tweak(ui): remove open label

.opencode/.gitignore

@@ -1,6 +1,4 @@
-node_modules
-plans
-package.json
+plans/
 bun.lock
-.gitignore
+package.json
 package-lock.json

.opencode/tool/github-pr-search.ts

@@ -1,5 +1,6 @@
 /// <reference path="../env.d.ts" />
 import { tool } from "@opencode-ai/plugin"
+import DESCRIPTION from "./github-pr-search.txt"
 
 async function githubFetch(endpoint: string, options: RequestInit = {}) {
   const response = await fetch(`https://api.github.com${endpoint}`, {
@@ -23,16 +24,7 @@ interface PR {
 }
 
 export default tool({
-  description: `Use this tool to search GitHub pull requests by title and description.
-
-This tool searches PRs in the anomalyco/opencode repository and returns LLM-friendly results including:
-- PR number and title
-- Author
-- State (open/closed/merged)
-- Labels
-- Description snippet
-
-Use the query parameter to search for keywords that might appear in PR titles or descriptions.`,
+  description: DESCRIPTION,
   args: {
     query: tool.schema.string().describe("Search query for PR titles and descriptions"),
     limit: tool.schema.number().describe("Maximum number of results to return").default(10),

.opencode/tool/github-pr-search.txt

@@ -0,0 +1,10 @@
+Use this tool to search GitHub pull requests by title and description.
+
+This tool searches PRs in the anomalyco/opencode repository and returns LLM-friendly results including:
+- PR number and title
+- Author
+- State (open/closed/merged)
+- Labels
+- Description snippet
+
+Use the query parameter to search for keywords that might appear in PR titles or descriptions.

.opencode/tool/github-triage.ts

@@ -1,5 +1,6 @@
 /// <reference path="../env.d.ts" />
 import { tool } from "@opencode-ai/plugin"
+import DESCRIPTION from "./github-triage.txt"
 
 const TEAM = {
   desktop: ["adamdotdevin", "iamdavidhill", "Brendonovich", "nexxeln"],
@@ -39,12 +40,7 @@ async function githubFetch(endpoint: string, options: RequestInit = {}) {
 }
 
 export default tool({
-  description: `Use this tool to assign and/or label a GitHub issue.
-
-Choose labels and assignee using the current triage policy and ownership rules.
-Pick the most fitting labels for the issue and assign one owner.
-
-If unsure, choose the team/section with the most overlap with the issue and assign a member from that team at random.`,
+  description: DESCRIPTION,
   args: {
     assignee: tool.schema
       .enum(ASSIGNEES as [string, ...string[]])

.opencode/tool/github-triage.txt

@@ -0,0 +1,6 @@
+Use this tool to assign and/or label a GitHub issue.
+
+Choose labels and assignee using the current triage policy and ownership rules.
+Pick the most fitting labels for the issue and assign one owner.
+
+If unsure, choose the team/section with the most overlap with the issue and assign a member from that team at random.

README.md

@@ -128,7 +128,7 @@ If you are working on a project that's related to OpenCode and is using "opencod
 
 #### How is this different from Claude Code?
 
-It's very similar to Claude Code in terms of capability. Here are the key differences::
+It's very similar to Claude Code in terms of capability. Here are the key differences:
 
 - 100% open source
 - Not coupled to any provider. Although we recommend the models we provide through [OpenCode Zen](https://opencode.ai/zen), OpenCode can be used with Claude, OpenAI, Google, or even local models. As models evolve, the gaps between them will close and pricing will drop, so being provider-agnostic is important.

nix/hashes.json

@@ -1,8 +1,8 @@
 {
   "nodeModules": {
-    "x86_64-linux": "sha256-TnrYykX8Mf/Ugtkix6V",
-    "aarch64-linux": "sha256-TnrYykX8Mf/Ugtkix6V",
-    "aarch64-darwin": "sha256-TnrYykX8Mf/Ugtkix6V",
-    "x86_64-darwin": "sha256-TnrYykX8Mf/Ugtkix6V"
+    "x86_64-linux": "sha256-WJgo6UclmtQOEubnKMZybdIEhZ1uRTucF61yojjd+l0=",
+    "aarch64-linux": "sha256-QfZ/g7EZFpe6ndR3dG8WvVfMj5Kyd/R/4kkTJfGJxL4=",
+    "aarch64-darwin": "sha256-ezr/R70XJr9eN5l3mgb7HzLF6QsofNEKUOtuxbfli80=",
+    "x86_64-darwin": "sha256-MbsBGS415uEU/n1RQ/5H5pqh+udLY3+oimJ+eS5uJVI="
   }
 }

packages/app/src/components/session/find-assistant-messages.test.ts

@@ -1,81 +0,0 @@
-import { describe, expect, test } from "bun:test"
-import type { Message } from "@opencode-ai/sdk/v2/client"
-import { findAssistantMessages } from "@opencode-ai/ui/find-assistant-messages"
-
-function user(id: string): Message {
-  return {
-    id,
-    role: "user",
-    sessionID: "session-1",
-    time: { created: 1 },
-  } as unknown as Message
-}
-
-function assistant(id: string, parentID: string): Message {
-  return {
-    id,
-    role: "assistant",
-    sessionID: "session-1",
-    parentID,
-    time: { created: 1 },
-  } as unknown as Message
-}
-
-describe("findAssistantMessages", () => {
-  test("normal ordering: assistant after user in array → found via forward scan", () => {
-    const messages = [user("u1"), assistant("a1", "u1")]
-    const result = findAssistantMessages(messages, 0, "u1")
-    expect(result).toHaveLength(1)
-    expect(result[0].id).toBe("a1")
-  })
-
-  test("clock skew: assistant before user in array → found via backward scan", () => {
-    // When client clock is ahead, user ID sorts after assistant ID,
-    // so assistant appears earlier in the ID-sorted message array
-    const messages = [assistant("a1", "u1"), user("u1")]
-    const result = findAssistantMessages(messages, 1, "u1")
-    expect(result).toHaveLength(1)
-    expect(result[0].id).toBe("a1")
-  })
-
-  test("no assistant messages → returns empty array", () => {
-    const messages = [user("u1"), user("u2")]
-    const result = findAssistantMessages(messages, 0, "u1")
-    expect(result).toHaveLength(0)
-  })
-
-  test("multiple assistant messages with matching parentID → all found", () => {
-    const messages = [user("u1"), assistant("a1", "u1"), assistant("a2", "u1")]
-    const result = findAssistantMessages(messages, 0, "u1")
-    expect(result).toHaveLength(2)
-    expect(result[0].id).toBe("a1")
-    expect(result[1].id).toBe("a2")
-  })
-
-  test("does not return assistant messages with different parentID", () => {
-    const messages = [user("u1"), assistant("a1", "u1"), assistant("a2", "other")]
-    const result = findAssistantMessages(messages, 0, "u1")
-    expect(result).toHaveLength(1)
-    expect(result[0].id).toBe("a1")
-  })
-
-  test("stops forward scan at next user message", () => {
-    const messages = [user("u1"), assistant("a1", "u1"), user("u2"), assistant("a2", "u1")]
-    const result = findAssistantMessages(messages, 0, "u1")
-    expect(result).toHaveLength(1)
-    expect(result[0].id).toBe("a1")
-  })
-
-  test("stops backward scan at previous user message", () => {
-    const messages = [assistant("a0", "u1"), user("u0"), assistant("a1", "u1"), user("u1")]
-    const result = findAssistantMessages(messages, 3, "u1")
-    expect(result).toHaveLength(1)
-    expect(result[0].id).toBe("a1")
-  })
-
-  test("invalid index returns empty array", () => {
-    const messages = [user("u1")]
-    expect(findAssistantMessages(messages, -1, "u1")).toHaveLength(0)
-    expect(findAssistantMessages(messages, 5, "u1")).toHaveLength(0)
-  })
-})

packages/app/src/components/session/session-header.tsx

@@ -326,7 +326,7 @@ export function SessionHeader() {
                       <div class="flex h-[24px] box-border items-center rounded-md border border-border-weak-base bg-surface-panel overflow-hidden">
                         <Button
                           variant="ghost"
-                          class="rounded-none h-full py-0 pr-1.5 pl-px gap-1.5 border-none shadow-none disabled:!cursor-default"
+                          class="rounded-none h-full px-0.5 border-none shadow-none disabled:!cursor-default"
                           classList={{
                             "bg-surface-raised-base-active": opening(),
                           }}
@@ -339,7 +339,6 @@ export function SessionHeader() {
                               <Spinner class="size-3.5" style={{ color: tint() ?? "var(--icon-base)" }} />
                             </Show>
                           </div>
-                          <span class="text-12-regular text-text-strong">{language.t("common.open")}</span>
                         </Button>
                         <DropdownMenu
                           gutter={4}

packages/app/src/components/titlebar.tsx

@@ -284,9 +284,6 @@ export function Titlebar() {
           </div>
         </div>
         <div id="opencode-titlebar-left" class="flex items-center gap-3 min-w-0 px-2" />
-        <div class="bg-icon-interactive-base text-background-base font-medium px-2 rounded-sm uppercase font-mono">
-          BETA
-        </div>
       </div>
 
       <div class="min-w-0 flex items-center justify-center pointer-events-none">

packages/app/src/pages/session/composer/session-question-dock.tsx

@@ -3,7 +3,6 @@ import { createStore } from "solid-js/store"
 import { Button } from "@opencode-ai/ui/button"
 import { DockPrompt } from "@opencode-ai/ui/dock-prompt"
 import { Icon } from "@opencode-ai/ui/icon"
-import { IconButton } from "@opencode-ai/ui/icon-button"
 import { showToast } from "@opencode-ai/ui/toast"
 import type { QuestionAnswer, QuestionRequest } from "@opencode-ai/sdk/v2"
 import { useLanguage } from "@/context/language"
@@ -26,7 +25,6 @@ export const SessionQuestionDock: Component<{ request: QuestionRequest; onSubmit
     customOn: cached?.customOn ?? ([] as boolean[]),
     editing: false,
     sending: false,
-    collapsed: false,
   })
 
   let root: HTMLDivElement | undefined
@@ -37,7 +35,6 @@ export const SessionQuestionDock: Component<{ request: QuestionRequest; onSubmit
   const input = createMemo(() => store.custom[store.tab] ?? "")
   const on = createMemo(() => store.customOn[store.tab] === true)
   const multi = createMemo(() => question()?.multiple === true)
-  const picked = createMemo(() => store.answers[store.tab]?.length ?? 0)
 
   const summary = createMemo(() => {
     const n = Math.min(store.tab + 1, total())
@@ -46,8 +43,6 @@ export const SessionQuestionDock: Component<{ request: QuestionRequest; onSubmit
 
   const last = createMemo(() => store.tab >= total() - 1)
 
-  const fold = () => setStore("collapsed", (value) => !value)
-
   const customUpdate = (value: string, selected: boolean = on()) => {
     const prev = input().trim()
     const next = value.trim()
@@ -262,21 +257,9 @@ export const SessionQuestionDock: Component<{ request: QuestionRequest; onSubmit
       kind="question"
       ref={(el) => (root = el)}
       header={
-        <div
-          data-action="session-question-toggle"
-          class="flex flex-1 min-w-0 items-center gap-2 cursor-default select-none"
-          role="button"
-          tabIndex={0}
-          style={{ margin: "0 -10px", padding: "0 0 0 10px" }}
-          onClick={fold}
-          onKeyDown={(event) => {
-            if (event.key !== "Enter" && event.key !== " ") return
-            event.preventDefault()
-            fold()
-          }}
-        >
+        <>
           <div data-slot="question-header-title">{summary()}</div>
-          <div data-slot="question-progress" class="ml-auto mr-1">
+          <div data-slot="question-progress">
             <For each={questions()}>
               {(_, i) => (
                 <button
@@ -288,38 +271,13 @@ export const SessionQuestionDock: Component<{ request: QuestionRequest; onSubmit
                     (store.customOn[i()] === true && (store.custom[i()] ?? "").trim().length > 0)
                   }
                   disabled={store.sending}
-                  onMouseDown={(event) => {
-                    event.preventDefault()
-                    event.stopPropagation()
-                  }}
-                  onClick={(event) => {
-                    event.stopPropagation()
-                    jump(i())
-                  }}
+                  onClick={() => jump(i())}
                   aria-label={`${language.t("ui.tool.questions")} ${i() + 1}`}
                 />
               )}
             </For>
           </div>
-          <div>
-            <IconButton
-              data-action="session-question-toggle-button"
-              icon="chevron-down"
-              size="normal"
-              variant="ghost"
-              classList={{ "rotate-180": store.collapsed }}
-              onMouseDown={(event) => {
-                event.preventDefault()
-                event.stopPropagation()
-              }}
-              onClick={(event) => {
-                event.stopPropagation()
-                fold()
-              }}
-              aria-label={store.collapsed ? language.t("session.todo.expand") : language.t("session.todo.collapse")}
-            />
-          </div>
-        </div>
+        </>
       }
       footer={
         <>
@@ -339,121 +297,56 @@ export const SessionQuestionDock: Component<{ request: QuestionRequest; onSubmit
         </>
       }
     >
-      <div
-        data-slot="question-text"
-        class="cursor-default"
-        classList={{
-          "mb-6": store.collapsed && picked() === 0,
-        }}
-        role={store.collapsed ? "button" : undefined}
-        tabIndex={store.collapsed ? 0 : undefined}
-        onClick={fold}
-        onKeyDown={(event) => {
-          if (!store.collapsed) return
-          if (event.key !== "Enter" && event.key !== " ") return
-          event.preventDefault()
-          fold()
-        }}
-      >
-        {question()?.question}
-      </div>
-      <Show when={store.collapsed && picked() > 0}>
-        <div data-slot="question-hint" class="cursor-default mb-6">
-          {picked()} answer{picked() === 1 ? "" : "s"} selected
-        </div>
+      <div data-slot="question-text">{question()?.question}</div>
+      <Show when={multi()} fallback={<div data-slot="question-hint">{language.t("ui.question.singleHint")}</div>}>
+        <div data-slot="question-hint">{language.t("ui.question.multiHint")}</div>
       </Show>
-      <div data-slot="question-answers" hidden={store.collapsed} aria-hidden={store.collapsed}>
-        <Show when={multi()} fallback={<div data-slot="question-hint">{language.t("ui.question.singleHint")}</div>}>
-          <div data-slot="question-hint">{language.t("ui.question.multiHint")}</div>
-        </Show>
-        <div data-slot="question-options">
-          <For each={options()}>
-            {(opt, i) => {
-              const picked = () => store.answers[store.tab]?.includes(opt.label) ?? false
-              return (
-                <button
-                  data-slot="question-option"
-                  data-picked={picked()}
-                  role={multi() ? "checkbox" : "radio"}
-                  aria-checked={picked()}
-                  disabled={store.sending}
-                  onClick={() => selectOption(i())}
-                >
-                  <span data-slot="question-option-check" aria-hidden="true">
-                    <span
-                      data-slot="question-option-box"
-                      data-type={multi() ? "checkbox" : "radio"}
-                      data-picked={picked()}
-                    >
-                      <Show when={multi()} fallback={<span data-slot="question-option-radio-dot" />}>
-                        <Icon name="check-small" size="small" />
-                      </Show>
-                    </span>
-                  </span>
-                  <span data-slot="question-option-main">
-                    <span data-slot="option-label">{opt.label}</span>
-                    <Show when={opt.description}>
-                      <span data-slot="option-description">{opt.description}</span>
-                    </Show>
-                  </span>
-                </button>
-              )
-            }}
-          </For>
-
-          <Show
-            when={store.editing}
-            fallback={
+      <div data-slot="question-options">
+        <For each={options()}>
+          {(opt, i) => {
+            const picked = () => store.answers[store.tab]?.includes(opt.label) ?? false
+            return (
               <button
                 data-slot="question-option"
-                data-custom="true"
-                data-picked={on()}
+                data-picked={picked()}
                 role={multi() ? "checkbox" : "radio"}
-                aria-checked={on()}
+                aria-checked={picked()}
                 disabled={store.sending}
-                onClick={customOpen}
+                onClick={() => selectOption(i())}
               >
-                <span
-                  data-slot="question-option-check"
-                  aria-hidden="true"
-                  onClick={(e) => {
-                    e.preventDefault()
-                    e.stopPropagation()
-                    customToggle()
-                  }}
-                >
-                  <span data-slot="question-option-box" data-type={multi() ? "checkbox" : "radio"} data-picked={on()}>
+                <span data-slot="question-option-check" aria-hidden="true">
+                  <span
+                    data-slot="question-option-box"
+                    data-type={multi() ? "checkbox" : "radio"}
+                    data-picked={picked()}
+                  >
                     <Show when={multi()} fallback={<span data-slot="question-option-radio-dot" />}>
                       <Icon name="check-small" size="small" />
                     </Show>
                   </span>
                 </span>
                 <span data-slot="question-option-main">
-                  <span data-slot="option-label">{language.t("ui.messagePart.option.typeOwnAnswer")}</span>
-                  <span data-slot="option-description">{input() || language.t("ui.question.custom.placeholder")}</span>
+                  <span data-slot="option-label">{opt.label}</span>
+                  <Show when={opt.description}>
+                    <span data-slot="option-description">{opt.description}</span>
+                  </Show>
                 </span>
               </button>
-            }
-          >
-            <form
+            )
+          }}
+        </For>
+
+        <Show
+          when={store.editing}
+          fallback={
+            <button
               data-slot="question-option"
               data-custom="true"
               data-picked={on()}
               role={multi() ? "checkbox" : "radio"}
               aria-checked={on()}
-              onMouseDown={(e) => {
-                if (store.sending) {
-                  e.preventDefault()
-                  return
-                }
-                if (e.target instanceof HTMLTextAreaElement) return
-                const input = e.currentTarget.querySelector('[data-slot="question-custom-input"]')
-                if (input instanceof HTMLTextAreaElement) input.focus()
-              }}
-              onSubmit={(e) => {
-                e.preventDefault()
-                commitCustom()
-              }}
+              disabled={store.sending}
+              onClick={customOpen}
             >
               <span
                 data-slot="question-option-check"
@@ -472,39 +365,80 @@ export const SessionQuestionDock: Component<{ request: QuestionRequest; onSubmit
               </span>
               <span data-slot="question-option-main">
                 <span data-slot="option-label">{language.t("ui.messagePart.option.typeOwnAnswer")}</span>
-                <textarea
-                  ref={(el) =>
-                    setTimeout(() => {
-                      el.focus()
-                      el.style.height = "0px"
-                      el.style.height = `${el.scrollHeight}px`
-                    }, 0)
-                  }
-                  data-slot="question-custom-input"
-                  placeholder={language.t("ui.question.custom.placeholder")}
-                  value={input()}
-                  rows={1}
-                  disabled={store.sending}
-                  onKeyDown={(e) => {
-                    if (e.key === "Escape") {
-                      e.preventDefault()
-                      setStore("editing", false)
-                      return
-                    }
-                    if (e.key !== "Enter" || e.shiftKey) return
-                    e.preventDefault()
-                    commitCustom()
-                  }}
-                  onInput={(e) => {
-                    customUpdate(e.currentTarget.value)
-                    e.currentTarget.style.height = "0px"
-                    e.currentTarget.style.height = `${e.currentTarget.scrollHeight}px`
-                  }}
-                />
+                <span data-slot="option-description">{input() || language.t("ui.question.custom.placeholder")}</span>
               </span>
-            </form>
-          </Show>
-        </div>
+            </button>
+          }
+        >
+          <form
+            data-slot="question-option"
+            data-custom="true"
+            data-picked={on()}
+            role={multi() ? "checkbox" : "radio"}
+            aria-checked={on()}
+            onMouseDown={(e) => {
+              if (store.sending) {
+                e.preventDefault()
+                return
+              }
+              if (e.target instanceof HTMLTextAreaElement) return
+              const input = e.currentTarget.querySelector('[data-slot="question-custom-input"]')
+              if (input instanceof HTMLTextAreaElement) input.focus()
+            }}
+            onSubmit={(e) => {
+              e.preventDefault()
+              commitCustom()
+            }}
+          >
+            <span
+              data-slot="question-option-check"
+              aria-hidden="true"
+              onClick={(e) => {
+                e.preventDefault()
+                e.stopPropagation()
+                customToggle()
+              }}
+            >
+              <span data-slot="question-option-box" data-type={multi() ? "checkbox" : "radio"} data-picked={on()}>
+                <Show when={multi()} fallback={<span data-slot="question-option-radio-dot" />}>
+                  <Icon name="check-small" size="small" />
+                </Show>
+              </span>
+            </span>
+            <span data-slot="question-option-main">
+              <span data-slot="option-label">{language.t("ui.messagePart.option.typeOwnAnswer")}</span>
+              <textarea
+                ref={(el) =>
+                  setTimeout(() => {
+                    el.focus()
+                    el.style.height = "0px"
+                    el.style.height = `${el.scrollHeight}px`
+                  }, 0)
+                }
+                data-slot="question-custom-input"
+                placeholder={language.t("ui.question.custom.placeholder")}
+                value={input()}
+                rows={1}
+                disabled={store.sending}
+                onKeyDown={(e) => {
+                  if (e.key === "Escape") {
+                    e.preventDefault()
+                    setStore("editing", false)
+                    return
+                  }
+                  if (e.key !== "Enter" || e.shiftKey) return
+                  e.preventDefault()
+                  commitCustom()
+                }}
+                onInput={(e) => {
+                  customUpdate(e.currentTarget.value)
+                  e.currentTarget.style.height = "0px"
+                  e.currentTarget.style.height = `${e.currentTarget.scrollHeight}px`
+                }}
+              />
+            </span>
+          </form>
+        </Show>
       </div>
     </DockPrompt>
   )

packages/opencode/package.json

@@ -7,7 +7,7 @@
   "private": true,
   "scripts": {
     "typecheck": "tsgo --noEmit",
-    "test": "bun test --timeout 30000 registry",
+    "test": "bun test --timeout 30000",
     "build": "bun run script/build.ts",
     "dev": "bun run --conditions=browser ./src/index.ts",
     "random": "echo 'Random script updated at $(date)' && echo 'Change queued successfully' && echo 'Another change made' && echo 'Yet another change' && echo 'One more change' && echo 'Final change' && echo 'Another final change' && echo 'Yet another final change'",
@@ -25,15 +25,9 @@
   "exports": {
     "./*": "./src/*.ts"
   },
-  "imports": {
-    "#db": {
-      "bun": "./src/storage/db.bun.ts",
-      "node": "./src/storage/db.node.ts",
-      "default": "./src/storage/db.bun.ts"
-    }
-  },
   "devDependencies": {
     "@babel/core": "7.28.4",
+    "@effect/language-service": "0.79.0",
     "@octokit/webhooks-types": "7.6.1",
     "@opencode-ai/script": "workspace:*",
     "@parcel/watcher-darwin-arm64": "2.5.1",
@@ -49,14 +43,13 @@
     "@types/babel__core": "7.20.5",
     "@types/bun": "catalog:",
     "@types/mime-types": "3.0.1",
-    "@types/npmcli__arborist": "6.3.3",
     "@types/semver": "^7.5.8",
     "@types/turndown": "5.0.5",
-    "@types/which": "3.0.4",
     "@types/yargs": "17.0.33",
+    "@types/which": "3.0.4",
     "@typescript/native-preview": "catalog:",
-    "effect": "catalog:",
-    "drizzle-kit": "catalog:",
+    "drizzle-kit": "1.0.0-beta.16-ea816b6",
+    "drizzle-orm": "1.0.0-beta.16-ea816b6",
     "typescript": "catalog:",
     "vscode-languageserver-types": "3.17.5",
     "why-is-node-running": "3.2.2",
@@ -89,12 +82,9 @@
     "@clack/prompts": "1.0.0-alpha.1",
     "@gitlab/gitlab-ai-provider": "3.6.0",
     "@gitlab/opencode-gitlab-auth": "1.3.3",
-    "@hono/node-server": "1.19.11",
-    "@hono/node-ws": "1.3.0",
     "@hono/standard-validator": "0.1.5",
     "@hono/zod-validator": "catalog:",
     "@modelcontextprotocol/sdk": "1.25.2",
-    "@npmcli/arborist": "9.4.0",
     "@octokit/graphql": "9.0.2",
     "@octokit/rest": "catalog:",
     "@openauthjs/openauth": "catalog:",
@@ -103,8 +93,8 @@
     "@opencode-ai/sdk": "workspace:*",
     "@opencode-ai/util": "workspace:*",
     "@openrouter/ai-sdk-provider": "1.5.4",
-    "@opentui/core": "0.1.86",
-    "@opentui/solid": "0.1.86",
+    "@opentui/core": "0.1.87",
+    "@opentui/solid": "0.1.87",
     "@parcel/watcher": "2.5.1",
     "@pierre/diffs": "catalog:",
     "@solid-primitives/event-bus": "1.1.2",
@@ -119,7 +109,8 @@
     "clipboardy": "4.0.0",
     "decimal.js": "10.5.0",
     "diff": "catalog:",
-    "drizzle-orm": "catalog:",
+    "drizzle-orm": "1.0.0-beta.16-ea816b6",
+    "effect": "catalog:",
     "fuzzysort": "3.1.0",
     "glob": "13.0.5",
     "google-auth-library": "10.5.0",

packages/opencode/script/build-node.ts

@@ -1,54 +0,0 @@
-#!/usr/bin/env bun
-
-import fs from "fs"
-import path from "path"
-import { fileURLToPath } from "url"
-
-const __filename = fileURLToPath(import.meta.url)
-const __dirname = path.dirname(__filename)
-const dir = path.resolve(__dirname, "..")
-
-process.chdir(dir)
-
-// Load migrations from migration directories
-const migrationDirs = (
-  await fs.promises.readdir(path.join(dir, "migration"), {
-    withFileTypes: true,
-  })
-)
-  .filter((entry) => entry.isDirectory() && /^\d{4}\d{2}\d{2}\d{2}\d{2}\d{2}/.test(entry.name))
-  .map((entry) => entry.name)
-  .sort()
-
-const migrations = await Promise.all(
-  migrationDirs.map(async (name) => {
-    const file = path.join(dir, "migration", name, "migration.sql")
-    const sql = await Bun.file(file).text()
-    const match = /^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})/.exec(name)
-    const timestamp = match
-      ? Date.UTC(
-          Number(match[1]),
-          Number(match[2]) - 1,
-          Number(match[3]),
-          Number(match[4]),
-          Number(match[5]),
-          Number(match[6]),
-        )
-      : 0
-    return { sql, timestamp, name }
-  }),
-)
-console.log(`Loaded ${migrations.length} migrations`)
-
-await Bun.build({
-  target: "node",
-  entrypoints: ["./src/node.ts"],
-  outdir: "./dist",
-  format: "esm",
-  external: ["jsonc-parser"],
-  define: {
-    OPENCODE_MIGRATIONS: JSON.stringify(migrations),
-  },
-})
-
-console.log("Build complete")

packages/opencode/src/agent/agent.ts

@@ -64,7 +64,6 @@ export namespace Agent {
       question: "deny",
       plan_enter: "deny",
       plan_exit: "deny",
-      edit: "ask",
       // mirrors github.com/github/gitignore Node.gitignore pattern for .env files
       read: {
         "*": "allow",

packages/opencode/src/bun/index.ts

@@ -1,4 +1,12 @@
+import z from "zod"
+import { Global } from "../global"
 import { Log } from "../util/log"
+import path from "path"
+import { Filesystem } from "../util/filesystem"
+import { NamedError } from "@opencode-ai/util/error"
+import { Lock } from "../util/lock"
+import { PackageRegistry } from "./registry"
+import { proxied } from "@/util/proxied"
 import { Process } from "../util/process"
 
 export namespace BunProc {
@@ -33,4 +41,87 @@ export namespace BunProc {
   export function which() {
     return process.execPath
   }
+
+  export const InstallFailedError = NamedError.create(
+    "BunInstallFailedError",
+    z.object({
+      pkg: z.string(),
+      version: z.string(),
+    }),
+  )
+
+  export async function install(pkg: string, version = "latest") {
+    // Use lock to ensure only one install at a time
+    using _ = await Lock.write("bun-install")
+
+    const mod = path.join(Global.Path.cache, "node_modules", pkg)
+    const pkgjsonPath = path.join(Global.Path.cache, "package.json")
+    const parsed = await Filesystem.readJson<{ dependencies: Record<string, string> }>(pkgjsonPath).catch(async () => {
+      const result = { dependencies: {} as Record<string, string> }
+      await Filesystem.writeJson(pkgjsonPath, result)
+      return result
+    })
+    if (!parsed.dependencies) parsed.dependencies = {} as Record<string, string>
+    const dependencies = parsed.dependencies
+    const modExists = await Filesystem.exists(mod)
+    const cachedVersion = dependencies[pkg]
+
+    if (!modExists || !cachedVersion) {
+      // continue to install
+    } else if (version !== "latest" && cachedVersion === version) {
+      return mod
+    } else if (version === "latest") {
+      const isOutdated = await PackageRegistry.isOutdated(pkg, cachedVersion, Global.Path.cache)
+      if (!isOutdated) return mod
+      log.info("Cached version is outdated, proceeding with install", { pkg, cachedVersion })
+    }
+
+    // Build command arguments
+    const args = [
+      "add",
+      "--force",
+      "--exact",
+      // TODO: get rid of this case (see: https://github.com/oven-sh/bun/issues/19936)
+      ...(proxied() || process.env.CI ? ["--no-cache"] : []),
+      "--cwd",
+      Global.Path.cache,
+      pkg + "@" + version,
+    ]
+
+    // Let Bun handle registry resolution:
+    // - If .npmrc files exist, Bun will use them automatically
+    // - If no .npmrc files exist, Bun will default to https://registry.npmjs.org
+    // - No need to pass --registry flag
+    log.info("installing package using Bun's default registry resolution", {
+      pkg,
+      version,
+    })
+
+    await BunProc.run(args, {
+      cwd: Global.Path.cache,
+    }).catch((e) => {
+      throw new InstallFailedError(
+        { pkg, version },
+        {
+          cause: e,
+        },
+      )
+    })
+
+    // Resolve actual version from installed package when using "latest"
+    // This ensures subsequent starts use the cached version until explicitly updated
+    let resolvedVersion = version
+    if (version === "latest") {
+      const installedPkg = await Filesystem.readJson<{ version?: string }>(path.join(mod, "package.json")).catch(
+        () => null,
+      )
+      if (installedPkg?.version) {
+        resolvedVersion = installedPkg.version
+      }
+    }
+
+    parsed.dependencies[pkg] = resolvedVersion
+    await Filesystem.writeJson(pkgjsonPath, parsed)
+    return mod
+  }
 }

packages/opencode/src/bun/registry.ts

@@ -1,3 +1,4 @@
+import semver from "semver"
 import { Log } from "../util/log"
 import { Process } from "../util/process"
 
@@ -27,4 +28,17 @@ export namespace PackageRegistry {
     if (!value) return null
     return value
   }
+
+  export async function isOutdated(pkg: string, cachedVersion: string, cwd?: string): Promise<boolean> {
+    const latestVersion = await info(pkg, "version", cwd)
+    if (!latestVersion) {
+      log.warn("Failed to resolve latest version, using cached", { pkg, cachedVersion })
+      return false
+    }
+
+    const isRange = /[\s^~*xX<>|=]/.test(cachedVersion)
+    if (isRange) return !semver.satisfies(latestVersion, cachedVersion)
+
+    return semver.lt(cachedVersion, latestVersion)
+  }
 }

packages/opencode/src/cli/cmd/account.ts

@@ -11,11 +11,6 @@ const openBrowser = (url: string) => Effect.promise(() => open(url).catch(() =>
 
 const println = (msg: string) => Effect.sync(() => UI.println(msg))
 
-const isActiveOrgChoice = (
-  active: Option.Option<{ id: AccountID; active_org_id: OrgID | null }>,
-  choice: { accountID: AccountID; orgID: OrgID },
-) => Option.isSome(active) && active.value.id === choice.accountID && active.value.active_org_id === choice.orgID
-
 const loginEffect = Effect.fn("login")(function* (url: string) {
   const service = yield* AccountService
 
@@ -104,10 +99,11 @@ const switchEffect = Effect.fn("switch")(function* () {
   if (groups.length === 0) return yield* println("Not logged in")
 
   const active = yield* service.active()
+  const activeOrgID = Option.flatMap(active, (a) => Option.fromNullishOr(a.active_org_id))
 
   const opts = groups.flatMap((group) =>
     group.orgs.map((org) => {
-      const isActive = isActiveOrgChoice(active, { accountID: group.account.id, orgID: org.id })
+      const isActive = Option.isSome(activeOrgID) && activeOrgID.value === org.id
       return {
         value: { orgID: org.id, accountID: group.account.id, label: org.name },
         label: isActive
@@ -136,10 +132,11 @@ const orgsEffect = Effect.fn("orgs")(function* () {
   if (!groups.some((group) => group.orgs.length > 0)) return yield* println("No orgs found")
 
   const active = yield* service.active()
+  const activeOrgID = Option.flatMap(active, (a) => Option.fromNullishOr(a.active_org_id))
 
   for (const group of groups) {
     for (const org of group.orgs) {
-      const isActive = isActiveOrgChoice(active, { accountID: group.account.id, orgID: org.id })
+      const isActive = Option.isSome(activeOrgID) && activeOrgID.value === org.id
       const dot = isActive ? UI.Style.TEXT_SUCCESS + "●" + UI.Style.TEXT_NORMAL : " "
       const name = isActive ? UI.Style.TEXT_HIGHLIGHT_BOLD + org.name + UI.Style.TEXT_NORMAL : org.name
       const email = UI.Style.TEXT_DIM + group.account.email + UI.Style.TEXT_NORMAL

packages/opencode/src/cli/cmd/acp.ts

@@ -23,7 +23,7 @@ export const AcpCommand = cmd({
     process.env.OPENCODE_CLIENT = "acp"
     await bootstrap(process.cwd(), async () => {
       const opts = await resolveNetworkOptions(args)
-      const server = await Server.listen(opts)
+      const server = Server.listen(opts)
 
       const sdk = createOpencodeClient({
         baseUrl: `http://${server.hostname}:${server.port}`,

packages/opencode/src/cli/cmd/debug/agent.ts

@@ -159,7 +159,7 @@ async function createToolContext(agent: Agent.Info) {
       for (const pattern of req.patterns) {
         const rule = PermissionNext.evaluate(req.permission, pattern, ruleset)
         if (rule.action === "deny") {
-          throw new PermissionNext.DeniedError({ ruleset })
+          throw new PermissionNext.DeniedError(ruleset)
         }
       }
     },

packages/opencode/src/cli/cmd/run.ts

@@ -370,11 +370,6 @@ export const RunCommand = cmd({
         action: "deny",
         pattern: "*",
       },
-      {
-        permission: "edit",
-        action: "allow",
-        pattern: "*",
-      },
     ]
 
     function title() {

packages/opencode/src/cli/cmd/serve.ts

@@ -15,7 +15,7 @@ export const ServeCommand = cmd({
       console.log("Warning: OPENCODE_SERVER_PASSWORD is not set; server is unsecured.")
     }
     const opts = await resolveNetworkOptions(args)
-    const server = await Server.listen(opts)
+    const server = Server.listen(opts)
     console.log(`opencode server listening on http://${server.hostname}:${server.port}`)
 
     await new Promise(() => {})

packages/opencode/src/cli/cmd/tui/app.tsx

@@ -480,7 +480,6 @@ function App() {
     {
       title: "Toggle MCPs",
       value: "mcp.list",
-      search: "toggle mcps",
       category: "Agent",
       slash: {
         name: "mcps",
@@ -556,9 +555,8 @@ function App() {
       category: "System",
     },
     {
-      title: mode() === "dark" ? "Light mode" : "Dark mode",
+      title: "Toggle appearance",
       value: "theme.switch_mode",
-      search: "toggle appearance",
       onSelect: (dialog) => {
         setMode(mode() === "dark" ? "light" : "dark")
         dialog.clear()
@@ -597,7 +595,6 @@ function App() {
     },
     {
       title: "Toggle debug panel",
-      search: "toggle debug",
       category: "System",
       value: "app.debug",
       onSelect: (dialog) => {
@@ -607,7 +604,6 @@ function App() {
     },
     {
       title: "Toggle console",
-      search: "toggle console",
       category: "System",
       value: "app.console",
       onSelect: (dialog) => {
@@ -648,7 +644,6 @@ function App() {
     {
       title: terminalTitleEnabled() ? "Disable terminal title" : "Enable terminal title",
       value: "terminal.title.toggle",
-      search: "toggle terminal title",
       keybind: "terminal_title_toggle",
       category: "System",
       onSelect: (dialog) => {
@@ -664,7 +659,6 @@ function App() {
     {
       title: kv.get("animations_enabled", true) ? "Disable animations" : "Enable animations",
       value: "app.toggle.animations",
-      search: "toggle animations",
       category: "System",
       onSelect: (dialog) => {
         kv.set("animations_enabled", !kv.get("animations_enabled", true))
@@ -674,7 +668,6 @@ function App() {
     {
       title: kv.get("diff_wrap_mode", "word") === "word" ? "Disable diff wrapping" : "Enable diff wrapping",
       value: "app.toggle.diffwrap",
-      search: "toggle diff wrapping",
       category: "System",
       onSelect: (dialog) => {
         const current = kv.get("diff_wrap_mode", "word")

packages/opencode/src/cli/cmd/tui/component/dialog-model.tsx

@@ -7,27 +7,6 @@ import { useDialog } from "@tui/ui/dialog"
 import { createDialogProviderOptions, DialogProvider } from "./dialog-provider"
 import { useKeybind } from "../context/keybind"
 import * as fuzzysort from "fuzzysort"
-import type { Provider } from "@opencode-ai/sdk/v2"
-
-function pickLatest(models: [string, Provider["models"][string]][]) {
-  const picks: Record<string, [string, Provider["models"][string]]> = {}
-  for (const item of models) {
-    const model = item[0]
-    const info = item[1]
-    const key = info.family ?? model
-    const prev = picks[key]
-    if (!prev) {
-      picks[key] = item
-      continue
-    }
-    if (info.release_date !== prev[1].release_date) {
-      if (info.release_date > prev[1].release_date) picks[key] = item
-      continue
-    }
-    if (model > prev[0]) picks[key] = item
-  }
-  return Object.values(picks)
-}
 
 export function useConnected() {
   const sync = useSync()
@@ -42,7 +21,6 @@ export function DialogModel(props: { providerID?: string }) {
   const dialog = useDialog()
   const keybind = useKeybind()
   const [query, setQuery] = createSignal("")
-  const [all, setAll] = createSignal(false)
 
   const connected = useConnected()
   const providers = createDialogProviderOptions()
@@ -94,8 +72,8 @@ export function DialogModel(props: { providerID?: string }) {
         (provider) => provider.id !== "opencode",
         (provider) => provider.name,
       ),
-      flatMap((provider) => {
-        const items = pipe(
+      flatMap((provider) =>
+        pipe(
           provider.models,
           entries(),
           filter(([_, info]) => info.status !== "deprecated"),
@@ -126,9 +104,8 @@ export function DialogModel(props: { providerID?: string }) {
             (x) => x.footer !== "Free",
             (x) => x.title,
           ),
-        )
-        return items
-      }),
+        ),
+      ),
     )
 
     const popularProviders = !connected()
@@ -177,13 +154,6 @@ export function DialogModel(props: { providerID?: string }) {
             local.model.toggleFavorite(option.value as { providerID: string; modelID: string })
           },
         },
-        {
-          keybind: keybind.all.model_show_all_toggle?.[0],
-          title: all() ? "Show latest only" : "Show all models",
-          onTrigger: () => {
-            setAll((value) => !value)
-          },
-        },
       ]}
       onFilter={setQuery}
       flat={true}

packages/opencode/src/cli/cmd/tui/component/dialog-workspace-list.tsx

@@ -9,7 +9,6 @@ import { useToast } from "../ui/toast"
 import { useKeybind } from "../context/keybind"
 import { DialogSessionList } from "./workspace/dialog-session-list"
 import { createOpencodeClient } from "@opencode-ai/sdk/v2"
-import { setTimeout as sleep } from "node:timers/promises"
 
 async function openWorkspace(input: {
   dialog: ReturnType<typeof useDialog>
@@ -57,7 +56,7 @@ async function openWorkspace(input: {
       return
     }
     if (result.response.status >= 500 && result.response.status < 600) {
-      await sleep(1000)
+      await Bun.sleep(1000)
       continue
     }
     if (!result.data) {

packages/opencode/src/cli/cmd/tui/component/prompt/index.tsx

@@ -78,7 +78,6 @@ export function Prompt(props: PromptProps) {
   const renderer = useRenderer()
   const { theme, syntax } = useTheme()
   const kv = useKV()
-  const [autoaccept, setAutoaccept] = kv.signal<"none" | "edit">("permission_auto_accept", "edit")
 
   function promptModelWarning() {
     toast.show({
@@ -172,17 +171,6 @@ export function Prompt(props: PromptProps) {
 
   command.register(() => {
     return [
-      {
-        title: autoaccept() === "none" ? "Enable autoedit" : "Disable autoedit",
-        value: "permission.auto_accept.toggle",
-        search: "toggle permissions",
-        keybind: "permission_auto_accept_toggle",
-        category: "Agent",
-        onSelect: (dialog) => {
-          setAutoaccept(() => (autoaccept() === "none" ? "edit" : "none"))
-          dialog.clear()
-        },
-      },
       {
         title: "Clear prompt",
         value: "prompt.clear",
@@ -1024,30 +1012,23 @@ export function Prompt(props: PromptProps) {
               cursorColor={theme.text}
               syntaxStyle={syntax()}
             />
-            <box flexDirection="row" flexShrink={0} paddingTop={1} gap={1} justifyContent="space-between">
-              <box flexDirection="row" gap={1}>
-                <text fg={highlight()}>
-                  {store.mode === "shell" ? "Shell" : Locale.titlecase(local.agent.current().name)}{" "}
-                </text>
-                <Show when={store.mode === "normal"}>
-                  <box flexDirection="row" gap={1}>
-                    <text flexShrink={0} fg={keybind.leader ? theme.textMuted : theme.text}>
-                      {local.model.parsed().model}
+            <box flexDirection="row" flexShrink={0} paddingTop={1} gap={1}>
+              <text fg={highlight()}>
+                {store.mode === "shell" ? "Shell" : Locale.titlecase(local.agent.current().name)}{" "}
+              </text>
+              <Show when={store.mode === "normal"}>
+                <box flexDirection="row" gap={1}>
+                  <text flexShrink={0} fg={keybind.leader ? theme.textMuted : theme.text}>
+                    {local.model.parsed().model}
+                  </text>
+                  <text fg={theme.textMuted}>{local.model.parsed().provider}</text>
+                  <Show when={showVariant()}>
+                    <text fg={theme.textMuted}>·</text>
+                    <text>
+                      <span style={{ fg: theme.warning, bold: true }}>{local.model.variant.current()}</span>
                     </text>
-                    <text fg={theme.textMuted}>{local.model.parsed().provider}</text>
-                    <Show when={showVariant()}>
-                      <text fg={theme.textMuted}>·</text>
-                      <text>
-                        <span style={{ fg: theme.warning, bold: true }}>{local.model.variant.current()}</span>
-                      </text>
-                    </Show>
-                  </box>
-                </Show>
-              </box>
-              <Show when={autoaccept() === "edit"}>
-                <text>
-                  <span style={{ fg: theme.warning }}>autoedit</span>
-                </text>
+                  </Show>
+                </box>
               </Show>
             </box>
           </box>

packages/opencode/src/cli/cmd/tui/context/sync.tsx

@@ -25,7 +25,6 @@ import { createSimpleContext } from "./helper"
 import type { Snapshot } from "@/snapshot"
 import { useExit } from "./exit"
 import { useArgs } from "./args"
-import { useKV } from "./kv"
 import { batch, onMount } from "solid-js"
 import { Log } from "@/util/log"
 import type { Path } from "@opencode-ai/sdk"
@@ -107,8 +106,6 @@ export const { use: useSync, provider: SyncProvider } = createSimpleContext({
     })
 
     const sdk = useSDK()
-    const kv = useKV()
-    const [autoaccept] = kv.signal<"none" | "edit">("permission_auto_accept", "edit")
 
     async function syncWorkspaces() {
       const result = await sdk.client.experimental.workspace.list().catch(() => undefined)
@@ -139,13 +136,6 @@ export const { use: useSync, provider: SyncProvider } = createSimpleContext({
 
         case "permission.asked": {
           const request = event.properties
-          if (autoaccept() === "edit" && request.permission === "edit") {
-            sdk.client.permission.reply({
-              reply: "once",
-              requestID: request.id,
-            })
-            break
-          }
           const requests = store.permission[request.sessionID]
           if (!requests) {
             setStore("permission", request.sessionID, [request])
@@ -461,7 +451,6 @@ export const { use: useSync, provider: SyncProvider } = createSimpleContext({
       get ready() {
         return store.status !== "loading"
       },
-
       session: {
         get(sessionID: string) {
           const match = Binary.search(store.session, sessionID, (s) => s.id)

packages/opencode/src/cli/cmd/tui/routes/home.tsx

@@ -47,7 +47,6 @@ export function Home() {
     {
       title: tipsHidden() ? "Show tips" : "Hide tips",
       value: "tips.toggle",
-      search: "toggle tips",
       keybind: "tips_toggle",
       category: "System",
       onSelect: (dialog) => {

packages/opencode/src/cli/cmd/tui/routes/session/index.tsx

@@ -568,7 +568,6 @@ export function Session() {
     {
       title: sidebarVisible() ? "Hide sidebar" : "Show sidebar",
       value: "session.sidebar.toggle",
-      search: "toggle sidebar",
       keybind: "sidebar_toggle",
       category: "Session",
       onSelect: (dialog) => {
@@ -583,7 +582,6 @@ export function Session() {
     {
       title: conceal() ? "Disable code concealment" : "Enable code concealment",
       value: "session.toggle.conceal",
-      search: "toggle code concealment",
       keybind: "messages_toggle_conceal" as any,
       category: "Session",
       onSelect: (dialog) => {
@@ -594,7 +592,6 @@ export function Session() {
     {
       title: showTimestamps() ? "Hide timestamps" : "Show timestamps",
       value: "session.toggle.timestamps",
-      search: "toggle timestamps",
       category: "Session",
       slash: {
         name: "timestamps",
@@ -608,7 +605,6 @@ export function Session() {
     {
       title: showThinking() ? "Hide thinking" : "Show thinking",
       value: "session.toggle.thinking",
-      search: "toggle thinking",
       keybind: "display_thinking",
       category: "Session",
       slash: {
@@ -623,7 +619,6 @@ export function Session() {
     {
       title: showDetails() ? "Hide tool details" : "Show tool details",
       value: "session.toggle.actions",
-      search: "toggle tool details",
       keybind: "tool_details",
       category: "Session",
       onSelect: (dialog) => {
@@ -632,9 +627,8 @@ export function Session() {
       },
     },
     {
-      title: showScrollbar() ? "Hide session scrollbar" : "Show session scrollbar",
+      title: "Toggle session scrollbar",
       value: "session.toggle.scrollbar",
-      search: "toggle session scrollbar",
       keybind: "scrollbar_toggle",
       category: "Session",
       onSelect: (dialog) => {
@@ -913,12 +907,12 @@ export function Session() {
             const filename = options.filename.trim()
             const filepath = path.join(exportDir, filename)
 
-            await Filesystem.write(filepath, transcript)
+            await Bun.write(filepath, transcript)
 
             // Open with EDITOR if available
             const result = await Editor.open({ value: transcript, renderer })
             if (result !== undefined) {
-              await Filesystem.write(filepath, result)
+              await Bun.write(filepath, result)
             }
 
             toast.show({ message: `Session exported to ${filename}`, variant: "success" })

packages/opencode/src/cli/cmd/tui/ui/dialog-select.tsx

@@ -34,7 +34,6 @@ export interface DialogSelectOption<T = any> {
   title: string
   value: T
   description?: string
-  search?: string
   footer?: JSX.Element | string
   category?: string
   disabled?: boolean
@@ -86,8 +85,8 @@ export function DialogSelect<T>(props: DialogSelectProps<T>) {
     // users typically search by the item name, and not its category.
     const result = fuzzysort
       .go(needle, options, {
-        keys: ["title", "category", "search"],
-        scoreFn: (r) => r[0].score * 2 + r[1].score + r[2].score,
+        keys: ["title", "category"],
+        scoreFn: (r) => r[0].score * 2 + r[1].score,
       })
       .map((x) => x.obj)
 

packages/opencode/src/cli/cmd/tui/worker.ts

@@ -8,6 +8,7 @@ import { upgrade } from "@/cli/upgrade"
 import { Config } from "@/config/config"
 import { GlobalBus } from "@/bus/global"
 import { createOpencodeClient, type Event } from "@opencode-ai/sdk/v2"
+import type { BunWebSocketData } from "hono/bun"
 import { Flag } from "@/flag/flag"
 import { setTimeout as sleep } from "node:timers/promises"
 
@@ -37,7 +38,7 @@ GlobalBus.on("event", (event) => {
   Rpc.emit("global.event", event)
 })
 
-let server: Awaited<ReturnType<typeof Server.listen>> | undefined
+let server: Bun.Server<BunWebSocketData> | undefined
 
 const eventStream = {
   abort: undefined as AbortController | undefined,
@@ -119,7 +120,7 @@ export const rpc = {
   },
   async server(input: { port: number; hostname: string; mdns?: boolean; cors?: string[] }) {
     if (server) await server.stop(true)
-    server = await Server.listen(input)
+    server = Server.listen(input)
     return { url: server.url.toString() }
   },
   async checkUpgrade(input: { directory: string }) {
@@ -142,7 +143,7 @@ export const rpc = {
     Log.Default.info("worker shutting down")
     if (eventStream.abort) eventStream.abort.abort()
     await Instance.disposeAll()
-    if (server) await server.stop(true)
+    if (server) server.stop(true)
   },
 }
 

packages/opencode/src/cli/cmd/web.ts

@@ -37,7 +37,7 @@ export const WebCommand = cmd({
       UI.println(UI.Style.TEXT_WARNING_BOLD + "!  " + "OPENCODE_SERVER_PASSWORD is not set; server is unsecured.")
     }
     const opts = await resolveNetworkOptions(args)
-    const server = await Server.listen(opts)
+    const server = Server.listen(opts)
     UI.empty()
     UI.println(UI.logo("  "))
     UI.empty()

packages/opencode/src/config/config.ts

@@ -1,6 +1,6 @@
 import { Log } from "../util/log"
 import path from "path"
-import { pathToFileURL } from "url"
+import { pathToFileURL, fileURLToPath } from "url"
 import { createRequire } from "module"
 import os from "os"
 import z from "zod"
@@ -22,6 +22,7 @@ import {
 } from "jsonc-parser"
 import { Instance } from "../project/instance"
 import { LSPServer } from "../lsp/server"
+import { BunProc } from "@/bun"
 import { Installation } from "@/installation"
 import { ConfigMarkdown } from "./markdown"
 import { constants, existsSync } from "fs"
@@ -29,11 +30,14 @@ import { Bus } from "@/bus"
 import { GlobalBus } from "@/bus/global"
 import { Event } from "../server/event"
 import { Glob } from "../util/glob"
+import { PackageRegistry } from "@/bun/registry"
+import { proxied } from "@/util/proxied"
 import { iife } from "@/util/iife"
 import { Account } from "@/account"
 import { ConfigPaths } from "./paths"
 import { Filesystem } from "@/util/filesystem"
-import { Npm } from "@/npm"
+import { Process } from "@/util/process"
+import { Lock } from "@/util/lock"
 
 export namespace Config {
   const ModelId = z.string().meta({ $ref: "https://models.dev/model-schema.json#/$defs/Model" })
@@ -150,7 +154,8 @@ export namespace Config {
 
       deps.push(
         iife(async () => {
-          await installDependencies(dir)
+          const shouldInstall = await needsInstall(dir)
+          if (shouldInstall) await installDependencies(dir)
         }),
       )
 
@@ -266,10 +271,6 @@ export namespace Config {
   }
 
   export async function installDependencies(dir: string) {
-    if (!(await isWritable(dir))) {
-      log.info("config dir is not writable, skipping dependency install", { dir })
-      return
-    }
     const pkg = path.join(dir, "package.json")
     const targetVersion = Installation.isLocal() ? "*" : Installation.VERSION
 
@@ -283,15 +284,43 @@ export namespace Config {
     await Filesystem.writeJson(pkg, json)
 
     const gitignore = path.join(dir, ".gitignore")
-    if (!(await Filesystem.exists(gitignore)))
-      await Filesystem.write(
-        gitignore,
-        ["node_modules", "plans", "package.json", "bun.lock", ".gitignore", "package-lock.json"].join("\n"),
-      )
+    const hasGitIgnore = await Filesystem.exists(gitignore)
+    if (!hasGitIgnore)
+      await Filesystem.write(gitignore, ["node_modules", "package.json", "bun.lock", ".gitignore"].join("\n"))
 
     // Install any additional dependencies defined in the package.json
     // This allows local plugins and custom tools to use external packages
-    await Npm.install(dir)
+    using _ = await Lock.write("bun-install")
+    await BunProc.run(
+      [
+        "install",
+        // TODO: get rid of this case (see: https://github.com/oven-sh/bun/issues/19936)
+        ...(proxied() || process.env.CI ? ["--no-cache"] : []),
+      ],
+      { cwd: dir },
+    ).catch((err) => {
+      if (err instanceof Process.RunFailedError) {
+        const detail = {
+          dir,
+          cmd: err.cmd,
+          code: err.code,
+          stdout: err.stdout.toString(),
+          stderr: err.stderr.toString(),
+        }
+        if (Flag.OPENCODE_STRICT_CONFIG_DEPS) {
+          log.error("failed to install dependencies", detail)
+          throw err
+        }
+        log.warn("failed to install dependencies", detail)
+        return
+      }
+
+      if (Flag.OPENCODE_STRICT_CONFIG_DEPS) {
+        log.error("failed to install dependencies", { dir, error: err })
+        throw err
+      }
+      log.warn("failed to install dependencies", { dir, error: err })
+    })
   }
 
   async function isWritable(dir: string) {
@@ -303,6 +332,41 @@ export namespace Config {
     }
   }
 
+  export async function needsInstall(dir: string) {
+    // Some config dirs may be read-only.
+    // Installing deps there will fail; skip installation in that case.
+    const writable = await isWritable(dir)
+    if (!writable) {
+      log.debug("config dir is not writable, skipping dependency install", { dir })
+      return false
+    }
+
+    const nodeModules = path.join(dir, "node_modules")
+    if (!existsSync(nodeModules)) return true
+
+    const pkg = path.join(dir, "package.json")
+    const pkgExists = await Filesystem.exists(pkg)
+    if (!pkgExists) return true
+
+    const parsed = await Filesystem.readJson<{ dependencies?: Record<string, string> }>(pkg).catch(() => null)
+    const dependencies = parsed?.dependencies ?? {}
+    const depVersion = dependencies["@opencode-ai/plugin"]
+    if (!depVersion) return true
+
+    const targetVersion = Installation.isLocal() ? "latest" : Installation.VERSION
+    if (targetVersion === "latest") {
+      const isOutdated = await PackageRegistry.isOutdated("@opencode-ai/plugin", depVersion, dir)
+      if (!isOutdated) return false
+      log.info("Cached version is outdated, proceeding with install", {
+        pkg: "@opencode-ai/plugin",
+        cachedVersion: depVersion,
+      })
+      return true
+    }
+    if (depVersion === targetVersion) return false
+    return true
+  }
+
   function rel(item: string, patterns: string[]) {
     const normalizedItem = item.replaceAll("\\", "/")
     for (const pattern of patterns) {
@@ -754,7 +818,6 @@ export namespace Config {
       stash_delete: z.string().optional().default("ctrl+d").describe("Delete stash entry"),
       model_provider_list: z.string().optional().default("ctrl+a").describe("Open provider list from model dialog"),
       model_favorite_toggle: z.string().optional().default("ctrl+f").describe("Toggle model favorite status"),
-      model_show_all_toggle: z.string().optional().default("ctrl+o").describe("Toggle showing all models"),
       session_share: z.string().optional().default("none").describe("Share current session"),
       session_unshare: z.string().optional().default("none").describe("Unshare current session"),
       session_interrupt: z.string().optional().default("escape").describe("Interrupt current session"),
@@ -795,12 +858,7 @@ export namespace Config {
       command_list: z.string().optional().default("ctrl+p").describe("List available commands"),
       agent_list: z.string().optional().default("<leader>a").describe("List agents"),
       agent_cycle: z.string().optional().default("tab").describe("Next agent"),
-      agent_cycle_reverse: z.string().optional().default("none").describe("Previous agent"),
-      permission_auto_accept_toggle: z
-        .string()
-        .optional()
-        .default("shift+tab")
-        .describe("Toggle auto-accept mode for permissions"),
+      agent_cycle_reverse: z.string().optional().default("shift+tab").describe("Previous agent"),
       variant_cycle: z.string().optional().default("ctrl+t").describe("Cycle model variants"),
       input_clear: z.string().optional().default("ctrl+c").describe("Clear input field"),
       input_paste: z.string().optional().default("ctrl+v").describe("Paste from clipboard"),

packages/opencode/src/control-plane/workspace-server/server.ts

@@ -1,4 +1,3 @@
-import { createAdaptorServer } from "@hono/node-server"
 import { Hono } from "hono"
 import { Instance } from "../../project/instance"
 import { InstanceBootstrap } from "../../project/bootstrap"
@@ -57,24 +56,10 @@ export namespace WorkspaceServer {
   }
 
   export function Listen(opts: { hostname: string; port: number }) {
-    const server = createAdaptorServer({
-      fetch: App().fetch,
-    })
-    server.listen(opts.port, opts.hostname)
-    return {
+    return Bun.serve({
       hostname: opts.hostname,
       port: opts.port,
-      stop() {
-        return new Promise<void>((resolve, reject) => {
-          server.close((err) => {
-            if (err) {
-              reject(err)
-              return
-            }
-            resolve()
-          })
-        })
-      },
-    }
+      fetch: App().fetch,
+    })
   }
 }

packages/opencode/src/control-plane/workspace.ts

@@ -1,5 +1,4 @@
 import z from "zod"
-import { setTimeout as sleep } from "node:timers/promises"
 import { fn } from "@/util/fn"
 import { Database, eq } from "@/storage/db"
 import { Project } from "@/project/project"
@@ -118,7 +117,7 @@ export namespace Workspace {
       const adaptor = await getAdaptor(space.type)
       const res = await adaptor.fetch(space, "/event", { method: "GET", signal: stop }).catch(() => undefined)
       if (!res || !res.ok || !res.body) {
-        await sleep(1000)
+        await Bun.sleep(1000)
         continue
       }
       await parseSSE(res.body, stop, (event) => {
@@ -128,7 +127,7 @@ export namespace Workspace {
         })
       })
       // Wait 250ms and retry if SSE connection fails
-      await sleep(250)
+      await Bun.sleep(250)
     }
   }
 

packages/opencode/src/effect/runtime.ts

@@ -1,9 +1,8 @@
 import { Layer, ManagedRuntime } from "effect"
 import { AccountService } from "@/account/service"
 import { AuthService } from "@/auth/service"
-import { PermissionService } from "@/permission/service"
 import { QuestionService } from "@/question/service"
 
 export const runtime = ManagedRuntime.make(
-  Layer.mergeAll(AccountService.defaultLayer, AuthService.defaultLayer, PermissionService.layer, QuestionService.layer),
+  Layer.mergeAll(AccountService.defaultLayer, AuthService.defaultLayer, QuestionService.layer),
 )

packages/opencode/src/format/formatter.ts

@@ -1,40 +1,40 @@
 import { text } from "node:stream/consumers"
+import { BunProc } from "../bun"
 import { Instance } from "../project/instance"
 import { Filesystem } from "../util/filesystem"
 import { Process } from "../util/process"
 import { which } from "../util/which"
 import { Flag } from "@/flag/flag"
-import { Npm } from "@/npm"
 
 export interface Info {
   name: string
+  command: string[]
   environment?: Record<string, string>
   extensions: string[]
-  enabled(): Promise<string[] | false>
+  enabled(): Promise<boolean>
 }
 
 export const gofmt: Info = {
   name: "gofmt",
+  command: ["gofmt", "-w", "$FILE"],
   extensions: [".go"],
   async enabled() {
-    const p = which("gofmt")
-    if (p === null) return false
-    return [p, "-w", "$FILE"]
+    return which("gofmt") !== null
   },
 }
 
 export const mix: Info = {
   name: "mix",
+  command: ["mix", "format", "$FILE"],
   extensions: [".ex", ".exs", ".eex", ".heex", ".leex", ".neex", ".sface"],
   async enabled() {
-    const p = which("mix")
-    if (p === null) return false
-    return [p, "format", "$FILE"]
+    return which("mix") !== null
   },
 }
 
 export const prettier: Info = {
   name: "prettier",
+  command: [BunProc.which(), "x", "prettier", "--write", "$FILE"],
   environment: {
     BUN_BE_BUN: "1",
   },
@@ -73,9 +73,8 @@ export const prettier: Info = {
         dependencies?: Record<string, string>
         devDependencies?: Record<string, string>
       }>(item)
-      if (json.dependencies?.prettier || json.devDependencies?.prettier) {
-        return [await Npm.which("prettier"), "--write", "$FILE"]
-      }
+      if (json.dependencies?.prettier) return true
+      if (json.devDependencies?.prettier) return true
     }
     return false
   },
@@ -83,6 +82,7 @@ export const prettier: Info = {
 
 export const oxfmt: Info = {
   name: "oxfmt",
+  command: [BunProc.which(), "x", "oxfmt", "$FILE"],
   environment: {
     BUN_BE_BUN: "1",
   },
@@ -95,9 +95,8 @@ export const oxfmt: Info = {
         dependencies?: Record<string, string>
         devDependencies?: Record<string, string>
       }>(item)
-      if (json.dependencies?.oxfmt || json.devDependencies?.oxfmt) {
-        return [await Npm.which("oxfmt"), "$FILE"]
-      }
+      if (json.dependencies?.oxfmt) return true
+      if (json.devDependencies?.oxfmt) return true
     }
     return false
   },
@@ -105,6 +104,7 @@ export const oxfmt: Info = {
 
 export const biome: Info = {
   name: "biome",
+  command: [BunProc.which(), "x", "@biomejs/biome", "check", "--write", "$FILE"],
   environment: {
     BUN_BE_BUN: "1",
   },
@@ -141,7 +141,7 @@ export const biome: Info = {
     for (const config of configs) {
       const found = await Filesystem.findUp(config, Instance.directory, Instance.worktree)
       if (found.length > 0) {
-        return [await Npm.which("@biomejs/biome"), "check", "--write", "$FILE"]
+        return true
       }
     }
     return false
@@ -150,49 +150,47 @@ export const biome: Info = {
 
 export const zig: Info = {
   name: "zig",
+  command: ["zig", "fmt", "$FILE"],
   extensions: [".zig", ".zon"],
   async enabled() {
-    const p = which("zig")
-    if (p === null) return false
-    return [p, "fmt", "$FILE"]
+    return which("zig") !== null
   },
 }
 
 export const clang: Info = {
   name: "clang-format",
+  command: ["clang-format", "-i", "$FILE"],
   extensions: [".c", ".cc", ".cpp", ".cxx", ".c++", ".h", ".hh", ".hpp", ".hxx", ".h++", ".ino", ".C", ".H"],
   async enabled() {
     const items = await Filesystem.findUp(".clang-format", Instance.directory, Instance.worktree)
-    if (items.length === 0) return false
-    return ["clang-format", "-i", "$FILE"]
+    return items.length > 0
   },
 }
 
 export const ktlint: Info = {
   name: "ktlint",
+  command: ["ktlint", "-F", "$FILE"],
   extensions: [".kt", ".kts"],
   async enabled() {
-    const p = which("ktlint")
-    if (p === null) return false
-    return [p, "-F", "$FILE"]
+    return which("ktlint") !== null
   },
 }
 
 export const ruff: Info = {
   name: "ruff",
+  command: ["ruff", "format", "$FILE"],
   extensions: [".py", ".pyi"],
   async enabled() {
-    const p = which("ruff")
-    if (p === null) return false
+    if (!which("ruff")) return false
     const configs = ["pyproject.toml", "ruff.toml", ".ruff.toml"]
     for (const config of configs) {
       const found = await Filesystem.findUp(config, Instance.directory, Instance.worktree)
       if (found.length > 0) {
         if (config === "pyproject.toml") {
           const content = await Filesystem.readText(found[0])
-          if (content.includes("[tool.ruff]")) return [p, "format", "$FILE"]
+          if (content.includes("[tool.ruff]")) return true
         } else {
-          return [p, "format", "$FILE"]
+          return true
         }
       }
     }
@@ -201,7 +199,7 @@ export const ruff: Info = {
       const found = await Filesystem.findUp(dep, Instance.directory, Instance.worktree)
       if (found.length > 0) {
         const content = await Filesystem.readText(found[0])
-        if (content.includes("ruff")) return [p, "format", "$FILE"]
+        if (content.includes("ruff")) return true
       }
     }
     return false
@@ -210,13 +208,14 @@ export const ruff: Info = {
 
 export const rlang: Info = {
   name: "air",
+  command: ["air", "format", "$FILE"],
   extensions: [".R"],
   async enabled() {
     const airPath = which("air")
     if (airPath == null) return false
 
     try {
-      const proc = Process.spawn([airPath, "--help"], {
+      const proc = Process.spawn(["air", "--help"], {
         stdout: "pipe",
         stderr: "pipe",
       })
@@ -228,10 +227,7 @@ export const rlang: Info = {
       const firstLine = output.split("\n")[0]
       const hasR = firstLine.includes("R language")
       const hasFormatter = firstLine.includes("formatter")
-      if (hasR && hasFormatter) {
-        return [airPath, "format", "$FILE"]
-      }
-      return false
+      return hasR && hasFormatter
     } catch (error) {
       return false
     }
@@ -240,14 +236,14 @@ export const rlang: Info = {
 
 export const uvformat: Info = {
   name: "uv",
+  command: ["uv", "format", "--", "$FILE"],
   extensions: [".py", ".pyi"],
   async enabled() {
     if (await ruff.enabled()) return false
-    const uvPath = which("uv")
-    if (uvPath !== null) {
-      const proc = Process.spawn([uvPath, "format", "--help"], { stderr: "pipe", stdout: "pipe" })
+    if (which("uv") !== null) {
+      const proc = Process.spawn(["uv", "format", "--help"], { stderr: "pipe", stdout: "pipe" })
       const code = await proc.exited
-      if (code === 0) return [uvPath, "format", "--", "$FILE"]
+      return code === 0
     }
     return false
   },
@@ -255,118 +251,108 @@ export const uvformat: Info = {
 
 export const rubocop: Info = {
   name: "rubocop",
+  command: ["rubocop", "--autocorrect", "$FILE"],
   extensions: [".rb", ".rake", ".gemspec", ".ru"],
   async enabled() {
-    const path = which("rubocop")
-    if (path === null) return false
-    return [path, "--autocorrect", "$FILE"]
+    return which("rubocop") !== null
   },
 }
 
 export const standardrb: Info = {
   name: "standardrb",
+  command: ["standardrb", "--fix", "$FILE"],
   extensions: [".rb", ".rake", ".gemspec", ".ru"],
   async enabled() {
-    const path = which("standardrb")
-    if (path === null) return false
-    return [path, "--fix", "$FILE"]
+    return which("standardrb") !== null
   },
 }
 
 export const htmlbeautifier: Info = {
   name: "htmlbeautifier",
+  command: ["htmlbeautifier", "$FILE"],
   extensions: [".erb", ".html.erb"],
   async enabled() {
-    const path = which("htmlbeautifier")
-    if (path === null) return false
-    return [path, "$FILE"]
+    return which("htmlbeautifier") !== null
   },
 }
 
 export const dart: Info = {
   name: "dart",
+  command: ["dart", "format", "$FILE"],
   extensions: [".dart"],
   async enabled() {
-    const path = which("dart")
-    if (path === null) return false
-    return [path, "format", "$FILE"]
+    return which("dart") !== null
   },
 }
 
 export const ocamlformat: Info = {
   name: "ocamlformat",
+  command: ["ocamlformat", "-i", "$FILE"],
   extensions: [".ml", ".mli"],
   async enabled() {
-    const path = which("ocamlformat")
-    if (!path) return false
+    if (!which("ocamlformat")) return false
     const items = await Filesystem.findUp(".ocamlformat", Instance.directory, Instance.worktree)
-    if (items.length === 0) return false
-    return [path, "-i", "$FILE"]
+    return items.length > 0
   },
 }
 
 export const terraform: Info = {
   name: "terraform",
+  command: ["terraform", "fmt", "$FILE"],
   extensions: [".tf", ".tfvars"],
   async enabled() {
-    const path = which("terraform")
-    if (path === null) return false
-    return [path, "fmt", "$FILE"]
+    return which("terraform") !== null
   },
 }
 
 export const latexindent: Info = {
   name: "latexindent",
+  command: ["latexindent", "-w", "-s", "$FILE"],
   extensions: [".tex"],
   async enabled() {
-    const path = which("latexindent")
-    if (path === null) return false
-    return [path, "-w", "-s", "$FILE"]
+    return which("latexindent") !== null
   },
 }
 
 export const gleam: Info = {
   name: "gleam",
+  command: ["gleam", "format", "$FILE"],
   extensions: [".gleam"],
   async enabled() {
-    const path = which("gleam")
-    if (path === null) return false
-    return [path, "format", "$FILE"]
+    return which("gleam") !== null
   },
 }
 
 export const shfmt: Info = {
   name: "shfmt",
+  command: ["shfmt", "-w", "$FILE"],
   extensions: [".sh", ".bash"],
   async enabled() {
-    const path = which("shfmt")
-    if (path === null) return false
-    return [path, "-w", "$FILE"]
+    return which("shfmt") !== null
   },
 }
 
 export const nixfmt: Info = {
   name: "nixfmt",
+  command: ["nixfmt", "$FILE"],
   extensions: [".nix"],
   async enabled() {
-    const path = which("nixfmt")
-    if (path === null) return false
-    return [path, "$FILE"]
+    return which("nixfmt") !== null
   },
 }
 
 export const rustfmt: Info = {
   name: "rustfmt",
+  command: ["rustfmt", "$FILE"],
   extensions: [".rs"],
   async enabled() {
-    const path = which("rustfmt")
-    if (path === null) return false
-    return [path, "$FILE"]
+    return which("rustfmt") !== null
   },
 }
 
 export const pint: Info = {
   name: "pint",
+  command: ["./vendor/bin/pint", "$FILE"],
   extensions: [".php"],
   async enabled() {
     const items = await Filesystem.findUp("composer.json", Instance.directory, Instance.worktree)
@@ -375,9 +361,8 @@ export const pint: Info = {
         require?: Record<string, string>
         "require-dev"?: Record<string, string>
       }>(item)
-      if (json.require?.["laravel/pint"] || json["require-dev"]?.["laravel/pint"]) {
-        return ["./vendor/bin/pint", "$FILE"]
-      }
+      if (json.require?.["laravel/pint"]) return true
+      if (json["require-dev"]?.["laravel/pint"]) return true
     }
     return false
   },
@@ -385,30 +370,27 @@ export const pint: Info = {
 
 export const ormolu: Info = {
   name: "ormolu",
+  command: ["ormolu", "-i", "$FILE"],
   extensions: [".hs"],
   async enabled() {
-    const path = which("ormolu")
-    if (path === null) return false
-    return [path, "-i", "$FILE"]
+    return which("ormolu") !== null
   },
 }
 
 export const cljfmt: Info = {
   name: "cljfmt",
+  command: ["cljfmt", "fix", "--quiet", "$FILE"],
   extensions: [".clj", ".cljs", ".cljc", ".edn"],
   async enabled() {
-    const path = which("cljfmt")
-    if (path === null) return false
-    return [path, "fix", "--quiet", "$FILE"]
+    return which("cljfmt") !== null
   },
 }
 
 export const dfmt: Info = {
   name: "dfmt",
+  command: ["dfmt", "-i", "$FILE"],
   extensions: [".d"],
   async enabled() {
-    const path = which("dfmt")
-    if (path === null) return false
-    return [path, "-i", "$FILE"]
+    return which("dfmt") !== null
   },
 }

packages/opencode/src/format/index.ts

@@ -25,14 +25,14 @@ export namespace Format {
   export type Status = z.infer<typeof Status>
 
   const state = Instance.state(async () => {
-    const cache: Record<string, string[] | false> = {}
+    const enabled: Record<string, boolean> = {}
     const cfg = await Config.get()
 
     const formatters: Record<string, Formatter.Info> = {}
     if (cfg.formatter === false) {
       log.info("all formatters are disabled")
       return {
-        cache,
+        enabled,
         formatters,
       }
     }
@@ -46,41 +46,43 @@ export namespace Format {
         continue
       }
       const result: Formatter.Info = mergeDeep(formatters[name] ?? {}, {
+        command: [],
         extensions: [],
         ...item,
       })
 
-      result.enabled = async () => item.command ?? false
+      if (result.command.length === 0) continue
+
+      result.enabled = async () => true
       result.name = name
       formatters[name] = result
     }
 
     return {
-      cache,
+      enabled,
       formatters,
     }
   })
 
-  async function resolveCommand(item: Formatter.Info) {
+  async function isEnabled(item: Formatter.Info) {
     const s = await state()
-    let command = s.cache[item.name]
-    if (command === undefined) {
-      log.info("resolving command", { name: item.name })
-      command = await item.enabled()
-      s.cache[item.name] = command
+    let status = s.enabled[item.name]
+    if (status === undefined) {
+      status = await item.enabled()
+      s.enabled[item.name] = status
     }
-    return command
+    return status
   }
 
   async function getFormatter(ext: string) {
     const formatters = await state().then((x) => x.formatters)
-    const result: { info: Formatter.Info; command: string[] }[] = []
+    const result = []
     for (const item of Object.values(formatters)) {
+      log.info("checking", { name: item.name, ext })
       if (!item.extensions.includes(ext)) continue
-      const command = await resolveCommand(item)
-      if (!command) continue
+      if (!(await isEnabled(item))) continue
       log.info("enabled", { name: item.name, ext })
-      result.push({ info: item, command })
+      result.push(item)
     }
     return result
   }
@@ -89,11 +91,11 @@ export namespace Format {
     const s = await state()
     const result: Status[] = []
     for (const formatter of Object.values(s.formatters)) {
-      const command = await resolveCommand(formatter)
+      const enabled = await isEnabled(formatter)
       result.push({
         name: formatter.name,
         extensions: formatter.extensions,
-        enabled: !!command,
+        enabled,
       })
     }
     return result
@@ -106,27 +108,29 @@ export namespace Format {
       log.info("formatting", { file })
       const ext = path.extname(file)
 
-      for (const { info, command } of await getFormatter(ext)) {
-        const replaced = command.map((x) => x.replace("$FILE", file))
-        log.info("running", { replaced })
+      for (const item of await getFormatter(ext)) {
+        log.info("running", { command: item.command })
         try {
-          const proc = Process.spawn(replaced, {
-            cwd: Instance.directory,
-            env: { ...process.env, ...info.environment },
-            stdout: "ignore",
-            stderr: "ignore",
-          })
+          const proc = Process.spawn(
+            item.command.map((x) => x.replace("$FILE", file)),
+            {
+              cwd: Instance.directory,
+              env: { ...process.env, ...item.environment },
+              stdout: "ignore",
+              stderr: "ignore",
+            },
+          )
           const exit = await proc.exited
           if (exit !== 0)
             log.error("failed", {
-              command,
-              ...info.environment,
+              command: item.command,
+              ...item.environment,
             })
         } catch (error) {
           log.error("failed to format file", {
             error,
-            command,
-            ...info.environment,
+            command: item.command,
+            ...item.environment,
             file,
           })
         }

packages/opencode/src/global/index.ts

@@ -18,7 +18,7 @@ export namespace Global {
       return process.env.OPENCODE_TEST_HOME || os.homedir()
     },
     data,
-    bin: path.join(cache, "bin"),
+    bin: path.join(data, "bin"),
     log: path.join(data, "log"),
     cache,
     config,

packages/opencode/src/index.ts

@@ -47,6 +47,11 @@ process.on("uncaughtException", (e) => {
   })
 })
 
+// Ensure the process exits on terminal hangup (eg. closing the terminal tab).
+// Without this, long-running commands like `serve` block on a never-resolving
+// promise and survive as orphaned processes.
+process.on("SIGHUP", () => process.exit())
+
 let cli = yargs(hideBin(process.argv))
   .parserConfiguration({ "populate--": true })
   .scriptName("opencode")

packages/opencode/src/lsp/server.ts

@@ -3,6 +3,7 @@ import path from "path"
 import os from "os"
 import { Global } from "../global"
 import { Log } from "../util/log"
+import { BunProc } from "../bun"
 import { text } from "node:stream/consumers"
 import fs from "fs/promises"
 import { Filesystem } from "../util/filesystem"
@@ -12,7 +13,6 @@ import { Archive } from "../util/archive"
 import { Process } from "../util/process"
 import { which } from "../util/which"
 import { Module } from "@opencode-ai/util/module"
-import { Npm } from "@/npm"
 
 const spawn = ((cmd, args, opts) => {
   if (Array.isArray(args)) return launch(cmd, [...args], { ...(opts ?? {}), windowsHide: true })
@@ -107,7 +107,7 @@ export namespace LSPServer {
       const tsserver = Module.resolve("typescript/lib/tsserver.js", Instance.directory)
       log.info("typescript server", { tsserver })
       if (!tsserver) return
-      const proc = spawn(await Npm.which("typescript-language-server"), ["--stdio"], {
+      const proc = spawn(BunProc.which(), ["x", "typescript-language-server", "--stdio"], {
         cwd: root,
         env: {
           ...process.env,
@@ -133,8 +133,29 @@ export namespace LSPServer {
       let binary = which("vue-language-server")
       const args: string[] = []
       if (!binary) {
-        if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
-        binary = await Npm.which("@vue/language-server")
+        const js = path.join(
+          Global.Path.bin,
+          "node_modules",
+          "@vue",
+          "language-server",
+          "bin",
+          "vue-language-server.js",
+        )
+        if (!(await Filesystem.exists(js))) {
+          if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
+          await Process.spawn([BunProc.which(), "install", "@vue/language-server"], {
+            cwd: Global.Path.bin,
+            env: {
+              ...process.env,
+              BUN_BE_BUN: "1",
+            },
+            stdout: "pipe",
+            stderr: "pipe",
+            stdin: "pipe",
+          }).exited
+        }
+        binary = BunProc.which()
+        args.push("run", js)
       }
       args.push("--stdio")
       const proc = spawn(binary, args, {
@@ -197,7 +218,7 @@ export namespace LSPServer {
         log.info("installed VS Code ESLint server", { serverPath })
       }
 
-      const proc = spawn(await Npm.which("tsx"), [serverPath, "--stdio"], {
+      const proc = spawn(BunProc.which(), [serverPath, "--stdio"], {
         cwd: root,
         env: {
           ...process.env,
@@ -328,8 +349,8 @@ export namespace LSPServer {
       if (!bin) {
         const resolved = Module.resolve("biome", root)
         if (!resolved) return
-        bin = await Npm.which("biome")
-        args = ["lsp-proxy", "--stdio"]
+        bin = BunProc.which()
+        args = ["x", "biome", "lsp-proxy", "--stdio"]
       }
 
       const proc = spawn(bin, args, {
@@ -355,7 +376,9 @@ export namespace LSPServer {
     },
     extensions: [".go"],
     async spawn(root) {
-      let bin = which("gopls")
+      let bin = which("gopls", {
+        PATH: process.env["PATH"] + path.delimiter + Global.Path.bin,
+      })
       if (!bin) {
         if (!which("go")) return
         if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
@@ -390,7 +413,9 @@ export namespace LSPServer {
     root: NearestRoot(["Gemfile"]),
     extensions: [".rb", ".rake", ".gemspec", ".ru"],
     async spawn(root) {
-      let bin = which("rubocop")
+      let bin = which("rubocop", {
+        PATH: process.env["PATH"] + path.delimiter + Global.Path.bin,
+      })
       if (!bin) {
         const ruby = which("ruby")
         const gem = which("gem")
@@ -495,8 +520,19 @@ export namespace LSPServer {
       let binary = which("pyright-langserver")
       const args = []
       if (!binary) {
-        if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
-        binary = await Npm.which("pyright")
+        const js = path.join(Global.Path.bin, "node_modules", "pyright", "dist", "pyright-langserver.js")
+        if (!(await Filesystem.exists(js))) {
+          if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
+          await Process.spawn([BunProc.which(), "install", "pyright"], {
+            cwd: Global.Path.bin,
+            env: {
+              ...process.env,
+              BUN_BE_BUN: "1",
+            },
+          }).exited
+        }
+        binary = BunProc.which()
+        args.push(...["run", js])
       }
       args.push("--stdio")
 
@@ -598,7 +634,9 @@ export namespace LSPServer {
     extensions: [".zig", ".zon"],
     root: NearestRoot(["build.zig"]),
     async spawn(root) {
-      let bin = which("zls")
+      let bin = which("zls", {
+        PATH: process.env["PATH"] + path.delimiter + Global.Path.bin,
+      })
 
       if (!bin) {
         const zig = which("zig")
@@ -708,7 +746,9 @@ export namespace LSPServer {
     root: NearestRoot([".slnx", ".sln", ".csproj", "global.json"]),
     extensions: [".cs"],
     async spawn(root) {
-      let bin = which("csharp-ls")
+      let bin = which("csharp-ls", {
+        PATH: process.env["PATH"] + path.delimiter + Global.Path.bin,
+      })
       if (!bin) {
         if (!which("dotnet")) {
           log.error(".NET SDK is required to install csharp-ls")
@@ -745,7 +785,9 @@ export namespace LSPServer {
     root: NearestRoot([".slnx", ".sln", ".fsproj", "global.json"]),
     extensions: [".fs", ".fsi", ".fsx", ".fsscript"],
     async spawn(root) {
-      let bin = which("fsautocomplete")
+      let bin = which("fsautocomplete", {
+        PATH: process.env["PATH"] + path.delimiter + Global.Path.bin,
+      })
       if (!bin) {
         if (!which("dotnet")) {
           log.error(".NET SDK is required to install fsautocomplete")
@@ -1011,8 +1053,22 @@ export namespace LSPServer {
       let binary = which("svelteserver")
       const args: string[] = []
       if (!binary) {
-        if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
-        binary = await Npm.which("svelte-language-server")
+        const js = path.join(Global.Path.bin, "node_modules", "svelte-language-server", "bin", "server.js")
+        if (!(await Filesystem.exists(js))) {
+          if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
+          await Process.spawn([BunProc.which(), "install", "svelte-language-server"], {
+            cwd: Global.Path.bin,
+            env: {
+              ...process.env,
+              BUN_BE_BUN: "1",
+            },
+            stdout: "pipe",
+            stderr: "pipe",
+            stdin: "pipe",
+          }).exited
+        }
+        binary = BunProc.which()
+        args.push("run", js)
       }
       args.push("--stdio")
       const proc = spawn(binary, args, {
@@ -1044,8 +1100,22 @@ export namespace LSPServer {
       let binary = which("astro-ls")
       const args: string[] = []
       if (!binary) {
-        if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
-        binary = await Npm.which("@astrojs/language-server")
+        const js = path.join(Global.Path.bin, "node_modules", "@astrojs", "language-server", "bin", "nodeServer.js")
+        if (!(await Filesystem.exists(js))) {
+          if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
+          await Process.spawn([BunProc.which(), "install", "@astrojs/language-server"], {
+            cwd: Global.Path.bin,
+            env: {
+              ...process.env,
+              BUN_BE_BUN: "1",
+            },
+            stdout: "pipe",
+            stderr: "pipe",
+            stdin: "pipe",
+          }).exited
+        }
+        binary = BunProc.which()
+        args.push("run", js)
       }
       args.push("--stdio")
       const proc = spawn(binary, args, {
@@ -1294,8 +1364,31 @@ export namespace LSPServer {
       let binary = which("yaml-language-server")
       const args: string[] = []
       if (!binary) {
-        if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
-        binary = await Npm.which("yaml-language-server")
+        const js = path.join(
+          Global.Path.bin,
+          "node_modules",
+          "yaml-language-server",
+          "out",
+          "server",
+          "src",
+          "server.js",
+        )
+        const exists = await Filesystem.exists(js)
+        if (!exists) {
+          if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
+          await Process.spawn([BunProc.which(), "install", "yaml-language-server"], {
+            cwd: Global.Path.bin,
+            env: {
+              ...process.env,
+              BUN_BE_BUN: "1",
+            },
+            stdout: "pipe",
+            stderr: "pipe",
+            stdin: "pipe",
+          }).exited
+        }
+        binary = BunProc.which()
+        args.push("run", js)
       }
       args.push("--stdio")
       const proc = spawn(binary, args, {
@@ -1324,7 +1417,9 @@ export namespace LSPServer {
     ]),
     extensions: [".lua"],
     async spawn(root) {
-      let bin = which("lua-language-server")
+      let bin = which("lua-language-server", {
+        PATH: process.env["PATH"] + path.delimiter + Global.Path.bin,
+      })
 
       if (!bin) {
         if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
@@ -1460,8 +1555,22 @@ export namespace LSPServer {
       let binary = which("intelephense")
       const args: string[] = []
       if (!binary) {
-        if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
-        binary = await Npm.which("intelephense")
+        const js = path.join(Global.Path.bin, "node_modules", "intelephense", "lib", "intelephense.js")
+        if (!(await Filesystem.exists(js))) {
+          if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
+          await Process.spawn([BunProc.which(), "install", "intelephense"], {
+            cwd: Global.Path.bin,
+            env: {
+              ...process.env,
+              BUN_BE_BUN: "1",
+            },
+            stdout: "pipe",
+            stderr: "pipe",
+            stdin: "pipe",
+          }).exited
+        }
+        binary = BunProc.which()
+        args.push("run", js)
       }
       args.push("--stdio")
       const proc = spawn(binary, args, {
@@ -1543,8 +1652,22 @@ export namespace LSPServer {
       let binary = which("bash-language-server")
       const args: string[] = []
       if (!binary) {
-        if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
-        binary = await Npm.which("bash-language-server")
+        const js = path.join(Global.Path.bin, "node_modules", "bash-language-server", "out", "cli.js")
+        if (!(await Filesystem.exists(js))) {
+          if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
+          await Process.spawn([BunProc.which(), "install", "bash-language-server"], {
+            cwd: Global.Path.bin,
+            env: {
+              ...process.env,
+              BUN_BE_BUN: "1",
+            },
+            stdout: "pipe",
+            stderr: "pipe",
+            stdin: "pipe",
+          }).exited
+        }
+        binary = BunProc.which()
+        args.push("run", js)
       }
       args.push("start")
       const proc = spawn(binary, args, {
@@ -1565,7 +1688,9 @@ export namespace LSPServer {
     extensions: [".tf", ".tfvars"],
     root: NearestRoot([".terraform.lock.hcl", "terraform.tfstate", "*.tf"]),
     async spawn(root) {
-      let bin = which("terraform-ls")
+      let bin = which("terraform-ls", {
+        PATH: process.env["PATH"] + path.delimiter + Global.Path.bin,
+      })
 
       if (!bin) {
         if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
@@ -1646,7 +1771,9 @@ export namespace LSPServer {
     extensions: [".tex", ".bib"],
     root: NearestRoot([".latexmkrc", "latexmkrc", ".texlabroot", "texlabroot"]),
     async spawn(root) {
-      let bin = which("texlab")
+      let bin = which("texlab", {
+        PATH: process.env["PATH"] + path.delimiter + Global.Path.bin,
+      })
 
       if (!bin) {
         if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
@@ -1737,8 +1864,22 @@ export namespace LSPServer {
       let binary = which("docker-langserver")
       const args: string[] = []
       if (!binary) {
-        if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
-        binary = await Npm.which("dockerfile-language-server-nodejs")
+        const js = path.join(Global.Path.bin, "node_modules", "dockerfile-language-server-nodejs", "lib", "server.js")
+        if (!(await Filesystem.exists(js))) {
+          if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return
+          await Process.spawn([BunProc.which(), "install", "dockerfile-language-server-nodejs"], {
+            cwd: Global.Path.bin,
+            env: {
+              ...process.env,
+              BUN_BE_BUN: "1",
+            },
+            stdout: "pipe",
+            stderr: "pipe",
+            stdin: "pipe",
+          }).exited
+        }
+        binary = BunProc.which()
+        args.push("run", js)
       }
       args.push("--stdio")
       const proc = spawn(binary, args, {
@@ -1829,7 +1970,9 @@ export namespace LSPServer {
     extensions: [".typ", ".typc"],
     root: NearestRoot(["typst.toml"]),
     async spawn(root) {
-      let bin = which("tinymist")
+      let bin = which("tinymist", {
+        PATH: process.env["PATH"] + path.delimiter + Global.Path.bin,
+      })
 
       if (!bin) {
         if (Flag.OPENCODE_DISABLE_LSP_DOWNLOAD) return

packages/opencode/src/mcp/index.ts

@@ -11,7 +11,6 @@ import {
 } from "@modelcontextprotocol/sdk/types.js"
 import { Config } from "../config/config"
 import { Log } from "../util/log"
-import { Process } from "../util/process"
 import { NamedError } from "@opencode-ai/util/error"
 import z from "zod/v4"
 import { Instance } from "../project/instance"
@@ -167,10 +166,14 @@ export namespace MCP {
     const queue = [pid]
     while (queue.length > 0) {
       const current = queue.shift()!
-      const lines = await Process.lines(["pgrep", "-P", String(current)], { nothrow: true })
-      for (const tok of lines) {
+      const proc = Bun.spawn(["pgrep", "-P", String(current)], { stdout: "pipe", stderr: "pipe" })
+      const [code, out] = await Promise.all([proc.exited, new Response(proc.stdout).text()]).catch(
+        () => [-1, ""] as const,
+      )
+      if (code !== 0) continue
+      for (const tok of out.trim().split(/\s+/)) {
         const cpid = parseInt(tok, 10)
-        if (!isNaN(cpid) && !pids.includes(cpid)) {
+        if (!isNaN(cpid) && pids.indexOf(cpid) === -1) {
           pids.push(cpid)
           queue.push(cpid)
         }

packages/opencode/src/mcp/oauth-callback.ts

@@ -1,5 +1,4 @@
 import { createConnection } from "net"
-import { createServer } from "http"
 import { Log } from "../util/log"
 import { OAUTH_CALLBACK_PORT, OAUTH_CALLBACK_PATH } from "./oauth-provider"
 
@@ -53,74 +52,11 @@ interface PendingAuth {
 }
 
 export namespace McpOAuthCallback {
-  let server: ReturnType<typeof createServer> | undefined
+  let server: ReturnType<typeof Bun.serve> | undefined
   const pendingAuths = new Map<string, PendingAuth>()
 
   const CALLBACK_TIMEOUT_MS = 5 * 60 * 1000 // 5 minutes
 
-  function handleRequest(req: import("http").IncomingMessage, res: import("http").ServerResponse) {
-    const url = new URL(req.url || "/", `http://localhost:${OAUTH_CALLBACK_PORT}`)
-
-    if (url.pathname !== OAUTH_CALLBACK_PATH) {
-      res.writeHead(404)
-      res.end("Not found")
-      return
-    }
-
-    const code = url.searchParams.get("code")
-    const state = url.searchParams.get("state")
-    const error = url.searchParams.get("error")
-    const errorDescription = url.searchParams.get("error_description")
-
-    log.info("received oauth callback", { hasCode: !!code, state, error })
-
-    // Enforce state parameter presence
-    if (!state) {
-      const errorMsg = "Missing required state parameter - potential CSRF attack"
-      log.error("oauth callback missing state parameter", { url: url.toString() })
-      res.writeHead(400, { "Content-Type": "text/html" })
-      res.end(HTML_ERROR(errorMsg))
-      return
-    }
-
-    if (error) {
-      const errorMsg = errorDescription || error
-      if (pendingAuths.has(state)) {
-        const pending = pendingAuths.get(state)!
-        clearTimeout(pending.timeout)
-        pendingAuths.delete(state)
-        pending.reject(new Error(errorMsg))
-      }
-      res.writeHead(200, { "Content-Type": "text/html" })
-      res.end(HTML_ERROR(errorMsg))
-      return
-    }
-
-    if (!code) {
-      res.writeHead(400, { "Content-Type": "text/html" })
-      res.end(HTML_ERROR("No authorization code provided"))
-      return
-    }
-
-    // Validate state parameter
-    if (!pendingAuths.has(state)) {
-      const errorMsg = "Invalid or expired state parameter - potential CSRF attack"
-      log.error("oauth callback with invalid state", { state, pendingStates: Array.from(pendingAuths.keys()) })
-      res.writeHead(400, { "Content-Type": "text/html" })
-      res.end(HTML_ERROR(errorMsg))
-      return
-    }
-
-    const pending = pendingAuths.get(state)!
-
-    clearTimeout(pending.timeout)
-    pendingAuths.delete(state)
-    pending.resolve(code)
-
-    res.writeHead(200, { "Content-Type": "text/html" })
-    res.end(HTML_SUCCESS)
-  }
-
   export async function ensureRunning(): Promise<void> {
     if (server) return
 
@@ -130,14 +66,75 @@ export namespace McpOAuthCallback {
       return
     }
 
-    server = createServer(handleRequest)
-    await new Promise<void>((resolve, reject) => {
-      server!.listen(OAUTH_CALLBACK_PORT, () => {
-        log.info("oauth callback server started", { port: OAUTH_CALLBACK_PORT })
-        resolve()
-      })
-      server!.on("error", reject)
+    server = Bun.serve({
+      port: OAUTH_CALLBACK_PORT,
+      fetch(req) {
+        const url = new URL(req.url)
+
+        if (url.pathname !== OAUTH_CALLBACK_PATH) {
+          return new Response("Not found", { status: 404 })
+        }
+
+        const code = url.searchParams.get("code")
+        const state = url.searchParams.get("state")
+        const error = url.searchParams.get("error")
+        const errorDescription = url.searchParams.get("error_description")
+
+        log.info("received oauth callback", { hasCode: !!code, state, error })
+
+        // Enforce state parameter presence
+        if (!state) {
+          const errorMsg = "Missing required state parameter - potential CSRF attack"
+          log.error("oauth callback missing state parameter", { url: url.toString() })
+          return new Response(HTML_ERROR(errorMsg), {
+            status: 400,
+            headers: { "Content-Type": "text/html" },
+          })
+        }
+
+        if (error) {
+          const errorMsg = errorDescription || error
+          if (pendingAuths.has(state)) {
+            const pending = pendingAuths.get(state)!
+            clearTimeout(pending.timeout)
+            pendingAuths.delete(state)
+            pending.reject(new Error(errorMsg))
+          }
+          return new Response(HTML_ERROR(errorMsg), {
+            headers: { "Content-Type": "text/html" },
+          })
+        }
+
+        if (!code) {
+          return new Response(HTML_ERROR("No authorization code provided"), {
+            status: 400,
+            headers: { "Content-Type": "text/html" },
+          })
+        }
+
+        // Validate state parameter
+        if (!pendingAuths.has(state)) {
+          const errorMsg = "Invalid or expired state parameter - potential CSRF attack"
+          log.error("oauth callback with invalid state", { state, pendingStates: Array.from(pendingAuths.keys()) })
+          return new Response(HTML_ERROR(errorMsg), {
+            status: 400,
+            headers: { "Content-Type": "text/html" },
+          })
+        }
+
+        const pending = pendingAuths.get(state)!
+
+        clearTimeout(pending.timeout)
+        pendingAuths.delete(state)
+        pending.resolve(code)
+
+        return new Response(HTML_SUCCESS, {
+          headers: { "Content-Type": "text/html" },
+        })
+      },
     })
+
+    log.info("oauth callback server started", { port: OAUTH_CALLBACK_PORT })
   }
 
   export function waitForCallback(oauthState: string): Promise<string> {
@@ -177,7 +174,7 @@ export namespace McpOAuthCallback {
 
   export async function stop(): Promise<void> {
     if (server) {
-      await new Promise<void>((resolve) => server!.close(() => resolve()))
+      server.stop()
       server = undefined
       log.info("oauth callback server stopped")
     }

packages/opencode/src/node.ts

@@ -1,8 +0,0 @@
-import { Server } from "./server/server"
-
-const result = await Server.listen({
-  port: 1338,
-  hostname: "0.0.0.0",
-})
-
-console.log(result)

packages/opencode/src/npm/index.ts

@@ -1,160 +0,0 @@
-// Workaround: Bun on Windows does not support the UV_FS_O_FILEMAP flag that
-// the `tar` package uses for files < 512KB (fs.open returns EINVAL).
-// tar silently swallows the error and skips writing files, leaving only empty
-// directories. Setting __FAKE_PLATFORM__ makes tar fall back to the plain 'w'
-// flag. See tar's get-write-flag.js.
-// Must be set before @npmcli/arborist is imported since tar caches the flag
-// at module evaluation time — so we use a dynamic import() below.
-if (process.platform === "win32") {
-  process.env.__FAKE_PLATFORM__ = "linux"
-}
-
-import semver from "semver"
-import z from "zod"
-import { NamedError } from "@opencode-ai/util/error"
-import { Global } from "../global"
-import { Lock } from "../util/lock"
-import { Log } from "../util/log"
-import path from "path"
-import { readdir } from "fs/promises"
-import { Filesystem } from "@/util/filesystem"
-
-const { Arborist } = await import("@npmcli/arborist")
-
-export namespace Npm {
-  const log = Log.create({ service: "npm" })
-
-  export const InstallFailedError = NamedError.create(
-    "NpmInstallFailedError",
-    z.object({
-      pkg: z.string(),
-    }),
-  )
-
-  function directory(pkg: string) {
-    return path.join(Global.Path.cache, "packages", pkg)
-  }
-
-  export async function outdated(pkg: string, cachedVersion: string): Promise<boolean> {
-    const response = await fetch(`https://registry.npmjs.org/${pkg}`)
-    if (!response.ok) {
-      log.warn("Failed to resolve latest version, using cached", { pkg, cachedVersion })
-      return false
-    }
-
-    const data = (await response.json()) as { "dist-tags"?: { latest?: string } }
-    const latestVersion = data?.["dist-tags"]?.latest
-    if (!latestVersion) {
-      log.warn("No latest version found, using cached", { pkg, cachedVersion })
-      return false
-    }
-
-    const isRange = /[\s^~*xX<>|=]/.test(cachedVersion)
-    if (isRange) return !semver.satisfies(latestVersion, cachedVersion)
-
-    return semver.lt(cachedVersion, latestVersion)
-  }
-
-  export async function add(pkg: string) {
-    using _ = await Lock.write("npm-install")
-    log.info("installing package", {
-      pkg,
-    })
-    const hash = pkg
-    const dir = directory(hash)
-
-    const arborist = new Arborist({
-      path: dir,
-      binLinks: true,
-      progress: false,
-      savePrefix: "",
-    })
-    const tree = await arborist.loadVirtual().catch(() => {})
-    if (tree) {
-      const first = tree.edgesOut.values().next().value?.to
-      if (first) {
-        log.info("package already installed", { pkg })
-        return first.path
-      }
-    }
-
-    const result = await arborist
-      .reify({
-        add: [pkg],
-        save: true,
-        saveType: "prod",
-      })
-      .catch((cause) => {
-        throw new InstallFailedError(
-          { pkg },
-          {
-            cause,
-          },
-        )
-      })
-
-    const first = result.edgesOut.values().next().value?.to
-    if (!first) throw new InstallFailedError({ pkg })
-    return first.path
-  }
-
-  export async function install(dir: string) {
-    log.info("checking dependencies", { dir })
-
-    const reify = async () => {
-      const arb = new Arborist({
-        path: dir,
-        binLinks: true,
-        progress: false,
-        savePrefix: "",
-      })
-      await arb.reify().catch(() => {})
-    }
-
-    if (!(await Filesystem.exists(path.join(dir, "node_modules")))) {
-      log.info("node_modules missing, reifying")
-      await reify()
-      return
-    }
-
-    const pkg = await Filesystem.readJson(path.join(dir, "package.json")).catch(() => ({}))
-    const lock = await Filesystem.readJson(path.join(dir, "package-lock.json")).catch(() => ({}))
-
-    const declared = new Set([
-      ...Object.keys(pkg.dependencies || {}),
-      ...Object.keys(pkg.devDependencies || {}),
-      ...Object.keys(pkg.peerDependencies || {}),
-      ...Object.keys(pkg.optionalDependencies || {}),
-    ])
-
-    const root = lock.packages?.[""] || {}
-    const locked = new Set([
-      ...Object.keys(root.dependencies || {}),
-      ...Object.keys(root.devDependencies || {}),
-      ...Object.keys(root.peerDependencies || {}),
-      ...Object.keys(root.optionalDependencies || {}),
-    ])
-
-    for (const name of declared) {
-      if (!locked.has(name)) {
-        log.info("dependency not in lock file, reifying", { name })
-        await reify()
-        return
-      }
-    }
-
-    log.info("dependencies in sync")
-  }
-
-  export async function which(pkg: string) {
-    const dir = path.join(directory(pkg), "node_modules", ".bin")
-    const files = await readdir(dir).catch(() => [])
-    if (!files.length) {
-      await add(pkg)
-      const retry = await readdir(dir).catch(() => [])
-      if (!retry.length) throw new Error(`No binary found for package "${pkg}" after install`)
-      return path.join(dir, retry[0])
-    }
-    return path.join(dir, files[0])
-  }
-}

packages/opencode/src/permission/index.ts

@@ -0,0 +1,210 @@
+import { BusEvent } from "@/bus/bus-event"
+import { Bus } from "@/bus"
+import { SessionID, MessageID } from "@/session/schema"
+import z from "zod"
+import { Log } from "../util/log"
+import { Plugin } from "../plugin"
+import { Instance } from "../project/instance"
+import { Wildcard } from "../util/wildcard"
+import { PermissionID } from "./schema"
+
+export namespace Permission {
+  const log = Log.create({ service: "permission" })
+
+  function toKeys(pattern: Info["pattern"], type: string): string[] {
+    return pattern === undefined ? [type] : Array.isArray(pattern) ? pattern : [pattern]
+  }
+
+  function covered(keys: string[], approved: Map<string, boolean>): boolean {
+    return keys.every((k) => {
+      for (const p of approved.keys()) {
+        if (Wildcard.match(k, p)) return true
+      }
+      return false
+    })
+  }
+
+  export const Info = z
+    .object({
+      id: PermissionID.zod,
+      type: z.string(),
+      pattern: z.union([z.string(), z.array(z.string())]).optional(),
+      sessionID: SessionID.zod,
+      messageID: MessageID.zod,
+      callID: z.string().optional(),
+      message: z.string(),
+      metadata: z.record(z.string(), z.any()),
+      time: z.object({
+        created: z.number(),
+      }),
+    })
+    .meta({
+      ref: "Permission",
+    })
+  export type Info = z.infer<typeof Info>
+
+  interface PendingEntry {
+    info: Info
+    resolve: () => void
+    reject: (e: any) => void
+  }
+
+  export const Event = {
+    Updated: BusEvent.define("permission.updated", Info),
+    Replied: BusEvent.define(
+      "permission.replied",
+      z.object({
+        sessionID: SessionID.zod,
+        permissionID: PermissionID.zod,
+        response: z.string(),
+      }),
+    ),
+  }
+
+  const state = Instance.state(
+    () => ({
+      pending: new Map<SessionID, Map<PermissionID, PendingEntry>>(),
+      approved: new Map<SessionID, Map<string, boolean>>(),
+    }),
+    async (state) => {
+      for (const session of state.pending.values()) {
+        for (const item of session.values()) {
+          item.reject(new RejectedError(item.info.sessionID, item.info.id, item.info.callID, item.info.metadata))
+        }
+      }
+    },
+  )
+
+  export function pending() {
+    return state().pending
+  }
+
+  export function list() {
+    const { pending } = state()
+    const result: Info[] = []
+    for (const session of pending.values()) {
+      for (const item of session.values()) {
+        result.push(item.info)
+      }
+    }
+    return result.sort((a, b) => a.id.localeCompare(b.id))
+  }
+
+  export async function ask(input: {
+    type: Info["type"]
+    message: Info["message"]
+    pattern?: Info["pattern"]
+    callID?: Info["callID"]
+    sessionID: Info["sessionID"]
+    messageID: Info["messageID"]
+    metadata: Info["metadata"]
+  }) {
+    const { pending, approved } = state()
+    log.info("asking", {
+      sessionID: input.sessionID,
+      messageID: input.messageID,
+      toolCallID: input.callID,
+      pattern: input.pattern,
+    })
+    const approvedForSession = approved.get(input.sessionID)
+    const keys = toKeys(input.pattern, input.type)
+    if (approvedForSession && covered(keys, approvedForSession)) return
+    const info: Info = {
+      id: PermissionID.ascending(),
+      type: input.type,
+      pattern: input.pattern,
+      sessionID: input.sessionID,
+      messageID: input.messageID,
+      callID: input.callID,
+      message: input.message,
+      metadata: input.metadata,
+      time: {
+        created: Date.now(),
+      },
+    }
+
+    switch (
+      await Plugin.trigger("permission.ask", info, {
+        status: "ask",
+      }).then((x) => x.status)
+    ) {
+      case "deny":
+        throw new RejectedError(info.sessionID, info.id, info.callID, info.metadata)
+      case "allow":
+        return
+    }
+
+    if (!pending.has(input.sessionID)) pending.set(input.sessionID, new Map())
+    return new Promise<void>((resolve, reject) => {
+      pending.get(input.sessionID)!.set(info.id, {
+        info,
+        resolve,
+        reject,
+      })
+      Bus.publish(Event.Updated, info)
+    })
+  }
+
+  export const Response = z.enum(["once", "always", "reject"])
+  export type Response = z.infer<typeof Response>
+
+  export function respond(input: { sessionID: Info["sessionID"]; permissionID: Info["id"]; response: Response }) {
+    log.info("response", input)
+    const { pending, approved } = state()
+    const session = pending.get(input.sessionID)
+    const match = session?.get(input.permissionID)
+    if (!session || !match) return
+    session.delete(input.permissionID)
+    if (session.size === 0) pending.delete(input.sessionID)
+    Bus.publish(Event.Replied, {
+      sessionID: input.sessionID,
+      permissionID: input.permissionID,
+      response: input.response,
+    })
+    if (input.response === "reject") {
+      match.reject(new RejectedError(input.sessionID, input.permissionID, match.info.callID, match.info.metadata))
+      return
+    }
+    match.resolve()
+    if (input.response === "always") {
+      if (!approved.has(input.sessionID)) approved.set(input.sessionID, new Map())
+      const approvedSession = approved.get(input.sessionID)!
+      const approveKeys = toKeys(match.info.pattern, match.info.type)
+      for (const k of approveKeys) {
+        approvedSession.set(k, true)
+      }
+      const items = pending.get(input.sessionID)
+      if (!items) return
+      const toRespond: Info[] = []
+      for (const item of items.values()) {
+        const itemKeys = toKeys(item.info.pattern, item.info.type)
+        if (covered(itemKeys, approvedSession)) {
+          toRespond.push(item.info)
+        }
+      }
+      for (const item of toRespond) {
+        respond({
+          sessionID: item.sessionID,
+          permissionID: item.id,
+          response: input.response,
+        })
+      }
+    }
+  }
+
+  export class RejectedError extends Error {
+    constructor(
+      public readonly sessionID: SessionID,
+      public readonly permissionID: PermissionID,
+      public readonly toolCallID?: string,
+      public readonly metadata?: Record<string, any>,
+      public readonly reason?: string,
+    ) {
+      super(
+        reason !== undefined
+          ? reason
+          : `The user rejected permission to use this specific tool call. You may try again with different parameters.`,
+      )
+    }
+  }
+}

packages/opencode/src/permission/next.ts

@@ -1,20 +1,21 @@
-import { runtime } from "@/effect/runtime"
+import { Bus } from "@/bus"
+import { BusEvent } from "@/bus/bus-event"
 import { Config } from "@/config/config"
+import { SessionID, MessageID } from "@/session/schema"
+import { PermissionID } from "./schema"
+import { Instance } from "@/project/instance"
+import { Database, eq } from "@/storage/db"
+import { PermissionTable } from "@/session/session.sql"
 import { fn } from "@/util/fn"
+import { Log } from "@/util/log"
+import { ProjectID } from "@/project/schema"
 import { Wildcard } from "@/util/wildcard"
-import { Effect } from "effect"
 import os from "os"
-import * as S from "./service"
-import type {
-  Action as ActionType,
-  PermissionError,
-  Reply as ReplyType,
-  Request as RequestType,
-  Rule as RuleType,
-  Ruleset as RulesetType,
-} from "./service"
+import z from "zod"
 
 export namespace PermissionNext {
+  const log = Log.create({ service: "permission" })
+
   function expand(pattern: string): string {
     if (pattern.startsWith("~/")) return os.homedir() + pattern.slice(1)
     if (pattern === "~") return os.homedir()
@@ -23,26 +24,26 @@ export namespace PermissionNext {
     return pattern
   }
 
-  function runPromise<A>(f: (service: S.PermissionService.Api) => Effect.Effect<A, PermissionError>) {
-    return runtime.runPromise(S.PermissionService.use(f))
-  }
+  export const Action = z.enum(["allow", "deny", "ask"]).meta({
+    ref: "PermissionAction",
+  })
+  export type Action = z.infer<typeof Action>
 
-  export const Action = S.Action
-  export type Action = ActionType
-  export const Rule = S.Rule
-  export type Rule = RuleType
-  export const Ruleset = S.Ruleset
-  export type Ruleset = RulesetType
-  export const Request = S.Request
-  export type Request = RequestType
-  export const Reply = S.Reply
-  export type Reply = ReplyType
-  export const Approval = S.Approval
-  export const Event = S.Event
-  export const Service = S.PermissionService
-  export const RejectedError = S.RejectedError
-  export const CorrectedError = S.CorrectedError
-  export const DeniedError = S.DeniedError
+  export const Rule = z
+    .object({
+      permission: z.string(),
+      pattern: z.string(),
+      action: Action,
+    })
+    .meta({
+      ref: "PermissionRule",
+    })
+  export type Rule = z.infer<typeof Rule>
+
+  export const Ruleset = Rule.array().meta({
+    ref: "PermissionRuleset",
+  })
+  export type Ruleset = z.infer<typeof Ruleset>
 
   export function fromConfig(permission: Config.Permission) {
     const ruleset: Ruleset = []
@@ -66,16 +67,178 @@ export namespace PermissionNext {
     return rulesets.flat()
   }
 
-  export const ask = fn(S.AskInput, async (input) => runPromise((service) => service.ask(input)))
+  export const Request = z
+    .object({
+      id: PermissionID.zod,
+      sessionID: SessionID.zod,
+      permission: z.string(),
+      patterns: z.string().array(),
+      metadata: z.record(z.string(), z.any()),
+      always: z.string().array(),
+      tool: z
+        .object({
+          messageID: MessageID.zod,
+          callID: z.string(),
+        })
+        .optional(),
+    })
+    .meta({
+      ref: "PermissionRequest",
+    })
 
-  export const reply = fn(S.ReplyInput, async (input) => runPromise((service) => service.reply(input)))
+  export type Request = z.infer<typeof Request>
 
-  export async function list() {
-    return runPromise((service) => service.list())
+  export const Reply = z.enum(["once", "always", "reject"])
+  export type Reply = z.infer<typeof Reply>
+
+  export const Approval = z.object({
+    projectID: ProjectID.zod,
+    patterns: z.string().array(),
+  })
+
+  export const Event = {
+    Asked: BusEvent.define("permission.asked", Request),
+    Replied: BusEvent.define(
+      "permission.replied",
+      z.object({
+        sessionID: SessionID.zod,
+        requestID: PermissionID.zod,
+        reply: Reply,
+      }),
+    ),
   }
 
+  interface PendingEntry {
+    info: Request
+    resolve: () => void
+    reject: (e: any) => void
+  }
+
+  const state = Instance.state(() => {
+    const projectID = Instance.project.id
+    const row = Database.use((db) =>
+      db.select().from(PermissionTable).where(eq(PermissionTable.project_id, projectID)).get(),
+    )
+    const stored = row?.data ?? ([] as Ruleset)
+
+    return {
+      pending: new Map<PermissionID, PendingEntry>(),
+      approved: stored,
+    }
+  })
+
+  export const ask = fn(
+    Request.partial({ id: true }).extend({
+      ruleset: Ruleset,
+    }),
+    async (input) => {
+      const s = await state()
+      const { ruleset, ...request } = input
+      for (const pattern of request.patterns ?? []) {
+        const rule = evaluate(request.permission, pattern, ruleset, s.approved)
+        log.info("evaluated", { permission: request.permission, pattern, action: rule })
+        if (rule.action === "deny")
+          throw new DeniedError(ruleset.filter((r) => Wildcard.match(request.permission, r.permission)))
+        if (rule.action === "ask") {
+          const id = input.id ?? PermissionID.ascending()
+          return new Promise<void>((resolve, reject) => {
+            const info: Request = {
+              id,
+              ...request,
+            }
+            s.pending.set(id, {
+              info,
+              resolve,
+              reject,
+            })
+            Bus.publish(Event.Asked, info)
+          })
+        }
+        if (rule.action === "allow") continue
+      }
+    },
+  )
+
+  export const reply = fn(
+    z.object({
+      requestID: PermissionID.zod,
+      reply: Reply,
+      message: z.string().optional(),
+    }),
+    async (input) => {
+      const s = await state()
+      const existing = s.pending.get(input.requestID)
+      if (!existing) return
+      s.pending.delete(input.requestID)
+      Bus.publish(Event.Replied, {
+        sessionID: existing.info.sessionID,
+        requestID: existing.info.id,
+        reply: input.reply,
+      })
+      if (input.reply === "reject") {
+        existing.reject(input.message ? new CorrectedError(input.message) : new RejectedError())
+        // Reject all other pending permissions for this session
+        const sessionID = existing.info.sessionID
+        for (const [id, pending] of s.pending) {
+          if (pending.info.sessionID === sessionID) {
+            s.pending.delete(id)
+            Bus.publish(Event.Replied, {
+              sessionID: pending.info.sessionID,
+              requestID: pending.info.id,
+              reply: "reject",
+            })
+            pending.reject(new RejectedError())
+          }
+        }
+        return
+      }
+      if (input.reply === "once") {
+        existing.resolve()
+        return
+      }
+      if (input.reply === "always") {
+        for (const pattern of existing.info.always) {
+          s.approved.push({
+            permission: existing.info.permission,
+            pattern,
+            action: "allow",
+          })
+        }
+
+        existing.resolve()
+
+        const sessionID = existing.info.sessionID
+        for (const [id, pending] of s.pending) {
+          if (pending.info.sessionID !== sessionID) continue
+          const ok = pending.info.patterns.every(
+            (pattern) => evaluate(pending.info.permission, pattern, s.approved).action === "allow",
+          )
+          if (!ok) continue
+          s.pending.delete(id)
+          Bus.publish(Event.Replied, {
+            sessionID: pending.info.sessionID,
+            requestID: pending.info.id,
+            reply: "always",
+          })
+          pending.resolve()
+        }
+
+        // TODO: we don't save the permission ruleset to disk yet until there's
+        // UI to manage it
+        // db().insert(PermissionTable).values({ projectID: Instance.project.id, data: s.approved })
+        //   .onConflictDoUpdate({ target: PermissionTable.projectID, set: { data: s.approved } }).run()
+        return
+      }
+    },
+  )
+
   export function evaluate(permission: string, pattern: string, ...rulesets: Ruleset[]): Rule {
-    return S.evaluate(permission, pattern, ...rulesets)
+    const merged = merge(...rulesets)
+    log.info("evaluate", { permission, pattern, ruleset: merged })
+    const match = merged.findLast(
+      (rule) => Wildcard.match(permission, rule.permission) && Wildcard.match(pattern, rule.pattern),
+    )
+    return match ?? { action: "ask", permission, pattern: "*" }
   }
 
   const EDIT_TOOLS = ["edit", "write", "patch", "multiedit"]
@@ -84,10 +247,39 @@ export namespace PermissionNext {
     const result = new Set<string>()
     for (const tool of tools) {
       const permission = EDIT_TOOLS.includes(tool) ? "edit" : tool
-      const rule = ruleset.findLast((rule) => Wildcard.match(permission, rule.permission))
+
+      const rule = ruleset.findLast((r) => Wildcard.match(permission, r.permission))
       if (!rule) continue
       if (rule.pattern === "*" && rule.action === "deny") result.add(tool)
     }
     return result
   }
+
+  /** User rejected without message - halts execution */
+  export class RejectedError extends Error {
+    constructor() {
+      super(`The user rejected permission to use this specific tool call.`)
+    }
+  }
+
+  /** User rejected with message - continues with guidance */
+  export class CorrectedError extends Error {
+    constructor(message: string) {
+      super(`The user rejected permission to use this specific tool call with the following feedback: ${message}`)
+    }
+  }
+
+  /** Auto-rejected by config rule - halts execution */
+  export class DeniedError extends Error {
+    constructor(public readonly ruleset: Ruleset) {
+      super(
+        `The user has specified a rule which prevents you from using this specific tool call. Here are some of the relevant rules ${JSON.stringify(ruleset)}`,
+      )
+    }
+  }
+
+  export async function list() {
+    const s = await state()
+    return Array.from(s.pending.values(), (x) => x.info)
+  }
 }

packages/opencode/src/permission/schema.ts

@@ -2,16 +2,16 @@ import { Schema } from "effect"
 import z from "zod"
 
 import { Identifier } from "@/id/id"
-import { Newtype } from "@/util/schema"
+import { withStatics } from "@/util/schema"
 
-export class PermissionID extends Newtype<PermissionID>()("PermissionID", Schema.String) {
-  static make(id: string): PermissionID {
-    return this.makeUnsafe(id)
-  }
+const permissionIdSchema = Schema.String.pipe(Schema.brand("PermissionID"))
 
-  static ascending(id?: string): PermissionID {
-    return this.makeUnsafe(Identifier.ascending("permission", id))
-  }
+export type PermissionID = typeof permissionIdSchema.Type
 
-  static readonly zod = Identifier.schema("permission") as unknown as z.ZodType<PermissionID>
-}
+export const PermissionID = permissionIdSchema.pipe(
+  withStatics((schema: typeof permissionIdSchema) => ({
+    make: (id: string) => schema.makeUnsafe(id),
+    ascending: (id?: string) => schema.makeUnsafe(Identifier.ascending("permission", id)),
+    zod: Identifier.schema("permission").pipe(z.custom<PermissionID>()),
+  })),
+)

packages/opencode/src/permission/service.ts

@@ -1,265 +0,0 @@
-import { Bus } from "@/bus"
-import { BusEvent } from "@/bus/bus-event"
-import { Instance } from "@/project/instance"
-import { ProjectID } from "@/project/schema"
-import { MessageID, SessionID } from "@/session/schema"
-import { PermissionTable } from "@/session/session.sql"
-import { Database, eq } from "@/storage/db"
-import { InstanceState } from "@/util/instance-state"
-import { Log } from "@/util/log"
-import { Wildcard } from "@/util/wildcard"
-import { Deferred, Effect, Layer, Schema, ServiceMap } from "effect"
-import z from "zod"
-import { PermissionID } from "./schema"
-
-const log = Log.create({ service: "permission" })
-
-export const Action = z.enum(["allow", "deny", "ask"]).meta({
-  ref: "PermissionAction",
-})
-export type Action = z.infer<typeof Action>
-
-export const Rule = z
-  .object({
-    permission: z.string(),
-    pattern: z.string(),
-    action: Action,
-  })
-  .meta({
-    ref: "PermissionRule",
-  })
-export type Rule = z.infer<typeof Rule>
-
-export const Ruleset = Rule.array().meta({
-  ref: "PermissionRuleset",
-})
-export type Ruleset = z.infer<typeof Ruleset>
-
-export const Request = z
-  .object({
-    id: PermissionID.zod,
-    sessionID: SessionID.zod,
-    permission: z.string(),
-    patterns: z.string().array(),
-    metadata: z.record(z.string(), z.any()),
-    always: z.string().array(),
-    tool: z
-      .object({
-        messageID: MessageID.zod,
-        callID: z.string(),
-      })
-      .optional(),
-  })
-  .meta({
-    ref: "PermissionRequest",
-  })
-export type Request = z.infer<typeof Request>
-
-export const Reply = z.enum(["once", "always", "reject"])
-export type Reply = z.infer<typeof Reply>
-
-export const Approval = z.object({
-  projectID: ProjectID.zod,
-  patterns: z.string().array(),
-})
-
-export const Event = {
-  Asked: BusEvent.define("permission.asked", Request),
-  Replied: BusEvent.define(
-    "permission.replied",
-    z.object({
-      sessionID: SessionID.zod,
-      requestID: PermissionID.zod,
-      reply: Reply,
-    }),
-  ),
-}
-
-export class RejectedError extends Schema.TaggedErrorClass<RejectedError>()("PermissionRejectedError", {}) {
-  override get message() {
-    return "The user rejected permission to use this specific tool call."
-  }
-}
-
-export class CorrectedError extends Schema.TaggedErrorClass<CorrectedError>()("PermissionCorrectedError", {
-  feedback: Schema.String,
-}) {
-  override get message() {
-    return `The user rejected permission to use this specific tool call with the following feedback: ${this.feedback}`
-  }
-}
-
-export class DeniedError extends Schema.TaggedErrorClass<DeniedError>()("PermissionDeniedError", {
-  ruleset: Schema.Any,
-}) {
-  override get message() {
-    return `The user has specified a rule which prevents you from using this specific tool call. Here are some of the relevant rules ${JSON.stringify(this.ruleset)}`
-  }
-}
-
-export type PermissionError = DeniedError | RejectedError | CorrectedError
-
-interface PendingEntry {
-  info: Request
-  deferred: Deferred.Deferred<void, RejectedError | CorrectedError>
-}
-
-type State = {
-  pending: Map<PermissionID, PendingEntry>
-  approved: Ruleset
-}
-
-export const AskInput = Request.partial({ id: true }).extend({
-  ruleset: Ruleset,
-})
-
-export const ReplyInput = z.object({
-  requestID: PermissionID.zod,
-  reply: Reply,
-  message: z.string().optional(),
-})
-
-export declare namespace PermissionService {
-  export interface Api {
-    readonly ask: (input: z.infer<typeof AskInput>) => Effect.Effect<void, PermissionError>
-    readonly reply: (input: z.infer<typeof ReplyInput>) => Effect.Effect<void>
-    readonly list: () => Effect.Effect<Request[]>
-  }
-}
-
-export class PermissionService extends ServiceMap.Service<PermissionService, PermissionService.Api>()(
-  "@opencode/PermissionNext",
-) {
-  static readonly layer = Layer.effect(
-    PermissionService,
-    Effect.gen(function* () {
-      const instanceState = yield* InstanceState.make<State>(() =>
-        Effect.sync(() => {
-          const row = Database.use((db) =>
-            db.select().from(PermissionTable).where(eq(PermissionTable.project_id, Instance.project.id)).get(),
-          )
-          return {
-            pending: new Map<PermissionID, PendingEntry>(),
-            approved: row?.data ?? [],
-          }
-        }),
-      )
-
-      const ask = Effect.fn("PermissionService.ask")(function* (input: z.infer<typeof AskInput>) {
-        const state = yield* InstanceState.get(instanceState)
-        const { ruleset, ...request } = input
-        let pending = false
-
-        for (const pattern of request.patterns) {
-          const rule = evaluate(request.permission, pattern, ruleset, state.approved)
-          log.info("evaluated", { permission: request.permission, pattern, action: rule })
-          if (rule.action === "deny") {
-            return yield* new DeniedError({
-              ruleset: ruleset.filter((rule) => Wildcard.match(request.permission, rule.permission)),
-            })
-          }
-          if (rule.action === "allow") continue
-          pending = true
-        }
-
-        if (!pending) return
-
-        const id = request.id ?? PermissionID.ascending()
-        const info: Request = {
-          id,
-          ...request,
-        }
-        log.info("asking", { id, permission: info.permission, patterns: info.patterns })
-
-        const deferred = yield* Deferred.make<void, RejectedError | CorrectedError>()
-        state.pending.set(id, { info, deferred })
-        void Bus.publish(Event.Asked, info)
-        return yield* Effect.ensuring(
-          Deferred.await(deferred),
-          Effect.sync(() => {
-            state.pending.delete(id)
-          }),
-        )
-      })
-
-      const reply = Effect.fn("PermissionService.reply")(function* (input: z.infer<typeof ReplyInput>) {
-        const state = yield* InstanceState.get(instanceState)
-        const existing = state.pending.get(input.requestID)
-        if (!existing) return
-
-        state.pending.delete(input.requestID)
-        void Bus.publish(Event.Replied, {
-          sessionID: existing.info.sessionID,
-          requestID: existing.info.id,
-          reply: input.reply,
-        })
-
-        if (input.reply === "reject") {
-          yield* Deferred.fail(
-            existing.deferred,
-            input.message ? new CorrectedError({ feedback: input.message }) : new RejectedError(),
-          )
-
-          for (const [id, item] of state.pending.entries()) {
-            if (item.info.sessionID !== existing.info.sessionID) continue
-            state.pending.delete(id)
-            void Bus.publish(Event.Replied, {
-              sessionID: item.info.sessionID,
-              requestID: item.info.id,
-              reply: "reject",
-            })
-            yield* Deferred.fail(item.deferred, new RejectedError())
-          }
-          return
-        }
-
-        yield* Deferred.succeed(existing.deferred, undefined)
-        if (input.reply === "once") return
-
-        for (const pattern of existing.info.always) {
-          state.approved.push({
-            permission: existing.info.permission,
-            pattern,
-            action: "allow",
-          })
-        }
-
-        for (const [id, item] of state.pending.entries()) {
-          if (item.info.sessionID !== existing.info.sessionID) continue
-          const ok = item.info.patterns.every(
-            (pattern) => evaluate(item.info.permission, pattern, state.approved).action === "allow",
-          )
-          if (!ok) continue
-          state.pending.delete(id)
-          void Bus.publish(Event.Replied, {
-            sessionID: item.info.sessionID,
-            requestID: item.info.id,
-            reply: "always",
-          })
-          yield* Deferred.succeed(item.deferred, undefined)
-        }
-
-        // TODO: we don't save the permission ruleset to disk yet until there's
-        // UI to manage it
-        // db().insert(PermissionTable).values({ projectID: Instance.project.id, data: s.approved })
-        //   .onConflictDoUpdate({ target: PermissionTable.projectID, set: { data: s.approved } }).run()
-      })
-
-      const list = Effect.fn("PermissionService.list")(function* () {
-        const state = yield* InstanceState.get(instanceState)
-        return Array.from(state.pending.values(), (item) => item.info)
-      })
-
-      return PermissionService.of({ ask, reply, list })
-    }),
-  )
-}
-
-export function evaluate(permission: string, pattern: string, ...rulesets: Ruleset[]): Rule {
-  const merged = rulesets.flat()
-  log.info("evaluate", { permission, pattern, ruleset: merged })
-  const match = merged.findLast(
-    (rule) => Wildcard.match(permission, rule.permission) && Wildcard.match(pattern, rule.pattern),
-  )
-  return match ?? { action: "ask", permission, pattern: "*" }
-}

packages/opencode/src/plugin/codex.ts

@@ -6,7 +6,6 @@ import os from "os"
 import { ProviderTransform } from "@/provider/transform"
 import { ModelID, ProviderID } from "@/provider/schema"
 import { setTimeout as sleep } from "node:timers/promises"
-import { createServer } from "http"
 
 const log = Log.create({ service: "plugin.codex" })
 
@@ -242,7 +241,7 @@ interface PendingOAuth {
   reject: (error: Error) => void
 }
 
-let oauthServer: ReturnType<typeof createServer> | undefined
+let oauthServer: ReturnType<typeof Bun.serve> | undefined
 let pendingOAuth: PendingOAuth | undefined
 
 async function startOAuthServer(): Promise<{ port: number; redirectUri: string }> {
@@ -250,83 +249,77 @@ async function startOAuthServer(): Promise<{ port: number; redirectUri: string }
     return { port: OAUTH_PORT, redirectUri: `http://localhost:${OAUTH_PORT}/auth/callback` }
   }
 
-  oauthServer = createServer((req, res) => {
-    const url = new URL(req.url || "/", `http://localhost:${OAUTH_PORT}`)
+  oauthServer = Bun.serve({
+    port: OAUTH_PORT,
+    fetch(req) {
+      const url = new URL(req.url)
 
-    if (url.pathname === "/auth/callback") {
-      const code = url.searchParams.get("code")
-      const state = url.searchParams.get("state")
-      const error = url.searchParams.get("error")
-      const errorDescription = url.searchParams.get("error_description")
+      if (url.pathname === "/auth/callback") {
+        const code = url.searchParams.get("code")
+        const state = url.searchParams.get("state")
+        const error = url.searchParams.get("error")
+        const errorDescription = url.searchParams.get("error_description")
 
-      if (error) {
-        const errorMsg = errorDescription || error
-        pendingOAuth?.reject(new Error(errorMsg))
+        if (error) {
+          const errorMsg = errorDescription || error
+          pendingOAuth?.reject(new Error(errorMsg))
+          pendingOAuth = undefined
+          return new Response(HTML_ERROR(errorMsg), {
+            headers: { "Content-Type": "text/html" },
+          })
+        }
+
+        if (!code) {
+          const errorMsg = "Missing authorization code"
+          pendingOAuth?.reject(new Error(errorMsg))
+          pendingOAuth = undefined
+          return new Response(HTML_ERROR(errorMsg), {
+            status: 400,
+            headers: { "Content-Type": "text/html" },
+          })
+        }
+
+        if (!pendingOAuth || state !== pendingOAuth.state) {
+          const errorMsg = "Invalid state - potential CSRF attack"
+          pendingOAuth?.reject(new Error(errorMsg))
+          pendingOAuth = undefined
+          return new Response(HTML_ERROR(errorMsg), {
+            status: 400,
+            headers: { "Content-Type": "text/html" },
+          })
+        }
+
+        const current = pendingOAuth
         pendingOAuth = undefined
-        res.writeHead(200, { "Content-Type": "text/html" })
-        res.end(HTML_ERROR(errorMsg))
-        return
+
+        exchangeCodeForTokens(code, `http://localhost:${OAUTH_PORT}/auth/callback`, current.pkce)
+          .then((tokens) => current.resolve(tokens))
+          .catch((err) => current.reject(err))
+
+        return new Response(HTML_SUCCESS, {
+          headers: { "Content-Type": "text/html" },
+        })
       }
 
-      if (!code) {
-        const errorMsg = "Missing authorization code"
-        pendingOAuth?.reject(new Error(errorMsg))
+      if (url.pathname === "/cancel") {
+        pendingOAuth?.reject(new Error("Login cancelled"))
         pendingOAuth = undefined
-        res.writeHead(400, { "Content-Type": "text/html" })
-        res.end(HTML_ERROR(errorMsg))
-        return
+        return new Response("Login cancelled", { status: 200 })
       }
 
-      if (!pendingOAuth || state !== pendingOAuth.state) {
-        const errorMsg = "Invalid state - potential CSRF attack"
-        pendingOAuth?.reject(new Error(errorMsg))
-        pendingOAuth = undefined
-        res.writeHead(400, { "Content-Type": "text/html" })
-        res.end(HTML_ERROR(errorMsg))
-        return
-      }
-
-      const current = pendingOAuth
-      pendingOAuth = undefined
-
-      exchangeCodeForTokens(code, `http://localhost:${OAUTH_PORT}/auth/callback`, current.pkce)
-        .then((tokens) => current.resolve(tokens))
-        .catch((err) => current.reject(err))
-
-      res.writeHead(200, { "Content-Type": "text/html" })
-      res.end(HTML_SUCCESS)
-      return
-    }
-
-    if (url.pathname === "/cancel") {
-      pendingOAuth?.reject(new Error("Login cancelled"))
-      pendingOAuth = undefined
-      res.writeHead(200)
-      res.end("Login cancelled")
-      return
-    }
-
-    res.writeHead(404)
-    res.end("Not found")
-  })
-
-  await new Promise<void>((resolve, reject) => {
-    oauthServer!.listen(OAUTH_PORT, () => {
-      log.info("codex oauth server started", { port: OAUTH_PORT })
-      resolve()
-    })
-    oauthServer!.on("error", reject)
+      return new Response("Not found", { status: 404 })
+    },
   })
 
+  log.info("codex oauth server started", { port: OAUTH_PORT })
   return { port: OAUTH_PORT, redirectUri: `http://localhost:${OAUTH_PORT}/auth/callback` }
 }
 
 function stopOAuthServer() {
   if (oauthServer) {
-    oauthServer.close(() => {
-      log.info("codex oauth server stopped")
-    })
+    oauthServer.stop()
     oauthServer = undefined
+    log.info("codex oauth server stopped")
   }
 }
 

packages/opencode/src/plugin/index.ts

@@ -4,7 +4,7 @@ import { Bus } from "../bus"
 import { Log } from "../util/log"
 import { createOpencodeClient } from "@opencode-ai/sdk"
 import { Server } from "../server/server"
-import { Npm } from "../npm"
+import { BunProc } from "../bun"
 import { Instance } from "../project/instance"
 import { Flag } from "../flag/flag"
 import { CodexAuthPlugin } from "./codex"
@@ -32,9 +32,7 @@ export namespace Plugin {
         : undefined,
       fetch: async (...args) => Server.Default().fetch(...args),
     })
-    log.info("loading config")
     const config = await Config.get()
-    log.info("config loaded")
     const hooks: Hooks[] = []
     const input: PluginInput = {
       client,
@@ -44,8 +42,7 @@ export namespace Plugin {
       get serverUrl(): URL {
         return Server.url ?? new URL("http://localhost:4096")
       },
-      // @ts-expect-error
-      $: typeof Bun === "undefined" ? undefined : Bun.$,
+      $: Bun.$,
     }
 
     for (const plugin of INTERNAL_PLUGINS) {
@@ -67,13 +64,16 @@ export namespace Plugin {
       if (plugin.includes("opencode-openai-codex-auth") || plugin.includes("opencode-copilot-auth")) continue
       log.info("loading plugin", { path: plugin })
       if (!plugin.startsWith("file://")) {
-        plugin = await Npm.add(plugin).catch((err) => {
+        const lastAtIndex = plugin.lastIndexOf("@")
+        const pkg = lastAtIndex > 0 ? plugin.substring(0, lastAtIndex) : plugin
+        const version = lastAtIndex > 0 ? plugin.substring(lastAtIndex + 1) : "latest"
+        plugin = await BunProc.install(pkg, version).catch((err) => {
           const cause = err instanceof Error ? err.cause : err
           const detail = cause instanceof Error ? cause.message : String(cause ?? err)
-          log.error("failed to install plugin", { plugin, error: detail })
+          log.error("failed to install plugin", { pkg, version, error: detail })
           Bus.publish(Session.Event.Error, {
             error: new NamedError.Unknown({
-              message: `Failed to install plugin ${plugin}: ${detail}`,
+              message: `Failed to install plugin ${pkg}@${version}: ${detail}`,
             }).toObject(),
           })
           return ""

packages/opencode/src/provider/provider.ts

@@ -5,7 +5,7 @@ import { Config } from "../config/config"
 import { mapValues, mergeDeep, omit, pickBy, sortBy } from "remeda"
 import { NoSuchModelError, type Provider as SDK } from "ai"
 import { Log } from "../util/log"
-import { Npm } from "../npm"
+import { BunProc } from "../bun"
 import { Hash } from "../util/hash"
 import { Plugin } from "../plugin"
 import { NamedError } from "@opencode-ai/util/error"
@@ -1244,7 +1244,7 @@ export namespace Provider {
 
       let installedPath: string
       if (!model.api.npm.startsWith("file://")) {
-        installedPath = await Npm.add(model.api.npm)
+        installedPath = await BunProc.install(model.api.npm, "latest")
       } else {
         log.info("loading local provider", { pkg: model.api.npm })
         installedPath = model.api.npm

packages/opencode/src/pty/index.ts

@@ -23,8 +23,6 @@ export namespace Pty {
     close: (code?: number, reason?: string) => void
   }
 
-  const key = (ws: Socket) => (ws.data && typeof ws.data === "object" ? ws.data : ws)
-
   // WebSocket control frame: 0x00 + UTF-8 JSON.
   const meta = (cursor: number) => {
     const json = JSON.stringify({ cursor })
@@ -99,9 +97,9 @@ export namespace Pty {
         try {
           session.process.kill()
         } catch {}
-        for (const [id, ws] of session.subscribers.entries()) {
+        for (const [key, ws] of session.subscribers.entries()) {
           try {
-            if (key(ws) === id) ws.close()
+            if (ws.data === key) ws.close()
           } catch {
             // ignore
           }
@@ -172,21 +170,21 @@ export namespace Pty {
     ptyProcess.onData((chunk) => {
       session.cursor += chunk.length
 
-      for (const [id, ws] of session.subscribers.entries()) {
+      for (const [key, ws] of session.subscribers.entries()) {
         if (ws.readyState !== 1) {
-          session.subscribers.delete(id)
+          session.subscribers.delete(key)
           continue
         }
 
-        if (key(ws) !== id) {
-          session.subscribers.delete(id)
+        if (ws.data !== key) {
+          session.subscribers.delete(key)
           continue
         }
 
         try {
           ws.send(chunk)
         } catch {
-          session.subscribers.delete(id)
+          session.subscribers.delete(key)
         }
       }
 
@@ -228,9 +226,9 @@ export namespace Pty {
     try {
       session.process.kill()
     } catch {}
-    for (const [id, ws] of session.subscribers.entries()) {
+    for (const [key, ws] of session.subscribers.entries()) {
       try {
-        if (key(ws) === id) ws.close()
+        if (ws.data === key) ws.close()
       } catch {
         // ignore
       }
@@ -261,13 +259,16 @@ export namespace Pty {
     }
     log.info("client connected to session", { id })
 
-    const sub = key(ws)
+    // Use ws.data as the unique key for this connection lifecycle.
+    // If ws.data is undefined, fallback to ws object.
+    const connectionKey = ws.data && typeof ws.data === "object" ? ws.data : ws
 
-    session.subscribers.delete(sub)
-    session.subscribers.set(sub, ws)
+    // Optionally cleanup if the key somehow exists
+    session.subscribers.delete(connectionKey)
+    session.subscribers.set(connectionKey, ws)
 
     const cleanup = () => {
-      session.subscribers.delete(sub)
+      session.subscribers.delete(connectionKey)
     }
 
     const start = session.bufferCursor

packages/opencode/src/question/index.ts

@@ -4,7 +4,7 @@ import * as S from "./service"
 import type { QuestionID } from "./schema"
 import type { SessionID, MessageID } from "@/session/schema"
 
-function runPromise<A, E>(f: (service: S.QuestionService.Service) => Effect.Effect<A, E>) {
+function runPromise<A>(f: (service: S.QuestionService.Service) => Effect.Effect<A, S.QuestionServiceError>) {
   return runtime.runPromise(S.QuestionService.use(f))
 }
 

packages/opencode/src/question/service.ts

@@ -72,17 +72,22 @@ export const Event = {
   ),
 }
 
-export class RejectedError extends Schema.TaggedErrorClass<RejectedError>()("QuestionRejectedError", {}) {
-  override get message() {
-    return "The user dismissed this question"
+export class RejectedError extends Error {
+  constructor() {
+    super("The user dismissed this question")
   }
 }
 
 // --- Effect service ---
 
+export class QuestionServiceError extends Schema.TaggedErrorClass<QuestionServiceError>()("QuestionServiceError", {
+  message: Schema.String,
+  cause: Schema.optional(Schema.Defect),
+}) {}
+
 interface PendingEntry {
   info: Request
-  deferred: Deferred.Deferred<Answer[], RejectedError>
+  deferred: Deferred.Deferred<Answer[]>
 }
 
 export namespace QuestionService {
@@ -91,10 +96,10 @@ export namespace QuestionService {
       sessionID: SessionID
       questions: Info[]
       tool?: { messageID: MessageID; callID: string }
-    }) => Effect.Effect<Answer[], RejectedError>
-    readonly reply: (input: { requestID: QuestionID; answers: Answer[] }) => Effect.Effect<void>
-    readonly reject: (requestID: QuestionID) => Effect.Effect<void>
-    readonly list: () => Effect.Effect<Request[]>
+    }) => Effect.Effect<Answer[], QuestionServiceError>
+    readonly reply: (input: { requestID: QuestionID; answers: Answer[] }) => Effect.Effect<void, QuestionServiceError>
+    readonly reject: (requestID: QuestionID) => Effect.Effect<void, QuestionServiceError>
+    readonly list: () => Effect.Effect<Request[], QuestionServiceError>
   }
 }
 
@@ -104,7 +109,7 @@ export class QuestionService extends ServiceMap.Service<QuestionService, Questio
   static readonly layer = Layer.effect(
     QuestionService,
     Effect.gen(function* () {
-      const instanceState = yield* InstanceState.make<Map<QuestionID, PendingEntry>>(() =>
+      const instanceState = yield* InstanceState.make<Map<QuestionID, PendingEntry>, QuestionServiceError>(() =>
         Effect.succeed(new Map<QuestionID, PendingEntry>()),
       )
 
@@ -119,7 +124,7 @@ export class QuestionService extends ServiceMap.Service<QuestionService, Questio
         const id = QuestionID.ascending()
         log.info("asking", { id, questions: input.questions.length })
 
-        const deferred = yield* Deferred.make<Answer[], RejectedError>()
+        const deferred = yield* Deferred.make<Answer[]>()
         const info: Request = {
           id,
           sessionID: input.sessionID,
@@ -129,12 +134,7 @@ export class QuestionService extends ServiceMap.Service<QuestionService, Questio
         pending.set(id, { info, deferred })
         Bus.publish(Event.Asked, info)
 
-        return yield* Effect.ensuring(
-          Deferred.await(deferred),
-          Effect.sync(() => {
-            pending.delete(id)
-          }),
-        )
+        return yield* Deferred.await(deferred)
       })
 
       const reply = Effect.fn("QuestionService.reply")(function* (input: { requestID: QuestionID; answers: Answer[] }) {
@@ -167,7 +167,7 @@ export class QuestionService extends ServiceMap.Service<QuestionService, Questio
           sessionID: existing.info.sessionID,
           requestID: existing.info.id,
         })
-        yield* Deferred.fail(existing.deferred, new RejectedError())
+        yield* Deferred.die(existing.deferred, new RejectedError())
       })
 
       const list = Effect.fn("QuestionService.list")(function* () {

packages/opencode/src/server/routes/project.ts

@@ -29,7 +29,7 @@ export const ProjectRoutes = lazy(() =>
         },
       }),
       async (c) => {
-        const projects = Project.list()
+        const projects = await Project.list()
         return c.json(projects)
       },
     )

packages/opencode/src/server/routes/pty.ts

@@ -1,14 +1,15 @@
 import { Hono } from "hono"
 import { describeRoute, validator, resolver } from "hono-openapi"
-import type { UpgradeWebSocket } from "hono/ws"
+import { upgradeWebSocket } from "hono/bun"
 import z from "zod"
 import { Pty } from "@/pty"
 import { PtyID } from "@/pty/schema"
 import { NotFoundError } from "../../storage/db"
 import { errors } from "../error"
+import { lazy } from "../../util/lazy"
 
-export function PtyRoutes(upgradeWebSocket: UpgradeWebSocket) {
-  return new Hono()
+export const PtyRoutes = lazy(() =>
+  new Hono()
     .get(
       "/",
       describeRoute({
@@ -196,5 +197,5 @@ export function PtyRoutes(upgradeWebSocket: UpgradeWebSocket) {
           },
         }
       }),
-    )
-}
+    ),
+)

packages/opencode/src/server/server.ts

@@ -27,7 +27,7 @@ import { ProviderID } from "../provider/schema"
 import { WorkspaceRouterMiddleware } from "../control-plane/workspace-router-middleware"
 import { ProjectRoutes } from "./routes/project"
 import { SessionRoutes } from "./routes/session"
-// import { PtyRoutes } from "./routes/pty"
+import { PtyRoutes } from "./routes/pty"
 import { McpRoutes } from "./routes/mcp"
 import { FileRoutes } from "./routes/file"
 import { ConfigRoutes } from "./routes/config"
@@ -36,8 +36,7 @@ import { ProviderRoutes } from "./routes/provider"
 import { InstanceBootstrap } from "../project/bootstrap"
 import { NotFoundError } from "../storage/db"
 import type { ContentfulStatusCode } from "hono/utils/http-status"
-import { createAdaptorServer, type ServerType } from "@hono/node-server"
-import { createNodeWebSocket } from "@hono/node-ws"
+import { websocket } from "hono/bun"
 import { HTTPException } from "hono/http-exception"
 import { errors } from "./error"
 import { Filesystem } from "@/util/filesystem"
@@ -51,20 +50,13 @@ import { lazy } from "@/util/lazy"
 globalThis.AI_SDK_LOG_WARNINGS = false
 
 export namespace Server {
-  export type Listener = {
-    hostname: string
-    port: number
-    url: URL
-    stop: (close?: boolean) => Promise<void>
-  }
+  const log = Log.create({ service: "server" })
 
-  export const Default = lazy(() => create({}).app)
+  export const Default = lazy(() => createApp({}))
 
-  function create(opts: { cors?: string[] }) {
-    const log = Log.create({ service: "server" })
+  export const createApp = (opts: { cors?: string[] }): Hono => {
     const app = new Hono()
-    const ws = createNodeWebSocket({ app })
-    const route = app
+    return app
       .onError((err, c) => {
         log.error("failed", {
           error: err,
@@ -249,6 +241,7 @@ export namespace Server {
         ),
       )
       .route("/project", ProjectRoutes())
+      .route("/pty", PtyRoutes())
       .route("/config", ConfigRoutes())
       .route("/experimental", ExperimentalRoutes())
       .route("/session", SessionRoutes())
@@ -561,7 +554,6 @@ export namespace Server {
           })
         },
       )
-      // .route("/pty", PtyRoutes(ws.upgradeWebSocket))
       .all("/*", async (c) => {
         const path = c.req.path
 
@@ -578,11 +570,6 @@ export namespace Server {
         )
         return response
       })
-
-    return {
-      app: route as Hono,
-      ws,
-    }
   }
 
   export async function openapi() {
@@ -603,87 +590,49 @@ export namespace Server {
   /** @deprecated do not use this dumb shit */
   export let url: URL
 
-  export async function listen(opts: {
+  export function listen(opts: {
     port: number
     hostname: string
     mdns?: boolean
     mdnsDomain?: string
     cors?: string[]
-  }): Promise<Listener> {
-    const log = Log.create({ service: "server" })
-    const built = create({
-      ...opts,
-    })
-    const start = (port: number) =>
-      new Promise<ServerType>((resolve, reject) => {
-        const server = createAdaptorServer({ fetch: built.app.fetch })
-        built.ws.injectWebSocket(server)
-        const fail = (err: Error) => {
-          cleanup()
-          reject(err)
-        }
-        const ready = () => {
-          cleanup()
-          resolve(server)
-        }
-        const cleanup = () => {
-          server.off("error", fail)
-          server.off("listening", ready)
-        }
-        server.once("error", fail)
-        server.once("listening", ready)
-        server.listen(port, opts.hostname)
-      })
-
-    const server = opts.port === 0 ? await start(4096).catch(() => start(0)) : await start(opts.port)
-    const addr = server.address()
-    if (!addr || typeof addr === "string") {
-      throw new Error(`Failed to resolve server address for port ${opts.port}`)
+  }) {
+    url = new URL(`http://${opts.hostname}:${opts.port}`)
+    const app = createApp(opts)
+    const args = {
+      hostname: opts.hostname,
+      idleTimeout: 0,
+      fetch: app.fetch,
+      websocket: websocket,
+    } as const
+    const tryServe = (port: number) => {
+      try {
+        return Bun.serve({ ...args, port })
+      } catch {
+        return undefined
+      }
     }
-
-    const next = new URL("http://localhost")
-    next.hostname = opts.hostname
-    next.port = String(addr.port)
-    url = next
+    const server = opts.port === 0 ? (tryServe(4096) ?? tryServe(0)) : tryServe(opts.port)
+    if (!server) throw new Error(`Failed to start server on port ${opts.port}`)
 
     const shouldPublishMDNS =
       opts.mdns &&
-      addr.port &&
+      server.port &&
       opts.hostname !== "127.0.0.1" &&
       opts.hostname !== "localhost" &&
       opts.hostname !== "::1"
     if (shouldPublishMDNS) {
-      MDNS.publish(addr.port, opts.mdnsDomain)
+      MDNS.publish(server.port!, opts.mdnsDomain)
     } else if (opts.mdns) {
       log.warn("mDNS enabled but hostname is loopback; skipping mDNS publish")
     }
 
-    let closing: Promise<void> | undefined
-    return {
-      hostname: opts.hostname,
-      port: addr.port,
-      url: next,
-      stop(close?: boolean) {
-        closing ??= new Promise((resolve, reject) => {
-          if (shouldPublishMDNS) MDNS.unpublish()
-          server.close((err) => {
-            if (err) {
-              reject(err)
-              return
-            }
-            resolve()
-          })
-          if (close) {
-            if ("closeAllConnections" in server && typeof server.closeAllConnections === "function") {
-              server.closeAllConnections()
-            }
-            if ("closeIdleConnections" in server && typeof server.closeIdleConnections === "function") {
-              server.closeIdleConnections()
-            }
-          }
-        })
-        return closing
-      },
+    const originalStop = server.stop.bind(server)
+    server.stop = async (closeActiveConnections?: boolean) => {
+      if (shouldPublishMDNS) MDNS.unpublish()
+      return originalStop(closeActiveConnections)
     }
+
+    return server
   }
 }

packages/opencode/src/session/message-v2.ts

@@ -13,7 +13,7 @@ import { STATUS_CODES } from "http"
 import { Storage } from "@/storage/storage"
 import { ProviderError } from "@/provider/error"
 import { iife } from "@/util/iife"
-import type { SystemError } from "bun"
+import { type SystemError } from "bun"
 import type { Provider } from "@/provider/provider"
 import { ModelID, ProviderID } from "@/provider/schema"
 

packages/opencode/src/session/prompt.ts

@@ -32,6 +32,7 @@ import { Flag } from "../flag/flag"
 import { ulid } from "ulid"
 import { spawn } from "child_process"
 import { Command } from "../command"
+import { $ } from "bun"
 import { pathToFileURL, fileURLToPath } from "url"
 import { ConfigMarkdown } from "../config/markdown"
 import { SessionSummary } from "./summary"
@@ -47,7 +48,6 @@ import { iife } from "@/util/iife"
 import { Shell } from "@/shell/shell"
 import { Truncate } from "@/tool/truncation"
 import { decodeDataUrl } from "@/util/data-url"
-import { Process } from "@/util/process"
 
 // @ts-ignore
 globalThis.AI_SDK_LOG_WARNINGS = false
@@ -318,7 +318,11 @@ export namespace SessionPrompt {
       }
 
       if (!lastUser) throw new Error("No user message found in stream. This should never happen.")
-      if (shouldExitLoop(lastUser, lastAssistant)) {
+      if (
+        lastAssistant?.finish &&
+        !["tool-calls", "unknown"].includes(lastAssistant.finish) &&
+        lastUser.id < lastAssistant.id
+      ) {
         log.info("exiting loop", { sessionID })
         break
       }
@@ -1782,13 +1786,15 @@ NOTE: At any point in time through this workflow you should feel free to ask the
       template = template + "\n\n" + input.arguments
     }
 
-    const shellMatches = ConfigMarkdown.shell(template)
-    if (shellMatches.length > 0) {
-      const sh = Shell.preferred()
+    const shell = ConfigMarkdown.shell(template)
+    if (shell.length > 0) {
       const results = await Promise.all(
-        shellMatches.map(async ([, cmd]) => {
-          const out = await Process.text([cmd], { shell: sh, nothrow: true })
-          return out.text
+        shell.map(async ([, cmd]) => {
+          try {
+            return await $`${{ raw: cmd }}`.quiet().nothrow().text()
+          } catch (error) {
+            return `Error executing command: ${error instanceof Error ? error.message : String(error)}`
+          }
         }),
       )
       let index = 0
@@ -1961,15 +1967,4 @@ NOTE: At any point in time through this workflow you should feel free to ask the
       return Session.setTitle({ sessionID: input.session.id, title })
     }
   }
-
-  /** @internal Exported for testing — determines whether the prompt loop should exit */
-  export function shouldExitLoop(
-    lastUser: MessageV2.User | undefined,
-    lastAssistant: MessageV2.Assistant | undefined,
-  ): boolean {
-    if (!lastUser) return false
-    if (!lastAssistant?.finish) return false
-    if (["tool-calls", "unknown"].includes(lastAssistant.finish)) return false
-    return lastAssistant.parentID === lastUser.id
-  }
 }

packages/opencode/src/storage/db.bun.ts

@@ -1,8 +0,0 @@
-import { Database } from "bun:sqlite"
-import { drizzle } from "drizzle-orm/bun-sqlite"
-
-export function init(path: string) {
-  const sqlite = new Database(path, { create: true })
-  const db = drizzle({ client: sqlite })
-  return db
-}

packages/opencode/src/storage/db.node.ts

@@ -1,8 +0,0 @@
-import { DatabaseSync } from "node:sqlite"
-import { drizzle } from "drizzle-orm/node-sqlite"
-
-export function init(path: string) {
-  const sqlite = new DatabaseSync(path)
-  const db = drizzle({ client: sqlite })
-  return db
-}

packages/opencode/src/storage/db.ts

@@ -1,4 +1,5 @@
-import { type SQLiteBunDatabase } from "drizzle-orm/bun-sqlite"
+import { Database as BunDatabase } from "bun:sqlite"
+import { drizzle, type SQLiteBunDatabase } from "drizzle-orm/bun-sqlite"
 import { migrate } from "drizzle-orm/bun-sqlite/migrator"
 import { type SQLiteTransaction } from "drizzle-orm/sqlite-core"
 export * from "drizzle-orm"
@@ -10,10 +11,10 @@ import { NamedError } from "@opencode-ai/util/error"
 import z from "zod"
 import path from "path"
 import { readFileSync, readdirSync, existsSync } from "fs"
+import * as schema from "./schema"
 import { Installation } from "../installation"
 import { Flag } from "../flag/flag"
 import { iife } from "@/util/iife"
-import { init } from "#db"
 
 declare const OPENCODE_MIGRATIONS: { sql: string; timestamp: number; name: string }[] | undefined
 
@@ -35,12 +36,17 @@ export namespace Database {
     return path.join(Global.Path.data, `opencode-${safe}.db`)
   })
 
-  export type Transaction = SQLiteTransaction<"sync", void>
+  type Schema = typeof schema
+  export type Transaction = SQLiteTransaction<"sync", void, Schema>
 
   type Client = SQLiteBunDatabase
 
   type Journal = { sql: string; timestamp: number; name: string }[]
 
+  const state = {
+    sqlite: undefined as BunDatabase | undefined,
+  }
+
   function time(tag: string) {
     const match = /^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})/.exec(tag)
     if (!match) return 0
@@ -77,14 +83,17 @@ export namespace Database {
   export const Client = lazy(() => {
     log.info("opening database", { path: Path })
 
-    const db = init(Path)
+    const sqlite = new BunDatabase(Path, { create: true })
+    state.sqlite = sqlite
 
-    db.run("PRAGMA journal_mode = WAL")
-    db.run("PRAGMA synchronous = NORMAL")
-    db.run("PRAGMA busy_timeout = 5000")
-    db.run("PRAGMA cache_size = -64000")
-    db.run("PRAGMA foreign_keys = ON")
-    db.run("PRAGMA wal_checkpoint(PASSIVE)")
+    sqlite.run("PRAGMA journal_mode = WAL")
+    sqlite.run("PRAGMA synchronous = NORMAL")
+    sqlite.run("PRAGMA busy_timeout = 5000")
+    sqlite.run("PRAGMA cache_size = -64000")
+    sqlite.run("PRAGMA foreign_keys = ON")
+    sqlite.run("PRAGMA wal_checkpoint(PASSIVE)")
+
+    const db = drizzle({ client: sqlite })
 
     // Apply schema migrations
     const entries =
@@ -108,11 +117,14 @@ export namespace Database {
   })
 
   export function close() {
-    Client().$client.close()
+    const sqlite = state.sqlite
+    if (!sqlite) return
+    sqlite.close()
+    state.sqlite = undefined
     Client.reset()
   }
 
-  export type TxOrDb = Transaction | Client
+  export type TxOrDb = SQLiteTransaction<"sync", void, any, any> | Client
 
   const ctx = Context.create<{
     tx: TxOrDb

packages/opencode/src/tool/registry.ts

@@ -46,7 +46,7 @@ export namespace ToolRegistry {
     if (matches.length) await Config.waitForDependencies()
     for (const match of matches) {
       const namespace = path.basename(match, path.extname(match))
-      const mod = await import(process.platform === "win32" ? match : pathToFileURL(match).href)
+      const mod = await import(pathToFileURL(match).href)
       for (const [id, def] of Object.entries<ToolDefinition>(mod)) {
         custom.push(fromPlugin(id === "default" ? namespace : `${namespace}_${id}`, def))
       }

packages/opencode/src/util/instance-state.ts

@@ -43,16 +43,14 @@ export namespace InstanceState {
     })
 
   /** Get the cached value for the current directory, initializing it if needed. */
-  export const get = <A, E, R>(self: InstanceState<A, E, R>) =>
-    Effect.suspend(() => ScopedCache.get(self.cache, Instance.directory))
+  export const get = <A, E, R>(self: InstanceState<A, E, R>) => ScopedCache.get(self.cache, Instance.directory)
 
   /** Check whether a value exists for the current directory. */
-  export const has = <A, E, R>(self: InstanceState<A, E, R>) =>
-    Effect.suspend(() => ScopedCache.has(self.cache, Instance.directory))
+  export const has = <A, E, R>(self: InstanceState<A, E, R>) => ScopedCache.has(self.cache, Instance.directory)
 
   /** Invalidate the cached value for the current directory. */
   export const invalidate = <A, E, R>(self: InstanceState<A, E, R>) =>
-    Effect.suspend(() => ScopedCache.invalidate(self.cache, Instance.directory))
+    ScopedCache.invalidate(self.cache, Instance.directory)
 
   /** Invalidate the given directory across all InstanceState caches. */
   export const dispose = (directory: string) =>

packages/opencode/src/util/process.ts

@@ -13,7 +13,6 @@ export namespace Process {
     abort?: AbortSignal
     kill?: NodeJS.Signals | number
     timeout?: number
-    shell?: string
   }
 
   export interface RunOptions extends Omit<Options, "stdout" | "stderr"> {
@@ -59,7 +58,6 @@ export namespace Process {
 
     const proc = launch(cmd[0], cmd.slice(1), {
       cwd: opts.cwd,
-      shell: opts.shell,
       env: opts.env === null ? {} : opts.env ? { ...process.env, ...opts.env } : undefined,
       stdio: [opts.stdin ?? "ignore", opts.stdout ?? "ignore", opts.stderr ?? "ignore"],
       windowsHide: process.platform === "win32",

packages/opencode/src/util/which.ts

@@ -1,13 +1,9 @@
 import whichPkg from "which"
-import path from "path"
-import { Global } from "../global"
 
 export function which(cmd: string, env?: NodeJS.ProcessEnv) {
-  const base = env?.PATH ?? env?.Path ?? process.env.PATH ?? process.env.Path ?? ""
-  const full = base ? base + path.delimiter + Global.Path.bin : Global.Path.bin
   const result = whichPkg.sync(cmd, {
     nothrow: true,
-    path: full,
+    path: env?.PATH ?? env?.Path ?? process.env.PATH ?? process.env.Path,
     pathExt: env?.PATHEXT ?? env?.PathExt ?? process.env.PATHEXT ?? process.env.PathExt,
   })
   return typeof result === "string" ? result : null

packages/opencode/test/agent/agent.test.ts

@@ -38,7 +38,7 @@ test("build agent has correct default properties", async () => {
       expect(build).toBeDefined()
       expect(build?.mode).toBe("primary")
       expect(build?.native).toBe(true)
-      expect(evalPerm(build, "edit")).toBe("ask")
+      expect(evalPerm(build, "edit")).toBe("allow")
       expect(evalPerm(build, "bash")).toBe("allow")
     },
   })
@@ -217,8 +217,8 @@ test("agent permission config merges with defaults", async () => {
       expect(build).toBeDefined()
       // Specific pattern is denied
       expect(PermissionNext.evaluate("bash", "rm -rf *", build!.permission).action).toBe("deny")
-      // Edit still asks (default behavior)
-      expect(evalPerm(build, "edit")).toBe("ask")
+      // Edit still allowed
+      expect(evalPerm(build, "edit")).toBe("allow")
     },
   })
 })

packages/opencode/test/bun.test.ts

@@ -0,0 +1,53 @@
+import { describe, expect, test } from "bun:test"
+import fs from "fs/promises"
+import path from "path"
+
+describe("BunProc registry configuration", () => {
+  test("should not contain hardcoded registry parameters", async () => {
+    // Read the bun/index.ts file
+    const bunIndexPath = path.join(__dirname, "../src/bun/index.ts")
+    const content = await fs.readFile(bunIndexPath, "utf-8")
+
+    // Verify that no hardcoded registry is present
+    expect(content).not.toContain("--registry=")
+    expect(content).not.toContain("hasNpmRcConfig")
+    expect(content).not.toContain("NpmRc")
+  })
+
+  test("should use Bun's default registry resolution", async () => {
+    // Read the bun/index.ts file
+    const bunIndexPath = path.join(__dirname, "../src/bun/index.ts")
+    const content = await fs.readFile(bunIndexPath, "utf-8")
+
+    // Verify that it uses Bun's default resolution
+    expect(content).toContain("Bun's default registry resolution")
+    expect(content).toContain("Bun will use them automatically")
+    expect(content).toContain("No need to pass --registry flag")
+  })
+
+  test("should have correct command structure without registry", async () => {
+    // Read the bun/index.ts file
+    const bunIndexPath = path.join(__dirname, "../src/bun/index.ts")
+    const content = await fs.readFile(bunIndexPath, "utf-8")
+
+    // Extract the install function
+    const installFunctionMatch = content.match(/export async function install[\s\S]*?^  }/m)
+    expect(installFunctionMatch).toBeTruthy()
+
+    if (installFunctionMatch) {
+      const installFunction = installFunctionMatch[0]
+
+      // Verify expected arguments are present
+      expect(installFunction).toContain('"add"')
+      expect(installFunction).toContain('"--force"')
+      expect(installFunction).toContain('"--exact"')
+      expect(installFunction).toContain('"--cwd"')
+      expect(installFunction).toContain("Global.Path.cache")
+      expect(installFunction).toContain('pkg + "@" + version')
+
+      // Verify no registry argument is added
+      expect(installFunction).not.toContain('"--registry"')
+      expect(installFunction).not.toContain('args.push("--registry')
+    }
+  })
+})

packages/opencode/test/permission/next.test.ts

@@ -1,32 +1,10 @@
 import { test, expect } from "bun:test"
 import os from "os"
-import { Bus } from "../../src/bus"
-import { runtime } from "../../src/effect/runtime"
 import { PermissionNext } from "../../src/permission/next"
-import * as S from "../../src/permission/service"
 import { PermissionID } from "../../src/permission/schema"
 import { Instance } from "../../src/project/instance"
 import { tmpdir } from "../fixture/fixture"
-import { MessageID, SessionID } from "../../src/session/schema"
-
-async function rejectAll(message?: string) {
-  for (const req of await PermissionNext.list()) {
-    await PermissionNext.reply({
-      requestID: req.id,
-      reply: "reject",
-      message,
-    })
-  }
-}
-
-async function waitForPending(count: number) {
-  for (let i = 0; i < 20; i++) {
-    const list = await PermissionNext.list()
-    if (list.length === count) return list
-    await Bun.sleep(0)
-  }
-  return PermissionNext.list()
-}
+import { SessionID } from "../../src/session/schema"
 
 // fromConfig tests
 
@@ -533,84 +511,6 @@ test("ask - returns pending promise when action is ask", async () => {
       // Promise should be pending, not resolved
       expect(promise).toBeInstanceOf(Promise)
       // Don't await - just verify it returns a promise
-      await rejectAll()
-      await promise.catch(() => {})
-    },
-  })
-})
-
-test("ask - adds request to pending list", async () => {
-  await using tmp = await tmpdir({ git: true })
-  await Instance.provide({
-    directory: tmp.path,
-    fn: async () => {
-      const ask = PermissionNext.ask({
-        sessionID: SessionID.make("session_test"),
-        permission: "bash",
-        patterns: ["ls"],
-        metadata: { cmd: "ls" },
-        always: ["ls"],
-        tool: {
-          messageID: MessageID.make("msg_test"),
-          callID: "call_test",
-        },
-        ruleset: [],
-      })
-
-      const list = await PermissionNext.list()
-      expect(list).toHaveLength(1)
-      expect(list[0]).toMatchObject({
-        sessionID: SessionID.make("session_test"),
-        permission: "bash",
-        patterns: ["ls"],
-        metadata: { cmd: "ls" },
-        always: ["ls"],
-        tool: {
-          messageID: MessageID.make("msg_test"),
-          callID: "call_test",
-        },
-      })
-
-      await rejectAll()
-      await ask.catch(() => {})
-    },
-  })
-})
-
-test("ask - publishes asked event", async () => {
-  await using tmp = await tmpdir({ git: true })
-  await Instance.provide({
-    directory: tmp.path,
-    fn: async () => {
-      let seen: PermissionNext.Request | undefined
-      const unsub = Bus.subscribe(PermissionNext.Event.Asked, (event) => {
-        seen = event.properties
-      })
-
-      const ask = PermissionNext.ask({
-        sessionID: SessionID.make("session_test"),
-        permission: "bash",
-        patterns: ["ls"],
-        metadata: { cmd: "ls" },
-        always: ["ls"],
-        tool: {
-          messageID: MessageID.make("msg_test"),
-          callID: "call_test",
-        },
-        ruleset: [],
-      })
-
-      expect(await PermissionNext.list()).toHaveLength(1)
-      expect(seen).toBeDefined()
-      expect(seen).toMatchObject({
-        sessionID: SessionID.make("session_test"),
-        permission: "bash",
-        patterns: ["ls"],
-      })
-
-      unsub()
-      await rejectAll()
-      await ask.catch(() => {})
     },
   })
 })
@@ -632,8 +532,6 @@ test("reply - once resolves the pending ask", async () => {
         ruleset: [],
       })
 
-      await waitForPending(1)
-
       await PermissionNext.reply({
         requestID: PermissionID.make("per_test1"),
         reply: "once",
@@ -659,8 +557,6 @@ test("reply - reject throws RejectedError", async () => {
         ruleset: [],
       })
 
-      await waitForPending(1)
-
       await PermissionNext.reply({
         requestID: PermissionID.make("per_test2"),
         reply: "reject",
@@ -671,36 +567,6 @@ test("reply - reject throws RejectedError", async () => {
   })
 })
 
-test("reply - reject with message throws CorrectedError", async () => {
-  await using tmp = await tmpdir({ git: true })
-  await Instance.provide({
-    directory: tmp.path,
-    fn: async () => {
-      const ask = PermissionNext.ask({
-        id: PermissionID.make("per_test2b"),
-        sessionID: SessionID.make("session_test"),
-        permission: "bash",
-        patterns: ["ls"],
-        metadata: {},
-        always: [],
-        ruleset: [],
-      })
-
-      await waitForPending(1)
-
-      await PermissionNext.reply({
-        requestID: PermissionID.make("per_test2b"),
-        reply: "reject",
-        message: "Use a safer command",
-      })
-
-      const err = await ask.catch((err) => err)
-      expect(err).toBeInstanceOf(PermissionNext.CorrectedError)
-      expect(err.message).toContain("Use a safer command")
-    },
-  })
-})
-
 test("reply - always persists approval and resolves", async () => {
   await using tmp = await tmpdir({ git: true })
   await Instance.provide({
@@ -716,8 +582,6 @@ test("reply - always persists approval and resolves", async () => {
         ruleset: [],
       })
 
-      await waitForPending(1)
-
       await PermissionNext.reply({
         requestID: PermissionID.make("per_test3"),
         reply: "always",
@@ -769,8 +633,6 @@ test("reply - reject cancels all pending for same session", async () => {
         ruleset: [],
       })
 
-      await waitForPending(2)
-
       // Catch rejections before they become unhandled
       const result1 = askPromise1.catch((e) => e)
       const result2 = askPromise2.catch((e) => e)
@@ -788,144 +650,6 @@ test("reply - reject cancels all pending for same session", async () => {
   })
 })
 
-test("reply - always resolves matching pending requests in same session", async () => {
-  await using tmp = await tmpdir({ git: true })
-  await Instance.provide({
-    directory: tmp.path,
-    fn: async () => {
-      const a = PermissionNext.ask({
-        id: PermissionID.make("per_test5a"),
-        sessionID: SessionID.make("session_same"),
-        permission: "bash",
-        patterns: ["ls"],
-        metadata: {},
-        always: ["ls"],
-        ruleset: [],
-      })
-
-      const b = PermissionNext.ask({
-        id: PermissionID.make("per_test5b"),
-        sessionID: SessionID.make("session_same"),
-        permission: "bash",
-        patterns: ["ls"],
-        metadata: {},
-        always: [],
-        ruleset: [],
-      })
-
-      await waitForPending(2)
-
-      await PermissionNext.reply({
-        requestID: PermissionID.make("per_test5a"),
-        reply: "always",
-      })
-
-      await expect(a).resolves.toBeUndefined()
-      await expect(b).resolves.toBeUndefined()
-      expect(await PermissionNext.list()).toHaveLength(0)
-    },
-  })
-})
-
-test("reply - always keeps other session pending", async () => {
-  await using tmp = await tmpdir({ git: true })
-  await Instance.provide({
-    directory: tmp.path,
-    fn: async () => {
-      const a = PermissionNext.ask({
-        id: PermissionID.make("per_test6a"),
-        sessionID: SessionID.make("session_a"),
-        permission: "bash",
-        patterns: ["ls"],
-        metadata: {},
-        always: ["ls"],
-        ruleset: [],
-      })
-
-      const b = PermissionNext.ask({
-        id: PermissionID.make("per_test6b"),
-        sessionID: SessionID.make("session_b"),
-        permission: "bash",
-        patterns: ["ls"],
-        metadata: {},
-        always: [],
-        ruleset: [],
-      })
-
-      await waitForPending(2)
-
-      await PermissionNext.reply({
-        requestID: PermissionID.make("per_test6a"),
-        reply: "always",
-      })
-
-      await expect(a).resolves.toBeUndefined()
-      expect((await PermissionNext.list()).map((x) => x.id)).toEqual([PermissionID.make("per_test6b")])
-
-      await rejectAll()
-      await b.catch(() => {})
-    },
-  })
-})
-
-test("reply - publishes replied event", async () => {
-  await using tmp = await tmpdir({ git: true })
-  await Instance.provide({
-    directory: tmp.path,
-    fn: async () => {
-      const ask = PermissionNext.ask({
-        id: PermissionID.make("per_test7"),
-        sessionID: SessionID.make("session_test"),
-        permission: "bash",
-        patterns: ["ls"],
-        metadata: {},
-        always: [],
-        ruleset: [],
-      })
-
-      await waitForPending(1)
-
-      let seen:
-        | {
-            sessionID: SessionID
-            requestID: PermissionID
-            reply: PermissionNext.Reply
-          }
-        | undefined
-      const unsub = Bus.subscribe(PermissionNext.Event.Replied, (event) => {
-        seen = event.properties
-      })
-
-      await PermissionNext.reply({
-        requestID: PermissionID.make("per_test7"),
-        reply: "once",
-      })
-
-      await expect(ask).resolves.toBeUndefined()
-      expect(seen).toEqual({
-        sessionID: SessionID.make("session_test"),
-        requestID: PermissionID.make("per_test7"),
-        reply: "once",
-      })
-      unsub()
-    },
-  })
-})
-
-test("reply - does nothing for unknown requestID", async () => {
-  await using tmp = await tmpdir({ git: true })
-  await Instance.provide({
-    directory: tmp.path,
-    fn: async () => {
-      await PermissionNext.reply({
-        requestID: PermissionID.make("per_unknown"),
-        reply: "once",
-      })
-      expect(await PermissionNext.list()).toHaveLength(0)
-    },
-  })
-})
-
 test("ask - checks all patterns and stops on first deny", async () => {
   await using tmp = await tmpdir({ git: true })
   await Instance.provide({
@@ -965,74 +689,3 @@ test("ask - allows all patterns when all match allow rules", async () => {
     },
   })
 })
-
-test("ask - should deny even when an earlier pattern is ask", async () => {
-  await using tmp = await tmpdir({ git: true })
-  await Instance.provide({
-    directory: tmp.path,
-    fn: async () => {
-      const ask = PermissionNext.ask({
-        sessionID: SessionID.make("session_test"),
-        permission: "bash",
-        patterns: ["echo hello", "rm -rf /"],
-        metadata: {},
-        always: [],
-        ruleset: [
-          { permission: "bash", pattern: "echo *", action: "ask" },
-          { permission: "bash", pattern: "rm *", action: "deny" },
-        ],
-      })
-
-      const out = await Promise.race([
-        ask.then(
-          () => ({ ok: true as const, err: undefined }),
-          (err) => ({ ok: false as const, err }),
-        ),
-        Bun.sleep(100).then(() => "timeout" as const),
-      ])
-
-      if (out === "timeout") {
-        await rejectAll()
-        await ask.catch(() => {})
-        throw new Error("ask timed out instead of denying immediately")
-      }
-
-      expect(out.ok).toBe(false)
-      expect(out.err).toBeInstanceOf(PermissionNext.DeniedError)
-      expect(await PermissionNext.list()).toHaveLength(0)
-    },
-  })
-})
-
-test("ask - abort should clear pending request", async () => {
-  await using tmp = await tmpdir({ git: true })
-  await Instance.provide({
-    directory: tmp.path,
-    fn: async () => {
-      const ctl = new AbortController()
-      const ask = runtime.runPromise(
-        S.PermissionService.use((svc) =>
-          svc.ask({
-            sessionID: SessionID.make("session_test"),
-            permission: "bash",
-            patterns: ["ls"],
-            metadata: {},
-            always: [],
-            ruleset: [{ permission: "bash", pattern: "*", action: "ask" }],
-          }),
-        ),
-        { signal: ctl.signal },
-      )
-
-      await waitForPending(1)
-      ctl.abort()
-      await ask.catch(() => {})
-
-      try {
-        expect(await PermissionNext.list()).toHaveLength(0)
-      } finally {
-        await rejectAll()
-      }
-    },
-  })
-})

packages/opencode/test/session/prompt-loop-exit.test.ts

@@ -1,85 +0,0 @@
-import { describe, expect, test } from "bun:test"
-import type { MessageV2 } from "../../src/session/message-v2"
-import { SessionPrompt } from "../../src/session/prompt"
-
-function makeUser(id: string): MessageV2.User {
-  return {
-    id,
-    role: "user",
-    sessionID: "session-1",
-    time: { created: Date.now() },
-    agent: "default",
-    model: { providerID: "openai", modelID: "gpt-4" },
-  } as MessageV2.User
-}
-
-function makeAssistant(
-  id: string,
-  parentID: string,
-  finish?: string,
-): MessageV2.Assistant {
-  return {
-    id,
-    role: "assistant",
-    sessionID: "session-1",
-    parentID,
-    mode: "default",
-    agent: "default",
-    path: { cwd: "/tmp", root: "/tmp" },
-    cost: 0,
-    tokens: { input: 0, output: 0, reasoning: 0, cache: { read: 0, write: 0 } },
-    modelID: "gpt-4",
-    providerID: "openai",
-    time: { created: Date.now() },
-    finish,
-  } as MessageV2.Assistant
-}
-
-describe("shouldExitLoop", () => {
-  test("normal case: user ID < assistant ID, parentID matches, finish=end_turn → exits", () => {
-    const user = makeUser("01AAA")
-    const assistant = makeAssistant("01BBB", "01AAA", "end_turn")
-    expect(SessionPrompt.shouldExitLoop(user, assistant)).toBe(true)
-  })
-
-  test("clock skew: user ID > assistant ID, parentID matches, finish=stop → exits", () => {
-    // Simulates client clock ahead: user message ID sorts AFTER the assistant ID
-    const user = makeUser("01ZZZ")
-    const assistant = makeAssistant("01AAA", "01ZZZ", "stop")
-    expect(SessionPrompt.shouldExitLoop(user, assistant)).toBe(true)
-  })
-
-  test("unfinished assistant: finish=tool-calls → does NOT exit", () => {
-    const user = makeUser("01AAA")
-    const assistant = makeAssistant("01BBB", "01AAA", "tool-calls")
-    expect(SessionPrompt.shouldExitLoop(user, assistant)).toBe(false)
-  })
-
-  test("unfinished assistant: finish=unknown → does NOT exit", () => {
-    const user = makeUser("01AAA")
-    const assistant = makeAssistant("01BBB", "01AAA", "unknown")
-    expect(SessionPrompt.shouldExitLoop(user, assistant)).toBe(false)
-  })
-
-  test("no assistant yet → does NOT exit", () => {
-    const user = makeUser("01AAA")
-    expect(SessionPrompt.shouldExitLoop(user, undefined)).toBe(false)
-  })
-
-  test("assistant has no finish → does NOT exit", () => {
-    const user = makeUser("01AAA")
-    const assistant = makeAssistant("01BBB", "01AAA", undefined)
-    expect(SessionPrompt.shouldExitLoop(user, assistant)).toBe(false)
-  })
-
-  test("parentID mismatch → does NOT exit", () => {
-    const user = makeUser("01AAA")
-    const assistant = makeAssistant("01BBB", "01OTHER", "end_turn")
-    expect(SessionPrompt.shouldExitLoop(user, assistant)).toBe(false)
-  })
-
-  test("no user message → does NOT exit", () => {
-    const assistant = makeAssistant("01BBB", "01AAA", "end_turn")
-    expect(SessionPrompt.shouldExitLoop(undefined, assistant)).toBe(false)
-  })
-})

packages/opencode/test/tool/read.test.ts

@@ -183,7 +183,7 @@ describe("tool.read env file permissions", () => {
                   askedForEnv = true
                 }
                 if (rule.action === "deny") {
-                  throw new PermissionNext.DeniedError({ ruleset: agent.permission })
+                  throw new PermissionNext.DeniedError(agent.permission)
                 }
               }
             },

packages/opencode/test/util/instance-state.test.ts

@@ -1,5 +1,5 @@
 import { afterEach, expect, test } from "bun:test"
-import { Duration, Effect, Layer, ManagedRuntime, ServiceMap } from "effect"
+import { Effect } from "effect"
 
 import { Instance } from "../../src/project/instance"
 import { InstanceState } from "../../src/util/instance-state"
@@ -114,129 +114,6 @@ test("InstanceState is disposed on disposeAll", async () => {
   )
 })
 
-test("InstanceState.get reads correct directory per-evaluation (not captured once)", async () => {
-  await using a = await tmpdir()
-  await using b = await tmpdir()
-
-  // Regression: InstanceState.get must be lazy (Effect.suspend) so the
-  // directory is read per-evaluation, not captured once at the call site.
-  // Without this, a service built inside a ManagedRuntime Layer would
-  // freeze to whichever directory triggered the first layer build.
-
-  interface TestApi {
-    readonly getDir: () => Effect.Effect<string>
-  }
-
-  class TestService extends ServiceMap.Service<TestService, TestApi>()("@test/ALS-lazy") {
-    static readonly layer = Layer.effect(
-      TestService,
-      Effect.gen(function* () {
-        const state = yield* InstanceState.make((dir) => Effect.sync(() => dir))
-        // `get` is created once during layer build — must be lazy
-        const get = InstanceState.get(state)
-
-        const getDir = Effect.fn("TestService.getDir")(function* () {
-          return yield* get
-        })
-
-        return TestService.of({ getDir })
-      }),
-    )
-  }
-
-  const rt = ManagedRuntime.make(TestService.layer)
-
-  try {
-    const resultA = await Instance.provide({
-      directory: a.path,
-      fn: () => rt.runPromise(TestService.use((s) => s.getDir())),
-    })
-    expect(resultA).toBe(a.path)
-
-    // Second call with different directory must NOT return A's directory
-    const resultB = await Instance.provide({
-      directory: b.path,
-      fn: () => rt.runPromise(TestService.use((s) => s.getDir())),
-    })
-    expect(resultB).toBe(b.path)
-  } finally {
-    await rt.dispose()
-  }
-})
-
-test("InstanceState.get isolates concurrent fibers across real delays, yields, and timer callbacks", async () => {
-  await using a = await tmpdir()
-  await using b = await tmpdir()
-  await using c = await tmpdir()
-
-  // Adversarial: concurrent fibers with real timer delays (macrotask
-  // boundaries via setTimeout/Bun.sleep), explicit scheduler yields,
-  // and many async steps. If ALS context leaks or gets lost at any
-  // point, a fiber will see the wrong directory.
-
-  interface TestApi {
-    readonly getDir: () => Effect.Effect<string>
-  }
-
-  class TestService extends ServiceMap.Service<TestService, TestApi>()("@test/ALS-adversarial") {
-    static readonly layer = Layer.effect(
-      TestService,
-      Effect.gen(function* () {
-        const state = yield* InstanceState.make((dir) => Effect.sync(() => dir))
-
-        const getDir = Effect.fn("TestService.getDir")(function* () {
-          // Mix of async boundary types to maximise interleaving:
-          // 1. Real timer delay (macrotask — setTimeout under the hood)
-          yield* Effect.promise(() => Bun.sleep(1))
-          // 2. Effect.sleep (Effect's own timer, uses its internal scheduler)
-          yield* Effect.sleep(Duration.millis(1))
-          // 3. Explicit scheduler yields
-          for (let i = 0; i < 100; i++) {
-            yield* Effect.yieldNow
-          }
-          // 4. Microtask boundaries
-          for (let i = 0; i < 100; i++) {
-            yield* Effect.promise(() => Promise.resolve())
-          }
-          // 5. Another Effect.sleep
-          yield* Effect.sleep(Duration.millis(2))
-          // 6. Another real timer to force a second macrotask hop
-          yield* Effect.promise(() => Bun.sleep(1))
-          // NOW read the directory — ALS must still be correct
-          return yield* InstanceState.get(state)
-        })
-
-        return TestService.of({ getDir })
-      }),
-    )
-  }
-
-  const rt = ManagedRuntime.make(TestService.layer)
-
-  try {
-    const [resultA, resultB, resultC] = await Promise.all([
-      Instance.provide({
-        directory: a.path,
-        fn: () => rt.runPromise(TestService.use((s) => s.getDir())),
-      }),
-      Instance.provide({
-        directory: b.path,
-        fn: () => rt.runPromise(TestService.use((s) => s.getDir())),
-      }),
-      Instance.provide({
-        directory: c.path,
-        fn: () => rt.runPromise(TestService.use((s) => s.getDir())),
-      }),
-    ])
-
-    expect(resultA).toBe(a.path)
-    expect(resultB).toBe(b.path)
-    expect(resultC).toBe(c.path)
-  } finally {
-    await rt.dispose()
-  }
-})
-
 test("InstanceState dedupes concurrent lookups for the same directory", async () => {
   await using tmp = await tmpdir()
   let n = 0

packages/sdk/js/src/v2/gen/types.gen.ts

@@ -54,35 +54,6 @@ export type EventServerInstanceDisposed = {
   }
 }
 
-export type PermissionRequest = {
-  id: string
-  sessionID: string
-  permission: string
-  patterns: Array<string>
-  metadata: {
-    [key: string]: unknown
-  }
-  always: Array<string>
-  tool?: {
-    messageID: string
-    callID: string
-  }
-}
-
-export type EventPermissionAsked = {
-  type: "permission.asked"
-  properties: PermissionRequest
-}
-
-export type EventPermissionReplied = {
-  type: "permission.replied"
-  properties: {
-    sessionID: string
-    requestID: string
-    reply: "once" | "always" | "reject"
-  }
-}
-
 export type QuestionOption = {
   /**
    * Display text (1-5 words, concise)
@@ -649,6 +620,35 @@ export type EventMessagePartRemoved = {
   }
 }
 
+export type PermissionRequest = {
+  id: string
+  sessionID: string
+  permission: string
+  patterns: Array<string>
+  metadata: {
+    [key: string]: unknown
+  }
+  always: Array<string>
+  tool?: {
+    messageID: string
+    callID: string
+  }
+}
+
+export type EventPermissionAsked = {
+  type: "permission.asked"
+  properties: PermissionRequest
+}
+
+export type EventPermissionReplied = {
+  type: "permission.replied"
+  properties: {
+    sessionID: string
+    requestID: string
+    reply: "once" | "always" | "reject"
+  }
+}
+
 export type SessionStatus =
   | {
       type: "idle"
@@ -962,8 +962,6 @@ export type Event =
   | EventInstallationUpdateAvailable
   | EventProjectUpdated
   | EventServerInstanceDisposed
-  | EventPermissionAsked
-  | EventPermissionReplied
   | EventQuestionAsked
   | EventQuestionReplied
   | EventQuestionRejected
@@ -977,6 +975,8 @@ export type Event =
   | EventMessagePartUpdated
   | EventMessagePartDelta
   | EventMessagePartRemoved
+  | EventPermissionAsked
+  | EventPermissionReplied
   | EventSessionStatus
   | EventSessionIdle
   | EventSessionCompacted
@@ -1009,396 +1009,6 @@ export type GlobalEvent = {
   payload: Event
 }
 
-/**
- * Custom keybind configurations
- */
-export type KeybindsConfig = {
-  /**
-   * Leader key for keybind combinations
-   */
-  leader?: string
-  /**
-   * Exit the application
-   */
-  app_exit?: string
-  /**
-   * Open external editor
-   */
-  editor_open?: string
-  /**
-   * List available themes
-   */
-  theme_list?: string
-  /**
-   * Toggle sidebar
-   */
-  sidebar_toggle?: string
-  /**
-   * Toggle session scrollbar
-   */
-  scrollbar_toggle?: string
-  /**
-   * Toggle username visibility
-   */
-  username_toggle?: string
-  /**
-   * View status
-   */
-  status_view?: string
-  /**
-   * Export session to editor
-   */
-  session_export?: string
-  /**
-   * Create a new session
-   */
-  session_new?: string
-  /**
-   * List all sessions
-   */
-  session_list?: string
-  /**
-   * Show session timeline
-   */
-  session_timeline?: string
-  /**
-   * Fork session from message
-   */
-  session_fork?: string
-  /**
-   * Rename session
-   */
-  session_rename?: string
-  /**
-   * Delete session
-   */
-  session_delete?: string
-  /**
-   * Delete stash entry
-   */
-  stash_delete?: string
-  /**
-   * Open provider list from model dialog
-   */
-  model_provider_list?: string
-  /**
-   * Toggle model favorite status
-   */
-  model_favorite_toggle?: string
-  /**
-   * Toggle showing all models
-   */
-  model_show_all_toggle?: string
-  /**
-   * Share current session
-   */
-  session_share?: string
-  /**
-   * Unshare current session
-   */
-  session_unshare?: string
-  /**
-   * Interrupt current session
-   */
-  session_interrupt?: string
-  /**
-   * Compact the session
-   */
-  session_compact?: string
-  /**
-   * Scroll messages up by one page
-   */
-  messages_page_up?: string
-  /**
-   * Scroll messages down by one page
-   */
-  messages_page_down?: string
-  /**
-   * Scroll messages up by one line
-   */
-  messages_line_up?: string
-  /**
-   * Scroll messages down by one line
-   */
-  messages_line_down?: string
-  /**
-   * Scroll messages up by half page
-   */
-  messages_half_page_up?: string
-  /**
-   * Scroll messages down by half page
-   */
-  messages_half_page_down?: string
-  /**
-   * Navigate to first message
-   */
-  messages_first?: string
-  /**
-   * Navigate to last message
-   */
-  messages_last?: string
-  /**
-   * Navigate to next message
-   */
-  messages_next?: string
-  /**
-   * Navigate to previous message
-   */
-  messages_previous?: string
-  /**
-   * Navigate to last user message
-   */
-  messages_last_user?: string
-  /**
-   * Copy message
-   */
-  messages_copy?: string
-  /**
-   * Undo message
-   */
-  messages_undo?: string
-  /**
-   * Redo message
-   */
-  messages_redo?: string
-  /**
-   * Toggle code block concealment in messages
-   */
-  messages_toggle_conceal?: string
-  /**
-   * Toggle tool details visibility
-   */
-  tool_details?: string
-  /**
-   * List available models
-   */
-  model_list?: string
-  /**
-   * Next recently used model
-   */
-  model_cycle_recent?: string
-  /**
-   * Previous recently used model
-   */
-  model_cycle_recent_reverse?: string
-  /**
-   * Next favorite model
-   */
-  model_cycle_favorite?: string
-  /**
-   * Previous favorite model
-   */
-  model_cycle_favorite_reverse?: string
-  /**
-   * List available commands
-   */
-  command_list?: string
-  /**
-   * List agents
-   */
-  agent_list?: string
-  /**
-   * Next agent
-   */
-  agent_cycle?: string
-  /**
-   * Previous agent
-   */
-  agent_cycle_reverse?: string
-  /**
-   * Toggle auto-accept mode for permissions
-   */
-  permission_auto_accept_toggle?: string
-  /**
-   * Cycle model variants
-   */
-  variant_cycle?: string
-  /**
-   * Clear input field
-   */
-  input_clear?: string
-  /**
-   * Paste from clipboard
-   */
-  input_paste?: string
-  /**
-   * Submit input
-   */
-  input_submit?: string
-  /**
-   * Insert newline in input
-   */
-  input_newline?: string
-  /**
-   * Move cursor left in input
-   */
-  input_move_left?: string
-  /**
-   * Move cursor right in input
-   */
-  input_move_right?: string
-  /**
-   * Move cursor up in input
-   */
-  input_move_up?: string
-  /**
-   * Move cursor down in input
-   */
-  input_move_down?: string
-  /**
-   * Select left in input
-   */
-  input_select_left?: string
-  /**
-   * Select right in input
-   */
-  input_select_right?: string
-  /**
-   * Select up in input
-   */
-  input_select_up?: string
-  /**
-   * Select down in input
-   */
-  input_select_down?: string
-  /**
-   * Move to start of line in input
-   */
-  input_line_home?: string
-  /**
-   * Move to end of line in input
-   */
-  input_line_end?: string
-  /**
-   * Select to start of line in input
-   */
-  input_select_line_home?: string
-  /**
-   * Select to end of line in input
-   */
-  input_select_line_end?: string
-  /**
-   * Move to start of visual line in input
-   */
-  input_visual_line_home?: string
-  /**
-   * Move to end of visual line in input
-   */
-  input_visual_line_end?: string
-  /**
-   * Select to start of visual line in input
-   */
-  input_select_visual_line_home?: string
-  /**
-   * Select to end of visual line in input
-   */
-  input_select_visual_line_end?: string
-  /**
-   * Move to start of buffer in input
-   */
-  input_buffer_home?: string
-  /**
-   * Move to end of buffer in input
-   */
-  input_buffer_end?: string
-  /**
-   * Select to start of buffer in input
-   */
-  input_select_buffer_home?: string
-  /**
-   * Select to end of buffer in input
-   */
-  input_select_buffer_end?: string
-  /**
-   * Delete line in input
-   */
-  input_delete_line?: string
-  /**
-   * Delete to end of line in input
-   */
-  input_delete_to_line_end?: string
-  /**
-   * Delete to start of line in input
-   */
-  input_delete_to_line_start?: string
-  /**
-   * Backspace in input
-   */
-  input_backspace?: string
-  /**
-   * Delete character in input
-   */
-  input_delete?: string
-  /**
-   * Undo in input
-   */
-  input_undo?: string
-  /**
-   * Redo in input
-   */
-  input_redo?: string
-  /**
-   * Move word forward in input
-   */
-  input_word_forward?: string
-  /**
-   * Move word backward in input
-   */
-  input_word_backward?: string
-  /**
-   * Select word forward in input
-   */
-  input_select_word_forward?: string
-  /**
-   * Select word backward in input
-   */
-  input_select_word_backward?: string
-  /**
-   * Delete word forward in input
-   */
-  input_delete_word_forward?: string
-  /**
-   * Delete word backward in input
-   */
-  input_delete_word_backward?: string
-  /**
-   * Previous history item
-   */
-  history_previous?: string
-  /**
-   * Next history item
-   */
-  history_next?: string
-  /**
-   * Next child session
-   */
-  session_child_cycle?: string
-  /**
-   * Previous child session
-   */
-  session_child_cycle_reverse?: string
-  /**
-   * Go to parent session
-   */
-  session_parent?: string
-  /**
-   * Suspend terminal
-   */
-  terminal_suspend?: string
-  /**
-   * Toggle terminal title
-   */
-  terminal_title_toggle?: string
-  /**
-   * Toggle tips on home screen
-   */
-  tips_toggle?: string
-  /**
-   * Toggle thinking blocks visibility
-   */
-  display_thinking?: string
-}
-
 /**
  * Log level
  */

packages/sdk/openapi.json

@@ -7062,96 +7062,6 @@
         },
         "required": ["type", "properties"]
       },
-      "PermissionRequest": {
-        "type": "object",
-        "properties": {
-          "id": {
-            "type": "string",
-            "pattern": "^per.*"
-          },
-          "sessionID": {
-            "type": "string",
-            "pattern": "^ses.*"
-          },
-          "permission": {
-            "type": "string"
-          },
-          "patterns": {
-            "type": "array",
-            "items": {
-              "type": "string"
-            }
-          },
-          "metadata": {
-            "type": "object",
-            "propertyNames": {
-              "type": "string"
-            },
-            "additionalProperties": {}
-          },
-          "always": {
-            "type": "array",
-            "items": {
-              "type": "string"
-            }
-          },
-          "tool": {
-            "type": "object",
-            "properties": {
-              "messageID": {
-                "type": "string",
-                "pattern": "^msg.*"
-              },
-              "callID": {
-                "type": "string"
-              }
-            },
-            "required": ["messageID", "callID"]
-          }
-        },
-        "required": ["id", "sessionID", "permission", "patterns", "metadata", "always"]
-      },
-      "Event.permission.asked": {
-        "type": "object",
-        "properties": {
-          "type": {
-            "type": "string",
-            "const": "permission.asked"
-          },
-          "properties": {
-            "$ref": "#/components/schemas/PermissionRequest"
-          }
-        },
-        "required": ["type", "properties"]
-      },
-      "Event.permission.replied": {
-        "type": "object",
-        "properties": {
-          "type": {
-            "type": "string",
-            "const": "permission.replied"
-          },
-          "properties": {
-            "type": "object",
-            "properties": {
-              "sessionID": {
-                "type": "string",
-                "pattern": "^ses.*"
-              },
-              "requestID": {
-                "type": "string",
-                "pattern": "^per.*"
-              },
-              "reply": {
-                "type": "string",
-                "enum": ["once", "always", "reject"]
-              }
-            },
-            "required": ["sessionID", "requestID", "reply"]
-          }
-        },
-        "required": ["type", "properties"]
-      },
       "QuestionOption": {
         "type": "object",
         "properties": {
@@ -8760,6 +8670,96 @@
         },
         "required": ["type", "properties"]
       },
+      "PermissionRequest": {
+        "type": "object",
+        "properties": {
+          "id": {
+            "type": "string",
+            "pattern": "^per.*"
+          },
+          "sessionID": {
+            "type": "string",
+            "pattern": "^ses.*"
+          },
+          "permission": {
+            "type": "string"
+          },
+          "patterns": {
+            "type": "array",
+            "items": {
+              "type": "string"
+            }
+          },
+          "metadata": {
+            "type": "object",
+            "propertyNames": {
+              "type": "string"
+            },
+            "additionalProperties": {}
+          },
+          "always": {
+            "type": "array",
+            "items": {
+              "type": "string"
+            }
+          },
+          "tool": {
+            "type": "object",
+            "properties": {
+              "messageID": {
+                "type": "string",
+                "pattern": "^msg.*"
+              },
+              "callID": {
+                "type": "string"
+              }
+            },
+            "required": ["messageID", "callID"]
+          }
+        },
+        "required": ["id", "sessionID", "permission", "patterns", "metadata", "always"]
+      },
+      "Event.permission.asked": {
+        "type": "object",
+        "properties": {
+          "type": {
+            "type": "string",
+            "const": "permission.asked"
+          },
+          "properties": {
+            "$ref": "#/components/schemas/PermissionRequest"
+          }
+        },
+        "required": ["type", "properties"]
+      },
+      "Event.permission.replied": {
+        "type": "object",
+        "properties": {
+          "type": {
+            "type": "string",
+            "const": "permission.replied"
+          },
+          "properties": {
+            "type": "object",
+            "properties": {
+              "sessionID": {
+                "type": "string",
+                "pattern": "^ses.*"
+              },
+              "requestID": {
+                "type": "string",
+                "pattern": "^per.*"
+              },
+              "reply": {
+                "type": "string",
+                "enum": ["once", "always", "reject"]
+              }
+            },
+            "required": ["sessionID", "requestID", "reply"]
+          }
+        },
+        "required": ["type", "properties"]
+      },
       "SessionStatus": {
         "anyOf": [
           {
@@ -9611,12 +9611,6 @@
           {
             "$ref": "#/components/schemas/Event.server.instance.disposed"
           },
-          {
-            "$ref": "#/components/schemas/Event.permission.asked"
-          },
-          {
-            "$ref": "#/components/schemas/Event.permission.replied"
-          },
           {
             "$ref": "#/components/schemas/Event.question.asked"
           },
@@ -9656,6 +9650,12 @@
           {
             "$ref": "#/components/schemas/Event.message.part.removed"
           },
+          {
+            "$ref": "#/components/schemas/Event.permission.asked"
+          },
+          {
+            "$ref": "#/components/schemas/Event.permission.replied"
+          },
           {
             "$ref": "#/components/schemas/Event.session.status"
           },

packages/ui/src/components/find-assistant-messages.tsx

@@ -1,40 +0,0 @@
-import type { AssistantMessage, Message as MessageType } from "@opencode-ai/sdk/v2/client"
-
-/**
- * Find assistant messages that are replies to a given user message.
- *
- * Scans forward from the user message index first, then falls back to scanning
- * backward. The backward scan handles clock skew where assistant messages
- * (generated server-side) sort before the user message (generated client-side
- * with an ahead clock) in the ID-sorted array.
- */
-export function findAssistantMessages(
-  messages: MessageType[],
-  userIndex: number,
-  userID: string,
-): AssistantMessage[] {
-  if (userIndex < 0 || userIndex >= messages.length) return []
-
-  const result: AssistantMessage[] = []
-
-  // Scan forward from user message
-  for (let i = userIndex + 1; i < messages.length; i++) {
-    const item = messages[i]
-    if (!item) continue
-    if (item.role === "user") break
-    if (item.role === "assistant" && item.parentID === userID) result.push(item as AssistantMessage)
-  }
-
-  // Scan backward to find assistant messages that sort before the user
-  // message due to clock skew between client and server
-  if (result.length === 0) {
-    for (let i = userIndex - 1; i >= 0; i--) {
-      const item = messages[i]
-      if (!item) continue
-      if (item.role === "user") break
-      if (item.role === "assistant" && item.parentID === userID) result.push(item as AssistantMessage)
-    }
-  }
-
-  return result
-}

packages/ui/src/components/message-part.css

@@ -827,7 +827,7 @@
   [data-slot="question-body"] {
     display: flex;
     flex-direction: column;
-    gap: 0;
+    gap: 16px;
     flex: 1;
     min-height: 0;
     padding: 8px 8px 0;
@@ -907,7 +907,7 @@
     font-weight: var(--font-weight-medium);
     line-height: var(--line-height-large);
     color: var(--text-strong);
-    padding: 16px 10px 0;
+    padding: 0 10px;
   }
 
   [data-slot="question-hint"] {
@@ -1062,14 +1062,6 @@
       white-space: normal;
       overflow-wrap: anywhere;
     }
-
-    &[data-picked="true"] {
-      [data-slot="question-custom-input"]:focus-visible {
-        outline: none;
-        outline-offset: 0;
-        border-radius: 0;
-      }
-    }
   }
 
   [data-slot="question-custom"] {

packages/ui/src/components/session-turn.tsx

@@ -9,7 +9,6 @@ import { createEffect, createMemo, createSignal, For, on, ParentProps, Show } fr
 import { createStore } from "solid-js/store"
 import { Dynamic } from "solid-js/web"
 import { AssistantParts, Message, MessageDivider, PART_MAPPING, type UserActions } from "./message-part"
-import { findAssistantMessages } from "./find-assistant-messages"
 import { Card } from "./card"
 import { Accordion } from "./accordion"
 import { StickyAccordionHeader } from "./sticky-accordion-header"
@@ -268,7 +267,14 @@ export function SessionTurn(
       const index = messageIndex()
       if (index < 0) return emptyAssistant
 
-      return findAssistantMessages(messages, index, msg.id)
+      const result: AssistantMessage[] = []
+      for (let i = index + 1; i < messages.length; i++) {
+        const item = messages[i]
+        if (!item) continue
+        if (item.role === "user") break
+        if (item.role === "assistant" && item.parentID === msg.id) result.push(item as AssistantMessage)
+      }
+      return result
     },
     emptyAssistant,
     { equals: same },