access.", + () => true, + ) + .option( + "--allow-dangerously-skip-permissions", + "Enable bypassing all permission checks as an option, without it being enabled by default. Recommended only for sandboxes with no internet access.", + () => true, + ) + .addOption( + new Option( + "--thinking ", + "Thinking mode: enabled (equivalent to adaptive), disabled", + ) + .choices(["enabled", "adaptive", "disabled"]) + .hideHelp(), + ) + .addOption( + new Option( + "--max-thinking-tokens ", + "[DEPRECATED. Use --thinking instead for newer models] Maximum number of thinking tokens (only works with --print)", + ) + .argParser(Number) + .hideHelp(), + ) + .addOption( + new Option( + "--max-turns ", + "Maximum number of agentic turns in non-interactive mode. This will early exit the conversation after the specified number of turns. (only works with --print)", + ) + .argParser(Number) + .hideHelp(), + ) + .addOption( + new Option( + "--max-budget-usd ", + "Maximum dollar amount to spend on API calls (only works with --print)", + ).argParser((value) => { + const amount = Number(value); + if (isNaN(amount) || amount <= 0) { + throw new Error( + "--max-budget-usd must be a positive number greater than 0", + ); + } + return amount; + }), + ) + .addOption( + new Option( + "--task-budget ", + "API-side task budget in tokens (output_config.task_budget)", + ) + .argParser((value) => { + const tokens = Number(value); + if ( + isNaN(tokens) || + tokens <= 0 || + !Number.isInteger(tokens) + ) { + throw new Error( + "--task-budget must be a positive integer", + ); + } + return tokens; + }) + .hideHelp(), + ) + .option( + "--replay-user-messages", + "Re-emit user messages from stdin back on stdout for acknowledgment (only works with --input-format=stream-json and --output-format=stream-json)", + () => true, + ) + .addOption( + new Option( + "--enable-auth-status", + "Enable auth status messages in SDK mode", + ) + .default(false) + .hideHelp(), + ) + .option( + "--allowedTools, --allowed-tools ", + 'Comma or space-separated list of tool names to allow (e.g. "Bash(git:*) Edit")', + ) + .option( + "--tools ", + 'Specify the list of available tools from the built-in set. Use "" to disable all tools, "default" to use all tools, or specify tool names (e.g. "Bash,Edit,Read").', + ) + .option( + "--disallowedTools, --disallowed-tools ", + 'Comma or space-separated list of tool names to deny (e.g. "Bash(git:*) Edit")', + ) + .option( + "--mcp-config ", + "Load MCP servers from JSON files or strings (space-separated)", + ) + .addOption( + new Option( + "--permission-prompt-tool ", + "MCP tool to use for permission prompts (only works with --print)", + ) + .argParser(String) + .hideHelp(), + ) + .addOption( + new Option( + "--system-prompt ", + "System prompt to use for the session", + ).argParser(String), + ) + .addOption( + new Option( + "--system-prompt-file ", + "Read system prompt from a file", + ) + .argParser(String) + .hideHelp(), + ) + .addOption( + new Option( + "--append-system-prompt ", + "Append a system prompt to the default system prompt", + ).argParser(String), + ) + .addOption( + new Option( + "--append-system-prompt-file ", + "Read system prompt from a file and append to the default system prompt", + ) + .argParser(String) + .hideHelp(), + ) + .addOption( + new Option( + "--permission-mode ", + "Permission mode to use for the session", + ) + .argParser(String) + .choices(PERMISSION_MODES), + ) + .option( + "-c, --continue", + "Continue the most recent conversation in the current directory", + () => true, + ) + .option( + "-r, --resume [value]", + "Resume a conversation by session ID, or open interactive picker with optional search term", + (value) => value || true, + ) + .option( + "--fork-session", + "When resuming, create a new session ID instead of reusing the original (use with --resume or --continue)", + () => true, + ) + .addOption( + new Option( + "--prefill ", + "Pre-fill the prompt input with text without submitting it", + ).hideHelp(), + ) + .addOption( + new Option( + "--deep-link-origin", + "Signal that this session was launched from a deep link", + ).hideHelp(), + ) + .addOption( + new Option( + "--deep-link-repo ", + "Repo slug the deep link ?repo= parameter resolved to the current cwd", + ).hideHelp(), + ) + .addOption( + new Option( + "--deep-link-last-fetch ", + "FETCH_HEAD mtime in epoch ms, precomputed by the deep link trampoline", + ) + .argParser((v) => { + const n = Number(v); + return Number.isFinite(n) ? n : undefined; + }) + .hideHelp(), + ) + .option( + "--from-pr [value]", + "Resume a session linked to a PR by PR number/URL, or open interactive picker with optional search term", + (value) => value || true, + ) + .option( + "--no-session-persistence", + "Disable session persistence - sessions will not be saved to disk and cannot be resumed (only works with --print)", + ) + .addOption( + new Option( + "--resume-session-at ", + "When resuming, only messages up to and including the assistant message with (use with --resume in print mode)", + ) + .argParser(String) + .hideHelp(), + ) + .addOption( + new Option( + "--rewind-files ", + "Restore files to state at the specified user message and exit (requires --resume)", + ).hideHelp(), + ) + // @[MODEL LAUNCH]: Update the example model ID in the --model help text. + .option( + "--model ", + `Model for the current session. Provide an alias for the latest model (e.g. 'sonnet' or 'opus') or a model's full name (e.g. 'claude-sonnet-4-6').`, + ) + .addOption( + new Option( + "--effort ", + `Effort level for the current session (low, medium, high, max)`, + ).argParser((rawValue: string) => { + const value = rawValue.toLowerCase(); + const allowed = ["low", "medium", "high", "max"]; + if (!allowed.includes(value)) { + throw new InvalidArgumentError( + `It must be one of: ${allowed.join(", ")}`, + ); + } + return value; + }), + ) + .option( + "--agent ", + `Agent for the current session. Overrides the 'agent' setting.`, + ) + .option( + "--betas ", + "Beta headers to include in API requests (API key users only)", + ) + .option( + "--fallback-model ", + "Enable automatic fallback to specified model when default model is overloaded (only works with --print)", + ) + .addOption( + new Option( + "--workload ", + "Workload tag for billing-header attribution (cc_workload). Process-scoped; set by SDK daemon callers that spawn subprocesses for cron work. (only works with --print)", + ).hideHelp(), + ) + .option( + "--settings ", + "Path to a settings JSON file or a JSON string to load additional settings from", + ) + .option( + "--add-dir ", + "Additional directories to allow tool access to", + ) + .option( + "--ide", + "Automatically connect to IDE on startup if exactly one valid IDE is available", + () => true, + ) + .option( + "--strict-mcp-config", + "Only use MCP servers from --mcp-config, ignoring all other MCP configurations", + () => true, + ) + .option( + "--session-id ", + "Use a specific session ID for the conversation (must be a valid UUID)", + ) + .option( + "-n, --name ", + "Set a display name for this session (shown in /resume and terminal title)", + ) + .option( + "--agents ", + 'JSON object defining custom agents (e.g. \'{"reviewer": {"description": "Reviews code", "prompt": "You are a code reviewer"}}\')', + ) + .option( + "--setting-sources ", + "Comma-separated list of setting sources to load (user, project, local).", + ) + // gh-33508: (variadic) consumed everything until the next + // --flag. `claude --plugin-dir /path mcp add --transport http` swallowed + // `mcp` and `add` as paths, then choked on --transport as an unknown + // top-level option. Single-value + collect accumulator means each + // --plugin-dir takes exactly one arg; repeat the flag for multiple dirs. + .option( + "--plugin-dir ", + "Load plugins from a directory for this session only (repeatable: --plugin-dir A --plugin-dir B)", + (val: string, prev: string[]) => [...prev, val], + [] as string[], + ) + .option("--disable-slash-commands", "Disable all skills", () => true) + .option("--chrome", "Enable Claude in Chrome integration") + .option("--no-chrome", "Disable Claude in Chrome integration") + .option( + "--file ", + "File resources to download at startup. Format: file_id:relative_path (e.g., --file file_abc:doc.txt file_def:img.png)", + ) + .action(async (prompt, options) => { + profileCheckpoint("action_handler_start"); + + // --bare = one-switch minimal mode. Sets SIMPLE so all the existing + // gates fire (CLAUDE.md, skills, hooks inside executeHooks, agent + // dir-walk). Must be set before setup() / any of the gated work runs. + if ((options as { bare?: boolean }).bare) { + process.env.CLAUDE_CODE_SIMPLE = "1"; + } + + // Ignore "code" as a prompt - treat it the same as no prompt + if (prompt === "code") { + logEvent("tengu_code_prompt_ignored", {}); + // biome-ignore lint/suspicious/noConsole:: intentional console output + console.warn( + chalk.yellow( + "Tip: You can launch Claude Code with just `claude`", + ), + ); + prompt = undefined; + } + + // Log event for any single-word prompt + if ( + prompt && + typeof prompt === "string" && + !/\s/.test(prompt) && + prompt.length > 0 + ) { + logEvent("tengu_single_word_prompt", { length: prompt.length }); + } + + // Assistant mode: when .claude/settings.json has assistant: true AND + // the tengu_kairos GrowthBook gate is on, force brief on. Permission + // mode is left to the user — settings defaultMode or --permission-mode + // apply as normal. REPL-typed messages already default to 'next' + // priority (messageQueueManager.enqueue) so they drain mid-turn between + // tool calls. SendUserMessage (BriefTool) is enabled via the brief env + // var. SleepTool stays disabled (its isEnabled() gates on proactive). + // kairosEnabled is computed once here and reused at the + // getAssistantSystemPromptAddendum() call site further down. + // + // Trust gate: .claude/settings.json is attacker-controllable in an + // untrusted clone. We run ~1000 lines before showSetupScreens() shows + // the trust dialog, and by then we've already appended + // .claude/agents/assistant.md to the system prompt. Refuse to activate + // until the directory has been explicitly trusted. + let kairosEnabled = false; + let assistantTeamContext: + | Awaited< + ReturnType< + NonNullable< + typeof assistantModule + >["initializeAssistantTeam"] + > + > + | undefined; + if ( + feature("KAIROS") && + (options as { assistant?: boolean }).assistant && + assistantModule + ) { + // --assistant (Agent SDK daemon mode): force the latch before + // isAssistantMode() runs below. The daemon has already checked + // entitlement — don't make the child re-check tengu_kairos. + assistantModule.markAssistantForced(); + } + if ( + feature("KAIROS") && + assistantModule?.isAssistantMode() && + // Spawned teammates share the leader's cwd + settings.json, so + // isAssistantMode() is true for them too. --agent-id being set + // means we ARE a spawned teammate (extractTeammateOptions runs + // ~170 lines later so check the raw commander option) — don't + // re-init the team or override teammateMode/proactive/brief. + !(options as { agentId?: unknown }).agentId && + kairosGate + ) { + if (!checkHasTrustDialogAccepted()) { + // biome-ignore lint/suspicious/noConsole:: intentional console output + console.warn( + chalk.yellow( + "Assistant mode disabled: directory is not trusted. Accept the trust dialog and restart.", + ), + ); + } else { + // Blocking gate check — returns cached `true` instantly; if disk + // cache is false/missing, lazily inits GrowthBook and fetches fresh + // (max ~5s). --assistant skips the gate entirely (daemon is + // pre-entitled). + kairosEnabled = + assistantModule.isAssistantForced() || + (await kairosGate.isKairosEnabled()); + if (kairosEnabled) { + const opts = options as { brief?: boolean }; + opts.brief = true; + setKairosActive(true); + // Pre-seed an in-process team so Agent(name: "foo") spawns + // teammates without TeamCreate. Must run BEFORE setup() captures + // the teammateMode snapshot (initializeAssistantTeam calls + // setCliTeammateModeOverride internally). + assistantTeamContext = + await assistantModule.initializeAssistantTeam(); + } + } + } + + const { + debug = false, + debugToStderr = false, + dangerouslySkipPermissions, + allowDangerouslySkipPermissions = false, + tools: baseTools = [], + allowedTools = [], + disallowedTools = [], + mcpConfig = [], + permissionMode: permissionModeCli, + addDir = [], + fallbackModel, + betas = [], + ide = false, + sessionId, + includeHookEvents, + includePartialMessages, + } = options; + + if (options.prefill) { + seedEarlyInput(options.prefill); + } + + // Promise for file downloads - started early, awaited before REPL renders + let fileDownloadPromise: Promise | undefined; + + const agentsJson = options.agents; + const agentCli = options.agent; + if (feature("BG_SESSIONS") && agentCli) { + process.env.CLAUDE_CODE_AGENT = agentCli; + } + + // NOTE: LSP manager initialization is intentionally deferred until after + // the trust dialog is accepted. This prevents plugin LSP servers from + // executing code in untrusted directories before user consent. + + // Extract these separately so they can be modified if needed + let outputFormat = options.outputFormat; + let inputFormat = options.inputFormat; + let verbose = options.verbose ?? getGlobalConfig().verbose; + let print = options.print; + const init = options.init ?? false; + const initOnly = options.initOnly ?? false; + const maintenance = options.maintenance ?? false; + + // Extract disable slash commands flag + const disableSlashCommands = options.disableSlashCommands || false; + + // Extract tasks mode options (ant-only) + const tasksOption = + process.env.USER_TYPE === "ant" && + (options as { tasks?: boolean | string }).tasks; + const taskListId = tasksOption + ? typeof tasksOption === "string" + ? tasksOption + : DEFAULT_TASKS_MODE_TASK_LIST_ID + : undefined; + if (process.env.USER_TYPE === "ant" && taskListId) { + process.env.CLAUDE_CODE_TASK_LIST_ID = taskListId; + } + + // Extract worktree option + // worktree can be true (flag without value) or a string (custom name or PR reference) + const worktreeOption = isWorktreeModeEnabled() + ? (options as { worktree?: boolean | string }).worktree + : undefined; + let worktreeName = + typeof worktreeOption === "string" ? worktreeOption : undefined; + const worktreeEnabled = worktreeOption !== undefined; + + // Check if worktree name is a PR reference (#N or GitHub PR URL) + let worktreePRNumber: number | undefined; + if (worktreeName) { + const prNum = parsePRReference(worktreeName); + if (prNum !== null) { + worktreePRNumber = prNum; + worktreeName = undefined; // slug will be generated in setup() + } + } + + // Extract tmux option (requires --worktree) + const tmuxEnabled = + isWorktreeModeEnabled() && + (options as { tmux?: boolean }).tmux === true; + + // Validate tmux option + if (tmuxEnabled) { + if (!worktreeEnabled) { + process.stderr.write( + chalk.red("Error: --tmux requires --worktree\n"), + ); + process.exit(1); + } + if (getPlatform() === "windows") { + process.stderr.write( + chalk.red( + "Error: --tmux is not supported on Windows\n", + ), + ); + process.exit(1); + } + if (!(await isTmuxAvailable())) { + process.stderr.write( + chalk.red( + `Error: tmux is not installed.\n${getTmuxInstallInstructions()}\n`, + ), + ); + process.exit(1); + } + } + + // Extract teammate options (for tmux-spawned agents) + // Declared outside the if block so it's accessible later for system prompt addendum + let storedTeammateOpts: TeammateOptions | undefined; + if (isAgentSwarmsEnabled()) { + // Extract agent identity options (for tmux-spawned agents) + // These replace the CLAUDE_CODE_* environment variables + const teammateOpts = extractTeammateOptions(options); + storedTeammateOpts = teammateOpts; + + // If any teammate identity option is provided, all three required ones must be present + const hasAnyTeammateOpt = + teammateOpts.agentId || + teammateOpts.agentName || + teammateOpts.teamName; + const hasAllRequiredTeammateOpts = + teammateOpts.agentId && + teammateOpts.agentName && + teammateOpts.teamName; + + if (hasAnyTeammateOpt && !hasAllRequiredTeammateOpts) { + process.stderr.write( + chalk.red( + "Error: --agent-id, --agent-name, and --team-name must all be provided together\n", + ), + ); + process.exit(1); + } + + // If teammate identity is provided via CLI, set up dynamicTeamContext + if ( + teammateOpts.agentId && + teammateOpts.agentName && + teammateOpts.teamName + ) { + getTeammateUtils().setDynamicTeamContext?.({ + agentId: teammateOpts.agentId, + agentName: teammateOpts.agentName, + teamName: teammateOpts.teamName, + color: teammateOpts.agentColor, + planModeRequired: + teammateOpts.planModeRequired ?? false, + parentSessionId: teammateOpts.parentSessionId, + }); + } + + // Set teammate mode CLI override if provided + // This must be done before setup() captures the snapshot + if (teammateOpts.teammateMode) { + getTeammateModeSnapshot().setCliTeammateModeOverride?.( + teammateOpts.teammateMode, + ); + } + } + + // Extract remote sdk options + const sdkUrl = (options as { sdkUrl?: string }).sdkUrl ?? undefined; + + // Allow env var to enable partial messages (used by sandbox gateway for baku) + const effectiveIncludePartialMessages = + includePartialMessages || + isEnvTruthy(process.env.CLAUDE_CODE_INCLUDE_PARTIAL_MESSAGES); + + // Enable all hook event types when explicitly requested via SDK option + // or when running in CLAUDE_CODE_REMOTE mode (CCR needs them). + // Without this, only SessionStart and Setup events are emitted. + if ( + includeHookEvents || + isEnvTruthy(process.env.CLAUDE_CODE_REMOTE) + ) { + setAllHookEventsEnabled(true); + } + + // Auto-set input/output formats, verbose mode, and print mode when SDK URL is provided + if (sdkUrl) { + // If SDK URL is provided, automatically use stream-json formats unless explicitly set + if (!inputFormat) { + inputFormat = "stream-json"; + } + if (!outputFormat) { + outputFormat = "stream-json"; + } + // Auto-enable verbose mode unless explicitly disabled or already set + if (options.verbose === undefined) { + verbose = true; + } + // Auto-enable print mode unless explicitly disabled + if (!options.print) { + print = true; + } + } + + // Extract teleport option + const teleport = + (options as { teleport?: string | true }).teleport ?? null; + + // Extract remote option (can be true if no description provided, or a string) + const remoteOption = (options as { remote?: string | true }).remote; + const remote = remoteOption === true ? "" : (remoteOption ?? null); + + // Extract --remote-control / --rc flag (enable bridge in interactive session) + const remoteControlOption = + (options as { remoteControl?: string | true }).remoteControl ?? + (options as { rc?: string | true }).rc; + // Actual bridge check is deferred to after showSetupScreens() so that + // trust is established and GrowthBook has auth headers. + let remoteControl = false; + const remoteControlName = + typeof remoteControlOption === "string" && + remoteControlOption.length > 0 + ? remoteControlOption + : undefined; + + // Validate session ID if provided + if (sessionId) { + // Check for conflicting flags + // --session-id can be used with --continue or --resume when --fork-session is also provided + // (to specify a custom ID for the forked session) + if ( + (options.continue || options.resume) && + !options.forkSession + ) { + process.stderr.write( + chalk.red( + "Error: --session-id can only be used with --continue or --resume if --fork-session is also specified.\n", + ), + ); + process.exit(1); + } + + // When --sdk-url is provided (bridge/remote mode), the session ID is a + // server-assigned tagged ID (e.g. "session_local_01...") rather than a + // UUID. Skip UUID validation and local existence checks in that case. + if (!sdkUrl) { + const validatedSessionId = validateUuid(sessionId); + if (!validatedSessionId) { + process.stderr.write( + chalk.red( + "Error: Invalid session ID. Must be a valid UUID.\n", + ), + ); + process.exit(1); + } + + // Check if session ID already exists + if (sessionIdExists(validatedSessionId)) { + process.stderr.write( + chalk.red( + `Error: Session ID ${validatedSessionId} is already in use.\n`, + ), + ); + process.exit(1); + } + } + } + + // Download file resources if specified via --file flag + const fileSpecs = (options as { file?: string[] }).file; + if (fileSpecs && fileSpecs.length > 0) { + // Get session ingress token (provided by EnvManager via CLAUDE_CODE_SESSION_ACCESS_TOKEN) + const sessionToken = getSessionIngressAuthToken(); + if (!sessionToken) { + process.stderr.write( + chalk.red( + "Error: Session token required for file downloads. CLAUDE_CODE_SESSION_ACCESS_TOKEN must be set.\n", + ), + ); + process.exit(1); + } + + // Resolve session ID: prefer remote session ID, fall back to internal session ID + const fileSessionId = + process.env.CLAUDE_CODE_REMOTE_SESSION_ID || getSessionId(); + + const files = parseFileSpecs(fileSpecs); + if (files.length > 0) { + // Use ANTHROPIC_BASE_URL if set (by EnvManager), otherwise use OAuth config + // This ensures consistency with session ingress API in all environments + const config: FilesApiConfig = { + baseUrl: + process.env.ANTHROPIC_BASE_URL || + getOauthConfig().BASE_API_URL, + oauthToken: sessionToken, + sessionId: fileSessionId, + }; + + // Start download without blocking startup - await before REPL renders + fileDownloadPromise = downloadSessionFiles(files, config); + } + } + + // Get isNonInteractiveSession from state (was set before init()) + const isNonInteractiveSession = getIsNonInteractiveSession(); + + // Validate that fallback model is different from main model + if ( + fallbackModel && + options.model && + fallbackModel === options.model + ) { + process.stderr.write( + chalk.red( + "Error: Fallback model cannot be the same as the main model. Please specify a different model for --fallback-model.\n", + ), + ); + process.exit(1); + } + + // Handle system prompt options + let systemPrompt = options.systemPrompt; + if (options.systemPromptFile) { + if (options.systemPrompt) { + process.stderr.write( + chalk.red( + "Error: Cannot use both --system-prompt and --system-prompt-file. Please use only one.\n", + ), + ); + process.exit(1); + } + + try { + const filePath = resolve(options.systemPromptFile); + systemPrompt = readFileSync(filePath, "utf8"); + } catch (error) { + const code = getErrnoCode(error); + if (code === "ENOENT") { + process.stderr.write( + chalk.red( + `Error: System prompt file not found: ${resolve(options.systemPromptFile)}\n`, + ), + ); + process.exit(1); + } + process.stderr.write( + chalk.red( + `Error reading system prompt file: ${errorMessage(error)}\n`, + ), + ); + process.exit(1); + } + } + + // Handle append system prompt options + let appendSystemPrompt = options.appendSystemPrompt; + if (options.appendSystemPromptFile) { + if (options.appendSystemPrompt) { + process.stderr.write( + chalk.red( + "Error: Cannot use both --append-system-prompt and --append-system-prompt-file. Please use only one.\n", + ), + ); + process.exit(1); + } + + try { + const filePath = resolve(options.appendSystemPromptFile); + appendSystemPrompt = readFileSync(filePath, "utf8"); + } catch (error) { + const code = getErrnoCode(error); + if (code === "ENOENT") { + process.stderr.write( + chalk.red( + `Error: Append system prompt file not found: ${resolve(options.appendSystemPromptFile)}\n`, + ), + ); + process.exit(1); + } + process.stderr.write( + chalk.red( + `Error reading append system prompt file: ${errorMessage(error)}\n`, + ), + ); + process.exit(1); + } + } + + // Add teammate-specific system prompt addendum for tmux teammates + if ( + isAgentSwarmsEnabled() && + storedTeammateOpts?.agentId && + storedTeammateOpts?.agentName && + storedTeammateOpts?.teamName + ) { + const addendum = + getTeammatePromptAddendum().TEAMMATE_SYSTEM_PROMPT_ADDENDUM; + appendSystemPrompt = appendSystemPrompt + ? `${appendSystemPrompt}\n\n${addendum}` + : addendum; + } + + const { + mode: permissionMode, + notification: permissionModeNotification, + } = initialPermissionModeFromCLI({ + permissionModeCli, + dangerouslySkipPermissions, + }); + + // Store session bypass permissions mode for trust dialog check + setSessionBypassPermissionsMode( + permissionMode === "bypassPermissions", + ); + if (feature("TRANSCRIPT_CLASSIFIER")) { + // autoModeFlagCli is the "did the user intend auto this session" signal. + // Set when: --enable-auto-mode, --permission-mode auto, resolved mode + // is auto, OR settings defaultMode is auto but the gate denied it + // (permissionMode resolved to default with no explicit CLI override). + // Used by verifyAutoModeGateAccess to decide whether to notify on + // auto-unavailable, and by tengu_auto_mode_config opt-in carousel. + if ( + (options as { enableAutoMode?: boolean }).enableAutoMode || + permissionModeCli === "auto" || + permissionMode === "auto" || + (!permissionModeCli && isDefaultPermissionModeAuto()) + ) { + autoModeStateModule?.setAutoModeFlagCli(true); + } + } + + // Parse the MCP config files/strings if provided + let dynamicMcpConfig: Record = {}; + + if (mcpConfig && mcpConfig.length > 0) { + // Process mcpConfig array + const processedConfigs = mcpConfig + .map((config) => config.trim()) + .filter((config) => config.length > 0); + + let allConfigs: Record = {}; + const allErrors: ValidationError[] = []; + + for (const configItem of processedConfigs) { + let configs: Record | null = null; + let errors: ValidationError[] = []; + + // First try to parse as JSON string + const parsedJson = safeParseJSON(configItem); + if (parsedJson) { + const result = parseMcpConfig({ + configObject: parsedJson, + filePath: "command line", + expandVars: true, + scope: "dynamic", + }); + if (result.config) { + configs = result.config.mcpServers; + } else { + errors = result.errors; + } + } else { + // Try as file path + const configPath = resolve(configItem); + const result = parseMcpConfigFromFilePath({ + filePath: configPath, + expandVars: true, + scope: "dynamic", + }); + if (result.config) { + configs = result.config.mcpServers; + } else { + errors = result.errors; + } + } + + if (errors.length > 0) { + allErrors.push(...errors); + } else if (configs) { + // Merge configs, later ones override earlier ones + allConfigs = { ...allConfigs, ...configs }; + } + } + + if (allErrors.length > 0) { + const formattedErrors = allErrors + .map( + (err) => + `${err.path ? err.path + ": " : ""}${err.message}`, + ) + .join("\n"); + logForDebugging( + `--mcp-config validation failed (${allErrors.length} errors): ${formattedErrors}`, + { + level: "error", + }, + ); + process.stderr.write( + `Error: Invalid MCP configuration:\n${formattedErrors}\n`, + ); + process.exit(1); + } + + if (Object.keys(allConfigs).length > 0) { + // SDK hosts (Nest/Desktop) own their server naming and may reuse + // built-in names — skip reserved-name checks for type:'sdk'. + const nonSdkConfigNames = Object.entries(allConfigs) + .filter(([, config]) => config.type !== "sdk") + .map(([name]) => name); + + let reservedNameError: string | null = null; + if (nonSdkConfigNames.some(isClaudeInChromeMCPServer)) { + reservedNameError = `Invalid MCP configuration: "${CLAUDE_IN_CHROME_MCP_SERVER_NAME}" is a reserved MCP name.`; + } else if (feature("CHICAGO_MCP")) { + const { + isComputerUseMCPServer, + COMPUTER_USE_MCP_SERVER_NAME, + } = await import("src/utils/computerUse/common.js"); + if (nonSdkConfigNames.some(isComputerUseMCPServer)) { + reservedNameError = `Invalid MCP configuration: "${COMPUTER_USE_MCP_SERVER_NAME}" is a reserved MCP name.`; + } + } + if (reservedNameError) { + // stderr+exit(1) — a throw here becomes a silent unhandled + // rejection in stream-json mode (void main() in cli.tsx). + process.stderr.write(`Error: ${reservedNameError}\n`); + process.exit(1); + } + + // Add dynamic scope to all configs. type:'sdk' entries pass through + // unchanged — they're extracted into sdkMcpConfigs downstream and + // passed to print.ts. The Python SDK relies on this path (it doesn't + // send sdkMcpServers in the initialize message). Dropping them here + // broke Coworker (inc-5122). The policy filter below already exempts + // type:'sdk', and the entries are inert without an SDK transport on + // stdin, so there's no bypass risk from letting them through. + const scopedConfigs = mapValues(allConfigs, (config) => ({ + ...config, + scope: "dynamic" as const, + })); + + // Enforce managed policy (allowedMcpServers / deniedMcpServers) on + // --mcp-config servers. Without this, the CLI flag bypasses the + // enterprise allowlist that user/project/local configs go through in + // getClaudeCodeMcpConfigs — callers spread dynamicMcpConfig back on + // top of filtered results. Filter here at the source so all + // downstream consumers see the policy-filtered set. + const { allowed, blocked } = + filterMcpServersByPolicy(scopedConfigs); + if (blocked.length > 0) { + process.stderr.write( + `Warning: MCP ${plural(blocked.length, "server")} blocked by enterprise policy: ${blocked.join(", ")}\n`, + ); + } + dynamicMcpConfig = { ...dynamicMcpConfig, ...allowed }; + } + } + + // Extract Claude in Chrome option and enforce claude.ai subscriber check (unless user is ant) + const chromeOpts = options as { chrome?: boolean }; + // Store the explicit CLI flag so teammates can inherit it + setChromeFlagOverride(chromeOpts.chrome); + const enableClaudeInChrome = + shouldEnableClaudeInChrome(chromeOpts.chrome) && + (process.env.USER_TYPE === "ant" || isClaudeAISubscriber()); + const autoEnableClaudeInChrome = + !enableClaudeInChrome && shouldAutoEnableClaudeInChrome(); + + if (enableClaudeInChrome) { + const platform = getPlatform(); + try { + logEvent("tengu_claude_in_chrome_setup", { + platform: + platform as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + }); + + const { + mcpConfig: chromeMcpConfig, + allowedTools: chromeMcpTools, + systemPrompt: chromeSystemPrompt, + } = setupClaudeInChrome(); + dynamicMcpConfig = { + ...dynamicMcpConfig, + ...chromeMcpConfig, + }; + allowedTools.push(...chromeMcpTools); + if (chromeSystemPrompt) { + appendSystemPrompt = appendSystemPrompt + ? `${chromeSystemPrompt}\n\n${appendSystemPrompt}` + : chromeSystemPrompt; + } + } catch (error) { + logEvent("tengu_claude_in_chrome_setup_failed", { + platform: + platform as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + }); + logForDebugging(`[Claude in Chrome] Error: ${error}`); + logError(error); + // biome-ignore lint/suspicious/noConsole:: intentional console output + console.error( + `Error: Failed to run with Claude in Chrome.`, + ); + process.exit(1); + } + } else if (autoEnableClaudeInChrome) { + try { + const { mcpConfig: chromeMcpConfig } = + setupClaudeInChrome(); + dynamicMcpConfig = { + ...dynamicMcpConfig, + ...chromeMcpConfig, + }; + + const hint = + feature("WEB_BROWSER_TOOL") && + typeof Bun !== "undefined" && + "WebView" in Bun + ? CLAUDE_IN_CHROME_SKILL_HINT_WITH_WEBBROWSER + : CLAUDE_IN_CHROME_SKILL_HINT; + appendSystemPrompt = appendSystemPrompt + ? `${appendSystemPrompt}\n\n${hint}` + : hint; + } catch (error) { + // Silently skip any errors for the auto-enable + logForDebugging( + `[Claude in Chrome] Error (auto-enable): ${error}`, + ); + } + } + + // Extract strict MCP config flag + const strictMcpConfig = options.strictMcpConfig || false; + + // Check if enterprise MCP configuration exists. When it does, only allow dynamic MCP + // configs that contain special server types (sdk) + if (doesEnterpriseMcpConfigExist()) { + if (strictMcpConfig) { + process.stderr.write( + chalk.red( + "You cannot use --strict-mcp-config when an enterprise MCP config is present", + ), + ); + process.exit(1); + } + + // For --mcp-config, allow if all servers are internal types (sdk) + if ( + dynamicMcpConfig && + !areMcpConfigsAllowedWithEnterpriseMcpConfig( + dynamicMcpConfig, + ) + ) { + process.stderr.write( + chalk.red( + "You cannot dynamically configure MCP servers when an enterprise MCP config is present", + ), + ); + process.exit(1); + } + } + + // chicago MCP: guarded Computer Use (app allowlist + frontmost gate + + // SCContentFilter screenshots). Ant-only, GrowthBook-gated — failures + // are silent (this is dogfooding). Platform + interactive checks inline + // so non-macOS / print-mode ants skip the heavy @ant/computer-use-mcp + // import entirely. gates.js is light (type-only package import). + // + // Placed AFTER the enterprise-MCP-config check: that check rejects any + // dynamicMcpConfig entry with `type !== 'sdk'`, and our config is + // `type: 'stdio'`. An enterprise-config ant with the GB gate on would + // otherwise process.exit(1). Chrome has the same latent issue but has + // shipped without incident; chicago places itself correctly. + if ( + feature("CHICAGO_MCP") && + getPlatform() !== "unknown" && + !getIsNonInteractiveSession() + ) { + try { + const { getChicagoEnabled } = + await import("src/utils/computerUse/gates.js"); + if (getChicagoEnabled()) { + const { setupComputerUseMCP } = + await import("src/utils/computerUse/setup.js"); + const { mcpConfig, allowedTools: cuTools } = + setupComputerUseMCP(); + dynamicMcpConfig = { + ...dynamicMcpConfig, + ...mcpConfig, + }; + allowedTools.push(...cuTools); + } + } catch (error) { + logForDebugging( + `[Computer Use MCP] Setup failed: ${errorMessage(error)}`, + ); + } + } + + // Store additional directories for CLAUDE.md loading (controlled by env var) + setAdditionalDirectoriesForClaudeMd(addDir); + + // Channel server allowlist from --channels flag — servers whose + // inbound push notifications should register this session. The option + // is added inside a feature() block so TS doesn't know about it + // on the options type — same pattern as --assistant at main.tsx:1824. + // devChannels is deferred: showSetupScreens shows a confirmation dialog + // and only appends to allowedChannels on accept. + let devChannels: ChannelEntry[] | undefined; + if (feature("KAIROS") || feature("KAIROS_CHANNELS")) { + // Parse plugin:name@marketplace / server:Y tags into typed entries. + // Tag decides trust model downstream: plugin-kind hits marketplace + // verification + GrowthBook allowlist, server-kind always fails + // allowlist (schema is plugin-only) unless dev flag is set. + // Untagged or marketplace-less plugin entries are hard errors — + // silently not-matching in the gate would look like channels are + // "on" but nothing ever fires. + const parseChannelEntries = ( + raw: string[], + flag: string, + ): ChannelEntry[] => { + const entries: ChannelEntry[] = []; + const bad: string[] = []; + for (const c of raw) { + if (c.startsWith("plugin:")) { + const rest = c.slice(7); + const at = rest.indexOf("@"); + if (at <= 0 || at === rest.length - 1) { + bad.push(c); + } else { + entries.push({ + kind: "plugin", + name: rest.slice(0, at), + marketplace: rest.slice(at + 1), + }); + } + } else if (c.startsWith("server:") && c.length > 7) { + entries.push({ kind: "server", name: c.slice(7) }); + } else { + bad.push(c); + } + } + if (bad.length > 0) { + process.stderr.write( + chalk.red( + `${flag} entries must be tagged: ${bad.join(", ")}\n` + + ` plugin:@ — plugin-provided channel (allowlist enforced)\n` + + ` server: — manually configured MCP server\n`, + ), + ); + process.exit(1); + } + return entries; + }; + + const channelOpts = options as { + channels?: string[]; + dangerouslyLoadDevelopmentChannels?: string[]; + }; + const rawChannels = channelOpts.channels; + const rawDev = channelOpts.dangerouslyLoadDevelopmentChannels; + // Always parse + set. ChannelsNotice reads getAllowedChannels() and + // renders the appropriate branch (disabled/noAuth/policyBlocked/ + // listening) in the startup screen. gateChannelServer() enforces. + // --channels works in both interactive and print/SDK modes; dev-channels + // stays interactive-only (requires a confirmation dialog). + let channelEntries: ChannelEntry[] = []; + if (rawChannels && rawChannels.length > 0) { + channelEntries = parseChannelEntries( + rawChannels, + "--channels", + ); + setAllowedChannels(channelEntries); + } + if (!isNonInteractiveSession) { + if (rawDev && rawDev.length > 0) { + devChannels = parseChannelEntries( + rawDev, + "--dangerously-load-development-channels", + ); + } + } + // Flag-usage telemetry. Plugin identifiers are logged (same tier as + // tengu_plugin_installed — public-registry-style names); server-kind + // names are not (MCP-server-name tier, opt-in-only elsewhere). + // Per-server gate outcomes land in tengu_mcp_channel_gate once + // servers connect. Dev entries go through a confirmation dialog after + // this — dev_plugins captures what was typed, not what was accepted. + if ( + channelEntries.length > 0 || + (devChannels?.length ?? 0) > 0 + ) { + const joinPluginIds = (entries: ChannelEntry[]) => { + const ids = entries.flatMap((e) => + e.kind === "plugin" + ? [`${e.name}@${e.marketplace}`] + : [], + ); + return ids.length > 0 + ? (ids + .sort() + .join( + ",", + ) as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS) + : undefined; + }; + logEvent("tengu_mcp_channel_flags", { + channels_count: channelEntries.length, + dev_count: devChannels?.length ?? 0, + plugins: joinPluginIds(channelEntries), + dev_plugins: joinPluginIds(devChannels ?? []), + }); + } + } + + // SDK opt-in for SendUserMessage via --tools. All sessions require + // explicit opt-in; listing it in --tools signals intent. Runs BEFORE + // initializeToolPermissionContext so getToolsForDefaultPreset() sees + // the tool as enabled when computing the base-tools disallow filter. + // Conditional require avoids leaking the tool-name string into + // external builds. + if ( + (feature("KAIROS") || feature("KAIROS_BRIEF")) && + baseTools.length > 0 + ) { + /* eslint-disable @typescript-eslint/no-require-imports */ + const { BRIEF_TOOL_NAME, LEGACY_BRIEF_TOOL_NAME } = + require("./tools/BriefTool/prompt.js") as typeof import("./tools/BriefTool/prompt.js"); + const { isBriefEntitled } = + require("./tools/BriefTool/BriefTool.js") as typeof import("./tools/BriefTool/BriefTool.js"); + /* eslint-enable @typescript-eslint/no-require-imports */ + const parsed = parseToolListFromCLI(baseTools); + if ( + (parsed.includes(BRIEF_TOOL_NAME) || + parsed.includes(LEGACY_BRIEF_TOOL_NAME)) && + isBriefEntitled() + ) { + setUserMsgOptIn(true); + } + } + + // This await replaces blocking existsSync/statSync calls that were already in + // the startup path. Wall-clock time is unchanged; we just yield to the event + // loop during the fs I/O instead of blocking it. See #19661. + const initResult = await initializeToolPermissionContext({ + allowedToolsCli: allowedTools, + disallowedToolsCli: disallowedTools, + baseToolsCli: baseTools, + permissionMode, + allowDangerouslySkipPermissions, + addDirs: addDir, + }); + let toolPermissionContext = initResult.toolPermissionContext; + const { + warnings, + dangerousPermissions, + overlyBroadBashPermissions, + } = initResult; + + // Handle overly broad shell allow rules for ant users (Bash(*), PowerShell(*)) + if ( + process.env.USER_TYPE === "ant" && + overlyBroadBashPermissions.length > 0 + ) { + for (const permission of overlyBroadBashPermissions) { + logForDebugging( + `Ignoring overly broad shell permission ${permission.ruleDisplay} from ${permission.sourceDisplay}`, + ); + } + toolPermissionContext = removeDangerousPermissions( + toolPermissionContext, + overlyBroadBashPermissions, + ); + } + + if ( + feature("TRANSCRIPT_CLASSIFIER") && + dangerousPermissions.length > 0 + ) { + toolPermissionContext = stripDangerousPermissionsForAutoMode( + toolPermissionContext, + ); + } + + // Print any warnings from initialization + warnings.forEach((warning) => { + // biome-ignore lint/suspicious/noConsole:: intentional console output + console.error(warning); + }); + + void assertMinVersion(); + + // claude.ai config fetch: -p mode only (interactive uses useManageMCPConnections + // two-phase loading). Kicked off here to overlap with setup(); awaited + // before runHeadless so single-turn -p sees connectors. Skipped under + // enterprise/strict MCP to preserve policy boundaries. + const claudeaiConfigPromise: Promise< + Record + > = + isNonInteractiveSession && + !strictMcpConfig && + !doesEnterpriseMcpConfigExist() && + // --bare / SIMPLE: skip claude.ai proxy servers (datadog, Gmail, + // Slack, BigQuery, PubMed — 6-14s each to connect). Scripted calls + // that need MCP pass --mcp-config explicitly. + !isBareMode() + ? fetchClaudeAIMcpConfigsIfEligible().then((configs) => { + const { allowed, blocked } = + filterMcpServersByPolicy(configs); + if (blocked.length > 0) { + process.stderr.write( + `Warning: claude.ai MCP ${plural(blocked.length, "server")} blocked by enterprise policy: ${blocked.join(", ")}\n`, + ); + } + return allowed; + }) + : Promise.resolve({}); + + // Kick off MCP config loading early (safe - just reads files, no execution). + // Both interactive and -p use getClaudeCodeMcpConfigs (local file reads only). + // The local promise is awaited later (before prefetchAllMcpResources) to + // overlap config I/O with setup(), commands loading, and trust dialog. + logForDebugging("[STARTUP] Loading MCP configs..."); + const mcpConfigStart = Date.now(); + let mcpConfigResolvedMs: number | undefined; + // --bare skips auto-discovered MCP (.mcp.json, user settings, plugins) — + // only explicit --mcp-config works. dynamicMcpConfig is spread onto + // allMcpConfigs downstream so it survives this skip. + const mcpConfigPromise = ( + strictMcpConfig || isBareMode() + ? Promise.resolve({ + servers: {} as Record< + string, + ScopedMcpServerConfig + >, + }) + : getClaudeCodeMcpConfigs(dynamicMcpConfig) + ).then((result) => { + mcpConfigResolvedMs = Date.now() - mcpConfigStart; + return result; + }); + + // NOTE: We do NOT call prefetchAllMcpResources here - that's deferred until after trust dialog + + if ( + inputFormat && + inputFormat !== "text" && + inputFormat !== "stream-json" + ) { + // biome-ignore lint/suspicious/noConsole:: intentional console output + console.error(`Error: Invalid input format "${inputFormat}".`); + process.exit(1); + } + if ( + inputFormat === "stream-json" && + outputFormat !== "stream-json" + ) { + // biome-ignore lint/suspicious/noConsole:: intentional console output + console.error( + `Error: --input-format=stream-json requires output-format=stream-json.`, + ); + process.exit(1); + } + + // Validate sdkUrl is only used with appropriate formats (formats are auto-set above) + if (sdkUrl) { + if ( + inputFormat !== "stream-json" || + outputFormat !== "stream-json" + ) { + // biome-ignore lint/suspicious/noConsole:: intentional console output + console.error( + `Error: --sdk-url requires both --input-format=stream-json and --output-format=stream-json.`, + ); + process.exit(1); + } + } + + // Validate replayUserMessages is only used with stream-json formats + if (options.replayUserMessages) { + if ( + inputFormat !== "stream-json" || + outputFormat !== "stream-json" + ) { + // biome-ignore lint/suspicious/noConsole:: intentional console output + console.error( + `Error: --replay-user-messages requires both --input-format=stream-json and --output-format=stream-json.`, + ); + process.exit(1); + } + } + + // Validate includePartialMessages is only used with print mode and stream-json output + if (effectiveIncludePartialMessages) { + if ( + !isNonInteractiveSession || + outputFormat !== "stream-json" + ) { + writeToStderr( + `Error: --include-partial-messages requires --print and --output-format=stream-json.`, + ); + process.exit(1); + } + } + + // Validate --no-session-persistence is only used with print mode + if ( + options.sessionPersistence === false && + !isNonInteractiveSession + ) { + writeToStderr( + `Error: --no-session-persistence can only be used with --print mode.`, + ); + process.exit(1); + } + + const effectivePrompt = prompt || ""; + let inputPrompt = await getInputPrompt( + effectivePrompt, + (inputFormat ?? "text") as "text" | "stream-json", + ); + profileCheckpoint("action_after_input_prompt"); + + // Activate proactive mode BEFORE getTools() so SleepTool.isEnabled() + // (which returns isProactiveActive()) passes and Sleep is included. + // The later REPL-path maybeActivateProactive() calls are idempotent. + maybeActivateProactive(options); + + let tools = getTools(toolPermissionContext); + + // Apply coordinator mode tool filtering for headless path + // (mirrors useMergedTools.ts filtering for REPL/interactive path) + if ( + feature("COORDINATOR_MODE") && + isEnvTruthy(process.env.CLAUDE_CODE_COORDINATOR_MODE) + ) { + const { applyCoordinatorToolFilter } = + await import("./utils/toolPool.js"); + tools = applyCoordinatorToolFilter(tools); + } + + profileCheckpoint("action_tools_loaded"); + + let jsonSchema: ToolInputJSONSchema | undefined; + if ( + isSyntheticOutputToolEnabled({ isNonInteractiveSession }) && + options.jsonSchema + ) { + jsonSchema = jsonParse( + options.jsonSchema, + ) as ToolInputJSONSchema; + } + + if (jsonSchema) { + const syntheticOutputResult = + createSyntheticOutputTool(jsonSchema); + if ("tool" in syntheticOutputResult) { + // Add SyntheticOutputTool to the tools array AFTER getTools() filtering. + // This tool is excluded from normal filtering (see tools.ts) because it's + // an implementation detail for structured output, not a user-controlled tool. + tools = [...tools, syntheticOutputResult.tool]; + + logEvent("tengu_structured_output_enabled", { + schema_property_count: Object.keys( + (jsonSchema.properties as Record< + string, + unknown + >) || {}, + ) + .length as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + has_required_fields: Boolean( + jsonSchema.required, + ) as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + }); + } else { + logEvent("tengu_structured_output_failure", { + error: "Invalid JSON schema" as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + }); + } + } + + // IMPORTANT: setup() must be called before any other code that depends on the cwd or worktree setup + profileCheckpoint("action_before_setup"); + logForDebugging("[STARTUP] Running setup()..."); + const setupStart = Date.now(); + const { setup } = await import("./setup.js"); + const messagingSocketPath = feature("UDS_INBOX") + ? (options as { messagingSocketPath?: string }) + .messagingSocketPath + : undefined; + // Parallelize setup() with commands+agents loading. setup()'s ~28ms is + // mostly startUdsMessaging (socket bind, ~20ms) — not disk-bound, so it + // doesn't contend with getCommands' file reads. Gated on !worktreeEnabled + // since --worktree makes setup() process.chdir() (setup.ts:203), and + // commands/agents need the post-chdir cwd. + const preSetupCwd = getCwd(); + // Register bundled skills/plugins before kicking getCommands() — they're + // pure in-memory array pushes (<1ms, zero I/O) that getBundledSkills() + // reads synchronously. Previously ran inside setup() after ~20ms of + // await points, so the parallel getCommands() memoized an empty list. + if (process.env.CLAUDE_CODE_ENTRYPOINT !== "local-agent") { + initBuiltinPlugins(); + initBundledSkills(); + } + const setupPromise = setup( + preSetupCwd, + permissionMode, + allowDangerouslySkipPermissions, + worktreeEnabled, + worktreeName, + tmuxEnabled, + sessionId ? validateUuid(sessionId) : undefined, + worktreePRNumber, + messagingSocketPath, + ); + const commandsPromise = worktreeEnabled + ? null + : getCommands(preSetupCwd); + const agentDefsPromise = worktreeEnabled + ? null + : getAgentDefinitionsWithOverrides(preSetupCwd); + // Suppress transient unhandledRejection if these reject during the + // ~28ms setupPromise await before Promise.all joins them below. + commandsPromise?.catch(() => {}); + agentDefsPromise?.catch(() => {}); + await setupPromise; + logForDebugging( + `[STARTUP] setup() completed in ${Date.now() - setupStart}ms`, + ); + profileCheckpoint("action_after_setup"); + + // Replay user messages into stream-json only when the socket was + // explicitly requested. The auto-generated socket is passive — it + // lets tools inject if they want to, but turning it on by default + // shouldn't reshape stream-json for SDK consumers who never touch it. + // Callers who inject and also want those injections visible in the + // stream pass --messaging-socket-path explicitly (or --replay-user-messages). + let effectiveReplayUserMessages = !!options.replayUserMessages; + if (feature("UDS_INBOX")) { + if ( + !effectiveReplayUserMessages && + outputFormat === "stream-json" + ) { + effectiveReplayUserMessages = !!( + options as { messagingSocketPath?: string } + ).messagingSocketPath; + } + } + + if (getIsNonInteractiveSession()) { + // Apply full merged settings env now (including project-scoped + // .claude/settings.json PATH/GIT_DIR/GIT_WORK_TREE) so gitExe() and + // the git spawn below see it. Trust is implicit in -p mode; the + // docstring at managedEnv.ts:96-97 says this applies "potentially + // dangerous environment variables such as LD_PRELOAD, PATH" from all + // sources. The later call in the isNonInteractiveSession block below + // is idempotent (Object.assign, configureGlobalAgents ejects prior + // interceptor) and picks up any plugin-contributed env after plugin + // init. Project settings are already loaded here: + // applySafeConfigEnvironmentVariables in init() called + // getSettings_DEPRECATED at managedEnv.ts:86 which merges all enabled + // sources including projectSettings/localSettings. + applyConfigEnvironmentVariables(); + + // Spawn git status/log/branch now so the subprocess execution overlaps + // with the getCommands await below and startDeferredPrefetches. After + // setup() so cwd is final (setup.ts:254 may process.chdir(worktreePath) + // for --worktree) and after the applyConfigEnvironmentVariables above + // so PATH/GIT_DIR/GIT_WORK_TREE from all sources (trusted + project) + // are applied. getSystemContext is memoized; the + // prefetchSystemContextIfSafe call in startDeferredPrefetches becomes + // a cache hit. The microtask from await getIsGit() drains at the + // getCommands Promise.all await below. Trust is implicit in -p mode + // (same gate as prefetchSystemContextIfSafe). + void getSystemContext(); + // Kick getUserContext now too — its first await (fs.readFile in + // getMemoryFiles) yields naturally, so the CLAUDE.md directory walk + // runs during the ~280ms overlap window before the context + // Promise.all join in print.ts. The void getUserContext() in + // startDeferredPrefetches becomes a memoize cache-hit. + void getUserContext(); + // Kick ensureModelStringsInitialized now — for Bedrock this triggers + // a 100-200ms profile fetch that was awaited serially at + // print.ts:739. updateBedrockModelStrings is sequential()-wrapped so + // the await joins the in-flight fetch. Non-Bedrock is a sync + // early-return (zero-cost). + void ensureModelStringsInitialized(); + } + + // Apply --name: cache-only so no orphan file is created before the + // session ID is finalized by --continue/--resume. materializeSessionFile + // persists it on the first user message; REPL's useTerminalTitle reads it + // via getCurrentSessionTitle. + const sessionNameArg = options.name?.trim(); + if (sessionNameArg) { + cacheSessionTitle(sessionNameArg); + } + + // Ant model aliases (capybara-fast etc.) resolve via the + // tengu_ant_model_override GrowthBook flag. _CACHED_MAY_BE_STALE reads + // disk synchronously; disk is populated by a fire-and-forget write. On a + // cold cache, parseUserSpecifiedModel returns the unresolved alias, the + // API 404s, and -p exits before the async write lands — crashloop on + // fresh pods. Awaiting init here populates the in-memory payload map that + // _CACHED_MAY_BE_STALE now checks first. Gated so the warm path stays + // non-blocking: + // - explicit model via --model or ANTHROPIC_MODEL (both feed alias resolution) + // - no env override (which short-circuits _CACHED_MAY_BE_STALE before disk) + // - flag absent from disk (== null also catches pre-#22279 poisoned null) + const explicitModel = options.model || process.env.ANTHROPIC_MODEL; + if ( + process.env.USER_TYPE === "ant" && + explicitModel && + explicitModel !== "default" && + !hasGrowthBookEnvOverride("tengu_ant_model_override") && + getGlobalConfig().cachedGrowthBookFeatures?.[ + "tengu_ant_model_override" + ] == null + ) { + await initializeGrowthBook(); + } + + // Special case the default model with the null keyword + // NOTE: Model resolution happens after setup() to ensure trust is established before AWS auth + const userSpecifiedModel = + options.model === "default" + ? getDefaultMainLoopModel() + : options.model; + const userSpecifiedFallbackModel = + fallbackModel === "default" + ? getDefaultMainLoopModel() + : fallbackModel; + + // Reuse preSetupCwd unless setup() chdir'd (worktreeEnabled). Saves a + // getCwd() syscall in the common path. + const currentCwd = worktreeEnabled ? getCwd() : preSetupCwd; + logForDebugging("[STARTUP] Loading commands and agents..."); + const commandsStart = Date.now(); + // Join the promises kicked before setup() (or start fresh if + // worktreeEnabled gated the early kick). Both memoized by cwd. + const [commands, agentDefinitionsResult] = await Promise.all([ + commandsPromise ?? getCommands(currentCwd), + agentDefsPromise ?? + getAgentDefinitionsWithOverrides(currentCwd), + ]); + logForDebugging( + `[STARTUP] Commands and agents loaded in ${Date.now() - commandsStart}ms`, + ); + profileCheckpoint("action_commands_loaded"); + + // Parse CLI agents if provided via --agents flag + let cliAgents: typeof agentDefinitionsResult.activeAgents = []; + if (agentsJson) { + try { + const parsedAgents = safeParseJSON(agentsJson); + if (parsedAgents) { + cliAgents = parseAgentsFromJson( + parsedAgents, + "flagSettings", + ); + } + } catch (error) { + logError(error); + } + } + + // Merge CLI agents with existing ones + const allAgents = [ + ...agentDefinitionsResult.allAgents, + ...cliAgents, + ]; + const agentDefinitions = { + ...agentDefinitionsResult, + allAgents, + activeAgents: getActiveAgentsFromList(allAgents), + }; + + // Look up main thread agent from CLI flag or settings + const agentSetting = agentCli ?? getInitialSettings().agent; + let mainThreadAgentDefinition: + | (typeof agentDefinitions.activeAgents)[number] + | undefined; + if (agentSetting) { + mainThreadAgentDefinition = agentDefinitions.activeAgents.find( + (agent) => agent.agentType === agentSetting, + ); + if (!mainThreadAgentDefinition) { + logForDebugging( + `Warning: agent "${agentSetting}" not found. ` + + `Available agents: ${agentDefinitions.activeAgents.map((a) => a.agentType).join(", ")}. ` + + `Using default behavior.`, + ); + } + } + + // Store the main thread agent type in bootstrap state so hooks can access it + setMainThreadAgentType(mainThreadAgentDefinition?.agentType); + + // Log agent flag usage — only log agent name for built-in agents to avoid leaking custom agent names + if (mainThreadAgentDefinition) { + logEvent("tengu_agent_flag", { + agentType: isBuiltInAgent(mainThreadAgentDefinition) + ? (mainThreadAgentDefinition.agentType as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS) + : ("custom" as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS), + ...(agentCli && { + source: "cli" as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + }), + }); + } + + // Persist agent setting to session transcript for resume view display and restoration + if (mainThreadAgentDefinition?.agentType) { + saveAgentSetting(mainThreadAgentDefinition.agentType); + } + + // Apply the agent's system prompt for non-interactive sessions + // (interactive mode uses buildEffectiveSystemPrompt instead) + if ( + isNonInteractiveSession && + mainThreadAgentDefinition && + !systemPrompt && + !isBuiltInAgent(mainThreadAgentDefinition) + ) { + const agentSystemPrompt = + mainThreadAgentDefinition.getSystemPrompt(); + if (agentSystemPrompt) { + systemPrompt = agentSystemPrompt; + } + } + + // initialPrompt goes first so its slash command (if any) is processed; + // user-provided text becomes trailing context. + // Only concatenate when inputPrompt is a string. When it's an + // AsyncIterable (SDK stream-json mode), template interpolation would + // call .toString() producing "[object Object]". The AsyncIterable case + // is handled in print.ts via structuredIO.prependUserMessage(). + if (mainThreadAgentDefinition?.initialPrompt) { + if (typeof inputPrompt === "string") { + inputPrompt = inputPrompt + ? `${mainThreadAgentDefinition.initialPrompt}\n\n${inputPrompt}` + : mainThreadAgentDefinition.initialPrompt; + } else if (!inputPrompt) { + inputPrompt = mainThreadAgentDefinition.initialPrompt; + } + } + + // Compute effective model early so hooks can run in parallel with MCP + // If user didn't specify a model but agent has one, use the agent's model + let effectiveModel = userSpecifiedModel; + if ( + !effectiveModel && + mainThreadAgentDefinition?.model && + mainThreadAgentDefinition.model !== "inherit" + ) { + effectiveModel = parseUserSpecifiedModel( + mainThreadAgentDefinition.model, + ); + } + + setMainLoopModelOverride(effectiveModel); + + // Compute resolved model for hooks (use user-specified model at launch) + setInitialMainLoopModel(getUserSpecifiedModelSetting() || null); + const initialMainLoopModel = getInitialMainLoopModel(); + const resolvedInitialModel = parseUserSpecifiedModel( + initialMainLoopModel ?? getDefaultMainLoopModel(), + ); + + let advisorModel: string | undefined; + if (isAdvisorEnabled()) { + const advisorOption = canUserConfigureAdvisor() + ? (options as { advisor?: string }).advisor + : undefined; + if (advisorOption) { + logForDebugging(`[AdvisorTool] --advisor ${advisorOption}`); + if (!modelSupportsAdvisor(resolvedInitialModel)) { + process.stderr.write( + chalk.red( + `Error: The model "${resolvedInitialModel}" does not support the advisor tool.\n`, + ), + ); + process.exit(1); + } + const normalizedAdvisorModel = normalizeModelStringForAPI( + parseUserSpecifiedModel(advisorOption), + ); + if (!isValidAdvisorModel(normalizedAdvisorModel)) { + process.stderr.write( + chalk.red( + `Error: The model "${advisorOption}" cannot be used as an advisor.\n`, + ), + ); + process.exit(1); + } + } + advisorModel = canUserConfigureAdvisor() + ? (advisorOption ?? getInitialAdvisorSetting()) + : advisorOption; + if (advisorModel) { + logForDebugging( + `[AdvisorTool] Advisor model: ${advisorModel}`, + ); + } + } + + // For tmux teammates with --agent-type, append the custom agent's prompt + if ( + isAgentSwarmsEnabled() && + storedTeammateOpts?.agentId && + storedTeammateOpts?.agentName && + storedTeammateOpts?.teamName && + storedTeammateOpts?.agentType + ) { + // Look up the custom agent definition + const customAgent = agentDefinitions.activeAgents.find( + (a) => a.agentType === storedTeammateOpts.agentType, + ); + if (customAgent) { + // Get the prompt - need to handle both built-in and custom agents + let customPrompt: string | undefined; + if (customAgent.source === "built-in") { + // Built-in agents have getSystemPrompt that takes toolUseContext + // We can't access full toolUseContext here, so skip for now + logForDebugging( + `[teammate] Built-in agent ${storedTeammateOpts.agentType} - skipping custom prompt (not supported)`, + ); + } else { + // Custom agents have getSystemPrompt that takes no args + customPrompt = customAgent.getSystemPrompt(); + } + + // Log agent memory loaded event for tmux teammates + if (customAgent.memory) { + logEvent("tengu_agent_memory_loaded", { + ...(process.env.USER_TYPE === "ant" && { + agent_type: + customAgent.agentType as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + }), + scope: customAgent.memory as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + source: "teammate" as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + }); + } + + if (customPrompt) { + const customInstructions = `\n# Custom Agent Instructions\n${customPrompt}`; + appendSystemPrompt = appendSystemPrompt + ? `${appendSystemPrompt}\n\n${customInstructions}` + : customInstructions; + } + } else { + logForDebugging( + `[teammate] Custom agent ${storedTeammateOpts.agentType} not found in available agents`, + ); + } + } + + maybeActivateBrief(options); + // defaultView: 'chat' is a persisted opt-in — check entitlement and set + // userMsgOptIn so the tool + prompt section activate. Interactive-only: + // defaultView is a display preference; SDK sessions have no display, and + // the assistant installer writes defaultView:'chat' to settings.local.json + // which would otherwise leak into --print sessions in the same directory. + // Runs right after maybeActivateBrief() so all startup opt-in paths fire + // BEFORE any isBriefEnabled() read below (proactive prompt's + // briefVisibility). A persisted 'chat' after a GB kill-switch falls + // through (entitlement fails). + if ( + (feature("KAIROS") || feature("KAIROS_BRIEF")) && + !getIsNonInteractiveSession() && + !getUserMsgOptIn() && + getInitialSettings().defaultView === "chat" + ) { + /* eslint-disable @typescript-eslint/no-require-imports */ + const { isBriefEntitled } = + require("./tools/BriefTool/BriefTool.js") as typeof import("./tools/BriefTool/BriefTool.js"); + /* eslint-enable @typescript-eslint/no-require-imports */ + if (isBriefEntitled()) { + setUserMsgOptIn(true); + } + } + // Coordinator mode has its own system prompt and filters out Sleep, so + // the generic proactive prompt would tell it to call a tool it can't + // access and conflict with delegation instructions. + if ( + (feature("PROACTIVE") || feature("KAIROS")) && + ((options as { proactive?: boolean }).proactive || + isEnvTruthy(process.env.CLAUDE_CODE_PROACTIVE)) && + !coordinatorModeModule?.isCoordinatorMode() + ) { + /* eslint-disable @typescript-eslint/no-require-imports */ + const briefVisibility = + feature("KAIROS") || feature("KAIROS_BRIEF") + ? ( + require("./tools/BriefTool/BriefTool.js") as typeof import("./tools/BriefTool/BriefTool.js") + ).isBriefEnabled() + ? "Call SendUserMessage at checkpoints to mark where things stand." + : "The user will see any text you output." + : "The user will see any text you output."; + /* eslint-enable @typescript-eslint/no-require-imports */ + const proactivePrompt = `\n# Proactive Mode\n\nYou are in proactive mode. Take initiative — explore, act, and make progress without waiting for instructions.\n\nStart by briefly greeting the user.\n\nYou will receive periodic prompts. These are check-ins. Do whatever seems most useful, or call Sleep if there's nothing to do. ${briefVisibility}`; + appendSystemPrompt = appendSystemPrompt + ? `${appendSystemPrompt}\n\n${proactivePrompt}` + : proactivePrompt; + } + + if (feature("KAIROS") && kairosEnabled && assistantModule) { + const assistantAddendum = + assistantModule.getAssistantSystemPromptAddendum(); + appendSystemPrompt = appendSystemPrompt + ? `${appendSystemPrompt}\n\n${assistantAddendum}` + : assistantAddendum; + } + + // Ink root is only needed for interactive sessions — patchConsole in the + // Ink constructor would swallow console output in headless mode. + let root!: Root; + let getFpsMetrics!: () => FpsMetrics | undefined; + let stats!: StatsStore; + + // Show setup screens after commands are loaded + if (!isNonInteractiveSession) { + const ctx = getRenderContext(false); + getFpsMetrics = ctx.getFpsMetrics; + stats = ctx.stats; + // Install asciicast recorder before Ink mounts (ant-only, opt-in via CLAUDE_CODE_TERMINAL_RECORDING=1) + if (process.env.USER_TYPE === "ant") { + installAsciicastRecorder(); + } + + const { createRoot } = await import("./ink.js"); + root = await createRoot(ctx.renderOptions); + + // Log startup time now, before any blocking dialog renders. Logging + // from REPL's first render (the old location) included however long + // the user sat on trust/OAuth/onboarding/resume-picker — p99 was ~70s + // dominated by dialog-wait time, not code-path startup. + logEvent("tengu_timer", { + event: "startup" as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + durationMs: Math.round(process.uptime() * 1000), + }); + + logForDebugging("[STARTUP] Running showSetupScreens()..."); + const setupScreensStart = Date.now(); + const onboardingShown = await showSetupScreens( + root, + permissionMode, + allowDangerouslySkipPermissions, + commands, + enableClaudeInChrome, + devChannels, + ); + logForDebugging( + `[STARTUP] showSetupScreens() completed in ${Date.now() - setupScreensStart}ms`, + ); + + // Now that trust is established and GrowthBook has auth headers, + // resolve the --remote-control / --rc entitlement gate. + if ( + feature("BRIDGE_MODE") && + remoteControlOption !== undefined + ) { + const { getBridgeDisabledReason } = + await import("./bridge/bridgeEnabled.js"); + const disabledReason = await getBridgeDisabledReason(); + remoteControl = disabledReason === null; + if (disabledReason) { + process.stderr.write( + chalk.yellow( + `${disabledReason}\n--rc flag ignored.\n`, + ), + ); + } + } + + // Check for pending agent memory snapshot updates (only for --agent mode, ant-only) + if ( + feature("AGENT_MEMORY_SNAPSHOT") && + mainThreadAgentDefinition && + isCustomAgent(mainThreadAgentDefinition) && + mainThreadAgentDefinition.memory && + mainThreadAgentDefinition.pendingSnapshotUpdate + ) { + const agentDef = mainThreadAgentDefinition; + const choice = await launchSnapshotUpdateDialog(root, { + agentType: agentDef.agentType, + scope: agentDef.memory!, + snapshotTimestamp: + agentDef.pendingSnapshotUpdate!.snapshotTimestamp, + }); + if (choice === "merge") { + const { buildMergePrompt } = + await import("./components/agents/SnapshotUpdateDialog.js"); + const mergePrompt = buildMergePrompt( + agentDef.agentType, + agentDef.memory!, + ); + inputPrompt = inputPrompt + ? `${mergePrompt}\n\n${inputPrompt}` + : mergePrompt; + } + agentDef.pendingSnapshotUpdate = undefined; + } + + // Skip executing /login if we just completed onboarding for it + if ( + onboardingShown && + prompt?.trim().toLowerCase() === "/login" + ) { + prompt = ""; + } + + if (onboardingShown) { + // Refresh auth-dependent services now that the user has logged in during onboarding. + // Keep in sync with the post-login logic in src/commands/login.tsx + void refreshRemoteManagedSettings(); + void refreshPolicyLimits(); + // Clear user data cache BEFORE GrowthBook refresh so it picks up fresh credentials + resetUserCache(); + // Refresh GrowthBook after login to get updated feature flags (e.g., for claude.ai MCPs) + refreshGrowthBookAfterAuthChange(); + // Clear any stale trusted device token then enroll for Remote Control. + // Both self-gate on tengu_sessions_elevated_auth_enforcement internally + // — enrollTrustedDevice() via checkGate_CACHED_OR_BLOCKING (awaits + // the GrowthBook reinit above), clearTrustedDeviceToken() via the + // sync cached check (acceptable since clear is idempotent). + void import("./bridge/trustedDevice.js").then((m) => { + m.clearTrustedDeviceToken(); + return m.enrollTrustedDevice(); + }); + } + + // Validate that the active token's org matches forceLoginOrgUUID (if set + // in managed settings). Runs after onboarding so managed settings and + // login state are fully loaded. + const orgValidation = await validateForceLoginOrg(); + if (!orgValidation.valid) { + await exitWithError(root, orgValidation.message); + } + } + + // If gracefulShutdown was initiated (e.g., user rejected trust dialog), + // process.exitCode will be set. Skip all subsequent operations that could + // trigger code execution before the process exits (e.g. we don't want apiKeyHelper + // to run if trust was not established). + if (process.exitCode !== undefined) { + logForDebugging( + "Graceful shutdown initiated, skipping further initialization", + ); + return; + } + + // Initialize LSP manager AFTER trust is established (or in non-interactive mode + // where trust is implicit). This prevents plugin LSP servers from executing + // code in untrusted directories before user consent. + // Must be after inline plugins are set (if any) so --plugin-dir LSP servers are included. + initializeLspServerManager(); + + // Show settings validation errors after trust is established + // MCP config errors don't block settings from loading, so exclude them + if (!isNonInteractiveSession) { + const { errors } = getSettingsWithErrors(); + const nonMcpErrors = errors.filter((e) => !e.mcpErrorMetadata); + if (nonMcpErrors.length > 0) { + await launchInvalidSettingsDialog(root, { + settingsErrors: nonMcpErrors, + onExit: () => gracefulShutdownSync(1), + }); + } + } + + // Check quota status, fast mode, passes eligibility, and bootstrap data + // after trust is established. These make API calls which could trigger + // apiKeyHelper execution. + // --bare / SIMPLE: skip — these are cache-warms for the REPL's + // first-turn responsiveness (quota, passes, fastMode, bootstrap data). Fast + // mode doesn't apply to the Agent SDK anyway (see getFastModeUnavailableReason). + const bgRefreshThrottleMs = getFeatureValue_CACHED_MAY_BE_STALE( + "tengu_cicada_nap_ms", + 0, + ); + const lastPrefetched = getGlobalConfig().startupPrefetchedAt ?? 0; + const skipStartupPrefetches = + isBareMode() || + (bgRefreshThrottleMs > 0 && + Date.now() - lastPrefetched < bgRefreshThrottleMs); + + if (!skipStartupPrefetches) { + const lastPrefetchedInfo = + lastPrefetched > 0 + ? ` last ran ${Math.round((Date.now() - lastPrefetched) / 1000)}s ago` + : ""; + logForDebugging( + `Starting background startup prefetches${lastPrefetchedInfo}`, + ); + + checkQuotaStatus().catch((error) => logError(error)); + + // Fetch bootstrap data from the server and update all cache values. + void fetchBootstrapData(); + + // TODO: Consolidate other prefetches into a single bootstrap request. + void prefetchPassesEligibility(); + if ( + !getFeatureValue_CACHED_MAY_BE_STALE( + "tengu_miraculo_the_bard", + false, + ) + ) { + void prefetchFastModeStatus(); + } else { + // Kill switch skips the network call, not org-policy enforcement. + // Resolve from cache so orgStatus doesn't stay 'pending' (which + // getFastModeUnavailableReason treats as permissive). + resolveFastModeStatusFromCache(); + } + if (bgRefreshThrottleMs > 0) { + saveGlobalConfig((current) => ({ + ...current, + startupPrefetchedAt: Date.now(), + })); + } + } else { + logForDebugging( + `Skipping startup prefetches, last ran ${Math.round((Date.now() - lastPrefetched) / 1000)}s ago`, + ); + // Resolve fast mode org status from cache (no network) + resolveFastModeStatusFromCache(); + } + + if (!isNonInteractiveSession) { + void refreshExampleCommands(); // Pre-fetch example commands (runs git log, no API call) + } + + // Resolve MCP configs (started early, overlaps with setup/trust dialog work) + const { servers: existingMcpConfigs } = await mcpConfigPromise; + logForDebugging( + `[STARTUP] MCP configs resolved in ${mcpConfigResolvedMs}ms (awaited at +${Date.now() - mcpConfigStart}ms)`, + ); + // CLI flag (--mcp-config) should override file-based configs, matching settings precedence + const allMcpConfigs = { + ...existingMcpConfigs, + ...dynamicMcpConfig, + }; + + // Separate SDK configs from regular MCP configs + const sdkMcpConfigs: Record = {}; + const regularMcpConfigs: Record = {}; + + for (const [name, config] of Object.entries(allMcpConfigs)) { + const typedConfig = config as + | ScopedMcpServerConfig + | McpSdkServerConfig; + if (typedConfig.type === "sdk") { + sdkMcpConfigs[name] = typedConfig as McpSdkServerConfig; + } else { + regularMcpConfigs[name] = + typedConfig as ScopedMcpServerConfig; + } + } + + profileCheckpoint("action_mcp_configs_loaded"); + + // Prefetch MCP resources after trust dialog (this is where execution happens). + // Interactive mode only: print mode defers connects until headlessStore exists + // and pushes per-server (below), so ToolSearch's pending-client handling works + // and one slow server doesn't block the batch. + const localMcpPromise = isNonInteractiveSession + ? Promise.resolve({ clients: [], tools: [], commands: [] }) + : prefetchAllMcpResources(regularMcpConfigs); + const claudeaiMcpPromise = isNonInteractiveSession + ? Promise.resolve({ clients: [], tools: [], commands: [] }) + : claudeaiConfigPromise.then((configs) => + Object.keys(configs).length > 0 + ? prefetchAllMcpResources(configs) + : { clients: [], tools: [], commands: [] }, + ); + // Merge with dedup by name: each prefetchAllMcpResources call independently + // adds helper tools (ListMcpResourcesTool, ReadMcpResourceTool) via + // local dedup flags, so merging two calls can yield duplicates. print.ts + // already uniqBy's the final tool pool, but dedup here keeps appState clean. + const mcpPromise = Promise.all([ + localMcpPromise, + claudeaiMcpPromise, + ]).then(([local, claudeai]) => ({ + clients: [...local.clients, ...claudeai.clients], + tools: uniqBy([...local.tools, ...claudeai.tools], "name"), + commands: uniqBy( + [...local.commands, ...claudeai.commands], + "name", + ), + })); + + // Start hooks early so they run in parallel with MCP connections. + // Skip for initOnly/init/maintenance (handled separately), non-interactive + // (handled via setupTrigger), and resume/continue (conversationRecovery.ts + // fires 'resume' instead — without this guard, hooks fire TWICE on /resume + // and the second systemMessage clobbers the first. gh-30825) + const hooksPromise = + initOnly || + init || + maintenance || + isNonInteractiveSession || + options.continue || + options.resume + ? null + : processSessionStartHooks("startup", { + agentType: mainThreadAgentDefinition?.agentType, + model: resolvedInitialModel, + }); + + // MCP never blocks REPL render OR turn 1 TTFT. useManageMCPConnections + // populates appState.mcp async as servers connect (connectToServer is + // memoized — the prefetch calls above and the hook converge on the same + // connections). getToolUseContext reads store.getState() fresh via + // computeTools(), so turn 1 sees whatever's connected by query time. + // Slow servers populate for turn 2+. Matches interactive-no-prompt + // behavior. Print mode: per-server push into headlessStore (below). + const hookMessages: Awaited> = []; + // Suppress transient unhandledRejection — the prefetch warms the + // memoized connectToServer cache but nobody awaits it in interactive. + mcpPromise.catch(() => {}); + + const mcpClients: Awaited["clients"] = []; + const mcpTools: Awaited["tools"] = []; + const mcpCommands: Awaited["commands"] = []; + + let thinkingEnabled = shouldEnableThinkingByDefault(); + let thinkingConfig: ThinkingConfig = + thinkingEnabled !== false + ? { type: "adaptive" } + : { type: "disabled" }; + + if ( + options.thinking === "adaptive" || + options.thinking === "enabled" + ) { + thinkingEnabled = true; + thinkingConfig = { type: "adaptive" }; + } else if (options.thinking === "disabled") { + thinkingEnabled = false; + thinkingConfig = { type: "disabled" }; + } else { + const maxThinkingTokens = process.env.MAX_THINKING_TOKENS + ? parseInt(process.env.MAX_THINKING_TOKENS, 10) + : options.maxThinkingTokens; + if (maxThinkingTokens !== undefined) { + if (maxThinkingTokens > 0) { + thinkingEnabled = true; + thinkingConfig = { + type: "enabled", + budgetTokens: maxThinkingTokens, + }; + } else if (maxThinkingTokens === 0) { + thinkingEnabled = false; + thinkingConfig = { type: "disabled" }; + } + } + } + + logForDiagnosticsNoPII("info", "started", { + version: MACRO.VERSION, + is_native_binary: isInBundledMode(), + }); + + registerCleanup(async () => { + logForDiagnosticsNoPII("info", "exited"); + }); + + void logTenguInit({ + hasInitialPrompt: Boolean(prompt), + hasStdin: Boolean(inputPrompt), + verbose, + debug, + debugToStderr, + print: print ?? false, + outputFormat: outputFormat ?? "text", + inputFormat: inputFormat ?? "text", + numAllowedTools: allowedTools.length, + numDisallowedTools: disallowedTools.length, + mcpClientCount: Object.keys(allMcpConfigs).length, + worktreeEnabled, + skipWebFetchPreflight: + getInitialSettings().skipWebFetchPreflight, + githubActionInputs: process.env.GITHUB_ACTION_INPUTS, + dangerouslySkipPermissionsPassed: + dangerouslySkipPermissions ?? false, + permissionMode, + modeIsBypass: permissionMode === "bypassPermissions", + allowDangerouslySkipPermissionsPassed: + allowDangerouslySkipPermissions, + systemPromptFlag: systemPrompt + ? options.systemPromptFile + ? "file" + : "flag" + : undefined, + appendSystemPromptFlag: appendSystemPrompt + ? options.appendSystemPromptFile + ? "file" + : "flag" + : undefined, + thinkingConfig, + assistantActivationPath: + feature("KAIROS") && kairosEnabled + ? assistantModule?.getAssistantActivationPath() + : undefined, + }); + + // Log context metrics once at initialization + void logContextMetrics(regularMcpConfigs, toolPermissionContext); + + void logPermissionContextForAnts(null, "initialization"); + + logManagedSettings(); + + // Register PID file for concurrent-session detection (~/.claude/sessions/) + // and fire multi-clauding telemetry. Lives here (not init.ts) so only the + // REPL path registers — not subcommands like `claude doctor`. Chained: + // count must run after register's write completes or it misses our own file. + void registerSession().then((registered) => { + if (!registered) return; + if (sessionNameArg) { + void updateSessionName(sessionNameArg); + } + void countConcurrentSessions().then((count) => { + if (count >= 2) { + logEvent("tengu_concurrent_sessions", { + num_sessions: count, + }); + } + }); + }); + + // Initialize versioned plugins system (triggers V1→V2 migration if + // needed). Then run orphan GC, THEN warm the Grep/Glob exclusion cache. + // Sequencing matters: the warmup scans disk for .orphaned_at markers, + // so it must see the GC's Pass 1 (remove markers from reinstalled + // versions) and Pass 2 (stamp unmarked orphans) already applied. The + // warm also lands before autoupdate (fires on first submit in REPL) + // can orphan this session's active version underneath us. + // --bare / SIMPLE: skip plugin version sync + orphan cleanup. These + // are install/upgrade bookkeeping that scripted calls don't need — + // the next interactive session will reconcile. The await here was + // blocking -p on a marketplace round-trip. + if (isBareMode()) { + // skip — no-op + } else if (isNonInteractiveSession) { + // In headless mode, await to ensure plugin sync completes before CLI exits + await initializeVersionedPlugins(); + profileCheckpoint("action_after_plugins_init"); + void cleanupOrphanedPluginVersionsInBackground().then(() => + getGlobExclusionsForPluginCache(), + ); + } else { + // In interactive mode, fire-and-forget — this is purely bookkeeping + // that doesn't affect runtime behavior of the current session + void initializeVersionedPlugins().then(async () => { + profileCheckpoint("action_after_plugins_init"); + await cleanupOrphanedPluginVersionsInBackground(); + void getGlobExclusionsForPluginCache(); + }); + } + + const setupTrigger = + initOnly || init ? "init" : maintenance ? "maintenance" : null; + if (initOnly) { + applyConfigEnvironmentVariables(); + await processSetupHooks("init", { forceSyncExecution: true }); + await processSessionStartHooks("startup", { + forceSyncExecution: true, + }); + gracefulShutdownSync(0); + return; + } + + // --print mode + if (isNonInteractiveSession) { + if (outputFormat === "stream-json" || outputFormat === "json") { + setHasFormattedOutput(true); + } + + // Apply full environment variables in print mode since trust dialog is bypassed + // This includes potentially dangerous environment variables from untrusted sources + // but print mode is considered trusted (as documented in help text) + applyConfigEnvironmentVariables(); + + // Initialize telemetry after env vars are applied so OTEL endpoint env vars and + // otelHeadersHelper (which requires trust to execute) are available. + initializeTelemetryAfterTrust(); + + // Kick SessionStart hooks now so the subprocess spawn overlaps with + // MCP connect + plugin init + print.ts import below. loadInitialMessages + // joins this at print.ts:4397. Guarded same as loadInitialMessages — + // continue/resume/teleport paths don't fire startup hooks (or fire them + // conditionally inside the resume branch, where this promise is + // undefined and the ?? fallback runs). Also skip when setupTrigger is + // set — those paths run setup hooks first (print.ts:544), and session + // start hooks must wait until setup completes. + const sessionStartHooksPromise = + options.continue || + options.resume || + teleport || + setupTrigger + ? undefined + : processSessionStartHooks("startup"); + // Suppress transient unhandledRejection if this rejects before + // loadInitialMessages awaits it. Downstream await still observes the + // rejection — this just prevents the spurious global handler fire. + sessionStartHooksPromise?.catch(() => {}); + + profileCheckpoint("before_validateForceLoginOrg"); + // Validate org restriction for non-interactive sessions + const orgValidation = await validateForceLoginOrg(); + if (!orgValidation.valid) { + process.stderr.write(orgValidation.message + "\n"); + process.exit(1); + } + + // Headless mode supports all prompt commands and some local commands + // If disableSlashCommands is true, return empty array + const commandsHeadless = disableSlashCommands + ? [] + : commands.filter( + (command) => + (command.type === "prompt" && + !command.disableNonInteractive) || + (command.type === "local" && + command.supportsNonInteractive), + ); + + const defaultState = getDefaultAppState(); + const headlessInitialState: AppState = { + ...defaultState, + mcp: { + ...defaultState.mcp, + clients: mcpClients, + commands: mcpCommands, + tools: mcpTools, + }, + toolPermissionContext, + effortValue: + parseEffortValue(options.effort) ?? + getInitialEffortSetting(), + ...(isFastModeEnabled() && { + fastMode: getInitialFastModeSetting( + effectiveModel ?? null, + ), + }), + ...(isAdvisorEnabled() && advisorModel && { advisorModel }), + // kairosEnabled gates the async fire-and-forget path in + // executeForkedSlashCommand (processSlashCommand.tsx:132) and + // AgentTool's shouldRunAsync. The REPL initialState sets this at + // ~3459; headless was defaulting to false, so the daemon child's + // scheduled tasks and Agent-tool calls ran synchronously — N + // overdue cron tasks on spawn = N serial subagent turns blocking + // user input. Computed at :1620, well before this branch. + ...(feature("KAIROS") ? { kairosEnabled } : {}), + }; + + // Init app state + const headlessStore = createStore( + headlessInitialState, + onChangeAppState, + ); + + // Check if bypassPermissions should be disabled based on Statsig gate + // This runs in parallel to the code below, to avoid blocking the main loop. + if ( + toolPermissionContext.mode === "bypassPermissions" || + allowDangerouslySkipPermissions + ) { + void checkAndDisableBypassPermissions( + toolPermissionContext, + ); + } + + // Async check of auto mode gate — corrects state and disables auto if needed. + // Gated on TRANSCRIPT_CLASSIFIER (not USER_TYPE) so GrowthBook kill switch runs for external builds too. + if (feature("TRANSCRIPT_CLASSIFIER")) { + void verifyAutoModeGateAccess( + toolPermissionContext, + headlessStore.getState().fastMode, + ).then(({ updateContext }) => { + headlessStore.setState((prev) => { + const nextCtx = updateContext( + prev.toolPermissionContext, + ); + if (nextCtx === prev.toolPermissionContext) + return prev; + return { ...prev, toolPermissionContext: nextCtx }; + }); + }); + } + + // Set global state for session persistence + if (options.sessionPersistence === false) { + setSessionPersistenceDisabled(true); + } + + // Store SDK betas in global state for context window calculation + // Only store allowed betas (filters by allowlist and subscriber status) + setSdkBetas(filterAllowedSdkBetas(betas)); + + // Print-mode MCP: per-server incremental push into headlessStore. + // Mirrors useManageMCPConnections — push pending first (so ToolSearch's + // pending-check at ToolSearchTool.ts:334 sees them), then replace with + // connected/failed as each server settles. + const connectMcpBatch = ( + configs: Record, + label: string, + ): Promise => { + if (Object.keys(configs).length === 0) + return Promise.resolve(); + headlessStore.setState((prev) => ({ + ...prev, + mcp: { + ...prev.mcp, + clients: [ + ...prev.mcp.clients, + ...Object.entries(configs).map( + ([name, config]) => ({ + name, + type: "pending" as const, + config, + }), + ), + ], + }, + })); + return getMcpToolsCommandsAndResources( + ({ client, tools, commands }) => { + headlessStore.setState((prev) => ({ + ...prev, + mcp: { + ...prev.mcp, + clients: prev.mcp.clients.some( + (c) => c.name === client.name, + ) + ? prev.mcp.clients.map((c) => + c.name === client.name + ? client + : c, + ) + : [...prev.mcp.clients, client], + tools: uniqBy( + [...prev.mcp.tools, ...tools], + "name", + ), + commands: uniqBy( + [...prev.mcp.commands, ...commands], + "name", + ), + }, + })); + }, + configs, + ).catch((err) => + logForDebugging(`[MCP] ${label} connect error: ${err}`), + ); + }; + // Await all MCP configs — print mode is often single-turn, so + // "late-connecting servers visible next turn" doesn't help. SDK init + // message and turn-1 tool list both need configured MCP tools present. + // Zero-server case is free via the early return in connectMcpBatch. + // Connectors parallelize inside getMcpToolsCommandsAndResources + // (processBatched with Promise.all). claude.ai is awaited too — its + // fetch was kicked off early (line ~2558) so only residual time blocks + // here. --bare skips claude.ai entirely for perf-sensitive scripts. + profileCheckpoint("before_connectMcp"); + await connectMcpBatch(regularMcpConfigs, "regular"); + profileCheckpoint("after_connectMcp"); + // Dedup: suppress plugin MCP servers that duplicate a claude.ai + // connector (connector wins), then connect claude.ai servers. + // Bounded wait — #23725 made this blocking so single-turn -p sees + // connectors, but with 40+ slow connectors tengu_startup_perf p99 + // climbed to 76s. If fetch+connect doesn't finish in time, proceed; + // the promise keeps running and updates headlessStore in the + // background so turn 2+ still sees connectors. + const CLAUDE_AI_MCP_TIMEOUT_MS = 5_000; + const claudeaiConnect = claudeaiConfigPromise.then( + (claudeaiConfigs) => { + if (Object.keys(claudeaiConfigs).length > 0) { + const claudeaiSigs = new Set(); + for (const config of Object.values( + claudeaiConfigs, + )) { + const sig = getMcpServerSignature(config); + if (sig) claudeaiSigs.add(sig); + } + const suppressed = new Set(); + for (const [name, config] of Object.entries( + regularMcpConfigs, + )) { + if (!name.startsWith("plugin:")) continue; + const sig = getMcpServerSignature(config); + if (sig && claudeaiSigs.has(sig)) + suppressed.add(name); + } + if (suppressed.size > 0) { + logForDebugging( + `[MCP] Lazy dedup: suppressing ${suppressed.size} plugin server(s) that duplicate claude.ai connectors: ${[...suppressed].join(", ")}`, + ); + // Disconnect before filtering from state. Only connected + // servers need cleanup — clearServerCache on a never-connected + // server triggers a real connect just to kill it (memoize + // cache-miss path, see useManageMCPConnections.ts:870). + for (const c of headlessStore.getState().mcp + .clients) { + if ( + !suppressed.has(c.name) || + c.type !== "connected" + ) + continue; + c.client.onclose = undefined; + void clearServerCache( + c.name, + c.config, + ).catch(() => {}); + } + headlessStore.setState((prev) => { + let { + clients, + tools, + commands, + resources, + } = prev.mcp; + clients = clients.filter( + (c) => !suppressed.has(c.name), + ); + tools = tools.filter( + (t) => + !t.mcpInfo || + !suppressed.has( + t.mcpInfo.serverName, + ), + ); + for (const name of suppressed) { + commands = excludeCommandsByServer( + commands, + name, + ); + resources = excludeResourcesByServer( + resources, + name, + ); + } + return { + ...prev, + mcp: { + ...prev.mcp, + clients, + tools, + commands, + resources, + }, + }; + }); + } + } + // Suppress claude.ai connectors that duplicate an enabled + // manual server (URL-signature match). Plugin dedup above only + // handles `plugin:*` keys; this catches manual `.mcp.json` entries. + // plugin:* must be excluded here — step 1 already suppressed + // those (claude.ai wins); leaving them in suppresses the + // connector too, and neither survives (gh-39974). + const nonPluginConfigs = pickBy( + regularMcpConfigs, + (_, n) => !n.startsWith("plugin:"), + ); + const { servers: dedupedClaudeAi } = + dedupClaudeAiMcpServers( + claudeaiConfigs, + nonPluginConfigs, + ); + return connectMcpBatch(dedupedClaudeAi, "claudeai"); + }, + ); + let claudeaiTimer: ReturnType | undefined; + const claudeaiTimedOut = await Promise.race([ + claudeaiConnect.then(() => false), + new Promise((resolve) => { + claudeaiTimer = setTimeout( + (r) => r(true), + CLAUDE_AI_MCP_TIMEOUT_MS, + resolve, + ); + }), + ]); + if (claudeaiTimer) clearTimeout(claudeaiTimer); + if (claudeaiTimedOut) { + logForDebugging( + `[MCP] claude.ai connectors not ready after ${CLAUDE_AI_MCP_TIMEOUT_MS}ms — proceeding; background connection continues`, + ); + } + profileCheckpoint("after_connectMcp_claudeai"); + + // In headless mode, start deferred prefetches immediately (no user typing delay) + // --bare / SIMPLE: startDeferredPrefetches early-returns internally. + // backgroundHousekeeping (initExtractMemories, pruneShellSnapshots, + // cleanupOldMessageFiles) and sdkHeapDumpMonitor are all bookkeeping + // that scripted calls don't need — the next interactive session reconciles. + if (!isBareMode()) { + startDeferredPrefetches(); + void import("./utils/backgroundHousekeeping.js").then((m) => + m.startBackgroundHousekeeping(), + ); + if (process.env.USER_TYPE === "ant") { + void import("./utils/sdkHeapDumpMonitor.js").then((m) => + m.startSdkMemoryMonitor(), + ); + } + } + + logSessionTelemetry(); + profileCheckpoint("before_print_import"); + const { runHeadless } = await import("src/cli/print.js"); + profileCheckpoint("after_print_import"); + void runHeadless( + inputPrompt, + () => headlessStore.getState(), + headlessStore.setState, + commandsHeadless, + tools, + sdkMcpConfigs, + agentDefinitions.activeAgents, + { + continue: options.continue, + resume: options.resume, + verbose: verbose, + outputFormat: outputFormat, + jsonSchema, + permissionPromptToolName: options.permissionPromptTool, + allowedTools, + thinkingConfig, + maxTurns: options.maxTurns, + maxBudgetUsd: options.maxBudgetUsd, + taskBudget: options.taskBudget + ? { total: options.taskBudget } + : undefined, + systemPrompt, + appendSystemPrompt, + userSpecifiedModel: effectiveModel, + fallbackModel: userSpecifiedFallbackModel, + teleport, + sdkUrl, + replayUserMessages: effectiveReplayUserMessages, + includePartialMessages: effectiveIncludePartialMessages, + forkSession: options.forkSession || false, + resumeSessionAt: options.resumeSessionAt || undefined, + rewindFiles: options.rewindFiles, + enableAuthStatus: options.enableAuthStatus, + agent: agentCli, + workload: options.workload, + setupTrigger: setupTrigger ?? undefined, + sessionStartHooksPromise, + }, + ); + return; + } + + // Log model config at startup + logEvent("tengu_startup_manual_model_config", { + cli_flag: + options.model as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + env_var: process.env + .ANTHROPIC_MODEL as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + settings_file: (getInitialSettings() || {}) + .model as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + subscriptionType: + getSubscriptionType() as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + agent: agentSetting as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + }); + + // Get deprecation warning for the initial model (resolvedInitialModel computed earlier for hooks parallelization) + const deprecationWarning = + getModelDeprecationWarning(resolvedInitialModel); + + // Build initial notification queue + const initialNotifications: Array<{ + key: string; + text: string; + color?: "warning"; + priority: "high"; + }> = []; + if (permissionModeNotification) { + initialNotifications.push({ + key: "permission-mode-notification", + text: permissionModeNotification, + priority: "high", + }); + } + if (deprecationWarning) { + initialNotifications.push({ + key: "model-deprecation-warning", + text: deprecationWarning, + color: "warning", + priority: "high", + }); + } + if (overlyBroadBashPermissions.length > 0) { + const displayList = uniq( + overlyBroadBashPermissions.map((p) => p.ruleDisplay), + ); + const displays = displayList.join(", "); + const sources = uniq( + overlyBroadBashPermissions.map((p) => p.sourceDisplay), + ).join(", "); + const n = displayList.length; + initialNotifications.push({ + key: "overly-broad-bash-notification", + text: `${displays} allow ${plural(n, "rule")} from ${sources} ${plural(n, "was", "were")} ignored \u2014 not available for Ants, please use auto-mode instead`, + color: "warning", + priority: "high", + }); + } + + const effectiveToolPermissionContext = { + ...toolPermissionContext, + mode: + isAgentSwarmsEnabled() && + getTeammateUtils().isPlanModeRequired() + ? ("plan" as const) + : toolPermissionContext.mode, + }; + // All startup opt-in paths (--tools, --brief, defaultView) have fired + // above; initialIsBriefOnly just reads the resulting state. + const initialIsBriefOnly = + feature("KAIROS") || feature("KAIROS_BRIEF") + ? getUserMsgOptIn() + : false; + const fullRemoteControl = + remoteControl || getRemoteControlAtStartup() || kairosEnabled; + let ccrMirrorEnabled = false; + if (feature("CCR_MIRROR") && !fullRemoteControl) { + /* eslint-disable @typescript-eslint/no-require-imports */ + const { isCcrMirrorEnabled } = + require("./bridge/bridgeEnabled.js") as typeof import("./bridge/bridgeEnabled.js"); + /* eslint-enable @typescript-eslint/no-require-imports */ + ccrMirrorEnabled = isCcrMirrorEnabled(); + } + + const initialState: AppState = { + settings: getInitialSettings(), + tasks: {}, + agentNameRegistry: new Map(), + verbose: verbose ?? getGlobalConfig().verbose ?? false, + mainLoopModel: initialMainLoopModel, + mainLoopModelForSession: null, + isBriefOnly: initialIsBriefOnly, + expandedView: getGlobalConfig().showSpinnerTree + ? "teammates" + : getGlobalConfig().showExpandedTodos + ? "tasks" + : "none", + showTeammateMessagePreview: isAgentSwarmsEnabled() + ? false + : undefined, + selectedIPAgentIndex: -1, + coordinatorTaskIndex: -1, + viewSelectionMode: "none", + footerSelection: null, + toolPermissionContext: effectiveToolPermissionContext, + agent: mainThreadAgentDefinition?.agentType, + agentDefinitions, + mcp: { + clients: [], + tools: [], + commands: [], + resources: {}, + pluginReconnectKey: 0, + }, + plugins: { + enabled: [], + disabled: [], + commands: [], + errors: [], + installationStatus: { + marketplaces: [], + plugins: [], + }, + needsRefresh: false, + }, + statusLineText: undefined, + kairosEnabled, + remoteSessionUrl: undefined, + remoteConnectionStatus: "connecting", + remoteBackgroundTaskCount: 0, + replBridgeEnabled: fullRemoteControl || ccrMirrorEnabled, + replBridgeExplicit: remoteControl, + replBridgeOutboundOnly: ccrMirrorEnabled, + replBridgeConnected: false, + replBridgeSessionActive: false, + replBridgeReconnecting: false, + replBridgeConnectUrl: undefined, + replBridgeSessionUrl: undefined, + replBridgeEnvironmentId: undefined, + replBridgeSessionId: undefined, + replBridgeError: undefined, + replBridgeInitialName: remoteControlName, + showRemoteCallout: false, + notifications: { + current: null, + queue: initialNotifications, + }, + elicitation: { + queue: [], + }, + todos: {}, + remoteAgentTaskSuggestions: [], + fileHistory: { + snapshots: [], + trackedFiles: new Set(), + snapshotSequence: 0, + }, + attribution: createEmptyAttributionState(), + thinkingEnabled, + promptSuggestionEnabled: shouldEnablePromptSuggestion(), + sessionHooks: new Map(), + inbox: { + messages: [], + }, + promptSuggestion: { + text: null, + promptId: null, + shownAt: 0, + acceptedAt: 0, + generationRequestId: null, + }, + speculation: IDLE_SPECULATION_STATE, + speculationSessionTimeSavedMs: 0, + skillImprovement: { + suggestion: null, + }, + workerSandboxPermissions: { + queue: [], + selectedIndex: 0, + }, + pendingWorkerRequest: null, + pendingSandboxRequest: null, + authVersion: 0, + initialMessage: inputPrompt + ? { + message: createUserMessage({ + content: String(inputPrompt), + }), + } + : null, + effortValue: + parseEffortValue(options.effort) ?? + getInitialEffortSetting(), + activeOverlays: new Set(), + fastMode: getInitialFastModeSetting(resolvedInitialModel), + ...(isAdvisorEnabled() && advisorModel && { advisorModel }), + // Compute teamContext synchronously to avoid useEffect setState during render. + // KAIROS: assistantTeamContext takes precedence — set earlier in the + // KAIROS block so Agent(name: "foo") can spawn in-process teammates + // without TeamCreate. computeInitialTeamContext() is for tmux-spawned + // teammates reading their own identity, not the assistant-mode leader. + teamContext: feature("KAIROS") + ? (assistantTeamContext ?? computeInitialTeamContext?.()) + : computeInitialTeamContext?.(), + }; + + // Add CLI initial prompt to history + if (inputPrompt) { + addToHistory(String(inputPrompt)); + } + + const initialTools = mcpTools; + + // Increment numStartups synchronously — first-render readers like + // shouldShowEffortCallout (via useState initializer) need the updated + // value before setImmediate fires. Defer only telemetry. + saveGlobalConfig((current) => ({ + ...current, + numStartups: (current.numStartups ?? 0) + 1, + })); + setImmediate(() => { + void logStartupTelemetry(); + logSessionTelemetry(); + }); + + // Set up per-turn session environment data uploader (ant-only build). + // Default-enabled for all ant users when working in an Anthropic-owned + // repo. Captures git/filesystem state (NOT transcripts) at each turn so + // environments can be recreated at any user message index. Gating: + // - Build-time: this import is stubbed in external builds. + // - Runtime: uploader checks github.com/anthropics/* remote + gcloud auth. + // - Safety: CLAUDE_CODE_DISABLE_SESSION_DATA_UPLOAD=1 bypasses (tests set this). + // Import is dynamic + async to avoid adding startup latency. + const sessionUploaderPromise = + process.env.USER_TYPE === "ant" + ? import("./utils/sessionDataUploader.js") + : null; + + // Defer session uploader resolution to the onTurnComplete callback to avoid + // adding a new top-level await in main.tsx (performance-critical path). + // The per-turn auth logic in sessionDataUploader.ts handles unauthenticated + // state gracefully (re-checks each turn, so auth recovery mid-session works). + const uploaderReady = sessionUploaderPromise + ? sessionUploaderPromise + .then((mod) => mod.createSessionTurnUploader()) + .catch(() => null) + : null; + + const sessionConfig = { + debug: debug || debugToStderr, + commands: [...commands, ...mcpCommands], + initialTools, + mcpClients, + autoConnectIdeFlag: ide, + mainThreadAgentDefinition, + disableSlashCommands, + dynamicMcpConfig, + strictMcpConfig, + systemPrompt, + appendSystemPrompt, + taskListId, + thinkingConfig, + ...(uploaderReady && { + onTurnComplete: (messages: MessageType[]) => { + void uploaderReady.then((uploader) => + uploader?.(messages), + ); + }, + }), + }; + + // Shared context for processResumedConversation calls + const resumeContext = { + modeApi: coordinatorModeModule, + mainThreadAgentDefinition, + agentDefinitions, + currentCwd, + cliAgents, + initialState, + }; + + if (options.continue) { + // Continue the most recent conversation directly + let resumeSucceeded = false; + try { + const resumeStart = performance.now(); + + // Clear stale caches before resuming to ensure fresh file/skill discovery + const { clearSessionCaches } = + await import("./commands/clear/caches.js"); + clearSessionCaches(); + + const result = await loadConversationForResume( + undefined /* sessionId */, + undefined /* sourceFile */, + ); + if (!result) { + logEvent("tengu_continue", { + success: false, + }); + return await exitWithError( + root, + "No conversation found to continue", + ); + } + + const loaded = await processResumedConversation( + result, + { + forkSession: !!options.forkSession, + includeAttribution: true, + transcriptPath: result.fullPath, + }, + resumeContext, + ); + + if (loaded.restoredAgentDef) { + mainThreadAgentDefinition = loaded.restoredAgentDef; + } + + maybeActivateProactive(options); + maybeActivateBrief(options); + + logEvent("tengu_continue", { + success: true, + resume_duration_ms: Math.round( + performance.now() - resumeStart, + ), + }); + resumeSucceeded = true; + + await launchRepl( + root, + { + getFpsMetrics, + stats, + initialState: loaded.initialState, + }, + { + ...sessionConfig, + mainThreadAgentDefinition: + loaded.restoredAgentDef ?? + mainThreadAgentDefinition, + initialMessages: loaded.messages, + initialFileHistorySnapshots: + loaded.fileHistorySnapshots, + initialContentReplacements: + loaded.contentReplacements, + initialAgentName: loaded.agentName, + initialAgentColor: loaded.agentColor, + }, + renderAndRun, + ); + } catch (error) { + if (!resumeSucceeded) { + logEvent("tengu_continue", { + success: false, + }); + } + logError(error); + process.exit(1); + } + } else if (feature("DIRECT_CONNECT") && _pendingConnect?.url) { + // `claude connect ` — full interactive TUI connected to a remote server + let directConnectConfig; + try { + const session = await createDirectConnectSession({ + serverUrl: _pendingConnect.url, + authToken: _pendingConnect.authToken, + cwd: getOriginalCwd(), + dangerouslySkipPermissions: + _pendingConnect.dangerouslySkipPermissions, + }); + if (session.workDir) { + setOriginalCwd(session.workDir); + setCwdState(session.workDir); + } + setDirectConnectServerUrl(_pendingConnect.url); + directConnectConfig = session.config; + } catch (err) { + return await exitWithError( + root, + err instanceof DirectConnectError + ? err.message + : String(err), + () => gracefulShutdown(1), + ); + } + + const connectInfoMessage = createSystemMessage( + `Connected to server at ${_pendingConnect.url}\nSession: ${directConnectConfig.sessionId}`, + "info", + ); + + await launchRepl( + root, + { getFpsMetrics, stats, initialState }, + { + debug: debug || debugToStderr, + commands, + initialTools: [], + initialMessages: [connectInfoMessage], + mcpClients: [], + autoConnectIdeFlag: ide, + mainThreadAgentDefinition, + disableSlashCommands, + directConnectConfig, + thinkingConfig, + }, + renderAndRun, + ); + return; + } else if (feature("SSH_REMOTE") && _pendingSSH?.host) { + // `claude ssh [dir]` — probe remote, deploy binary if needed, + // spawn ssh with unix-socket -R forward to a local auth proxy, hand + // the REPL an SSHSession. Tools run remotely, UI renders locally. + // `--local` skips probe/deploy/ssh and spawns the current binary + // directly with the same env — e2e test of the proxy/auth plumbing. + const { + createSSHSession, + createLocalSSHSession, + SSHSessionError, + } = await import("./ssh/createSSHSession.js"); + let sshSession; + try { + if (_pendingSSH.local) { + process.stderr.write( + "Starting local ssh-proxy test session...\n", + ); + sshSession = createLocalSSHSession({ + cwd: _pendingSSH.cwd, + permissionMode: _pendingSSH.permissionMode, + dangerouslySkipPermissions: + _pendingSSH.dangerouslySkipPermissions, + }); + } else { + process.stderr.write( + `Connecting to ${_pendingSSH.host}…\n`, + ); + // In-place progress: \r + EL0 (erase to end of line). Final \n on + // success so the next message lands on a fresh line. No-op when + // stderr isn't a TTY (piped/redirected) — \r would just emit noise. + const isTTY = process.stderr.isTTY; + let hadProgress = false; + sshSession = await createSSHSession( + { + host: _pendingSSH.host, + cwd: _pendingSSH.cwd, + localVersion: MACRO.VERSION, + permissionMode: _pendingSSH.permissionMode, + dangerouslySkipPermissions: + _pendingSSH.dangerouslySkipPermissions, + extraCliArgs: _pendingSSH.extraCliArgs, + }, + isTTY + ? { + onProgress: (msg) => { + hadProgress = true; + process.stderr.write( + `\r ${msg}\x1b[K`, + ); + }, + } + : {}, + ); + if (hadProgress) process.stderr.write("\n"); + } + setOriginalCwd(sshSession.remoteCwd); + setCwdState(sshSession.remoteCwd); + setDirectConnectServerUrl( + _pendingSSH.local ? "local" : _pendingSSH.host, + ); + } catch (err) { + return await exitWithError( + root, + err instanceof SSHSessionError + ? err.message + : String(err), + () => gracefulShutdown(1), + ); + } + + const sshInfoMessage = createSystemMessage( + _pendingSSH.local + ? `Local ssh-proxy test session\ncwd: ${sshSession.remoteCwd}\nAuth: unix socket → local proxy` + : `SSH session to ${_pendingSSH.host}\nRemote cwd: ${sshSession.remoteCwd}\nAuth: unix socket -R → local proxy`, + "info", + ); + + await launchRepl( + root, + { getFpsMetrics, stats, initialState }, + { + debug: debug || debugToStderr, + commands, + initialTools: [], + initialMessages: [sshInfoMessage], + mcpClients: [], + autoConnectIdeFlag: ide, + mainThreadAgentDefinition, + disableSlashCommands, + sshSession, + thinkingConfig, + }, + renderAndRun, + ); + return; + } else if ( + feature("KAIROS") && + _pendingAssistantChat && + (_pendingAssistantChat.sessionId || + _pendingAssistantChat.discover) + ) { + // `claude assistant [sessionId]` — REPL as a pure viewer client + // of a remote assistant session. The agentic loop runs remotely; this + // process streams live events and POSTs messages. History is lazy- + // loaded by useAssistantHistory on scroll-up (no blocking fetch here). + const { discoverAssistantSessions } = + await import("./assistant/sessionDiscovery.js"); + + let targetSessionId = _pendingAssistantChat.sessionId; + + // Discovery flow — list bridge environments, filter sessions + if (!targetSessionId) { + let sessions; + try { + sessions = await discoverAssistantSessions(); + } catch (e) { + return await exitWithError( + root, + `Failed to discover sessions: ${e instanceof Error ? e.message : e}`, + () => gracefulShutdown(1), + ); + } + if (sessions.length === 0) { + let installedDir: string | null; + try { + installedDir = + await launchAssistantInstallWizard(root); + } catch (e) { + return await exitWithError( + root, + `Assistant installation failed: ${e instanceof Error ? e.message : e}`, + () => gracefulShutdown(1), + ); + } + if (installedDir === null) { + await gracefulShutdown(0); + process.exit(0); + } + // The daemon needs a few seconds to spin up its worker and + // establish a bridge session before discovery will find it. + return await exitWithMessage( + root, + `Assistant installed in ${installedDir}. The daemon is starting up — run \`claude assistant\` again in a few seconds to connect.`, + { + exitCode: 0, + beforeExit: () => gracefulShutdown(0), + }, + ); + } + if (sessions.length === 1) { + targetSessionId = sessions[0]!.id; + } else { + const picked = await launchAssistantSessionChooser( + root, + { + sessions, + }, + ); + if (!picked) { + await gracefulShutdown(0); + process.exit(0); + } + targetSessionId = picked; + } + } + + // Auth — call prepareApiRequest() once for orgUUID, but use a + // getAccessToken closure for the token so reconnects get fresh tokens. + const { + checkAndRefreshOAuthTokenIfNeeded, + getClaudeAIOAuthTokens, + } = await import("./utils/auth.js"); + await checkAndRefreshOAuthTokenIfNeeded(); + let apiCreds; + try { + apiCreds = await prepareApiRequest(); + } catch (e) { + return await exitWithError( + root, + `Error: ${e instanceof Error ? e.message : "Failed to authenticate"}`, + () => gracefulShutdown(1), + ); + } + const getAccessToken = (): string => + getClaudeAIOAuthTokens()?.accessToken ?? + apiCreds.accessToken; + + // Brief mode activation: setKairosActive(true) satisfies BOTH opt-in + // and entitlement for isBriefEnabled() (BriefTool.ts:124-132). + setKairosActive(true); + setUserMsgOptIn(true); + setIsRemoteMode(true); + + const remoteSessionConfig = createRemoteSessionConfig( + targetSessionId, + getAccessToken, + apiCreds.orgUUID, + /* hasInitialPrompt */ false, + /* viewerOnly */ true, + ); + + const infoMessage = createSystemMessage( + `Attached to assistant session ${targetSessionId.slice(0, 8)}…`, + "info", + ); + + const assistantInitialState: AppState = { + ...initialState, + isBriefOnly: true, + kairosEnabled: false, + replBridgeEnabled: false, + }; + + const remoteCommands = filterCommandsForRemoteMode(commands); + await launchRepl( + root, + { + getFpsMetrics, + stats, + initialState: assistantInitialState, + }, + { + debug: debug || debugToStderr, + commands: remoteCommands, + initialTools: [], + initialMessages: [infoMessage], + mcpClients: [], + autoConnectIdeFlag: ide, + mainThreadAgentDefinition, + disableSlashCommands, + remoteSessionConfig, + thinkingConfig, + }, + renderAndRun, + ); + return; + } else if ( + options.resume || + options.fromPr || + teleport || + remote !== null + ) { + // Handle resume flow - from file (ant-only), session ID, or interactive selector + + // Clear stale caches before resuming to ensure fresh file/skill discovery + const { clearSessionCaches } = + await import("./commands/clear/caches.js"); + clearSessionCaches(); + + let messages: MessageType[] | null = null; + let processedResume: ProcessedResume | undefined; + + let maybeSessionId = validateUuid(options.resume); + let searchTerm: string | undefined; + // Store full LogOption when found by custom title (for cross-worktree resume) + let matchedLog: LogOption | null = null; + // PR filter for --from-pr flag + let filterByPr: boolean | number | string | undefined; + + // Handle --from-pr flag + if (options.fromPr) { + if (options.fromPr === true) { + // Show all sessions with linked PRs + filterByPr = true; + } else if (typeof options.fromPr === "string") { + // Could be a PR number or URL + filterByPr = options.fromPr; + } + } + + // If resume value is not a UUID, try exact match by custom title first + if ( + options.resume && + typeof options.resume === "string" && + !maybeSessionId + ) { + const trimmedValue = options.resume.trim(); + if (trimmedValue) { + const matches = await searchSessionsByCustomTitle( + trimmedValue, + { + exact: true, + }, + ); + + if (matches.length === 1) { + // Exact match found - store full LogOption for cross-worktree resume + matchedLog = matches[0]!; + maybeSessionId = + getSessionIdFromLog(matchedLog) ?? null; + } else { + // No match or multiple matches - use as search term for picker + searchTerm = trimmedValue; + } + } + } + + // --remote and --teleport both create/resume Claude Code Web (CCR) sessions. + // Remote Control (--rc) is a separate feature gated in initReplBridge.ts. + if (remote !== null || teleport) { + await waitForPolicyLimitsToLoad(); + if (!isPolicyAllowed("allow_remote_sessions")) { + return await exitWithError( + root, + "Error: Remote sessions are disabled by your organization's policy.", + () => gracefulShutdown(1), + ); + } + } + + if (remote !== null) { + // Create remote session (optionally with initial prompt) + const hasInitialPrompt = remote.length > 0; + + // Check if TUI mode is enabled - description is only optional in TUI mode + const isRemoteTuiEnabled = + getFeatureValue_CACHED_MAY_BE_STALE( + "tengu_remote_backend", + false, + ); + if (!isRemoteTuiEnabled && !hasInitialPrompt) { + return await exitWithError( + root, + 'Error: --remote requires a description.\nUsage: claude --remote "your task description"', + () => gracefulShutdown(1), + ); + } + + logEvent("tengu_remote_create_session", { + has_initial_prompt: String( + hasInitialPrompt, + ) as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + }); + + // Pass current branch so CCR clones the repo at the right revision + const currentBranch = await getBranch(); + const createdSession = + await teleportToRemoteWithErrorHandling( + root, + hasInitialPrompt ? remote : null, + new AbortController().signal, + currentBranch || undefined, + ); + if (!createdSession) { + logEvent("tengu_remote_create_session_error", { + error: "unable_to_create_session" as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + }); + return await exitWithError( + root, + "Error: Unable to create remote session", + () => gracefulShutdown(1), + ); + } + logEvent("tengu_remote_create_session_success", { + session_id: + createdSession.id as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + }); + + // Check if new remote TUI mode is enabled via feature gate + if (!isRemoteTuiEnabled) { + // Original behavior: print session info and exit + process.stdout.write( + `Created remote session: ${createdSession.title}\n`, + ); + process.stdout.write( + `View: ${getRemoteSessionUrl(createdSession.id)}?m=0\n`, + ); + process.stdout.write( + `Resume with: claude --teleport ${createdSession.id}\n`, + ); + await gracefulShutdown(0); + process.exit(0); + } + + // New behavior: start local TUI with CCR engine + // Mark that we're in remote mode for command visibility + setIsRemoteMode(true); + switchSession(asSessionId(createdSession.id)); + + // Get OAuth credentials for remote session + let apiCreds: { accessToken: string; orgUUID: string }; + try { + apiCreds = await prepareApiRequest(); + } catch (error) { + logError(toError(error)); + return await exitWithError( + root, + `Error: ${errorMessage(error) || "Failed to authenticate"}`, + () => gracefulShutdown(1), + ); + } + + // Create remote session config for the REPL + const { getClaudeAIOAuthTokens: getTokensForRemote } = + await import("./utils/auth.js"); + const getAccessTokenForRemote = (): string => + getTokensForRemote()?.accessToken ?? + apiCreds.accessToken; + const remoteSessionConfig = createRemoteSessionConfig( + createdSession.id, + getAccessTokenForRemote, + apiCreds.orgUUID, + hasInitialPrompt, + ); + + // Add remote session info as initial system message + const remoteSessionUrl = `${getRemoteSessionUrl(createdSession.id)}?m=0`; + const remoteInfoMessage = createSystemMessage( + `/remote-control is active. Code in CLI or at ${remoteSessionUrl}`, + "info", + ); + + // Create initial user message from the prompt if provided (CCR echoes it back but we ignore that) + const initialUserMessage = hasInitialPrompt + ? createUserMessage({ content: remote }) + : null; + + // Set remote session URL in app state for footer indicator + const remoteInitialState = { + ...initialState, + remoteSessionUrl, + }; + + // Pre-filter commands to only include remote-safe ones. + // CCR's init response may further refine the list (via handleRemoteInit in REPL). + const remoteCommands = + filterCommandsForRemoteMode(commands); + await launchRepl( + root, + { + getFpsMetrics, + stats, + initialState: remoteInitialState, + }, + { + debug: debug || debugToStderr, + commands: remoteCommands, + initialTools: [], + initialMessages: initialUserMessage + ? [remoteInfoMessage, initialUserMessage] + : [remoteInfoMessage], + mcpClients: [], + autoConnectIdeFlag: ide, + mainThreadAgentDefinition, + disableSlashCommands, + remoteSessionConfig, + thinkingConfig, + }, + renderAndRun, + ); + return; + } else if (teleport) { + if (teleport === true || teleport === "") { + // Interactive mode: show task selector and handle resume + logEvent("tengu_teleport_interactive_mode", {}); + logForDebugging( + "selectAndResumeTeleportTask: Starting teleport flow...", + ); + const teleportResult = + await launchTeleportResumeWrapper(root); + if (!teleportResult) { + // User cancelled or error occurred + await gracefulShutdown(0); + process.exit(0); + } + const { branchError } = + await checkOutTeleportedSessionBranch( + teleportResult.branch, + ); + messages = processMessagesForTeleportResume( + teleportResult.log, + branchError, + ); + } else if (typeof teleport === "string") { + logEvent("tengu_teleport_resume_session", { + mode: "direct" as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + }); + try { + // First, fetch session and validate repository before checking git state + const sessionData = await fetchSession(teleport); + const repoValidation = + await validateSessionRepository(sessionData); + + // Handle repo mismatch or not in repo cases + if ( + repoValidation.status === "mismatch" || + repoValidation.status === "not_in_repo" + ) { + const sessionRepo = repoValidation.sessionRepo; + if (sessionRepo) { + // Check for known paths + const knownPaths = + getKnownPathsForRepo(sessionRepo); + const existingPaths = + await filterExistingPaths(knownPaths); + + if (existingPaths.length > 0) { + // Show directory switch dialog + const selectedPath = + await launchTeleportRepoMismatchDialog( + root, + { + targetRepo: sessionRepo, + initialPaths: existingPaths, + }, + ); + + if (selectedPath) { + // Change to the selected directory + process.chdir(selectedPath); + setCwd(selectedPath); + setOriginalCwd(selectedPath); + } else { + // User cancelled + await gracefulShutdown(0); + } + } else { + // No known paths - show original error + throw new TeleportOperationError( + `You must run claude --teleport ${teleport} from a checkout of ${sessionRepo}.`, + chalk.red( + `You must run claude --teleport ${teleport} from a checkout of ${chalk.bold(sessionRepo)}.\n`, + ), + ); + } + } + } else if (repoValidation.status === "error") { + throw new TeleportOperationError( + repoValidation.errorMessage || + "Failed to validate session", + chalk.red( + `Error: ${repoValidation.errorMessage || "Failed to validate session"}\n`, + ), + ); + } + + await validateGitState(); + + // Use progress UI for teleport + const { teleportWithProgress } = + await import("./components/TeleportProgress.js"); + const result = await teleportWithProgress( + root, + teleport, + ); + // Track teleported session for reliability logging + setTeleportedSessionInfo({ sessionId: teleport }); + messages = result.messages; + } catch (error) { + if (error instanceof TeleportOperationError) { + process.stderr.write( + error.formattedMessage + "\n", + ); + } else { + logError(error); + process.stderr.write( + chalk.red( + `Error: ${errorMessage(error)}\n`, + ), + ); + } + await gracefulShutdown(1); + } + } + } + if (process.env.USER_TYPE === "ant") { + if ( + options.resume && + typeof options.resume === "string" && + !maybeSessionId + ) { + // Check for ccshare URL (e.g. https://go/ccshare/boris-20260311-211036) + const { parseCcshareId, loadCcshare } = + await import("./utils/ccshareResume.js"); + const ccshareId = parseCcshareId(options.resume); + if (ccshareId) { + try { + const resumeStart = performance.now(); + const logOption = await loadCcshare(ccshareId); + const result = await loadConversationForResume( + logOption, + undefined, + ); + if (result) { + processedResume = + await processResumedConversation( + result, + { + forkSession: true, + transcriptPath: result.fullPath, + }, + resumeContext, + ); + if (processedResume.restoredAgentDef) { + mainThreadAgentDefinition = + processedResume.restoredAgentDef; + } + logEvent("tengu_session_resumed", { + entrypoint: + "ccshare" as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + success: true, + resume_duration_ms: Math.round( + performance.now() - resumeStart, + ), + }); + } else { + logEvent("tengu_session_resumed", { + entrypoint: + "ccshare" as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + success: false, + }); + } + } catch (error) { + logEvent("tengu_session_resumed", { + entrypoint: + "ccshare" as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + success: false, + }); + logError(error); + await exitWithError( + root, + `Unable to resume from ccshare: ${errorMessage(error)}`, + () => gracefulShutdown(1), + ); + } + } else { + const resolvedPath = resolve(options.resume); + try { + const resumeStart = performance.now(); + let logOption; + try { + // Attempt to load as a transcript file; ENOENT falls through to session-ID handling + logOption = + await loadTranscriptFromFile( + resolvedPath, + ); + } catch (error) { + if (!isENOENT(error)) throw error; + // ENOENT: not a file path — fall through to session-ID handling + } + if (logOption) { + const result = + await loadConversationForResume( + logOption, + undefined /* sourceFile */, + ); + if (result) { + processedResume = + await processResumedConversation( + result, + { + forkSession: + !!options.forkSession, + transcriptPath: + result.fullPath, + }, + resumeContext, + ); + if (processedResume.restoredAgentDef) { + mainThreadAgentDefinition = + processedResume.restoredAgentDef; + } + logEvent("tengu_session_resumed", { + entrypoint: + "file" as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + success: true, + resume_duration_ms: Math.round( + performance.now() - resumeStart, + ), + }); + } else { + logEvent("tengu_session_resumed", { + entrypoint: + "file" as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + success: false, + }); + } + } + } catch (error) { + logEvent("tengu_session_resumed", { + entrypoint: + "file" as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + success: false, + }); + logError(error); + await exitWithError( + root, + `Unable to load transcript from file: ${options.resume}`, + () => gracefulShutdown(1), + ); + } + } + } + } + + // If not loaded as a file, try as session ID + if (maybeSessionId) { + // Resume specific session by ID + const sessionId = maybeSessionId; + try { + const resumeStart = performance.now(); + // Use matchedLog if available (for cross-worktree resume by custom title) + // Otherwise fall back to sessionId string (for direct UUID resume) + const result = await loadConversationForResume( + matchedLog ?? sessionId, + undefined, + ); + + if (!result) { + logEvent("tengu_session_resumed", { + entrypoint: + "cli_flag" as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + success: false, + }); + return await exitWithError( + root, + `No conversation found with session ID: ${sessionId}`, + ); + } + + const fullPath = + matchedLog?.fullPath ?? result.fullPath; + processedResume = await processResumedConversation( + result, + { + forkSession: !!options.forkSession, + sessionIdOverride: sessionId, + transcriptPath: fullPath, + }, + resumeContext, + ); + + if (processedResume.restoredAgentDef) { + mainThreadAgentDefinition = + processedResume.restoredAgentDef; + } + logEvent("tengu_session_resumed", { + entrypoint: + "cli_flag" as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + success: true, + resume_duration_ms: Math.round( + performance.now() - resumeStart, + ), + }); + } catch (error) { + logEvent("tengu_session_resumed", { + entrypoint: + "cli_flag" as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + success: false, + }); + logError(error); + await exitWithError( + root, + `Failed to resume session ${sessionId}`, + ); + } + } + + // Await file downloads before rendering REPL (files must be available) + if (fileDownloadPromise) { + try { + const results = await fileDownloadPromise; + const failedCount = count(results, (r) => !r.success); + if (failedCount > 0) { + process.stderr.write( + chalk.yellow( + `Warning: ${failedCount}/${results.length} file(s) failed to download.\n`, + ), + ); + } + } catch (error) { + return await exitWithError( + root, + `Error downloading files: ${errorMessage(error)}`, + ); + } + } + + // If we have a processed resume or teleport messages, render the REPL + const resumeData = + processedResume ?? + (Array.isArray(messages) + ? { + messages, + fileHistorySnapshots: undefined, + agentName: undefined, + agentColor: undefined as + | AgentColorName + | undefined, + restoredAgentDef: mainThreadAgentDefinition, + initialState, + contentReplacements: undefined, + } + : undefined); + if (resumeData) { + maybeActivateProactive(options); + maybeActivateBrief(options); + + await launchRepl( + root, + { + getFpsMetrics, + stats, + initialState: resumeData.initialState, + }, + { + ...sessionConfig, + mainThreadAgentDefinition: + resumeData.restoredAgentDef ?? + mainThreadAgentDefinition, + initialMessages: resumeData.messages, + initialFileHistorySnapshots: + resumeData.fileHistorySnapshots, + initialContentReplacements: + resumeData.contentReplacements, + initialAgentName: resumeData.agentName, + initialAgentColor: resumeData.agentColor, + }, + renderAndRun, + ); + } else { + // Show interactive selector (includes same-repo worktrees) + // Note: ResumeConversation loads logs internally to ensure proper GC after selection + await launchResumeChooser( + root, + { getFpsMetrics, stats, initialState }, + getWorktreePaths(getOriginalCwd()), + { + ...sessionConfig, + initialSearchQuery: searchTerm, + forkSession: options.forkSession, + filterByPr, + }, + ); + } + } else { + // Pass unresolved hooks promise to REPL so it can render immediately + // instead of blocking ~500ms waiting for SessionStart hooks to finish. + // REPL will inject hook messages when they resolve and await them before + // the first API call so the model always sees hook context. + const pendingHookMessages = + hooksPromise && hookMessages.length === 0 + ? hooksPromise + : undefined; + + profileCheckpoint("action_after_hooks"); + maybeActivateProactive(options); + maybeActivateBrief(options); + // Persist the current mode for fresh sessions so future resumes know what mode was used + if (feature("COORDINATOR_MODE")) { + saveMode( + coordinatorModeModule?.isCoordinatorMode() + ? "coordinator" + : "normal", + ); + } + + // If launched via a deep link, show a provenance banner so the user + // knows the session originated externally. Linux xdg-open and + // browsers with "always allow" set dispatch the link with no OS-level + // confirmation, so this is the only signal the user gets that the + // prompt — and the working directory / CLAUDE.md it implies — came + // from an external source rather than something they typed. + let deepLinkBanner: ReturnType< + typeof createSystemMessage + > | null = null; + if (feature("LODESTONE")) { + if (options.deepLinkOrigin) { + logEvent("tengu_deep_link_opened", { + has_prefill: Boolean(options.prefill), + has_repo: Boolean(options.deepLinkRepo), + }); + deepLinkBanner = createSystemMessage( + buildDeepLinkBanner({ + cwd: getCwd(), + prefillLength: options.prefill?.length, + repo: options.deepLinkRepo, + lastFetch: + options.deepLinkLastFetch !== undefined + ? new Date(options.deepLinkLastFetch) + : undefined, + }), + "warning", + ); + } else if (options.prefill) { + deepLinkBanner = createSystemMessage( + "Launched with a pre-filled prompt — review it before pressing Enter.", + "warning", + ); + } + } + const initialMessages = deepLinkBanner + ? [deepLinkBanner, ...hookMessages] + : hookMessages.length > 0 + ? hookMessages + : undefined; + + await launchRepl( + root, + { getFpsMetrics, stats, initialState }, + { + ...sessionConfig, + initialMessages, + pendingHookMessages, + }, + renderAndRun, + ); + } + }) + .version( + `${MACRO.VERSION} (Claude Code)`, + "-v, --version", + "Output the version number", + ); + + // Worktree flags + program.option( + "-w, --worktree [name]", + "Create a new git worktree for this session (optionally specify a name)", + ); + program.option( + "--tmux", + "Create a tmux session for the worktree (requires --worktree). Uses iTerm2 native panes when available; use --tmux=classic for traditional tmux.", + ); + + if (canUserConfigureAdvisor()) { + program.addOption( + new Option( + "--advisor ", + "Enable the server-side advisor tool with the specified model (alias or full ID).", + ).hideHelp(), + ); + } + + if (process.env.USER_TYPE === "ant") { + program.addOption( + new Option( + "--delegate-permissions", + "[ANT-ONLY] Alias for --permission-mode auto.", + ).implies({ + permissionMode: "auto", + }), + ); + program.addOption( + new Option( + "--dangerously-skip-permissions-with-classifiers", + "[ANT-ONLY] Deprecated alias for --permission-mode auto.", + ) + .hideHelp() + .implies({ permissionMode: "auto" }), + ); + program.addOption( + new Option( + "--afk", + "[ANT-ONLY] Deprecated alias for --permission-mode auto.", + ) + .hideHelp() + .implies({ permissionMode: "auto" }), + ); + program.addOption( + new Option( + "--tasks [id]", + '[ANT-ONLY] Tasks mode: watch for tasks and auto-process them. Optional id is used as both the task list ID and agent ID (defaults to "tasklist").', + ) + .argParser(String) + .hideHelp(), + ); + program.option( + "--agent-teams", + "[ANT-ONLY] Force Claude to use multi-agent mode for solving problems", + () => true, + ); + } + + if (feature("TRANSCRIPT_CLASSIFIER")) { + program.addOption( + new Option("--enable-auto-mode", "Opt in to auto mode").hideHelp(), + ); + } + + if (feature("PROACTIVE") || feature("KAIROS")) { + program.addOption( + new Option("--proactive", "Start in proactive autonomous mode"), + ); + } + + if (feature("UDS_INBOX")) { + program.addOption( + new Option( + "--messaging-socket-path ", + "Unix domain socket path for the UDS messaging server (defaults to a tmp path)", + ), + ); + } + + if (feature("KAIROS") || feature("KAIROS_BRIEF")) { + program.addOption( + new Option( + "--brief", + "Enable SendUserMessage tool for agent-to-user communication", + ), + ); + } + if (feature("KAIROS")) { + program.addOption( + new Option( + "--assistant", + "Force assistant mode (Agent SDK daemon use)", + ).hideHelp(), + ); + } + if (feature("KAIROS") || feature("KAIROS_CHANNELS")) { + program.addOption( + new Option( + "--channels ", + "MCP servers whose channel notifications (inbound push) should register this session. Space-separated server names.", + ).hideHelp(), + ); + program.addOption( + new Option( + "--dangerously-load-development-channels ", + "Load channel servers not on the approved allowlist. For local channel development only. Shows a confirmation dialog at startup.", + ).hideHelp(), + ); + } + + // Teammate identity options (set by leader when spawning tmux teammates) + // These replace the CLAUDE_CODE_* environment variables + program.addOption( + new Option("--agent-id ", "Teammate agent ID").hideHelp(), + ); + program.addOption( + new Option("--agent-name ", "Teammate display name").hideHelp(), + ); + program.addOption( + new Option( + "--team-name ", + "Team name for swarm coordination", + ).hideHelp(), + ); + program.addOption( + new Option("--agent-color ", "Teammate UI color").hideHelp(), + ); + program.addOption( + new Option( + "--plan-mode-required", + "Require plan mode before implementation", + ).hideHelp(), + ); + program.addOption( + new Option( + "--parent-session-id ", + "Parent session ID for analytics correlation", + ).hideHelp(), + ); + program.addOption( + new Option( + "--teammate-mode ", + 'How to spawn teammates: "tmux", "in-process", or "auto"', + ) + .choices(["auto", "tmux", "in-process"]) + .hideHelp(), + ); + program.addOption( + new Option( + "--agent-type ", + "Custom agent type for this teammate", + ).hideHelp(), + ); + + // Enable SDK URL for all builds but hide from help + program.addOption( + new Option( + "--sdk-url ", + "Use remote WebSocket endpoint for SDK I/O streaming (only with -p and stream-json format)", + ).hideHelp(), + ); + + // Enable teleport/remote flags for all builds but keep them undocumented until GA + program.addOption( + new Option( + "--teleport [session]", + "Resume a teleport session, optionally specify session ID", + ).hideHelp(), + ); + program.addOption( + new Option( + "--remote [description]", + "Create a remote session with the given description", + ).hideHelp(), + ); + if (feature("BRIDGE_MODE")) { + program.addOption( + new Option( + "--remote-control [name]", + "Start an interactive session with Remote Control enabled (optionally named)", + ) + .argParser((value) => value || true) + .hideHelp(), + ); + program.addOption( + new Option("--rc [name]", "Alias for --remote-control") + .argParser((value) => value || true) + .hideHelp(), + ); + } + + if (feature("HARD_FAIL")) { + program.addOption( + new Option( + "--hard-fail", + "Crash on logError calls instead of silently logging", + ).hideHelp(), + ); + } + + profileCheckpoint("run_main_options_built"); + + // -p/--print mode: skip subcommand registration. The 52 subcommands + // (mcp, auth, plugin, skill, task, config, doctor, update, etc.) are + // never dispatched in print mode — commander routes the prompt to the + // default action. The subcommand registration path was measured at ~65ms + // on baseline — mostly the isBridgeEnabled() call (25ms settings Zod parse + // + 40ms sync keychain subprocess), both hidden by the try/catch that + // always returns false before enableConfigs(). cc:// URLs are rewritten to + // `open` at main() line ~851 BEFORE this runs, so argv check is safe here. + const isPrintMode = + process.argv.includes("-p") || process.argv.includes("--print"); + const isCcUrl = process.argv.some( + (a) => a.startsWith("cc://") || a.startsWith("cc+unix://"), + ); + if (isPrintMode && !isCcUrl) { + profileCheckpoint("run_before_parse"); + await program.parseAsync(process.argv); + profileCheckpoint("run_after_parse"); + return program; + } + + // claude mcp + + const mcp = program + .command("mcp") + .description("Configure and manage MCP servers") + .configureHelp(createSortedHelpConfig()) + .enablePositionalOptions(); + + mcp.command("serve") + .description(`Start the Claude Code MCP server`) + .option("-d, --debug", "Enable debug mode", () => true) + .option( + "--verbose", + "Override verbose mode setting from config", + () => true, + ) + .action( + async ({ + debug, + verbose, + }: { + debug?: boolean; + verbose?: boolean; + }) => { + const { mcpServeHandler } = + await import("./cli/handlers/mcp.js"); + await mcpServeHandler({ debug, verbose }); + }, + ); + + // Register the mcp add subcommand (extracted for testability) + registerMcpAddCommand(mcp); + + if (isXaaEnabled()) { + registerMcpXaaIdpCommand(mcp); + } + + mcp.command("remove ") + .description("Remove an MCP server") + .option( + "-s, --scope ", + "Configuration scope (local, user, or project) - if not specified, removes from whichever scope it exists in", + ) + .action(async (name: string, options: { scope?: string }) => { + const { mcpRemoveHandler } = await import("./cli/handlers/mcp.js"); + await mcpRemoveHandler(name, options); + }); + + mcp.command("list") + .description( + "List configured MCP servers. Note: The workspace trust dialog is skipped and stdio servers from .mcp.json are spawned for health checks. Only use this command in directories you trust.", + ) + .action(async () => { + const { mcpListHandler } = await import("./cli/handlers/mcp.js"); + await mcpListHandler(); + }); + + mcp.command("get ") + .description( + "Get details about an MCP server. Note: The workspace trust dialog is skipped and stdio servers from .mcp.json are spawned for health checks. Only use this command in directories you trust.", + ) + .action(async (name: string) => { + const { mcpGetHandler } = await import("./cli/handlers/mcp.js"); + await mcpGetHandler(name); + }); + + mcp.command("add-json ") + .description("Add an MCP server (stdio or SSE) with a JSON string") + .option( + "-s, --scope ", + "Configuration scope (local, user, or project)", + "local", + ) + .option( + "--client-secret", + "Prompt for OAuth client secret (or set MCP_CLIENT_SECRET env var)", + ) + .action( + async ( + name: string, + json: string, + options: { scope?: string; clientSecret?: true }, + ) => { + const { mcpAddJsonHandler } = + await import("./cli/handlers/mcp.js"); + await mcpAddJsonHandler(name, json, options); + }, + ); + + mcp.command("add-from-claude-desktop") + .description( + "Import MCP servers from Claude Desktop (Mac and WSL only)", + ) + .option( + "-s, --scope ", + "Configuration scope (local, user, or project)", + "local", + ) + .action(async (options: { scope?: string }) => { + const { mcpAddFromDesktopHandler } = + await import("./cli/handlers/mcp.js"); + await mcpAddFromDesktopHandler(options); + }); + + mcp.command("reset-project-choices") + .description( + "Reset all approved and rejected project-scoped (.mcp.json) servers within this project", + ) + .action(async () => { + const { mcpResetChoicesHandler } = + await import("./cli/handlers/mcp.js"); + await mcpResetChoicesHandler(); + }); + + // claude server + if (feature("DIRECT_CONNECT")) { + program + .command("server") + .description("Start a Claude Code session server") + .option("--port ", "HTTP port", "0") + .option("--host ", "Bind address", "0.0.0.0") + .option("--auth-token ", "Bearer token for auth") + .option("--unix ", "Listen on a unix domain socket") + .option( + "--workspace ", + "Default working directory for sessions that do not specify cwd", + ) + .option( + "--idle-timeout ", + "Idle timeout for detached sessions in ms (0 = never expire)", + "600000", + ) + .option( + "--max-sessions ", + "Maximum concurrent sessions (0 = unlimited)", + "32", + ) + .action( + async (opts: { + port: string; + host: string; + authToken?: string; + unix?: string; + workspace?: string; + idleTimeout: string; + maxSessions: string; + }) => { + const { randomBytes } = await import("crypto"); + const { startServer } = await import("./server/server.js"); + const { SessionManager } = + await import("./server/sessionManager.js"); + const { DangerousBackend } = + await import("./server/backends/dangerousBackend.js"); + const { printBanner } = + await import("./server/serverBanner.js"); + const { createServerLogger } = + await import("./server/serverLog.js"); + const { + writeServerLock, + removeServerLock, + probeRunningServer, + } = await import("./server/lockfile.js"); + + const existing = await probeRunningServer(); + if (existing) { + process.stderr.write( + `A claude server is already running (pid ${existing.pid}) at ${existing.httpUrl}\n`, + ); + process.exit(1); + } + + const authToken = + opts.authToken ?? + `sk-ant-cc-${randomBytes(16).toString("base64url")}`; + + const config = { + port: parseInt(opts.port, 10), + host: opts.host, + authToken, + unix: opts.unix, + workspace: opts.workspace, + idleTimeoutMs: parseInt(opts.idleTimeout, 10), + maxSessions: parseInt(opts.maxSessions, 10), + }; + + const backend = new DangerousBackend(); + const sessionManager = new SessionManager(backend, { + idleTimeoutMs: config.idleTimeoutMs, + maxSessions: config.maxSessions, + }); + const logger = createServerLogger(); + + const server = startServer(config, sessionManager, logger); + const actualPort = server.port ?? config.port; + printBanner(config, authToken, actualPort); + + await writeServerLock({ + pid: process.pid, + port: actualPort, + host: config.host, + httpUrl: config.unix + ? `unix:${config.unix}` + : `http://${config.host}:${actualPort}`, + startedAt: Date.now(), + }); + + let shuttingDown = false; + const shutdown = async () => { + if (shuttingDown) return; + shuttingDown = true; + // Stop accepting new connections before tearing down sessions. + server.stop(true); + await sessionManager.destroyAll(); + await removeServerLock(); + process.exit(0); + }; + process.once("SIGINT", () => void shutdown()); + process.once("SIGTERM", () => void shutdown()); + }, + ); + } + + // `claude ssh [dir]` — registered here only so --help shows it. + // The actual interactive flow is handled by early argv rewriting in main() + // (parallels the DIRECT_CONNECT/cc:// pattern above). If commander reaches + // this action it means the argv rewrite didn't fire (e.g. user ran + // `claude ssh` with no host) — just print usage. + if (feature("SSH_REMOTE")) { + program + .command("ssh [dir]") + .description( + "Run Claude Code on a remote host over SSH. Deploys the binary and " + + "tunnels API auth back through your local machine — no remote setup needed.", + ) + .option( + "--permission-mode ", + "Permission mode for the remote session", + ) + .option( + "--dangerously-skip-permissions", + "Skip all permission prompts on the remote (dangerous)", + ) + .option( + "--local", + "e2e test mode — spawn the child CLI locally (skip ssh/deploy). " + + "Exercises the auth proxy and unix-socket plumbing without a remote host.", + ) + .action(async () => { + // Argv rewriting in main() should have consumed `ssh ` before + // commander runs. Reaching here means host was missing or the + // rewrite predicate didn't match. + process.stderr.write( + "Usage: claude ssh [dir]\n\n" + + "Runs Claude Code on a remote Linux host. You don't need to install\n" + + "anything on the remote or run `claude auth login` there — the binary is\n" + + "deployed over SSH and API auth tunnels back through your local machine.\n", + ); + process.exit(1); + }); + } + + // claude connect — subcommand only handles -p (headless) mode. + // Interactive mode (without -p) is handled by early argv rewriting in main() + // which redirects to the main command with full TUI support. + if (feature("DIRECT_CONNECT")) { + program + .command("open ") + .description( + "Connect to a Claude Code server (internal — use cc:// URLs)", + ) + .option("-p, --print [prompt]", "Print mode (headless)") + .option( + "--output-format ", + "Output format: text, json, stream-json", + "text", + ) + .action( + async ( + ccUrl: string, + opts: { + print?: string | boolean; + outputFormat: string; + }, + ) => { + const { parseConnectUrl } = + await import("./server/parseConnectUrl.js"); + const { serverUrl, authToken } = parseConnectUrl(ccUrl); + + let connectConfig; + try { + const session = await createDirectConnectSession({ + serverUrl, + authToken, + cwd: getOriginalCwd(), + dangerouslySkipPermissions: + _pendingConnect?.dangerouslySkipPermissions, + }); + if (session.workDir) { + setOriginalCwd(session.workDir); + setCwdState(session.workDir); + } + setDirectConnectServerUrl(serverUrl); + connectConfig = session.config; + } catch (err) { + // biome-ignore lint/suspicious/noConsole: intentional error output + console.error( + err instanceof DirectConnectError + ? err.message + : String(err), + ); + process.exit(1); + } + + const { runConnectHeadless } = + await import("./server/connectHeadless.js"); + + const prompt = + typeof opts.print === "string" ? opts.print : ""; + const interactive = opts.print === true; + await runConnectHeadless( + connectConfig, + prompt, + opts.outputFormat, + interactive, + ); + }, + ); + } + + // claude auth + + const auth = program + .command("auth") + .description("Manage authentication") + .configureHelp(createSortedHelpConfig()); + + auth.command("login") + .description("Sign in to your Anthropic account") + .option( + "--email ", + "Pre-populate email address on the login page", + ) + .option("--sso", "Force SSO login flow") + .option( + "--console", + "Use Anthropic Console (API usage billing) instead of Claude subscription", + ) + .option("--claudeai", "Use Claude subscription (default)") + .action( + async ({ + email, + sso, + console: useConsole, + claudeai, + }: { + email?: string; + sso?: boolean; + console?: boolean; + claudeai?: boolean; + }) => { + const { authLogin } = await import("./cli/handlers/auth.js"); + await authLogin({ email, sso, console: useConsole, claudeai }); + }, + ); + + auth.command("status") + .description("Show authentication status") + .option("--json", "Output as JSON (default)") + .option("--text", "Output as human-readable text") + .action(async (opts: { json?: boolean; text?: boolean }) => { + const { authStatus } = await import("./cli/handlers/auth.js"); + await authStatus(opts); + }); + + auth.command("logout") + .description("Log out from your Anthropic account") + .action(async () => { + const { authLogout } = await import("./cli/handlers/auth.js"); + await authLogout(); + }); + + /** + * Helper function to handle marketplace command errors consistently. + * Logs the error and exits the process with status 1. + * @param error The error that occurred + * @param action Description of the action that failed + */ + // Hidden flag on all plugin/marketplace subcommands to target cowork_plugins. + const coworkOption = () => + new Option("--cowork", "Use cowork_plugins directory").hideHelp(); + + // Plugin validate command + const pluginCmd = program + .command("plugin") + .alias("plugins") + .description("Manage Claude Code plugins") + .configureHelp(createSortedHelpConfig()); + + pluginCmd + .command("validate ") + .description("Validate a plugin or marketplace manifest") + .addOption(coworkOption()) + .action(async (manifestPath: string, options: { cowork?: boolean }) => { + const { pluginValidateHandler } = + await import("./cli/handlers/plugins.js"); + await pluginValidateHandler(manifestPath, options); + }); + + // Plugin list command + pluginCmd + .command("list") + .description("List installed plugins") + .option("--json", "Output as JSON") + .option( + "--available", + "Include available plugins from marketplaces (requires --json)", + ) + .addOption(coworkOption()) + .action( + async (options: { + json?: boolean; + available?: boolean; + cowork?: boolean; + }) => { + const { pluginListHandler } = + await import("./cli/handlers/plugins.js"); + await pluginListHandler(options); + }, + ); + + // Marketplace subcommands + const marketplaceCmd = pluginCmd + .command("marketplace") + .description("Manage Claude Code marketplaces") + .configureHelp(createSortedHelpConfig()); + + marketplaceCmd + .command("add ") + .description("Add a marketplace from a URL, path, or GitHub repo") + .addOption(coworkOption()) + .option( + "--sparse ", + "Limit checkout to specific directories via git sparse-checkout (for monorepos). Example: --sparse .claude-plugin plugins", + ) + .option( + "--scope ", + "Where to declare the marketplace: user (default), project, or local", + ) + .action( + async ( + source: string, + options: { + cowork?: boolean; + sparse?: string[]; + scope?: string; + }, + ) => { + const { marketplaceAddHandler } = + await import("./cli/handlers/plugins.js"); + await marketplaceAddHandler(source, options); + }, + ); + + marketplaceCmd + .command("list") + .description("List all configured marketplaces") + .option("--json", "Output as JSON") + .addOption(coworkOption()) + .action(async (options: { json?: boolean; cowork?: boolean }) => { + const { marketplaceListHandler } = + await import("./cli/handlers/plugins.js"); + await marketplaceListHandler(options); + }); + + marketplaceCmd + .command("remove ") + .alias("rm") + .description("Remove a configured marketplace") + .addOption(coworkOption()) + .action(async (name: string, options: { cowork?: boolean }) => { + const { marketplaceRemoveHandler } = + await import("./cli/handlers/plugins.js"); + await marketplaceRemoveHandler(name, options); + }); + + marketplaceCmd + .command("update [name]") + .description( + "Update marketplace(s) from their source - updates all if no name specified", + ) + .addOption(coworkOption()) + .action( + async (name: string | undefined, options: { cowork?: boolean }) => { + const { marketplaceUpdateHandler } = + await import("./cli/handlers/plugins.js"); + await marketplaceUpdateHandler(name, options); + }, + ); + + // Plugin install command + pluginCmd + .command("install ") + .alias("i") + .description( + "Install a plugin from available marketplaces (use plugin@marketplace for specific marketplace)", + ) + .option( + "-s, --scope ", + "Installation scope: user, project, or local", + "user", + ) + .addOption(coworkOption()) + .action( + async ( + plugin: string, + options: { scope?: string; cowork?: boolean }, + ) => { + const { pluginInstallHandler } = + await import("./cli/handlers/plugins.js"); + await pluginInstallHandler(plugin, options); + }, + ); + + // Plugin uninstall command + pluginCmd + .command("uninstall ") + .alias("remove") + .alias("rm") + .description("Uninstall an installed plugin") + .option( + "-s, --scope ", + "Uninstall from scope: user, project, or local", + "user", + ) + .option( + "--keep-data", + "Preserve the plugin's persistent data directory (~/.claude/plugins/data/{id}/)", + ) + .addOption(coworkOption()) + .action( + async ( + plugin: string, + options: { + scope?: string; + cowork?: boolean; + keepData?: boolean; + }, + ) => { + const { pluginUninstallHandler } = + await import("./cli/handlers/plugins.js"); + await pluginUninstallHandler(plugin, options); + }, + ); + + // Plugin enable command + pluginCmd + .command("enable ") + .description("Enable a disabled plugin") + .option( + "-s, --scope ", + `Installation scope: ${VALID_INSTALLABLE_SCOPES.join(", ")} (default: auto-detect)`, + ) + .addOption(coworkOption()) + .action( + async ( + plugin: string, + options: { scope?: string; cowork?: boolean }, + ) => { + const { pluginEnableHandler } = + await import("./cli/handlers/plugins.js"); + await pluginEnableHandler(plugin, options); + }, + ); + + // Plugin disable command + pluginCmd + .command("disable [plugin]") + .description("Disable an enabled plugin") + .option("-a, --all", "Disable all enabled plugins") + .option( + "-s, --scope ", + `Installation scope: ${VALID_INSTALLABLE_SCOPES.join(", ")} (default: auto-detect)`, + ) + .addOption(coworkOption()) + .action( + async ( + plugin: string | undefined, + options: { scope?: string; cowork?: boolean; all?: boolean }, + ) => { + const { pluginDisableHandler } = + await import("./cli/handlers/plugins.js"); + await pluginDisableHandler(plugin, options); + }, + ); + + // Plugin update command + pluginCmd + .command("update ") + .description( + "Update a plugin to the latest version (restart required to apply)", + ) + .option( + "-s, --scope ", + `Installation scope: ${VALID_UPDATE_SCOPES.join(", ")} (default: user)`, + ) + .addOption(coworkOption()) + .action( + async ( + plugin: string, + options: { scope?: string; cowork?: boolean }, + ) => { + const { pluginUpdateHandler } = + await import("./cli/handlers/plugins.js"); + await pluginUpdateHandler(plugin, options); + }, + ); + // END ANT-ONLY + + // Setup token command + program + .command("setup-token") + .description( + "Set up a long-lived authentication token (requires Claude subscription)", + ) + .action(async () => { + const [{ setupTokenHandler }, { createRoot }] = await Promise.all([ + import("./cli/handlers/util.js"), + import("./ink.js"), + ]); + const root = await createRoot(getBaseRenderOptions(false)); + await setupTokenHandler(root); + }); + + // Agents command - list configured agents + program + .command("agents") + .description("List configured agents") + .option( + "--setting-sources ", + "Comma-separated list of setting sources to load (user, project, local).", + ) + .action(async () => { + const { agentsHandler } = await import("./cli/handlers/agents.js"); + await agentsHandler(); + process.exit(0); + }); + + if (feature("TRANSCRIPT_CLASSIFIER")) { + // Skip when tengu_auto_mode_config.enabled === 'disabled' (circuit breaker). + // Reads from disk cache — GrowthBook isn't initialized at registration time. + if (getAutoModeEnabledStateIfCached() !== "disabled") { + const autoModeCmd = program + .command("auto-mode") + .description("Inspect auto mode classifier configuration"); + + autoModeCmd + .command("defaults") + .description( + "Print the default auto mode environment, allow, and deny rules as JSON", + ) + .action(async () => { + const { autoModeDefaultsHandler } = + await import("./cli/handlers/autoMode.js"); + autoModeDefaultsHandler(); + process.exit(0); + }); + + autoModeCmd + .command("config") + .description( + "Print the effective auto mode config as JSON: your settings where set, defaults otherwise", + ) + .action(async () => { + const { autoModeConfigHandler } = + await import("./cli/handlers/autoMode.js"); + autoModeConfigHandler(); + process.exit(0); + }); + + autoModeCmd + .command("critique") + .description("Get AI feedback on your custom auto mode rules") + .option("--model ", "Override which model is used") + .action(async (options) => { + const { autoModeCritiqueHandler } = + await import("./cli/handlers/autoMode.js"); + await autoModeCritiqueHandler(options); + process.exit(); + }); + } + } + + // Remote Control command — connect local environment to claude.ai/code. + // The actual command is intercepted by the fast-path in cli.tsx before + // Commander.js runs, so this registration exists only for help output. + // Always hidden: isBridgeEnabled() at this point (before enableConfigs) + // would throw inside isClaudeAISubscriber → getGlobalConfig and return + // false via the try/catch — but not before paying ~65ms of side effects + // (25ms settings Zod parse + 40ms sync `security` keychain subprocess). + // The dynamic visibility never worked; the command was always hidden. + if (feature("BRIDGE_MODE")) { + program + .command("remote-control", { hidden: true }) + .alias("rc") + .description( + "Connect your local environment for remote-control sessions via claude.ai/code", + ) + .action(async () => { + // Unreachable — cli.tsx fast-path handles this command before main.tsx loads. + // If somehow reached, delegate to bridgeMain. + const { bridgeMain } = await import("./bridge/bridgeMain.js"); + await bridgeMain(process.argv.slice(3)); + }); + } + + if (feature("KAIROS")) { + program + .command("assistant [sessionId]") + .description( + "Attach the REPL as a client to a running bridge session. Discovers sessions via API if no sessionId given.", + ) + .action(() => { + // Argv rewriting above should have consumed `assistant [id]` + // before commander runs. Reaching here means a root flag came first + // (e.g. `--debug assistant`) and the position-0 predicate + // didn't match. Print usage like the ssh stub does. + process.stderr.write( + "Usage: claude assistant [sessionId]\n\n" + + "Attach the REPL as a viewer client to a running bridge session.\n" + + "Omit sessionId to discover and pick from available sessions.\n", + ); + process.exit(1); + }); + } + + // Doctor command - check installation health + program + .command("doctor") + .description( + "Check the health of your Claude Code auto-updater. Note: The workspace trust dialog is skipped and stdio servers from .mcp.json are spawned for health checks. Only use this command in directories you trust.", + ) + .action(async () => { + const [{ doctorHandler }, { createRoot }] = await Promise.all([ + import("./cli/handlers/util.js"), + import("./ink.js"), + ]); + const root = await createRoot(getBaseRenderOptions(false)); + await doctorHandler(root); + }); + + // claude update + // + // For SemVer-compliant versioning with build metadata (X.X.X+SHA): + // - We perform exact string comparison (including SHA) to detect any change + // - This ensures users always get the latest build, even when only the SHA changes + // - UI shows both versions including build metadata for clarity + program + .command("update") + .alias("upgrade") + .description("Check for updates and install if available") + .action(async () => { + const { update } = await import("src/cli/update.js"); + await update(); + }); + + // claude up — run the project's CLAUDE.md "# claude up" setup instructions. + if (process.env.USER_TYPE === "ant") { + program + .command("up") + .description( + '[ANT-ONLY] Initialize or upgrade the local dev environment using the "# claude up" section of the nearest CLAUDE.md', + ) + .action(async () => { + const { up } = await import("src/cli/up.js"); + await up(); + }); + } + + // claude rollback (ant-only) + // Rolls back to previous releases + if (process.env.USER_TYPE === "ant") { + program + .command("rollback [target]") + .description( + "[ANT-ONLY] Roll back to a previous release\n\nExamples:\n claude rollback Go 1 version back from current\n claude rollback 3 Go 3 versions back from current\n claude rollback 2.0.73-dev.20251217.t190658 Roll back to a specific version", + ) + .option("-l, --list", "List recent published versions with ages") + .option( + "--dry-run", + "Show what would be installed without installing", + ) + .option( + "--safe", + "Roll back to the server-pinned safe version (set by oncall during incidents)", + ) + .action( + async ( + target?: string, + options?: { + list?: boolean; + dryRun?: boolean; + safe?: boolean; + }, + ) => { + const { rollback } = await import("src/cli/rollback.js"); + await rollback(target, options); + }, + ); + } + + // claude install + program + .command("install [target]") + .description( + "Install Claude Code native build. Use [target] to specify version (stable, latest, or specific version)", + ) + .option("--force", "Force installation even if already installed") + .action( + async ( + target: string | undefined, + options: { force?: boolean }, + ) => { + const { installHandler } = + await import("./cli/handlers/util.js"); + await installHandler(target, options); + }, + ); + + // ant-only commands + if (process.env.USER_TYPE === "ant") { + const validateLogId = (value: string) => { + const maybeSessionId = validateUuid(value); + if (maybeSessionId) return maybeSessionId; + return Number(value); + }; + // claude log + program + .command("log") + .description("[ANT-ONLY] Manage conversation logs.") + .argument( + "[number|sessionId]", + "A number (0, 1, 2, etc.) to display a specific log, or the sesssion ID (uuid) of a log", + validateLogId, + ) + .action(async (logId: string | number | undefined) => { + const { logHandler } = await import("./cli/handlers/ant.js"); + await logHandler(logId); + }); + + // claude error + program + .command("error") + .description( + "[ANT-ONLY] View error logs. Optionally provide a number (0, -1, -2, etc.) to display a specific log.", + ) + .argument( + "[number]", + "A number (0, 1, 2, etc.) to display a specific log", + parseInt, + ) + .action(async (number: number | undefined) => { + const { errorHandler } = await import("./cli/handlers/ant.js"); + await errorHandler(number); + }); + + // claude export + program + .command("export") + .description("[ANT-ONLY] Export a conversation to a text file.") + .usage(" ") + .argument( + "", + "Session ID, log index (0, 1, 2...), or path to a .json/.jsonl log file", + ) + .argument("", "Output file path for the exported text") + .addHelpText( + "after", + ` Examples: $ claude export 0 conversation.txt Export conversation at log index 0 $ claude export conversation.txt Export conversation by session ID $ claude export input.json output.txt Render JSON log file to text $ claude export .jsonl output.txt Render JSONL session file to text`, - ) - .action(async (source: string, outputFile: string) => { - const { exportHandler } = await import('./cli/handlers/ant.js') - await exportHandler(source, outputFile) - }) + ) + .action(async (source: string, outputFile: string) => { + const { exportHandler } = await import("./cli/handlers/ant.js"); + await exportHandler(source, outputFile); + }); - if (process.env.USER_TYPE === 'ant') { - const taskCmd = program - .command('task') - .description('[ANT-ONLY] Manage task list tasks') + if (process.env.USER_TYPE === "ant") { + const taskCmd = program + .command("task") + .description("[ANT-ONLY] Manage task list tasks"); - taskCmd - .command('create ') - .description('Create a new task') - .option('-d, --description ', 'Task description') - .option('-l, --list ', 'Task list ID (defaults to "tasklist")') - .action( - async ( - subject: string, - opts: { description?: string; list?: string }, - ) => { - const { taskCreateHandler } = await import('./cli/handlers/ant.js') - await taskCreateHandler(subject, opts) - }, - ) + taskCmd + .command("create ") + .description("Create a new task") + .option("-d, --description ", "Task description") + .option( + "-l, --list ", + 'Task list ID (defaults to "tasklist")', + ) + .action( + async ( + subject: string, + opts: { description?: string; list?: string }, + ) => { + const { taskCreateHandler } = + await import("./cli/handlers/ant.js"); + await taskCreateHandler(subject, opts); + }, + ); - taskCmd - .command('list') - .description('List all tasks') - .option('-l, --list ', 'Task list ID (defaults to "tasklist")') - .option('--pending', 'Show only pending tasks') - .option('--json', 'Output as JSON') - .action( - async (opts: { - list?: string - pending?: boolean - json?: boolean - }) => { - const { taskListHandler } = await import('./cli/handlers/ant.js') - await taskListHandler(opts) - }, - ) + taskCmd + .command("list") + .description("List all tasks") + .option( + "-l, --list ", + 'Task list ID (defaults to "tasklist")', + ) + .option("--pending", "Show only pending tasks") + .option("--json", "Output as JSON") + .action( + async (opts: { + list?: string; + pending?: boolean; + json?: boolean; + }) => { + const { taskListHandler } = + await import("./cli/handlers/ant.js"); + await taskListHandler(opts); + }, + ); - taskCmd - .command('get ') - .description('Get details of a task') - .option('-l, --list ', 'Task list ID (defaults to "tasklist")') - .action(async (id: string, opts: { list?: string }) => { - const { taskGetHandler } = await import('./cli/handlers/ant.js') - await taskGetHandler(id, opts) - }) + taskCmd + .command("get ") + .description("Get details of a task") + .option( + "-l, --list ", + 'Task list ID (defaults to "tasklist")', + ) + .action(async (id: string, opts: { list?: string }) => { + const { taskGetHandler } = + await import("./cli/handlers/ant.js"); + await taskGetHandler(id, opts); + }); - taskCmd - .command('update ') - .description('Update a task') - .option('-l, --list ', 'Task list ID (defaults to "tasklist")') - .option( - '-s, --status ', - `Set status (${TASK_STATUSES.join(', ')})`, - ) - .option('--subject ', 'Update subject') - .option('-d, --description ', 'Update description') - .option('--owner ', 'Set owner') - .option('--clear-owner', 'Clear owner') - .action( - async ( - id: string, - opts: { - list?: string - status?: string - subject?: string - description?: string - owner?: string - clearOwner?: boolean - }, - ) => { - const { taskUpdateHandler } = await import('./cli/handlers/ant.js') - await taskUpdateHandler(id, opts) - }, - ) + taskCmd + .command("update ") + .description("Update a task") + .option( + "-l, --list ", + 'Task list ID (defaults to "tasklist")', + ) + .option( + "-s, --status ", + `Set status (${TASK_STATUSES.join(", ")})`, + ) + .option("--subject ", "Update subject") + .option("-d, --description ", "Update description") + .option("--owner ", "Set owner") + .option("--clear-owner", "Clear owner") + .action( + async ( + id: string, + opts: { + list?: string; + status?: string; + subject?: string; + description?: string; + owner?: string; + clearOwner?: boolean; + }, + ) => { + const { taskUpdateHandler } = + await import("./cli/handlers/ant.js"); + await taskUpdateHandler(id, opts); + }, + ); - taskCmd - .command('dir') - .description('Show the tasks directory path') - .option('-l, --list ', 'Task list ID (defaults to "tasklist")') - .action(async (opts: { list?: string }) => { - const { taskDirHandler } = await import('./cli/handlers/ant.js') - await taskDirHandler(opts) - }) - } + taskCmd + .command("dir") + .description("Show the tasks directory path") + .option( + "-l, --list ", + 'Task list ID (defaults to "tasklist")', + ) + .action(async (opts: { list?: string }) => { + const { taskDirHandler } = + await import("./cli/handlers/ant.js"); + await taskDirHandler(opts); + }); + } - // claude completion - program - .command('completion ', { hidden: true }) - .description('Generate shell completion script (bash, zsh, or fish)') - .option( - '--output ', - 'Write completion script directly to a file instead of stdout', - ) - .action(async (shell: string, opts: { output?: string }) => { - const { completionHandler } = await import('./cli/handlers/ant.js') - await completionHandler(shell, opts, program) - }) - } + // claude completion + program + .command("completion ", { hidden: true }) + .description( + "Generate shell completion script (bash, zsh, or fish)", + ) + .option( + "--output ", + "Write completion script directly to a file instead of stdout", + ) + .action(async (shell: string, opts: { output?: string }) => { + const { completionHandler } = + await import("./cli/handlers/ant.js"); + await completionHandler(shell, opts, program); + }); + } - profileCheckpoint('run_before_parse') - await program.parseAsync(process.argv) - profileCheckpoint('run_after_parse') + profileCheckpoint("run_before_parse"); + await program.parseAsync(process.argv); + profileCheckpoint("run_after_parse"); - // Record final checkpoint for total_time calculation - profileCheckpoint('main_after_run') + // Record final checkpoint for total_time calculation + profileCheckpoint("main_after_run"); - // Log startup perf to Statsig (sampled) and output detailed report if enabled - profileReport() + // Log startup perf to Statsig (sampled) and output detailed report if enabled + profileReport(); - return program + return program; } async function logTenguInit({ - hasInitialPrompt, - hasStdin, - verbose, - debug, - debugToStderr, - print, - outputFormat, - inputFormat, - numAllowedTools, - numDisallowedTools, - mcpClientCount, - worktreeEnabled, - skipWebFetchPreflight, - githubActionInputs, - dangerouslySkipPermissionsPassed, - permissionMode, - modeIsBypass, - allowDangerouslySkipPermissionsPassed, - systemPromptFlag, - appendSystemPromptFlag, - thinkingConfig, - assistantActivationPath, + hasInitialPrompt, + hasStdin, + verbose, + debug, + debugToStderr, + print, + outputFormat, + inputFormat, + numAllowedTools, + numDisallowedTools, + mcpClientCount, + worktreeEnabled, + skipWebFetchPreflight, + githubActionInputs, + dangerouslySkipPermissionsPassed, + permissionMode, + modeIsBypass, + allowDangerouslySkipPermissionsPassed, + systemPromptFlag, + appendSystemPromptFlag, + thinkingConfig, + assistantActivationPath, }: { - hasInitialPrompt: boolean - hasStdin: boolean - verbose: boolean - debug: boolean - debugToStderr: boolean - print: boolean - outputFormat: string - inputFormat: string - numAllowedTools: number - numDisallowedTools: number - mcpClientCount: number - worktreeEnabled: boolean - skipWebFetchPreflight: boolean | undefined - githubActionInputs: string | undefined - dangerouslySkipPermissionsPassed: boolean - permissionMode: string - modeIsBypass: boolean - allowDangerouslySkipPermissionsPassed: boolean - systemPromptFlag: 'file' | 'flag' | undefined - appendSystemPromptFlag: 'file' | 'flag' | undefined - thinkingConfig: ThinkingConfig - assistantActivationPath: string | undefined + hasInitialPrompt: boolean; + hasStdin: boolean; + verbose: boolean; + debug: boolean; + debugToStderr: boolean; + print: boolean; + outputFormat: string; + inputFormat: string; + numAllowedTools: number; + numDisallowedTools: number; + mcpClientCount: number; + worktreeEnabled: boolean; + skipWebFetchPreflight: boolean | undefined; + githubActionInputs: string | undefined; + dangerouslySkipPermissionsPassed: boolean; + permissionMode: string; + modeIsBypass: boolean; + allowDangerouslySkipPermissionsPassed: boolean; + systemPromptFlag: "file" | "flag" | undefined; + appendSystemPromptFlag: "file" | "flag" | undefined; + thinkingConfig: ThinkingConfig; + assistantActivationPath: string | undefined; }): Promise { - try { - logEvent('tengu_init', { - entrypoint: - 'claude' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - hasInitialPrompt, - hasStdin, - verbose, - debug, - debugToStderr, - print, - outputFormat: - outputFormat as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - inputFormat: - inputFormat as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - numAllowedTools, - numDisallowedTools, - mcpClientCount, - worktree: worktreeEnabled, - skipWebFetchPreflight, - ...(githubActionInputs && { - githubActionInputs: - githubActionInputs as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - }), - dangerouslySkipPermissionsPassed, - permissionMode: - permissionMode as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - modeIsBypass, - inProtectedNamespace: isInProtectedNamespace(), - allowDangerouslySkipPermissionsPassed, - thinkingType: - thinkingConfig.type as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - ...(systemPromptFlag && { - systemPromptFlag: - systemPromptFlag as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - }), - ...(appendSystemPromptFlag && { - appendSystemPromptFlag: - appendSystemPromptFlag as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - }), - is_simple: isBareMode() || undefined, - is_coordinator: - feature('COORDINATOR_MODE') && - coordinatorModeModule?.isCoordinatorMode() - ? true - : undefined, - ...(assistantActivationPath && { - assistantActivationPath: - assistantActivationPath as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - }), - autoUpdatesChannel: (getInitialSettings().autoUpdatesChannel ?? - 'latest') as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - ...(process.env.USER_TYPE === 'ant' - ? (() => { - const cwd = getCwd() - const gitRoot = findGitRoot(cwd) - const rp = gitRoot ? relative(gitRoot, cwd) || '.' : undefined - return rp - ? { - relativeProjectPath: - rp as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - } - : {} - })() - : {}), - }) - } catch (error) { - logError(error) - } + try { + logEvent("tengu_init", { + entrypoint: + "claude" as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + hasInitialPrompt, + hasStdin, + verbose, + debug, + debugToStderr, + print, + outputFormat: + outputFormat as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + inputFormat: + inputFormat as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + numAllowedTools, + numDisallowedTools, + mcpClientCount, + worktree: worktreeEnabled, + skipWebFetchPreflight, + ...(githubActionInputs && { + githubActionInputs: + githubActionInputs as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + }), + dangerouslySkipPermissionsPassed, + permissionMode: + permissionMode as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + modeIsBypass, + inProtectedNamespace: isInProtectedNamespace(), + allowDangerouslySkipPermissionsPassed, + thinkingType: + thinkingConfig.type as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + ...(systemPromptFlag && { + systemPromptFlag: + systemPromptFlag as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + }), + ...(appendSystemPromptFlag && { + appendSystemPromptFlag: + appendSystemPromptFlag as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + }), + is_simple: isBareMode() || undefined, + is_coordinator: + feature("COORDINATOR_MODE") && + coordinatorModeModule?.isCoordinatorMode() + ? true + : undefined, + ...(assistantActivationPath && { + assistantActivationPath: + assistantActivationPath as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + }), + autoUpdatesChannel: (getInitialSettings().autoUpdatesChannel ?? + "latest") as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + ...(process.env.USER_TYPE === "ant" + ? (() => { + const cwd = getCwd(); + const gitRoot = findGitRoot(cwd); + const rp = gitRoot + ? relative(gitRoot, cwd) || "." + : undefined; + return rp + ? { + relativeProjectPath: + rp as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + } + : {}; + })() + : {}), + }); + } catch (error) { + logError(error); + } } function maybeActivateProactive(options: unknown): void { - if ( - (feature('PROACTIVE') || feature('KAIROS')) && - ((options as { proactive?: boolean }).proactive || - isEnvTruthy(process.env.CLAUDE_CODE_PROACTIVE)) - ) { - // eslint-disable-next-line @typescript-eslint/no-require-imports - const proactiveModule = require('./proactive/index.js') - if (!proactiveModule.isProactiveActive()) { - proactiveModule.activateProactive('command') - } - } + if ( + (feature("PROACTIVE") || feature("KAIROS")) && + ((options as { proactive?: boolean }).proactive || + isEnvTruthy(process.env.CLAUDE_CODE_PROACTIVE)) + ) { + // eslint-disable-next-line @typescript-eslint/no-require-imports + const proactiveModule = require("./proactive/index.js"); + if (!proactiveModule.isProactiveActive()) { + proactiveModule.activateProactive("command"); + } + } } function maybeActivateBrief(options: unknown): void { - if (!(feature('KAIROS') || feature('KAIROS_BRIEF'))) return - const briefFlag = (options as { brief?: boolean }).brief - const briefEnv = isEnvTruthy(process.env.CLAUDE_CODE_BRIEF) - if (!briefFlag && !briefEnv) return - // --brief / CLAUDE_CODE_BRIEF are explicit opt-ins: check entitlement, - // then set userMsgOptIn to activate the tool + prompt section. The env - // var also grants entitlement (isBriefEntitled() reads it), so setting - // CLAUDE_CODE_BRIEF=1 alone force-enables for dev/testing — no GB gate - // needed. initialIsBriefOnly reads getUserMsgOptIn() directly. - // Conditional require: static import would leak the tool name string - // into external builds via BriefTool.ts → prompt.ts. - /* eslint-disable @typescript-eslint/no-require-imports */ - const { isBriefEntitled } = - require('./tools/BriefTool/BriefTool.js') as typeof import('./tools/BriefTool/BriefTool.js') - /* eslint-enable @typescript-eslint/no-require-imports */ - const entitled = isBriefEntitled() - if (entitled) { - setUserMsgOptIn(true) - } - // Fire unconditionally once intent is seen: enabled=false captures the - // "user tried but was gated" failure mode in Datadog. - logEvent('tengu_brief_mode_enabled', { - enabled: entitled, - gated: !entitled, - source: (briefEnv - ? 'env' - : 'flag') as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, - }) + if (!(feature("KAIROS") || feature("KAIROS_BRIEF"))) return; + const briefFlag = (options as { brief?: boolean }).brief; + const briefEnv = isEnvTruthy(process.env.CLAUDE_CODE_BRIEF); + if (!briefFlag && !briefEnv) return; + // --brief / CLAUDE_CODE_BRIEF are explicit opt-ins: check entitlement, + // then set userMsgOptIn to activate the tool + prompt section. The env + // var also grants entitlement (isBriefEntitled() reads it), so setting + // CLAUDE_CODE_BRIEF=1 alone force-enables for dev/testing — no GB gate + // needed. initialIsBriefOnly reads getUserMsgOptIn() directly. + // Conditional require: static import would leak the tool name string + // into external builds via BriefTool.ts → prompt.ts. + /* eslint-disable @typescript-eslint/no-require-imports */ + const { isBriefEntitled } = + require("./tools/BriefTool/BriefTool.js") as typeof import("./tools/BriefTool/BriefTool.js"); + /* eslint-enable @typescript-eslint/no-require-imports */ + const entitled = isBriefEntitled(); + if (entitled) { + setUserMsgOptIn(true); + } + // Fire unconditionally once intent is seen: enabled=false captures the + // "user tried but was gated" failure mode in Datadog. + logEvent("tengu_brief_mode_enabled", { + enabled: entitled, + gated: !entitled, + source: (briefEnv + ? "env" + : "flag") as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, + }); } function resetCursor() { - const terminal = process.stderr.isTTY - ? process.stderr - : process.stdout.isTTY - ? process.stdout - : undefined - terminal?.write(SHOW_CURSOR) + const terminal = process.stderr.isTTY + ? process.stderr + : process.stdout.isTTY + ? process.stdout + : undefined; + terminal?.write(SHOW_CURSOR); } type TeammateOptions = { - agentId?: string - agentName?: string - teamName?: string - agentColor?: string - planModeRequired?: boolean - parentSessionId?: string - teammateMode?: 'auto' | 'tmux' | 'in-process' - agentType?: string -} + agentId?: string; + agentName?: string; + teamName?: string; + agentColor?: string; + planModeRequired?: boolean; + parentSessionId?: string; + teammateMode?: "auto" | "tmux" | "in-process"; + agentType?: string; +}; function extractTeammateOptions(options: unknown): TeammateOptions { - if (typeof options !== 'object' || options === null) { - return {} - } - const opts = options as Record - const teammateMode = opts.teammateMode - return { - agentId: typeof opts.agentId === 'string' ? opts.agentId : undefined, - agentName: typeof opts.agentName === 'string' ? opts.agentName : undefined, - teamName: typeof opts.teamName === 'string' ? opts.teamName : undefined, - agentColor: - typeof opts.agentColor === 'string' ? opts.agentColor : undefined, - planModeRequired: - typeof opts.planModeRequired === 'boolean' - ? opts.planModeRequired - : undefined, - parentSessionId: - typeof opts.parentSessionId === 'string' - ? opts.parentSessionId - : undefined, - teammateMode: - teammateMode === 'auto' || - teammateMode === 'tmux' || - teammateMode === 'in-process' - ? teammateMode - : undefined, - agentType: typeof opts.agentType === 'string' ? opts.agentType : undefined, - } + if (typeof options !== "object" || options === null) { + return {}; + } + const opts = options as Record; + const teammateMode = opts.teammateMode; + return { + agentId: typeof opts.agentId === "string" ? opts.agentId : undefined, + agentName: + typeof opts.agentName === "string" ? opts.agentName : undefined, + teamName: typeof opts.teamName === "string" ? opts.teamName : undefined, + agentColor: + typeof opts.agentColor === "string" ? opts.agentColor : undefined, + planModeRequired: + typeof opts.planModeRequired === "boolean" + ? opts.planModeRequired + : undefined, + parentSessionId: + typeof opts.parentSessionId === "string" + ? opts.parentSessionId + : undefined, + teammateMode: + teammateMode === "auto" || + teammateMode === "tmux" || + teammateMode === "in-process" + ? teammateMode + : undefined, + agentType: + typeof opts.agentType === "string" ? opts.agentType : undefined, + }; } diff --git a/src/tools/testing/TestingPermissionTool.tsx b/src/tools/testing/TestingPermissionTool.tsx index fcb40de1c..ffcdc330c 100644 --- a/src/tools/testing/TestingPermissionTool.tsx +++ b/src/tools/testing/TestingPermissionTool.tsx @@ -28,7 +28,7 @@ export const TestingPermissionTool: Tool = buildTool({ return 'TestingPermission' }, isEnabled() { - return "production" === 'test' + return process.env.NODE_ENV === 'test' }, isConcurrencySafe() { return true