Harvested the narrow Rust/docs slice of PR #2578 by @AresNing for #1364. The event uses the maintained structured observer path: JSON stdin, stdout ignored, warn-only failures, and no ability to block or mutate the turn.
The hook fires after post-turn app state, usage totals, cost, notification, receipt, and queue-recovery state are updated, before queued follow-up dispatch. Docs, RFC notes, /hooks discovery, and v0.9 tracking now describe the observer-only contract.
Co-authored-by: AresNing <49557311+AresNing@users.noreply.github.com>
Harvested from PR #2741 by @idling11 for #2693, with review fixes folded in: typed compaction/tool/safety enums, no silent unknown-kind fallback, unknown profile keys rejected, and whole-struct equality for future reload/runtime checks.
Co-authored-by: idling11 <8055620+idling11@users.noreply.github.com>
Records that #2506/#2508 are superseded by the safer #2558 path_suffix implementation, credits the original #1874 report and follow-up PR review trail, and documents that suffix overrides only affect chat completions while model and beta paths keep built-in routing.
Harvested from PR #2636 by @HUQIANTAO with widened cache invalidation for constitution files, generated context, trust state, canonical paths, and same-length overwrites.
Co-authored-by: HUQIANTAO <58421104+HUQIANTAO@users.noreply.github.com>
Refs #1786.
Reported by @bevis-wong. This lands the durable restart-safety slice: persisted running tasks and running tool rows are marked failed with a recovery note instead of being requeued as live work after a prior process exits.
Refs #2029.
Reported by @qiyuanlicn. This lands live per-step API-timeout checkpoint continuation and preserves checkpoint metadata through projections, transcripts, and persistence; cold-restart child-task rehydration remains out of scope.
Harvested from PR #2734 by @idling11 with reviewer fixes for row-source fidelity, row-authoritative hit testing, and display-width popover sizing.
Refs #2694.
Co-authored-by: idling11 <8055620+idling11@users.noreply.github.com>
Refs #697 and #1827.
Reported by @NASLXTO and @wuxixing. Prior context-cap and startup-diagnosis work by @linzhiqin2003 and @merchloubna70-dot shaped this fallback.
Harvested from PR #2532 by @cyq1017.
Pending input rows now distinguish steer-pending, rejected-steer, and queued-follow-up states, with continuation rows aligned under the delivery label.
Refs #2054; leaves the broader cancel/edit affordance work open.
Co-authored-by: cyq1017 <61975706+cyq1017@users.noreply.github.com>
Harvested from PR #2639 by @gaord.
Adds POST /v1/sessions for runtime clients to persist completed threads as managed saved sessions, with a 409 guard for queued or active turn/item state and focused session endpoint coverage.
Also makes MCP HTTP tests install the rustls ring provider before constructing reqwest clients so filtered no-provider test runs are deterministic.
Co-authored-by: gaord <9567937+gaord@users.noreply.github.com>
Harvested from PR #2733 by @idling11.
Adds richer update_plan artifact fields for grounded Plan-mode review, renders them in the transcript and Plan confirmation prompt, and carries them through /relay, fork-state, and saved-session replay.
Verification: cargo test -p codewhale-tui --bin codewhale-tui --locked plan_ -- --nocapture
Verification: cargo test -p codewhale-tui --bin codewhale-tui --locked relay_slash_command_routes_to_session_relay_instruction -- --nocapture
Verification: cargo clippy -p codewhale-tui --locked -- -D warnings
Co-authored-by: idling11 <8055620+idling11@users.noreply.github.com>
Harvest the UpdateThreadRequest workspace field from PR #2640 while keeping the engine-cache correctness fix: PATCH /v1/threads/{id} now persists workspace changes, emits the workspace change in thread.updated, rejects empty paths, rejects workspace changes while a turn is active, and evicts idle cached engines so the next turn starts in the new workspace.
Validation: cargo fmt --all -- --check; git diff --check; cargo test -p codewhale-tui --bin codewhale-tui --locked update_thread_workspace -- --nocapture; cargo clippy -p codewhale-tui --locked -- -D warnings; python3 scripts/check-coauthor-trailers.py --author-map .github/AUTHOR_MAP --range origin/main..HEAD --check-authors.
Harvested from PR #2640 by @gaord.
Co-authored-by: gaord <9567937+gaord@users.noreply.github.com>
Add AUTHOR_MAP plus a lightweight co-author trailer checker so harvested commits use numeric GitHub noreply identities, reject bot/tool trailers, and require machine-readable credit when a commit says it was harvested from a PR.
Also normalize the local unpushed v0.9 harvest range so existing contributor authors/trailers for HUQIANTAO, Implementist, jrcjrcc, xyuai, cyq1017, idling11, and shenjackyuanjie use GitHub-mappable identities before the branch is published.
Validation: python3 scripts/check-coauthor-trailers.py --author-map .github/AUTHOR_MAP --range origin/main..HEAD --check-authors; python3 -m py_compile scripts/check-coauthor-trailers.py; ruby -e 'require "yaml"; YAML.load_file(".github/workflows/ci.yml")'; git diff --check; negative in-process validation for raw email, missing harvested credit, and bot author cases.
Harvest the HarmonyOS/OpenHarmony port from PR #2634 and make it publish-safe by target-gating unsupported host dependencies out of the OHOS TUI graph. Self-update is disabled on OHOS, PTY shell mode reports unsupported, and Starlark execpolicy parsing returns an explicit unsupported-platform error until upstream starlark/rustyline/nix support catches up.
Add OHOS SDK setup docs and launcher scripts, install the rustls ring provider for rustls-no-provider entrypoints, and keep the packaged codewhale-tui OHOS graph free of starlark, rustyline, nix@0.28, portable-pty, and arboard.
Validation: cargo fmt --all -- --check; git diff --check; git diff --cached --check; cargo check -p codewhale-cli --locked; cargo check -p codewhale-app-server --locked; cargo check -p codewhale-tui --locked; cargo test -p codewhale-cli --locked update::tests::; cargo test -p codewhale-release --locked; cargo test -p codewhale-tui --locked background_tty_command_has_controlling_terminal; cargo test -p codewhale-tui --locked clipboard; cargo package -p codewhale-tui --allow-dirty --no-verify --locked; packaged OHOS cargo tree checks. OHOS target check still requires a loaded OpenHarmony SDK/sysroot and currently stops in ring with missing assert.h when CC/CFLAGS/linker are unset.
Harvested from PR #2634 by @shenjackyuanjie.
Co-authored-by: shenjackyuanjie <54507071+shenjackyuanjie@users.noreply.github.com>
Place user text before volatile turn metadata in outgoing user-message content arrays so provider prefix caches can continue matching the stable user-input prefix across date, model-route, and working-set changes.
Also adds wire-level coverage proving tail-positioned turn metadata serializes after user text while preserving turn-meta deduplication.
Harvested from PR #2517 by @HUQIANTAO
Co-authored-by: HUQIANTAO <58421104+HUQIANTAO@users.noreply.github.com>
Harvests the MiMo Token Plan auth-header behavior from #2627 while keeping Xiaomi env-key precedence unchanged so standard endpoints do not accidentally receive a Token Plan key.
Harvested from PR #2627 by @xyuai.
Co-authored-by: xyuai <281015099+xyuai@users.noreply.github.com>
Root cause: AgentComplete unconditionally calls resume_terminal()
even when the terminal was never paused, causing a secondary
EnterAlternateScreen on Windows that creates a new buffer whose
width may differ from the window width. Additionally,
ColorCompatBackend had no terminal_size cache, so size() fell
through to crossterm::terminal::size() which on Windows returns
the WinAPI buffer width rather than the window width.
Changes:
- AgentComplete: add event_broker.is_paused() guard
- resume_terminal(): cache real terminal size before reset_viewport
- Resize handler: also set terminal_size alongside forced_size
- subagent_routing: 3x mark_history_updated -> bump_history_cell(idx)
- color_compat: add terminal_size field, set_terminal_size(), fix
size() fallback priority (forced_size > terminal_size)
- tests: 3 unit tests for size() fallback chain
Review feedback addressed:
- forced_size now takes priority over terminal_size (gemini-code-assist)
- Redundant map lookups removed in subagent_routing (both bots)
- set_terminal_size moved before reset_terminal_viewport (greptile-apps)
(cherry picked from commit 4463c46644a6e485e7e20dc2b19c29c2e8eb3c5c)
Subagent aliases:
- Legacy names (agent_spawn, agent_result, agent_cancel, resume_agent,
agent_list, agent_send_input, agent_assign, agent_wait,
delegate_to_agent) are already NOT registered — they exist as dead code
with #[allow(dead_code)] since v0.8.33
- Add test verifying model catalog only advertises canonical subagent
tools: agent_open, agent_eval, agent_close, tool_agent
Shell aliases:
- Hide exec_wait from model catalog (legacy alias for exec_shell_wait)
- Hide exec_interact from model catalog (legacy alias for
exec_shell_interact)
- Both remain callable for saved transcript replay
- Add test verifying shell aliases are hidden but callable
Verification: cargo test -p codewhale-tui --locked (4040 passed),
cargo clippy -D warnings
Wrap plan steps via wrap_text() before rendering, breaking only on display-width overflow, not on Latin/CJK Unicode word boundaries. Switch main render path from Wrap { trim: true } to Wrap { trim: false } since all content is pre-wrapped. Replace wrapped_line_count() with lines.len() for accurate scroll bounds. Keep confirm-exit dialog on Wrap { trim: true } (English-only, no risk).
- wrap_text: replace chars().count() with UnicodeWidthStr::width() so
CJK text is wrapped by display columns, consistent with
wrapped_line_count and ratatui's Paragraph::wrap. Also fix the
hard-split loop to use exclusive byte ranges (..end) instead of
inclusive (..=i) so multi-byte UTF-8 prefixes are always valid.
- render: hoist the confirming_exit branch to an early return so the
plan-content construction (lines, scroll bounds, footer) is skipped
entirely when the confirmation dialog is visible.
- Clear pending_g when Esc triggers the exit-confirmation prompt so a
stray 'g' press does not leak into and survive the confirmation dialog.
- Move render_modal_chrome into the else branch so only one call fires
per render pass, eliminating a shadow artifact when confirming_exit
is active.
- wrapped_line_count: compute leading-space width via UnicodeWidthStr
instead of byte length, so non-ASCII leading whitespace is measured
correctly.
- render: hoist popup_area / content_width computation above plan
rendering so wrap_text can share the same content_width derived
from the actual popup geometry instead of a magic 68.
Use clamped (effective) scroll instead of raw `self.scroll` in the Esc
handler so a short plan that fits entirely (max_scroll == 0) never
triggers the "exit without implementing?" dialog when the user pressed
a scroll key (PgDn/Ctrl-D/G/End) beforehand.
- Use word-wrapping-aware line count to prevent underestimating scroll range
(gemini-code-assist / greptile-apps)
- Merge PLAN_OPTIONS, PLAN_SHORTCUTS, PLAN_SHORT_LABELS into PlanOption struct
(gemini-code-assist)
- Remove dead Esc code in handle_key (greptile-apps)
- Guard gg/G with modifier checks (gemini-code-assist)
- Increase PgUp/PgDn scroll amount from 6 to 12 (greptile-apps)
- Use u16::try_from for scroll value to avoid silent truncation (greptile-apps)
- Update related unit tests for new scroll values
- Add scroll state field to PlanPromptView with PgUp/PgDn, Ctrl+U/D/F/B,
Home/End, gg/G vim-style keybindings
- Show scroll indicator footer when content overflows the popup
- Add confirming_exit state: Esc while scrolled asks for confirmation
before discarding, preventing accidental exits on long plans
- Clamp scroll in render() so overscroll doesn't hide bottom options
- Use wrapped_line_count() with UnicodeWidthStr for accurate overflow
detection with CJK characters
- Add 11 unit tests covering scroll, keybindings, and exit confirmation
Three follow-ups to the previous perf commit:
1. Drop the rows_hash field on CacheEntry. The field was computed and
stored but never read on the hot path; tests exercised it only to
assert the cache returned a stable hash. After this change
get_or_compute_rows returns just Vec<OutputRow>, halving the
tuple-return ABI and removing one DefaultHasher::write pass on
every cache miss.
2. Replace DefaultHasher (SipHash) with a hand-rolled FNV-1a 64-bit
hash. SipHash is per-process-keyed and ~5-10x slower than FNV on
the small-to-medium tool output strings we see at 120 FPS. FNV-1a
has no per-process key, fits in 20 lines of pure-Rust, and a 64-bit
collision space is more than wide enough for the per-process LRU's
expected <= a few hundred entries. The cache is a correctness
optimization, not a security boundary; collisions only cause a
false miss, never wrong data.
3. Caller in tui::history::render_preserved_output_mode updated to
the new Vec<OutputRow>-only signature. Two new tests cover the
FNV-1a properties (length-suffix sensitivity, empty-input
stability).
Hunter B