refactor: migrate Effect call sites from Flock to EffectFlock (#22688)

bun.lock

@@ -358,7 +358,6 @@
         "@opencode-ai/plugin": "workspace:*",
         "@opencode-ai/script": "workspace:*",
         "@opencode-ai/sdk": "workspace:*",
-        "@opencode-ai/server": "workspace:*",
         "@openrouter/ai-sdk-provider": "2.5.1",
         "@opentelemetry/api": "1.9.0",
         "@opentelemetry/context-async-hooks": "2.6.1",
@@ -506,17 +505,6 @@
         "typescript": "catalog:",
       },
     },
-    "packages/server": {
-      "name": "@opencode-ai/server",
-      "version": "1.4.6",
-      "dependencies": {
-        "effect": "catalog:",
-      },
-      "devDependencies": {
-        "@typescript/native-preview": "catalog:",
-        "typescript": "catalog:",
-      },
-    },
     "packages/shared": {
       "name": "@opencode-ai/shared",
       "version": "1.4.6",
@@ -1568,8 +1556,6 @@
 
     "@opencode-ai/sdk": ["@opencode-ai/sdk@workspace:packages/sdk/js"],
 
-    "@opencode-ai/server": ["@opencode-ai/server@workspace:packages/server"],
-
     "@opencode-ai/shared": ["@opencode-ai/shared@workspace:packages/shared"],
 
     "@opencode-ai/slack": ["@opencode-ai/slack@workspace:packages/slack"],

infra/enterprise.ts

@@ -3,7 +3,7 @@ import { shortDomain } from "./stage"
 
 const storage = new sst.cloudflare.Bucket("EnterpriseStorage")
 
-const teams = new sst.cloudflare.x.SolidStart("Teams", {
+new sst.cloudflare.x.SolidStart("Teams", {
   domain: shortDomain,
   path: "packages/enterprise",
   buildCommand: "bun run build:cloudflare",

nix/hashes.json

@@ -1,8 +1,8 @@
 {
   "nodeModules": {
-    "x86_64-linux": "sha256-PvIx2g1J5QIUIzkz2ABaAM4K/k/+xlBPDUExoOJNNuo=",
-    "aarch64-linux": "sha256-YTAL+P13L5hgNJdDSiBED/UNa5zdTntnUUYDYL+Jdzo=",
-    "aarch64-darwin": "sha256-y2VCJifYAp+H0lpDcJ0QfKNMG00Q/usFElaUIpdc8Vs=",
-    "x86_64-darwin": "sha256-yz8edIlqLp06Y95ad8YjKz5azP7YATPle4TcDx6lM+U="
+    "x86_64-linux": "sha256-VIgTxIjmZ4Bfwwdj/YFmRJdBpPHYhJSY31kh06EXX+0=",
+    "aarch64-linux": "sha256-9118AS1ED0nrliURgZYBRuF/18RqXpUouhYJRlZ6jeA=",
+    "aarch64-darwin": "sha256-ppo3MfSIGKQHJCdYEZiLFRc61PtcJ9J0kAXH1pNIonA=",
+    "x86_64-darwin": "sha256-m+CZSOglBCTfNzbdBX6hXdDqqOzHNMzAddVp6BZVDtU="
   }
 }

packages/app/src/addons/serialize.test.ts

@@ -180,8 +180,8 @@ describe("SerializeAddon", () => {
       await writeAndWait(term, input)
 
       const origLine = term.buffer.active.getLine(0)
-      const origFg = origLine!.getCell(0)!.getFgColor()
-      const origBg = origLine!.getCell(0)!.getBgColor()
+      const _origFg = origLine!.getCell(0)!.getFgColor()
+      const _origBg = origLine!.getCell(0)!.getBgColor()
       expect(origLine!.getCell(0)!.isBold()).toBe(1)
 
       const serialized = addon.serialize({ range: { start: 0, end: 0 } })

packages/app/src/app.tsx

@@ -10,7 +10,7 @@ import { ThemeProvider } from "@opencode-ai/ui/theme/context"
 import { MetaProvider } from "@solidjs/meta"
 import { type BaseRouterProps, Navigate, Route, Router } from "@solidjs/router"
 import { QueryClient, QueryClientProvider } from "@tanstack/solid-query"
-import { type Duration, Effect } from "effect"
+import { Effect } from "effect"
 import {
   type Component,
   createMemo,
@@ -156,11 +156,6 @@ export function AppBaseProviders(props: ParentProps<{ locale?: Locale }>) {
   )
 }
 
-const effectMinDuration =
-  (duration: Duration.Input) =>
-  <A, E, R>(e: Effect.Effect<A, E, R>) =>
-    Effect.all([e, Effect.sleep(duration)], { concurrency: "unbounded" }).pipe(Effect.map((v) => v[0]))
-
 function ConnectionGate(props: ParentProps<{ disableHealthCheck?: boolean }>) {
   const server = useServer()
   const checkServerHealth = useCheckServerHealth()

packages/app/src/components/file-tree.tsx

@@ -14,7 +14,6 @@ import {
   Switch,
   untrack,
   type ComponentProps,
-  type JSXElement,
   type ParentProps,
 } from "solid-js"
 import { Dynamic } from "solid-js/web"

packages/app/src/context/global-sync/bootstrap.ts

@@ -65,22 +65,6 @@ function runAll(list: Array<() => Promise<unknown>>) {
   return Promise.allSettled(list.map((item) => item()))
 }
 
-function showErrors(input: {
-  errors: unknown[]
-  title: string
-  translate: (key: string, vars?: Record<string, string | number>) => string
-  formatMoreCount: (count: number) => string
-}) {
-  if (input.errors.length === 0) return
-  const message = formatServerError(input.errors[0], input.translate)
-  const more = input.errors.length > 1 ? input.formatMoreCount(input.errors.length - 1) : ""
-  showToast({
-    variant: "error",
-    title: input.title,
-    description: message + more,
-  })
-}
-
 export async function bootstrapGlobal(input: {
   globalSDK: OpencodeClient
   requestFailedTitle: string

packages/app/src/context/global-sync/types.ts

@@ -8,7 +8,6 @@ import type {
   Part,
   Path,
   PermissionRequest,
-  Project,
   ProviderListResponse,
   QuestionRequest,
   Session,

packages/app/src/i18n/ko.ts

@@ -1,7 +1,5 @@
 import { dict as en } from "./en"
 
-type Keys = keyof typeof en
-
 export const dict = {
   "command.category.suggested": "추천",
   "command.category.view": "보기",

packages/app/src/pages/session.tsx

@@ -433,7 +433,6 @@ export default function Page() {
   const isChildSession = createMemo(() => !!info()?.parentID)
   const diffs = createMemo(() => (params.id ? list(sync.data.session_diff[params.id]) : []))
   const sessionCount = createMemo(() => Math.max(info()?.summary?.files ?? 0, diffs().length))
-  const hasSessionReview = createMemo(() => sessionCount() > 0)
   const canReview = createMemo(() => !!sync.project)
   const reviewTab = createMemo(() => isDesktop())
   const tabState = createSessionTabs({
@@ -443,8 +442,6 @@ export default function Page() {
     review: reviewTab,
     hasReview: canReview,
   })
-  const contextOpen = tabState.contextOpen
-  const openedTabs = tabState.openedTabs
   const activeTab = tabState.activeTab
   const activeFileTab = tabState.activeFileTab
   const revertMessageID = createMemo(() => info()?.revert?.messageID)

packages/app/src/pages/session/file-tabs.tsx

@@ -378,12 +378,6 @@ export function FileTabContent(props: { tab: string }) {
     requestAnimationFrame(() => comments.clearFocus())
   })
 
-  const cancelCommenting = () => {
-    const p = path()
-    if (p) file.setSelectedLines(p, null)
-    setNote("commenting", null)
-  }
-
   let prev = {
     loaded: false,
     ready: false,

packages/console/app/script/generate-sitemap.ts

@@ -8,7 +8,6 @@ import { LOCALES, route } from "../src/lib/language.js"
 const __dirname = dirname(fileURLToPath(import.meta.url))
 const BASE_URL = config.baseUrl
 const PUBLIC_DIR = join(__dirname, "../public")
-const ROUTES_DIR = join(__dirname, "../src/routes")
 const DOCS_DIR = join(__dirname, "../../../web/src/content/docs")
 
 interface SitemapEntry {

packages/console/app/src/component/icon.tsx

@@ -1,6 +1,6 @@
 import { JSX } from "solid-js"
 
-export function IconZen(props: JSX.SvgSVGAttributes<SVGSVGElement>) {
+export function IconZen(_props: JSX.SvgSVGAttributes<SVGSVGElement>) {
   return (
     <svg width="84" height="30" viewBox="0 0 84 30" fill="none" xmlns="http://www.w3.org/2000/svg">
       <path d="M24 24H6V18H18V12H24V24ZM6 18H0V12H6V18Z" fill="currentColor" fill-opacity="0.2" />
@@ -13,7 +13,7 @@ export function IconZen(props: JSX.SvgSVGAttributes<SVGSVGElement>) {
   )
 }
 
-export function IconGo(props: JSX.SvgSVGAttributes<SVGSVGElement>) {
+export function IconGo(_props: JSX.SvgSVGAttributes<SVGSVGElement>) {
   return (
     <svg width="54" height="30" viewBox="0 0 54 30" fill="none" xmlns="http://www.w3.org/2000/svg">
       <path d="M24 30H0V0H24V6H6V24H18V18H12V12H24V30Z" fill="currentColor" />

packages/console/app/src/routes/auth/status.ts

@@ -1,7 +1,7 @@
 import { APIEvent } from "@solidjs/start"
 import { useAuthSession } from "~/context/auth"
 
-export async function GET(input: APIEvent) {
+export async function GET(_input: APIEvent) {
   const session = await useAuthSession()
   return Response.json(session.data)
 }

packages/console/app/src/routes/debug/index.ts

@@ -3,7 +3,7 @@ import { json } from "@solidjs/router"
 import { Database } from "@opencode-ai/console-core/drizzle/index.js"
 import { UserTable } from "@opencode-ai/console-core/schema/user.sql.js"
 
-export async function GET(evt: APIEvent) {
+export async function GET(_evt: APIEvent) {
   return json({
     data: await Database.use(async (tx) => {
       const result = await tx.$count(UserTable)

packages/console/app/src/routes/index.tsx

@@ -31,8 +31,6 @@ export default function Home() {
   const i18n = useI18n()
   const language = useLanguage()
   const githubData = createAsync(() => github())
-  const release = createMemo(() => githubData()?.release)
-
   const handleCopyClick = (event: Event) => {
     const button = event.currentTarget as HTMLButtonElement
     const text = button.textContent

packages/console/app/src/routes/user-menu.tsx

@@ -6,7 +6,7 @@ import { useI18n } from "~/context/i18n"
 import { useLanguage } from "~/context/language"
 import "./user-menu.css"
 
-const logout = action(async () => {
+const _logout = action(async () => {
   "use server"
   const auth = await useAuthSession()
   const event = getRequestEvent()

packages/console/app/src/routes/zen/util/provider/openai-compatible.ts

@@ -30,7 +30,7 @@ export const oaCompatHelper: ProviderHelper = ({ adjustCacheUsage, safetyIdentif
     headers.set("authorization", `Bearer ${apiKey}`)
     headers.set("x-session-affinity", headers.get("x-opencode-session") ?? "")
   },
-  modifyBody: (body: Record<string, any>, workspaceID?: string) => {
+  modifyBody: (body: Record<string, any>, _workspaceID?: string) => {
     return {
       ...body,
       ...(body.stream ? { stream_options: { include_usage: true } } : {}),

packages/console/app/src/routes/zen/v1/models.ts

@@ -5,7 +5,7 @@ import { WorkspaceTable } from "@opencode-ai/console-core/schema/workspace.sql.j
 import { ModelTable } from "@opencode-ai/console-core/schema/model.sql.js"
 import { ZenData } from "@opencode-ai/console-core/model.js"
 
-export async function OPTIONS(input: APIEvent) {
+export async function OPTIONS(_input: APIEvent) {
   return new Response(null, {
     status: 200,
     headers: {

packages/console/app/src/routes/zen/v1/models/[model].ts

@@ -6,8 +6,8 @@ export function POST(input: APIEvent) {
     format: "google",
     modelList: "full",
     parseApiKey: (headers: Headers) => headers.get("x-goog-api-key") ?? undefined,
-    parseModel: (url: string, body: any) => url.split("/").pop()?.split(":")?.[0] ?? "",
-    parseIsStream: (url: string, body: any) =>
+    parseModel: (url: string, _body: any) => url.split("/").pop()?.split(":")?.[0] ?? "",
+    parseIsStream: (url: string, _body: any) =>
       // ie. url: https://opencode.ai/zen/v1/models/gemini-3-pro:streamGenerateContent?alt=sse'
       url.split("/").pop()?.split(":")?.[1]?.startsWith("streamGenerateContent") ?? false,
   })

packages/function/src/api.ts

@@ -12,20 +12,6 @@ type Env = {
   WEB_DOMAIN: string
 }
 
-async function getFeishuTenantToken(): Promise<string> {
-  const response = await fetch("https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal", {
-    method: "POST",
-    headers: { "Content-Type": "application/json" },
-    body: JSON.stringify({
-      app_id: Resource.FEISHU_APP_ID.value,
-      app_secret: Resource.FEISHU_APP_SECRET.value,
-    }),
-  })
-  const data = (await response.json()) as { tenant_access_token?: string }
-  if (!data.tenant_access_token) throw new Error("Failed to get Feishu tenant token")
-  return data.tenant_access_token
-}
-
 export class SyncServer extends DurableObject<Env> {
   constructor(ctx: DurableObjectState, env: Env) {
     super(ctx, env)
@@ -49,9 +35,9 @@ export class SyncServer extends DurableObject<Env> {
     })
   }
 
-  async webSocketMessage(ws, message) {}
+  async webSocketMessage(_ws, _message) {}
 
-  async webSocketClose(ws, code, reason, wasClean) {
+  async webSocketClose(ws, code, _reason, _wasClean) {
     ws.close(code, "Durable Object is closing WebSocket")
   }
 
@@ -195,7 +181,7 @@ export default new Hono<{ Bindings: Env }>()
     let info
     const messages: Record<string, any> = {}
     data.forEach((d) => {
-      const [root, type, ...splits] = d.key.split("/")
+      const [root, type] = d.key.split("/")
       if (root !== "session") return
       if (type === "info") {
         info = d.content

packages/opencode/package.json

@@ -115,7 +115,6 @@
     "@opencode-ai/plugin": "workspace:*",
     "@opencode-ai/script": "workspace:*",
     "@opencode-ai/sdk": "workspace:*",
-    "@opencode-ai/server": "workspace:*",
     "@openrouter/ai-sdk-provider": "2.5.1",
     "@opentelemetry/api": "1.9.0",
     "@opentelemetry/context-async-hooks": "2.6.1",

packages/opencode/script/postinstall.mjs

@@ -85,18 +85,6 @@ function prepareBinDirectory(binaryName) {
   return { binDir, targetPath }
 }
 
-function symlinkBinary(sourcePath, binaryName) {
-  const { targetPath } = prepareBinDirectory(binaryName)
-
-  fs.symlinkSync(sourcePath, targetPath)
-  console.log(`opencode binary symlinked: ${targetPath} -> ${sourcePath}`)
-
-  // Verify the file exists after operation
-  if (!fs.existsSync(targetPath)) {
-    throw new Error(`Failed to symlink binary to ${targetPath}`)
-  }
-}
-
 async function main() {
   try {
     if (os.platform() === "win32") {

packages/opencode/script/unwrap-namespace.ts

@@ -5,16 +5,17 @@
  * Usage:
  *   bun script/unwrap-namespace.ts src/bus/index.ts
  *   bun script/unwrap-namespace.ts src/bus/index.ts --dry-run
+ *   bun script/unwrap-namespace.ts src/pty/index.ts --name service   # avoid collision with pty.ts
  *
  * What it does:
  *   1. Reads the file and finds the `export namespace Foo { ... }` block
  *      (uses ast-grep for accurate AST-based boundary detection)
  *   2. Removes the namespace wrapper and dedents the body
- *   3. If the file is index.ts, renames it to <lowercase-name>.ts
- *   4. Creates/updates index.ts with `export * as Foo from "./<file>"`
- *   5. Prints the import rewrite commands to run across the codebase
- *
- * Does NOT auto-rewrite imports — prints the commands so you can review them.
+ *   3. Fixes self-references (e.g. Config.PermissionAction → PermissionAction)
+ *   4. If the file is index.ts, renames it to <lowercase-name>.ts
+ *   5. Creates/updates index.ts with `export * as Foo from "./<file>"`
+ *   6. Rewrites import paths across src/, test/, and script/
+ *   7. Fixes sibling imports within the same directory
  *
  * Requires: ast-grep (`brew install ast-grep` or `cargo install ast-grep`)
  */
@@ -24,10 +25,11 @@ import fs from "fs"
 
 const args = process.argv.slice(2)
 const dryRun = args.includes("--dry-run")
-const filePath = args.find((a) => !a.startsWith("--"))
+const nameFlag = args.find((a, i) => args[i - 1] === "--name")
+const filePath = args.find((a) => !a.startsWith("--") && args[args.indexOf(a) - 1] !== "--name")
 
 if (!filePath) {
-  console.error("Usage: bun script/unwrap-namespace.ts <file> [--dry-run]")
+  console.error("Usage: bun script/unwrap-namespace.ts <file> [--dry-run] [--name <impl-name>]")
   process.exit(1)
 }
 
@@ -90,22 +92,107 @@ const after = lines.slice(closeLine + 1)
 const dedented = body.map((line) => {
   if (line === "") return ""
   if (line.startsWith("  ")) return line.slice(2)
-  return line // don't touch lines that aren't indented (shouldn't happen)
+  return line
 })
 
-const newContent = [...before, ...dedented, ...after].join("\n")
+let newContent = [...before, ...dedented, ...after].join("\n")
+
+// --- Fix self-references ---
+// After unwrapping, references like `Config.PermissionAction` inside the same file
+// need to become just `PermissionAction`. Only fix code positions, not strings.
+const exportedNames = new Set<string>()
+const exportRegex = /export\s+(?:const|function|class|interface|type|enum|abstract\s+class)\s+(\w+)/g
+for (const line of dedented) {
+  for (const m of line.matchAll(exportRegex)) exportedNames.add(m[1])
+}
+const reExportRegex = /export\s*\{\s*([^}]+)\}/g
+for (const line of dedented) {
+  for (const m of line.matchAll(reExportRegex)) {
+    for (const name of m[1].split(",")) {
+      const trimmed = name
+        .trim()
+        .split(/\s+as\s+/)
+        .pop()!
+        .trim()
+      if (trimmed) exportedNames.add(trimmed)
+    }
+  }
+}
+
+let selfRefCount = 0
+if (exportedNames.size > 0) {
+  const fixedLines = newContent.split("\n").map((line) => {
+    // Split line into string-literal and code segments to avoid replacing inside strings
+    const segments: Array<{ text: string; isString: boolean }> = []
+    let i = 0
+    let current = ""
+    let inString: string | null = null
+
+    while (i < line.length) {
+      const ch = line[i]
+      if (inString) {
+        current += ch
+        if (ch === "\\" && i + 1 < line.length) {
+          current += line[i + 1]
+          i += 2
+          continue
+        }
+        if (ch === inString) {
+          segments.push({ text: current, isString: true })
+          current = ""
+          inString = null
+        }
+        i++
+        continue
+      }
+      if (ch === '"' || ch === "'" || ch === "`") {
+        if (current) segments.push({ text: current, isString: false })
+        current = ch
+        inString = ch
+        i++
+        continue
+      }
+      if (ch === "/" && i + 1 < line.length && line[i + 1] === "/") {
+        current += line.slice(i)
+        segments.push({ text: current, isString: true })
+        current = ""
+        i = line.length
+        continue
+      }
+      current += ch
+      i++
+    }
+    if (current) segments.push({ text: current, isString: !!inString })
+
+    return segments
+      .map((seg) => {
+        if (seg.isString) return seg.text
+        let result = seg.text
+        for (const name of exportedNames) {
+          const pattern = `${nsName}.${name}`
+          while (result.includes(pattern)) {
+            const idx = result.indexOf(pattern)
+            const charBefore = idx > 0 ? result[idx - 1] : " "
+            const charAfter = idx + pattern.length < result.length ? result[idx + pattern.length] : " "
+            if (/\w/.test(charBefore) || /\w/.test(charAfter)) break
+            result = result.slice(0, idx) + name + result.slice(idx + pattern.length)
+            selfRefCount++
+          }
+        }
+        return result
+      })
+      .join("")
+  })
+  newContent = fixedLines.join("\n")
+}
 
 // Figure out file naming
 const dir = path.dirname(absPath)
 const basename = path.basename(absPath, ".ts")
 const isIndex = basename === "index"
-
-// The implementation file name (lowercase namespace name if currently index.ts)
-const implName = isIndex ? nsName.replace(/([a-z])([A-Z])/g, "$1-$2").toLowerCase() : basename
+const implName = nameFlag ?? (isIndex ? nsName.replace(/([a-z])([A-Z])/g, "$1-$2").toLowerCase() : basename)
 const implFile = path.join(dir, `${implName}.ts`)
 const indexFile = path.join(dir, "index.ts")
-
-// The barrel line
 const barrelLine = `export * as ${nsName} from "./${implName}"\n`
 
 console.log("")
@@ -114,6 +201,7 @@ if (isIndex) {
 } else {
   console.log(`Plan: rewrite ${basename}.ts in place, create index.ts barrel`)
 }
+if (selfRefCount > 0) console.log(`Fixed ${selfRefCount} self-reference(s) (${nsName}.X → X)`)
 console.log("")
 
 if (dryRun) {
@@ -128,19 +216,23 @@ if (dryRun) {
   console.log("")
   console.log(`=== index.ts ===`)
   console.log(`  ${barrelLine.trim()}`)
+  console.log("")
+  if (!isIndex) {
+    const relDir = path.relative(path.resolve("src"), dir)
+    console.log(`=== Import rewrites (would apply) ===`)
+    console.log(`  ${relDir}/${basename}" → ${relDir}" across src/, test/, script/`)
+  } else {
+    console.log("No import rewrites needed (was index.ts)")
+  }
 } else {
-  // Write the implementation file
   if (isIndex) {
-    // Rename: write new content to implFile, then overwrite index.ts with barrel
     fs.writeFileSync(implFile, newContent)
     fs.writeFileSync(indexFile, barrelLine)
     console.log(`Wrote ${implName}.ts (${newContent.split("\n").length} lines)`)
     console.log(`Wrote index.ts (barrel)`)
   } else {
-    // Rewrite in place, create index.ts
     fs.writeFileSync(absPath, newContent)
     if (fs.existsSync(indexFile)) {
-      // Append to existing barrel
       const existing = fs.readFileSync(indexFile, "utf-8")
       if (!existing.includes(`export * as ${nsName}`)) {
         fs.appendFileSync(indexFile, barrelLine)
@@ -154,37 +246,60 @@ if (dryRun) {
     }
     console.log(`Rewrote ${basename}.ts (${newContent.split("\n").length} lines)`)
   }
-}
 
-// Print the import rewrite guidance
-const relDir = path.relative(path.resolve("src"), dir)
+  // --- Rewrite import paths across src/, test/, script/ ---
+  const relDir = path.relative(path.resolve("src"), dir)
+  if (!isIndex) {
+    const oldTail = `${relDir}/${basename}`
+    const searchDirs = ["src", "test", "script"].filter((d) => fs.existsSync(d))
+    const rgResult = Bun.spawnSync(["rg", "-l", `from.*${oldTail}"`, ...searchDirs], {
+      stdout: "pipe",
+      stderr: "pipe",
+    })
+    const filesToRewrite = rgResult.stdout
+      .toString()
+      .trim()
+      .split("\n")
+      .filter((f) => f.length > 0)
 
-console.log("")
-console.log("=== Import rewrites ===")
-console.log("")
+    if (filesToRewrite.length > 0) {
+      console.log(`\nRewriting imports in ${filesToRewrite.length} file(s)...`)
+      for (const file of filesToRewrite) {
+        const content = fs.readFileSync(file, "utf-8")
+        fs.writeFileSync(file, content.replaceAll(`${oldTail}"`, `${relDir}"`))
+      }
+      console.log(`  Done: ${oldTail}" → ${relDir}"`)
+    } else {
+      console.log("\nNo import rewrites needed")
+    }
+  } else {
+    console.log("\nNo import rewrites needed (was index.ts)")
+  }
 
-if (!isIndex) {
-  // Non-index files: imports like "../provider/provider" need to become "../provider"
-  const oldTail = `${relDir}/${basename}`
+  // --- Fix sibling imports within the same directory ---
+  const siblingFiles = fs.readdirSync(dir).filter((f) => {
+    if (!f.endsWith(".ts")) return false
+    if (f === "index.ts" || f === `${implName}.ts`) return false
+    return true
+  })
 
-  console.log(`# Find all imports to rewrite:`)
-  console.log(`rg 'from.*${oldTail}' src/ --files-with-matches`)
-  console.log("")
-
-  // Auto-rewrite with sed (safe: only rewrites the import path, not other occurrences)
-  console.log("# Auto-rewrite (review diff afterward):")
-  console.log(`rg -l 'from.*${oldTail}' src/ | xargs sed -i '' 's|${oldTail}"|${relDir}"|g'`)
-  console.log("")
-  console.log("# What changes:")
-  console.log(`#   import { ${nsName} } from ".../${oldTail}"`)
-  console.log(`#   import { ${nsName} } from ".../${relDir}"`)
-} else {
-  console.log("# File was index.ts — import paths already resolve correctly.")
-  console.log("# No import rewrites needed!")
+  let siblingFixCount = 0
+  for (const sibFile of siblingFiles) {
+    const sibPath = path.join(dir, sibFile)
+    const content = fs.readFileSync(sibPath, "utf-8")
+    const pattern = new RegExp(`from\\s+["']\\./${basename}["']`, "g")
+    if (pattern.test(content)) {
+      fs.writeFileSync(sibPath, content.replace(pattern, `from "."`))
+      siblingFixCount++
+    }
+  }
+  if (siblingFixCount > 0) {
+    console.log(`Fixed ${siblingFixCount} sibling import(s) in ${path.basename(dir)}/ (./${basename} → .)`)
+  }
 }
 
 console.log("")
 console.log("=== Verify ===")
 console.log("")
-console.log("bun typecheck     # from packages/opencode")
-console.log("bun run test      # run tests")
+console.log("bunx --bun tsgo --noEmit   # typecheck")
+console.log("bun run test               # run tests")

packages/opencode/specs/effect/http-api.md

@@ -156,6 +156,14 @@ Ordering for a route-group migration:
 3. move tagged route-facing errors to `Schema.TaggedErrorClass` where needed
 4. switch existing Zod boundary validators to derived `.zod`
 5. define the `HttpApi` contract from the canonical Effect schemas
+6. regenerate the SDK (`./packages/sdk/js/script/build.ts`) and verify zero diff against `dev`
+
+SDK shape rule:
+
+- every schema migration must preserve the generated SDK output byte-for-byte
+- `Schema.Class` emits a named `$ref` in OpenAPI via its identifier — use it only for types that already had `.meta({ ref })` in the old Zod schema
+- inner / nested types that were anonymous in the old Zod schema should stay as `Schema.Struct` (not `Schema.Class`) to avoid introducing new named components in the OpenAPI spec
+- if a diff appears in `packages/sdk/js/src/v2/gen/types.gen.ts`, the migration introduced an unintended API surface change — fix it before merging
 
 Temporary exception:
 
@@ -195,8 +203,9 @@ Use the same sequence for each route group.
 4. Define the `HttpApi` contract separately from the handlers.
 5. Implement handlers by yielding the existing service from context.
 6. Mount the new surface in parallel under an experimental prefix.
-7. Add one end-to-end test and one OpenAPI-focused test.
-8. Compare ergonomics before migrating the next endpoint.
+7. Regenerate the SDK and verify zero diff against `dev` (see SDK shape rule above).
+8. Add one end-to-end test and one OpenAPI-focused test.
+9. Compare ergonomics before migrating the next endpoint.
 
 Rule of thumb:
 

packages/opencode/src/account/account.ts

@@ -0,0 +1,454 @@
+import { Cache, Clock, Duration, Effect, Layer, Option, Schema, SchemaGetter, Context } from "effect"
+import {
+  FetchHttpClient,
+  HttpClient,
+  HttpClientError,
+  HttpClientRequest,
+  HttpClientResponse,
+} from "effect/unstable/http"
+
+import { withTransientReadRetry } from "@/util/effect-http-client"
+import { AccountRepo, type AccountRow } from "./repo"
+import { normalizeServerUrl } from "./url"
+import {
+  type AccountError,
+  AccessToken,
+  AccountID,
+  DeviceCode,
+  Info,
+  RefreshToken,
+  AccountServiceError,
+  AccountTransportError,
+  Login,
+  Org,
+  OrgID,
+  PollDenied,
+  PollError,
+  PollExpired,
+  PollPending,
+  type PollResult,
+  PollSlow,
+  PollSuccess,
+  UserCode,
+} from "./schema"
+
+export {
+  AccountID,
+  type AccountError,
+  AccountRepoError,
+  AccountServiceError,
+  AccountTransportError,
+  AccessToken,
+  RefreshToken,
+  DeviceCode,
+  UserCode,
+  Info,
+  Org,
+  OrgID,
+  Login,
+  PollSuccess,
+  PollPending,
+  PollSlow,
+  PollExpired,
+  PollDenied,
+  PollError,
+  PollResult,
+} from "./schema"
+
+export type AccountOrgs = {
+  account: Info
+  orgs: readonly Org[]
+}
+
+export type ActiveOrg = {
+  account: Info
+  org: Org
+}
+
+class RemoteConfig extends Schema.Class<RemoteConfig>("RemoteConfig")({
+  config: Schema.Record(Schema.String, Schema.Json),
+}) {}
+
+const DurationFromSeconds = Schema.Number.pipe(
+  Schema.decodeTo(Schema.Duration, {
+    decode: SchemaGetter.transform((n) => Duration.seconds(n)),
+    encode: SchemaGetter.transform((d) => Duration.toSeconds(d)),
+  }),
+)
+
+class TokenRefresh extends Schema.Class<TokenRefresh>("TokenRefresh")({
+  access_token: AccessToken,
+  refresh_token: RefreshToken,
+  expires_in: DurationFromSeconds,
+}) {}
+
+class DeviceAuth extends Schema.Class<DeviceAuth>("DeviceAuth")({
+  device_code: DeviceCode,
+  user_code: UserCode,
+  verification_uri_complete: Schema.String,
+  expires_in: DurationFromSeconds,
+  interval: DurationFromSeconds,
+}) {}
+
+class DeviceTokenSuccess extends Schema.Class<DeviceTokenSuccess>("DeviceTokenSuccess")({
+  access_token: AccessToken,
+  refresh_token: RefreshToken,
+  token_type: Schema.Literal("Bearer"),
+  expires_in: DurationFromSeconds,
+}) {}
+
+class DeviceTokenError extends Schema.Class<DeviceTokenError>("DeviceTokenError")({
+  error: Schema.String,
+  error_description: Schema.String,
+}) {
+  toPollResult(): PollResult {
+    if (this.error === "authorization_pending") return new PollPending()
+    if (this.error === "slow_down") return new PollSlow()
+    if (this.error === "expired_token") return new PollExpired()
+    if (this.error === "access_denied") return new PollDenied()
+    return new PollError({ cause: this.error })
+  }
+}
+
+const DeviceToken = Schema.Union([DeviceTokenSuccess, DeviceTokenError])
+
+class User extends Schema.Class<User>("User")({
+  id: AccountID,
+  email: Schema.String,
+}) {}
+
+class ClientId extends Schema.Class<ClientId>("ClientId")({ client_id: Schema.String }) {}
+
+class DeviceTokenRequest extends Schema.Class<DeviceTokenRequest>("DeviceTokenRequest")({
+  grant_type: Schema.String,
+  device_code: DeviceCode,
+  client_id: Schema.String,
+}) {}
+
+class TokenRefreshRequest extends Schema.Class<TokenRefreshRequest>("TokenRefreshRequest")({
+  grant_type: Schema.String,
+  refresh_token: RefreshToken,
+  client_id: Schema.String,
+}) {}
+
+const clientId = "opencode-cli"
+const eagerRefreshThreshold = Duration.minutes(5)
+const eagerRefreshThresholdMs = Duration.toMillis(eagerRefreshThreshold)
+
+const isTokenFresh = (tokenExpiry: number | null, now: number) =>
+  tokenExpiry != null && tokenExpiry > now + eagerRefreshThresholdMs
+
+const mapAccountServiceError =
+  (message = "Account service operation failed") =>
+  <A, E, R>(effect: Effect.Effect<A, E, R>): Effect.Effect<A, AccountError, R> =>
+    effect.pipe(Effect.mapError((cause) => accountErrorFromCause(cause, message)))
+
+const accountErrorFromCause = (cause: unknown, message: string): AccountError => {
+  if (cause instanceof AccountServiceError || cause instanceof AccountTransportError) {
+    return cause
+  }
+
+  if (HttpClientError.isHttpClientError(cause)) {
+    switch (cause.reason._tag) {
+      case "TransportError": {
+        return AccountTransportError.fromHttpClientError(cause.reason)
+      }
+      default: {
+        return new AccountServiceError({ message, cause })
+      }
+    }
+  }
+
+  return new AccountServiceError({ message, cause })
+}
+
+export interface Interface {
+  readonly active: () => Effect.Effect<Option.Option<Info>, AccountError>
+  readonly activeOrg: () => Effect.Effect<Option.Option<ActiveOrg>, AccountError>
+  readonly list: () => Effect.Effect<Info[], AccountError>
+  readonly orgsByAccount: () => Effect.Effect<readonly AccountOrgs[], AccountError>
+  readonly remove: (accountID: AccountID) => Effect.Effect<void, AccountError>
+  readonly use: (accountID: AccountID, orgID: Option.Option<OrgID>) => Effect.Effect<void, AccountError>
+  readonly orgs: (accountID: AccountID) => Effect.Effect<readonly Org[], AccountError>
+  readonly config: (
+    accountID: AccountID,
+    orgID: OrgID,
+  ) => Effect.Effect<Option.Option<Record<string, unknown>>, AccountError>
+  readonly token: (accountID: AccountID) => Effect.Effect<Option.Option<AccessToken>, AccountError>
+  readonly login: (url: string) => Effect.Effect<Login, AccountError>
+  readonly poll: (input: Login) => Effect.Effect<PollResult, AccountError>
+}
+
+export class Service extends Context.Service<Service, Interface>()("@opencode/Account") {}
+
+export const layer: Layer.Layer<Service, never, AccountRepo | HttpClient.HttpClient> = Layer.effect(
+  Service,
+  Effect.gen(function* () {
+    const repo = yield* AccountRepo
+    const http = yield* HttpClient.HttpClient
+    const httpRead = withTransientReadRetry(http)
+    const httpOk = HttpClient.filterStatusOk(http)
+    const httpReadOk = HttpClient.filterStatusOk(httpRead)
+
+    const executeRead = (request: HttpClientRequest.HttpClientRequest) =>
+      httpRead.execute(request).pipe(mapAccountServiceError("HTTP request failed"))
+
+    const executeReadOk = (request: HttpClientRequest.HttpClientRequest) =>
+      httpReadOk.execute(request).pipe(mapAccountServiceError("HTTP request failed"))
+
+    const executeEffectOk = <E>(request: Effect.Effect<HttpClientRequest.HttpClientRequest, E>) =>
+      request.pipe(
+        Effect.flatMap((req) => httpOk.execute(req)),
+        mapAccountServiceError("HTTP request failed"),
+      )
+
+    const executeEffect = <E>(request: Effect.Effect<HttpClientRequest.HttpClientRequest, E>) =>
+      request.pipe(
+        Effect.flatMap((req) => http.execute(req)),
+        mapAccountServiceError("HTTP request failed"),
+      )
+
+    const refreshToken = Effect.fnUntraced(function* (row: AccountRow) {
+      const now = yield* Clock.currentTimeMillis
+
+      const response = yield* executeEffectOk(
+        HttpClientRequest.post(`${row.url}/auth/device/token`).pipe(
+          HttpClientRequest.acceptJson,
+          HttpClientRequest.schemaBodyJson(TokenRefreshRequest)(
+            new TokenRefreshRequest({
+              grant_type: "refresh_token",
+              refresh_token: row.refresh_token,
+              client_id: clientId,
+            }),
+          ),
+        ),
+      )
+
+      const parsed = yield* HttpClientResponse.schemaBodyJson(TokenRefresh)(response).pipe(
+        mapAccountServiceError("Failed to decode response"),
+      )
+
+      const expiry = Option.some(now + Duration.toMillis(parsed.expires_in))
+
+      yield* repo.persistToken({
+        accountID: row.id,
+        accessToken: parsed.access_token,
+        refreshToken: parsed.refresh_token,
+        expiry,
+      })
+
+      return parsed.access_token
+    })
+
+    const refreshTokenCache = yield* Cache.make<AccountID, AccessToken, AccountError>({
+      capacity: Number.POSITIVE_INFINITY,
+      timeToLive: Duration.zero,
+      lookup: Effect.fnUntraced(function* (accountID) {
+        const maybeAccount = yield* repo.getRow(accountID)
+        if (Option.isNone(maybeAccount)) {
+          return yield* Effect.fail(new AccountServiceError({ message: "Account not found during token refresh" }))
+        }
+
+        const account = maybeAccount.value
+        const now = yield* Clock.currentTimeMillis
+        if (isTokenFresh(account.token_expiry, now)) {
+          return account.access_token
+        }
+
+        return yield* refreshToken(account)
+      }),
+    })
+
+    const resolveToken = Effect.fnUntraced(function* (row: AccountRow) {
+      const now = yield* Clock.currentTimeMillis
+      if (isTokenFresh(row.token_expiry, now)) {
+        return row.access_token
+      }
+
+      return yield* Cache.get(refreshTokenCache, row.id)
+    })
+
+    const resolveAccess = Effect.fnUntraced(function* (accountID: AccountID) {
+      const maybeAccount = yield* repo.getRow(accountID)
+      if (Option.isNone(maybeAccount)) return Option.none()
+
+      const account = maybeAccount.value
+      const accessToken = yield* resolveToken(account)
+      return Option.some({ account, accessToken })
+    })
+
+    const fetchOrgs = Effect.fnUntraced(function* (url: string, accessToken: AccessToken) {
+      const response = yield* executeReadOk(
+        HttpClientRequest.get(`${url}/api/orgs`).pipe(
+          HttpClientRequest.acceptJson,
+          HttpClientRequest.bearerToken(accessToken),
+        ),
+      )
+
+      return yield* HttpClientResponse.schemaBodyJson(Schema.Array(Org))(response).pipe(
+        mapAccountServiceError("Failed to decode response"),
+      )
+    })
+
+    const fetchUser = Effect.fnUntraced(function* (url: string, accessToken: AccessToken) {
+      const response = yield* executeReadOk(
+        HttpClientRequest.get(`${url}/api/user`).pipe(
+          HttpClientRequest.acceptJson,
+          HttpClientRequest.bearerToken(accessToken),
+        ),
+      )
+
+      return yield* HttpClientResponse.schemaBodyJson(User)(response).pipe(
+        mapAccountServiceError("Failed to decode response"),
+      )
+    })
+
+    const token = Effect.fn("Account.token")((accountID: AccountID) =>
+      resolveAccess(accountID).pipe(Effect.map(Option.map((r) => r.accessToken))),
+    )
+
+    const activeOrg = Effect.fn("Account.activeOrg")(function* () {
+      const activeAccount = yield* repo.active()
+      if (Option.isNone(activeAccount)) return Option.none<ActiveOrg>()
+
+      const account = activeAccount.value
+      if (!account.active_org_id) return Option.none<ActiveOrg>()
+
+      const accountOrgs = yield* orgs(account.id)
+      const org = accountOrgs.find((item) => item.id === account.active_org_id)
+      if (!org) return Option.none<ActiveOrg>()
+
+      return Option.some({ account, org })
+    })
+
+    const orgsByAccount = Effect.fn("Account.orgsByAccount")(function* () {
+      const accounts = yield* repo.list()
+      return yield* Effect.forEach(
+        accounts,
+        (account) =>
+          orgs(account.id).pipe(
+            Effect.catch(() => Effect.succeed([] as readonly Org[])),
+            Effect.map((orgs) => ({ account, orgs })),
+          ),
+        { concurrency: 3 },
+      )
+    })
+
+    const orgs = Effect.fn("Account.orgs")(function* (accountID: AccountID) {
+      const resolved = yield* resolveAccess(accountID)
+      if (Option.isNone(resolved)) return []
+
+      const { account, accessToken } = resolved.value
+
+      return yield* fetchOrgs(account.url, accessToken)
+    })
+
+    const config = Effect.fn("Account.config")(function* (accountID: AccountID, orgID: OrgID) {
+      const resolved = yield* resolveAccess(accountID)
+      if (Option.isNone(resolved)) return Option.none()
+
+      const { account, accessToken } = resolved.value
+
+      const response = yield* executeRead(
+        HttpClientRequest.get(`${account.url}/api/config`).pipe(
+          HttpClientRequest.acceptJson,
+          HttpClientRequest.bearerToken(accessToken),
+          HttpClientRequest.setHeaders({ "x-org-id": orgID }),
+        ),
+      )
+
+      if (response.status === 404) return Option.none()
+
+      const ok = yield* HttpClientResponse.filterStatusOk(response).pipe(mapAccountServiceError())
+
+      const parsed = yield* HttpClientResponse.schemaBodyJson(RemoteConfig)(ok).pipe(
+        mapAccountServiceError("Failed to decode response"),
+      )
+      return Option.some(parsed.config)
+    })
+
+    const login = Effect.fn("Account.login")(function* (server: string) {
+      const normalizedServer = normalizeServerUrl(server)
+      const response = yield* executeEffectOk(
+        HttpClientRequest.post(`${normalizedServer}/auth/device/code`).pipe(
+          HttpClientRequest.acceptJson,
+          HttpClientRequest.schemaBodyJson(ClientId)(new ClientId({ client_id: clientId })),
+        ),
+      )
+
+      const parsed = yield* HttpClientResponse.schemaBodyJson(DeviceAuth)(response).pipe(
+        mapAccountServiceError("Failed to decode response"),
+      )
+      return new Login({
+        code: parsed.device_code,
+        user: parsed.user_code,
+        url: `${normalizedServer}${parsed.verification_uri_complete}`,
+        server: normalizedServer,
+        expiry: parsed.expires_in,
+        interval: parsed.interval,
+      })
+    })
+
+    const poll = Effect.fn("Account.poll")(function* (input: Login) {
+      const response = yield* executeEffect(
+        HttpClientRequest.post(`${input.server}/auth/device/token`).pipe(
+          HttpClientRequest.acceptJson,
+          HttpClientRequest.schemaBodyJson(DeviceTokenRequest)(
+            new DeviceTokenRequest({
+              grant_type: "urn:ietf:params:oauth:grant-type:device_code",
+              device_code: input.code,
+              client_id: clientId,
+            }),
+          ),
+        ),
+      )
+
+      const parsed = yield* HttpClientResponse.schemaBodyJson(DeviceToken)(response).pipe(
+        mapAccountServiceError("Failed to decode response"),
+      )
+
+      if (parsed instanceof DeviceTokenError) return parsed.toPollResult()
+      const accessToken = parsed.access_token
+
+      const user = fetchUser(input.server, accessToken)
+      const orgs = fetchOrgs(input.server, accessToken)
+
+      const [account, remoteOrgs] = yield* Effect.all([user, orgs], { concurrency: 2 })
+
+      // TODO: When there are multiple orgs, let the user choose
+      const firstOrgID = remoteOrgs.length > 0 ? Option.some(remoteOrgs[0].id) : Option.none<OrgID>()
+
+      const now = yield* Clock.currentTimeMillis
+      const expiry = now + Duration.toMillis(parsed.expires_in)
+      const refreshToken = parsed.refresh_token
+
+      yield* repo.persistAccount({
+        id: account.id,
+        email: account.email,
+        url: input.server,
+        accessToken,
+        refreshToken,
+        expiry,
+        orgID: firstOrgID,
+      })
+
+      return new PollSuccess({ email: account.email })
+    })
+
+    return Service.of({
+      active: repo.active,
+      activeOrg,
+      list: repo.list,
+      orgsByAccount,
+      remove: repo.remove,
+      use: repo.use,
+      orgs,
+      config,
+      token,
+      login,
+      poll,
+    })
+  }),
+)
+
+export const defaultLayer = layer.pipe(Layer.provide(AccountRepo.layer), Layer.provide(FetchHttpClient.layer))

packages/opencode/src/account/index.ts

@@ -1,37 +1,4 @@
-import { Cache, Clock, Duration, Effect, Layer, Option, Schema, SchemaGetter, Context } from "effect"
-import {
-  FetchHttpClient,
-  HttpClient,
-  HttpClientError,
-  HttpClientRequest,
-  HttpClientResponse,
-} from "effect/unstable/http"
-
-import { withTransientReadRetry } from "@/util/effect-http-client"
-import { AccountRepo, type AccountRow } from "./repo"
-import { normalizeServerUrl } from "./url"
-import {
-  type AccountError,
-  AccessToken,
-  AccountID,
-  DeviceCode,
-  Info,
-  RefreshToken,
-  AccountServiceError,
-  AccountTransportError,
-  Login,
-  Org,
-  OrgID,
-  PollDenied,
-  PollError,
-  PollExpired,
-  PollPending,
-  type PollResult,
-  PollSlow,
-  PollSuccess,
-  UserCode,
-} from "./schema"
-
+export * as Account from "./account"
 export {
   AccountID,
   type AccountError,
@@ -52,405 +19,6 @@ export {
   PollExpired,
   PollDenied,
   PollError,
-  PollResult,
+  type PollResult,
 } from "./schema"
-
-export type AccountOrgs = {
-  account: Info
-  orgs: readonly Org[]
-}
-
-export type ActiveOrg = {
-  account: Info
-  org: Org
-}
-
-class RemoteConfig extends Schema.Class<RemoteConfig>("RemoteConfig")({
-  config: Schema.Record(Schema.String, Schema.Json),
-}) {}
-
-const DurationFromSeconds = Schema.Number.pipe(
-  Schema.decodeTo(Schema.Duration, {
-    decode: SchemaGetter.transform((n) => Duration.seconds(n)),
-    encode: SchemaGetter.transform((d) => Duration.toSeconds(d)),
-  }),
-)
-
-class TokenRefresh extends Schema.Class<TokenRefresh>("TokenRefresh")({
-  access_token: AccessToken,
-  refresh_token: RefreshToken,
-  expires_in: DurationFromSeconds,
-}) {}
-
-class DeviceAuth extends Schema.Class<DeviceAuth>("DeviceAuth")({
-  device_code: DeviceCode,
-  user_code: UserCode,
-  verification_uri_complete: Schema.String,
-  expires_in: DurationFromSeconds,
-  interval: DurationFromSeconds,
-}) {}
-
-class DeviceTokenSuccess extends Schema.Class<DeviceTokenSuccess>("DeviceTokenSuccess")({
-  access_token: AccessToken,
-  refresh_token: RefreshToken,
-  token_type: Schema.Literal("Bearer"),
-  expires_in: DurationFromSeconds,
-}) {}
-
-class DeviceTokenError extends Schema.Class<DeviceTokenError>("DeviceTokenError")({
-  error: Schema.String,
-  error_description: Schema.String,
-}) {
-  toPollResult(): PollResult {
-    if (this.error === "authorization_pending") return new PollPending()
-    if (this.error === "slow_down") return new PollSlow()
-    if (this.error === "expired_token") return new PollExpired()
-    if (this.error === "access_denied") return new PollDenied()
-    return new PollError({ cause: this.error })
-  }
-}
-
-const DeviceToken = Schema.Union([DeviceTokenSuccess, DeviceTokenError])
-
-class User extends Schema.Class<User>("User")({
-  id: AccountID,
-  email: Schema.String,
-}) {}
-
-class ClientId extends Schema.Class<ClientId>("ClientId")({ client_id: Schema.String }) {}
-
-class DeviceTokenRequest extends Schema.Class<DeviceTokenRequest>("DeviceTokenRequest")({
-  grant_type: Schema.String,
-  device_code: DeviceCode,
-  client_id: Schema.String,
-}) {}
-
-class TokenRefreshRequest extends Schema.Class<TokenRefreshRequest>("TokenRefreshRequest")({
-  grant_type: Schema.String,
-  refresh_token: RefreshToken,
-  client_id: Schema.String,
-}) {}
-
-const clientId = "opencode-cli"
-const eagerRefreshThreshold = Duration.minutes(5)
-const eagerRefreshThresholdMs = Duration.toMillis(eagerRefreshThreshold)
-
-const isTokenFresh = (tokenExpiry: number | null, now: number) =>
-  tokenExpiry != null && tokenExpiry > now + eagerRefreshThresholdMs
-
-const mapAccountServiceError =
-  (message = "Account service operation failed") =>
-  <A, E, R>(effect: Effect.Effect<A, E, R>): Effect.Effect<A, AccountError, R> =>
-    effect.pipe(Effect.mapError((cause) => accountErrorFromCause(cause, message)))
-
-const accountErrorFromCause = (cause: unknown, message: string): AccountError => {
-  if (cause instanceof AccountServiceError || cause instanceof AccountTransportError) {
-    return cause
-  }
-
-  if (HttpClientError.isHttpClientError(cause)) {
-    switch (cause.reason._tag) {
-      case "TransportError": {
-        return AccountTransportError.fromHttpClientError(cause.reason)
-      }
-      default: {
-        return new AccountServiceError({ message, cause })
-      }
-    }
-  }
-
-  return new AccountServiceError({ message, cause })
-}
-
-export namespace Account {
-  export interface Interface {
-    readonly active: () => Effect.Effect<Option.Option<Info>, AccountError>
-    readonly activeOrg: () => Effect.Effect<Option.Option<ActiveOrg>, AccountError>
-    readonly list: () => Effect.Effect<Info[], AccountError>
-    readonly orgsByAccount: () => Effect.Effect<readonly AccountOrgs[], AccountError>
-    readonly remove: (accountID: AccountID) => Effect.Effect<void, AccountError>
-    readonly use: (accountID: AccountID, orgID: Option.Option<OrgID>) => Effect.Effect<void, AccountError>
-    readonly orgs: (accountID: AccountID) => Effect.Effect<readonly Org[], AccountError>
-    readonly config: (
-      accountID: AccountID,
-      orgID: OrgID,
-    ) => Effect.Effect<Option.Option<Record<string, unknown>>, AccountError>
-    readonly token: (accountID: AccountID) => Effect.Effect<Option.Option<AccessToken>, AccountError>
-    readonly login: (url: string) => Effect.Effect<Login, AccountError>
-    readonly poll: (input: Login) => Effect.Effect<PollResult, AccountError>
-  }
-
-  export class Service extends Context.Service<Service, Interface>()("@opencode/Account") {}
-
-  export const layer: Layer.Layer<Service, never, AccountRepo | HttpClient.HttpClient> = Layer.effect(
-    Service,
-    Effect.gen(function* () {
-      const repo = yield* AccountRepo
-      const http = yield* HttpClient.HttpClient
-      const httpRead = withTransientReadRetry(http)
-      const httpOk = HttpClient.filterStatusOk(http)
-      const httpReadOk = HttpClient.filterStatusOk(httpRead)
-
-      const executeRead = (request: HttpClientRequest.HttpClientRequest) =>
-        httpRead.execute(request).pipe(mapAccountServiceError("HTTP request failed"))
-
-      const executeReadOk = (request: HttpClientRequest.HttpClientRequest) =>
-        httpReadOk.execute(request).pipe(mapAccountServiceError("HTTP request failed"))
-
-      const executeEffectOk = <E>(request: Effect.Effect<HttpClientRequest.HttpClientRequest, E>) =>
-        request.pipe(
-          Effect.flatMap((req) => httpOk.execute(req)),
-          mapAccountServiceError("HTTP request failed"),
-        )
-
-      const executeEffect = <E>(request: Effect.Effect<HttpClientRequest.HttpClientRequest, E>) =>
-        request.pipe(
-          Effect.flatMap((req) => http.execute(req)),
-          mapAccountServiceError("HTTP request failed"),
-        )
-
-      const refreshToken = Effect.fnUntraced(function* (row: AccountRow) {
-        const now = yield* Clock.currentTimeMillis
-
-        const response = yield* executeEffectOk(
-          HttpClientRequest.post(`${row.url}/auth/device/token`).pipe(
-            HttpClientRequest.acceptJson,
-            HttpClientRequest.schemaBodyJson(TokenRefreshRequest)(
-              new TokenRefreshRequest({
-                grant_type: "refresh_token",
-                refresh_token: row.refresh_token,
-                client_id: clientId,
-              }),
-            ),
-          ),
-        )
-
-        const parsed = yield* HttpClientResponse.schemaBodyJson(TokenRefresh)(response).pipe(
-          mapAccountServiceError("Failed to decode response"),
-        )
-
-        const expiry = Option.some(now + Duration.toMillis(parsed.expires_in))
-
-        yield* repo.persistToken({
-          accountID: row.id,
-          accessToken: parsed.access_token,
-          refreshToken: parsed.refresh_token,
-          expiry,
-        })
-
-        return parsed.access_token
-      })
-
-      const refreshTokenCache = yield* Cache.make<AccountID, AccessToken, AccountError>({
-        capacity: Number.POSITIVE_INFINITY,
-        timeToLive: Duration.zero,
-        lookup: Effect.fnUntraced(function* (accountID) {
-          const maybeAccount = yield* repo.getRow(accountID)
-          if (Option.isNone(maybeAccount)) {
-            return yield* Effect.fail(new AccountServiceError({ message: "Account not found during token refresh" }))
-          }
-
-          const account = maybeAccount.value
-          const now = yield* Clock.currentTimeMillis
-          if (isTokenFresh(account.token_expiry, now)) {
-            return account.access_token
-          }
-
-          return yield* refreshToken(account)
-        }),
-      })
-
-      const resolveToken = Effect.fnUntraced(function* (row: AccountRow) {
-        const now = yield* Clock.currentTimeMillis
-        if (isTokenFresh(row.token_expiry, now)) {
-          return row.access_token
-        }
-
-        return yield* Cache.get(refreshTokenCache, row.id)
-      })
-
-      const resolveAccess = Effect.fnUntraced(function* (accountID: AccountID) {
-        const maybeAccount = yield* repo.getRow(accountID)
-        if (Option.isNone(maybeAccount)) return Option.none()
-
-        const account = maybeAccount.value
-        const accessToken = yield* resolveToken(account)
-        return Option.some({ account, accessToken })
-      })
-
-      const fetchOrgs = Effect.fnUntraced(function* (url: string, accessToken: AccessToken) {
-        const response = yield* executeReadOk(
-          HttpClientRequest.get(`${url}/api/orgs`).pipe(
-            HttpClientRequest.acceptJson,
-            HttpClientRequest.bearerToken(accessToken),
-          ),
-        )
-
-        return yield* HttpClientResponse.schemaBodyJson(Schema.Array(Org))(response).pipe(
-          mapAccountServiceError("Failed to decode response"),
-        )
-      })
-
-      const fetchUser = Effect.fnUntraced(function* (url: string, accessToken: AccessToken) {
-        const response = yield* executeReadOk(
-          HttpClientRequest.get(`${url}/api/user`).pipe(
-            HttpClientRequest.acceptJson,
-            HttpClientRequest.bearerToken(accessToken),
-          ),
-        )
-
-        return yield* HttpClientResponse.schemaBodyJson(User)(response).pipe(
-          mapAccountServiceError("Failed to decode response"),
-        )
-      })
-
-      const token = Effect.fn("Account.token")((accountID: AccountID) =>
-        resolveAccess(accountID).pipe(Effect.map(Option.map((r) => r.accessToken))),
-      )
-
-      const activeOrg = Effect.fn("Account.activeOrg")(function* () {
-        const activeAccount = yield* repo.active()
-        if (Option.isNone(activeAccount)) return Option.none<ActiveOrg>()
-
-        const account = activeAccount.value
-        if (!account.active_org_id) return Option.none<ActiveOrg>()
-
-        const accountOrgs = yield* orgs(account.id)
-        const org = accountOrgs.find((item) => item.id === account.active_org_id)
-        if (!org) return Option.none<ActiveOrg>()
-
-        return Option.some({ account, org })
-      })
-
-      const orgsByAccount = Effect.fn("Account.orgsByAccount")(function* () {
-        const accounts = yield* repo.list()
-        return yield* Effect.forEach(
-          accounts,
-          (account) =>
-            orgs(account.id).pipe(
-              Effect.catch(() => Effect.succeed([] as readonly Org[])),
-              Effect.map((orgs) => ({ account, orgs })),
-            ),
-          { concurrency: 3 },
-        )
-      })
-
-      const orgs = Effect.fn("Account.orgs")(function* (accountID: AccountID) {
-        const resolved = yield* resolveAccess(accountID)
-        if (Option.isNone(resolved)) return []
-
-        const { account, accessToken } = resolved.value
-
-        return yield* fetchOrgs(account.url, accessToken)
-      })
-
-      const config = Effect.fn("Account.config")(function* (accountID: AccountID, orgID: OrgID) {
-        const resolved = yield* resolveAccess(accountID)
-        if (Option.isNone(resolved)) return Option.none()
-
-        const { account, accessToken } = resolved.value
-
-        const response = yield* executeRead(
-          HttpClientRequest.get(`${account.url}/api/config`).pipe(
-            HttpClientRequest.acceptJson,
-            HttpClientRequest.bearerToken(accessToken),
-            HttpClientRequest.setHeaders({ "x-org-id": orgID }),
-          ),
-        )
-
-        if (response.status === 404) return Option.none()
-
-        const ok = yield* HttpClientResponse.filterStatusOk(response).pipe(mapAccountServiceError())
-
-        const parsed = yield* HttpClientResponse.schemaBodyJson(RemoteConfig)(ok).pipe(
-          mapAccountServiceError("Failed to decode response"),
-        )
-        return Option.some(parsed.config)
-      })
-
-      const login = Effect.fn("Account.login")(function* (server: string) {
-        const normalizedServer = normalizeServerUrl(server)
-        const response = yield* executeEffectOk(
-          HttpClientRequest.post(`${normalizedServer}/auth/device/code`).pipe(
-            HttpClientRequest.acceptJson,
-            HttpClientRequest.schemaBodyJson(ClientId)(new ClientId({ client_id: clientId })),
-          ),
-        )
-
-        const parsed = yield* HttpClientResponse.schemaBodyJson(DeviceAuth)(response).pipe(
-          mapAccountServiceError("Failed to decode response"),
-        )
-        return new Login({
-          code: parsed.device_code,
-          user: parsed.user_code,
-          url: `${normalizedServer}${parsed.verification_uri_complete}`,
-          server: normalizedServer,
-          expiry: parsed.expires_in,
-          interval: parsed.interval,
-        })
-      })
-
-      const poll = Effect.fn("Account.poll")(function* (input: Login) {
-        const response = yield* executeEffect(
-          HttpClientRequest.post(`${input.server}/auth/device/token`).pipe(
-            HttpClientRequest.acceptJson,
-            HttpClientRequest.schemaBodyJson(DeviceTokenRequest)(
-              new DeviceTokenRequest({
-                grant_type: "urn:ietf:params:oauth:grant-type:device_code",
-                device_code: input.code,
-                client_id: clientId,
-              }),
-            ),
-          ),
-        )
-
-        const parsed = yield* HttpClientResponse.schemaBodyJson(DeviceToken)(response).pipe(
-          mapAccountServiceError("Failed to decode response"),
-        )
-
-        if (parsed instanceof DeviceTokenError) return parsed.toPollResult()
-        const accessToken = parsed.access_token
-
-        const user = fetchUser(input.server, accessToken)
-        const orgs = fetchOrgs(input.server, accessToken)
-
-        const [account, remoteOrgs] = yield* Effect.all([user, orgs], { concurrency: 2 })
-
-        // TODO: When there are multiple orgs, let the user choose
-        const firstOrgID = remoteOrgs.length > 0 ? Option.some(remoteOrgs[0].id) : Option.none<OrgID>()
-
-        const now = yield* Clock.currentTimeMillis
-        const expiry = now + Duration.toMillis(parsed.expires_in)
-        const refreshToken = parsed.refresh_token
-
-        yield* repo.persistAccount({
-          id: account.id,
-          email: account.email,
-          url: input.server,
-          accessToken,
-          refreshToken,
-          expiry,
-          orgID: firstOrgID,
-        })
-
-        return new PollSuccess({ email: account.email })
-      })
-
-      return Service.of({
-        active: repo.active,
-        activeOrg,
-        list: repo.list,
-        orgsByAccount,
-        remove: repo.remove,
-        use: repo.use,
-        orgs,
-        config,
-        token,
-        login,
-        poll,
-      })
-    }),
-  )
-
-  export const defaultLayer = layer.pipe(Layer.provide(AccountRepo.layer), Layer.provide(FetchHttpClient.layer))
-}
+export type { AccountOrgs, ActiveOrg } from "./account"

packages/opencode/src/acp/agent.ts

@@ -37,7 +37,7 @@ import { Filesystem } from "../util/filesystem"
 import { Hash } from "@opencode-ai/shared/util/hash"
 import { ACPSessionManager } from "./session"
 import type { ACPConfig } from "./types"
-import { Provider } from "../provider/provider"
+import { Provider } from "../provider"
 import { ModelID, ProviderID } from "../provider/schema"
 import { Agent as AgentModule } from "../agent/agent"
 import { AppRuntime } from "@/effect/app-runtime"

packages/opencode/src/agent/agent.ts

@@ -1,6 +1,6 @@
 import { Config } from "../config"
 import z from "zod"
-import { Provider } from "../provider/provider"
+import { Provider } from "../provider"
 import { ModelID, ProviderID } from "../provider/schema"
 import { generateObject, streamObject, type ModelMessage } from "ai"
 import { Instance } from "../project/instance"
@@ -80,7 +80,7 @@ export namespace Agent {
       const provider = yield* Provider.Service
 
       const state = yield* InstanceState.make<State>(
-        Effect.fn("Agent.state")(function* (ctx) {
+        Effect.fn("Agent.state")(function* (_ctx) {
           const cfg = yield* config.get()
           const skillDirs = yield* skill.dirs()
           const whitelistedDirs = [Truncate.GLOB, ...skillDirs.map((dir) => path.join(dir, "*"))]

packages/opencode/src/auth/auth.ts

@@ -0,0 +1,89 @@
+import path from "path"
+import { Effect, Layer, Record, Result, Schema, Context } from "effect"
+import { zod } from "@/util/effect-zod"
+import { Global } from "../global"
+import { AppFileSystem } from "@opencode-ai/shared/filesystem"
+
+export const OAUTH_DUMMY_KEY = "opencode-oauth-dummy-key"
+
+const file = path.join(Global.Path.data, "auth.json")
+
+const fail = (message: string) => (cause: unknown) => new AuthError({ message, cause })
+
+export class Oauth extends Schema.Class<Oauth>("OAuth")({
+  type: Schema.Literal("oauth"),
+  refresh: Schema.String,
+  access: Schema.String,
+  expires: Schema.Number,
+  accountId: Schema.optional(Schema.String),
+  enterpriseUrl: Schema.optional(Schema.String),
+}) {}
+
+export class Api extends Schema.Class<Api>("ApiAuth")({
+  type: Schema.Literal("api"),
+  key: Schema.String,
+  metadata: Schema.optional(Schema.Record(Schema.String, Schema.String)),
+}) {}
+
+export class WellKnown extends Schema.Class<WellKnown>("WellKnownAuth")({
+  type: Schema.Literal("wellknown"),
+  key: Schema.String,
+  token: Schema.String,
+}) {}
+
+const _Info = Schema.Union([Oauth, Api, WellKnown]).annotate({ discriminator: "type", identifier: "Auth" })
+export const Info = Object.assign(_Info, { zod: zod(_Info) })
+export type Info = Schema.Schema.Type<typeof _Info>
+
+export class AuthError extends Schema.TaggedErrorClass<AuthError>()("AuthError", {
+  message: Schema.String,
+  cause: Schema.optional(Schema.Defect),
+}) {}
+
+export interface Interface {
+  readonly get: (providerID: string) => Effect.Effect<Info | undefined, AuthError>
+  readonly all: () => Effect.Effect<Record<string, Info>, AuthError>
+  readonly set: (key: string, info: Info) => Effect.Effect<void, AuthError>
+  readonly remove: (key: string) => Effect.Effect<void, AuthError>
+}
+
+export class Service extends Context.Service<Service, Interface>()("@opencode/Auth") {}
+
+export const layer = Layer.effect(
+  Service,
+  Effect.gen(function* () {
+    const fsys = yield* AppFileSystem.Service
+    const decode = Schema.decodeUnknownOption(Info)
+
+    const all = Effect.fn("Auth.all")(function* () {
+      const data = (yield* fsys.readJson(file).pipe(Effect.orElseSucceed(() => ({})))) as Record<string, unknown>
+      return Record.filterMap(data, (value) => Result.fromOption(decode(value), () => undefined))
+    })
+
+    const get = Effect.fn("Auth.get")(function* (providerID: string) {
+      return (yield* all())[providerID]
+    })
+
+    const set = Effect.fn("Auth.set")(function* (key: string, info: Info) {
+      const norm = key.replace(/\/+$/, "")
+      const data = yield* all()
+      if (norm !== key) delete data[key]
+      delete data[norm + "/"]
+      yield* fsys
+        .writeJson(file, { ...data, [norm]: info }, 0o600)
+        .pipe(Effect.mapError(fail("Failed to write auth data")))
+    })
+
+    const remove = Effect.fn("Auth.remove")(function* (key: string) {
+      const norm = key.replace(/\/+$/, "")
+      const data = yield* all()
+      delete data[key]
+      delete data[norm]
+      yield* fsys.writeJson(file, data, 0o600).pipe(Effect.mapError(fail("Failed to write auth data")))
+    })
+
+    return Service.of({ get, all, set, remove })
+  }),
+)
+
+export const defaultLayer = layer.pipe(Layer.provide(AppFileSystem.defaultLayer))

packages/opencode/src/auth/index.ts

@@ -1,91 +1,2 @@
-import path from "path"
-import { Effect, Layer, Record, Result, Schema, Context } from "effect"
-import { zod } from "@/util/effect-zod"
-import { Global } from "../global"
-import { AppFileSystem } from "@opencode-ai/shared/filesystem"
-
-export const OAUTH_DUMMY_KEY = "opencode-oauth-dummy-key"
-
-const file = path.join(Global.Path.data, "auth.json")
-
-const fail = (message: string) => (cause: unknown) => new Auth.AuthError({ message, cause })
-
-export namespace Auth {
-  export class Oauth extends Schema.Class<Oauth>("OAuth")({
-    type: Schema.Literal("oauth"),
-    refresh: Schema.String,
-    access: Schema.String,
-    expires: Schema.Number,
-    accountId: Schema.optional(Schema.String),
-    enterpriseUrl: Schema.optional(Schema.String),
-  }) {}
-
-  export class Api extends Schema.Class<Api>("ApiAuth")({
-    type: Schema.Literal("api"),
-    key: Schema.String,
-    metadata: Schema.optional(Schema.Record(Schema.String, Schema.String)),
-  }) {}
-
-  export class WellKnown extends Schema.Class<WellKnown>("WellKnownAuth")({
-    type: Schema.Literal("wellknown"),
-    key: Schema.String,
-    token: Schema.String,
-  }) {}
-
-  const _Info = Schema.Union([Oauth, Api, WellKnown]).annotate({ discriminator: "type", identifier: "Auth" })
-  export const Info = Object.assign(_Info, { zod: zod(_Info) })
-  export type Info = Schema.Schema.Type<typeof _Info>
-
-  export class AuthError extends Schema.TaggedErrorClass<AuthError>()("AuthError", {
-    message: Schema.String,
-    cause: Schema.optional(Schema.Defect),
-  }) {}
-
-  export interface Interface {
-    readonly get: (providerID: string) => Effect.Effect<Info | undefined, AuthError>
-    readonly all: () => Effect.Effect<Record<string, Info>, AuthError>
-    readonly set: (key: string, info: Info) => Effect.Effect<void, AuthError>
-    readonly remove: (key: string) => Effect.Effect<void, AuthError>
-  }
-
-  export class Service extends Context.Service<Service, Interface>()("@opencode/Auth") {}
-
-  export const layer = Layer.effect(
-    Service,
-    Effect.gen(function* () {
-      const fsys = yield* AppFileSystem.Service
-      const decode = Schema.decodeUnknownOption(Info)
-
-      const all = Effect.fn("Auth.all")(function* () {
-        const data = (yield* fsys.readJson(file).pipe(Effect.orElseSucceed(() => ({})))) as Record<string, unknown>
-        return Record.filterMap(data, (value) => Result.fromOption(decode(value), () => undefined))
-      })
-
-      const get = Effect.fn("Auth.get")(function* (providerID: string) {
-        return (yield* all())[providerID]
-      })
-
-      const set = Effect.fn("Auth.set")(function* (key: string, info: Info) {
-        const norm = key.replace(/\/+$/, "")
-        const data = yield* all()
-        if (norm !== key) delete data[key]
-        delete data[norm + "/"]
-        yield* fsys
-          .writeJson(file, { ...data, [norm]: info }, 0o600)
-          .pipe(Effect.mapError(fail("Failed to write auth data")))
-      })
-
-      const remove = Effect.fn("Auth.remove")(function* (key: string) {
-        const norm = key.replace(/\/+$/, "")
-        const data = yield* all()
-        delete data[key]
-        delete data[norm]
-        yield* fsys.writeJson(file, data, 0o600).pipe(Effect.mapError(fail("Failed to write auth data")))
-      })
-
-      return Service.of({ get, all, set, remove })
-    }),
-  )
-
-  export const defaultLayer = layer.pipe(Layer.provide(AppFileSystem.defaultLayer))
-}
+export * as Auth from "./auth"
+export { OAUTH_DUMMY_KEY } from "./auth"

packages/opencode/src/bus/bus.ts

@@ -4,7 +4,6 @@ import { EffectBridge } from "@/effect/bridge"
 import { Log } from "../util/log"
 import { BusEvent } from "./bus-event"
 import { GlobalBus } from "./global"
-import { WorkspaceContext } from "@/control-plane/workspace-context"
 import { InstanceState } from "@/effect/instance-state"
 import { makeRuntime } from "@/effect/run-service"
 

packages/opencode/src/cli/cmd/agent.ts

@@ -4,7 +4,7 @@ import { AppRuntime } from "@/effect/app-runtime"
 import { UI } from "../ui"
 import { Global } from "../../global"
 import { Agent } from "../../agent/agent"
-import { Provider } from "../../provider/provider"
+import { Provider } from "../../provider"
 import path from "path"
 import fs from "fs/promises"
 import { Filesystem } from "../../util/filesystem"

packages/opencode/src/cli/cmd/debug/agent.ts

@@ -2,7 +2,7 @@ import { EOL } from "os"
 import { basename } from "path"
 import { Effect } from "effect"
 import { Agent } from "../../../agent/agent"
-import { Provider } from "../../../provider/provider"
+import { Provider } from "../../../provider"
 import { Session } from "../../../session"
 import type { MessageV2 } from "../../../session/message-v2"
 import { MessageID, PartID } from "../../../session/schema"

packages/opencode/src/cli/cmd/github.ts

@@ -25,7 +25,7 @@ import { SessionShare } from "@/share/session"
 import { Session } from "../../session"
 import type { SessionID } from "../../session/schema"
 import { MessageID, PartID } from "../../session/schema"
-import { Provider } from "../../provider/provider"
+import { Provider } from "../../provider"
 import { Bus } from "../../bus"
 import { MessageV2 } from "../../session/message-v2"
 import { SessionPrompt } from "@/session/prompt"

packages/opencode/src/cli/cmd/models.ts

@@ -1,6 +1,6 @@
 import type { Argv } from "yargs"
 import { Instance } from "../../project/instance"
-import { Provider } from "../../provider/provider"
+import { Provider } from "../../provider"
 import { ProviderID } from "../../provider/schema"
 import { ModelsDev } from "../../provider/models"
 import { cmd } from "./cmd"

packages/opencode/src/cli/cmd/run.ts

@@ -9,7 +9,7 @@ import { EOL } from "os"
 import { Filesystem } from "../../util/filesystem"
 import { createOpencodeClient, type OpencodeClient, type ToolPart } from "@opencode-ai/sdk/v2"
 import { Server } from "../../server/server"
-import { Provider } from "../../provider/provider"
+import { Provider } from "../../provider"
 import { Agent } from "../../agent/agent"
 import { Permission } from "../../permission"
 import { Tool } from "../../tool/tool"

packages/opencode/src/cli/cmd/tui/app.tsx

@@ -52,7 +52,7 @@ import { ExitProvider, useExit } from "./context/exit"
 import { Session as SessionApi } from "@/session"
 import { TuiEvent } from "./event"
 import { KVProvider, useKV } from "./context/kv"
-import { Provider } from "@/provider/provider"
+import { Provider } from "@/provider"
 import { ArgsProvider, useArgs, type Args } from "./context/args"
 import open from "open"
 import { PromptRefProvider, usePromptRef } from "./context/prompt"

packages/opencode/src/cli/cmd/tui/component/dialog-mcp.tsx

@@ -78,7 +78,7 @@ export function DialogMcp() {
       title="MCPs"
       options={options()}
       keybind={keybinds()}
-      onSelect={(option) => {
+      onSelect={(_option) => {
         // Don't close on select, only on escape
       }}
     />

packages/opencode/src/cli/cmd/tui/component/prompt/autocomplete.tsx

@@ -111,7 +111,7 @@ export function Autocomplete(props: {
 
   const position = createMemo(() => {
     if (!store.visible) return { x: 0, y: 0, width: 0 }
-    const dims = dimensions()
+    dimensions()
     positionTick()
     const anchor = props.anchor()
     const parent = anchor.parent

packages/opencode/src/cli/cmd/tui/context/local.tsx

@@ -8,7 +8,7 @@ import { Global } from "@/global"
 import { iife } from "@/util/iife"
 import { createSimpleContext } from "./helper"
 import { useToast } from "../ui/toast"
-import { Provider } from "@/provider/provider"
+import { Provider } from "@/provider"
 import { useArgs } from "./args"
 import { useSDK } from "./sdk"
 import { RGBA } from "@opentui/core"

packages/opencode/src/cli/cmd/tui/context/sdk.tsx

@@ -1,5 +1,5 @@
 import { createOpencodeClient } from "@opencode-ai/sdk/v2"
-import type { GlobalEvent, Event } from "@opencode-ai/sdk/v2"
+import type { GlobalEvent } from "@opencode-ai/sdk/v2"
 import { createSimpleContext } from "./helper"
 import { createGlobalEmitter } from "@solid-primitives/event-bus"
 import { batch, onCleanup, onMount } from "solid-js"

packages/opencode/src/cli/cmd/tui/plugin/api.tsx

@@ -19,7 +19,6 @@ import { Prompt } from "../component/prompt"
 import { Slot as HostSlot } from "./slots"
 import type { useToast } from "../ui/toast"
 import { Installation } from "@/installation"
-import { type OpencodeClient } from "@opencode-ai/sdk/v2"
 
 type RouteEntry = {
   key: symbol

packages/opencode/src/cli/cmd/tui/routes/session/index.tsx

@@ -157,10 +157,10 @@ export function Session() {
   const [showThinking, setShowThinking] = kv.signal("thinking_visibility", true)
   const [timestamps, setTimestamps] = kv.signal<"hide" | "show">("timestamps", "hide")
   const [showDetails, setShowDetails] = kv.signal("tool_details_visibility", true)
-  const [showAssistantMetadata, setShowAssistantMetadata] = kv.signal("assistant_metadata_visibility", true)
+  const [showAssistantMetadata, _setShowAssistantMetadata] = kv.signal("assistant_metadata_visibility", true)
   const [showScrollbar, setShowScrollbar] = kv.signal("scrollbar_visible", false)
   const [diffWrapMode] = kv.signal<"word" | "none">("diff_wrap_mode", "word")
-  const [animationsEnabled, setAnimationsEnabled] = kv.signal("animations_enabled", true)
+  const [_animationsEnabled, _setAnimationsEnabled] = kv.signal("animations_enabled", true)
   const [showGenericToolOutput, setShowGenericToolOutput] = kv.signal("generic_tool_output_visibility", false)
 
   const wide = createMemo(() => dimensions().width > 120)

packages/opencode/src/cli/cmd/tui/routes/session/permission.tsx

@@ -599,7 +599,7 @@ function Prompt<const T extends Record<string, string>>(props: {
   })
 
   const hint = createMemo(() => (store.expanded ? "minimize" : "fullscreen"))
-  const renderer = useRenderer()
+  useRenderer()
 
   const content = () => (
     <box

packages/opencode/src/cli/cmd/tui/routes/session/subagent-footer.tsx

@@ -59,7 +59,7 @@ export function SubagentFooter() {
   const keybind = useKeybind()
   const command = useCommandDialog()
   const [hover, setHover] = createSignal<"parent" | "prev" | "next" | null>(null)
-  const dimensions = useTerminalDimensions()
+  useTerminalDimensions()
 
   return (
     <box flexShrink={0}>

packages/opencode/src/cli/cmd/tui/ui/dialog-confirm.tsx

@@ -54,7 +54,7 @@ export function DialogConfirm(props: DialogConfirmProps) {
               paddingLeft={1}
               paddingRight={1}
               backgroundColor={key === store.active ? theme.primary : undefined}
-              onMouseUp={(evt) => {
+              onMouseUp={(_evt) => {
                 if (key === "confirm") props.onConfirm?.()
                 if (key === "cancel") props.onCancel?.()
                 dialog.clear()

packages/opencode/src/cli/cmd/tui/ui/dialog-export-options.tsx

@@ -2,7 +2,7 @@ import { TextareaRenderable, TextAttributes } from "@opentui/core"
 import { useTheme } from "../context/theme"
 import { useDialog, type DialogContext } from "./dialog"
 import { createStore } from "solid-js/store"
-import { onMount, Show, type JSX } from "solid-js"
+import { onMount, Show } from "solid-js"
 import { useKeyboard } from "@opentui/solid"
 
 export type DialogExportOptionsProps = {

packages/opencode/src/cli/error.ts

@@ -3,7 +3,7 @@ import { ConfigMarkdown } from "@/config/markdown"
 import { errorFormat } from "@/util/error"
 import { Config } from "../config"
 import { MCP } from "../mcp"
-import { Provider } from "../provider/provider"
+import { Provider } from "../provider"
 import { UI } from "./ui"
 
 export function FormatError(input: unknown) {

packages/opencode/src/cli/network.ts

@@ -43,8 +43,6 @@ export async function resolveNetworkOptions(args: NetworkOptions) {
   const hostnameExplicitlySet = process.argv.includes("--hostname")
   const mdnsExplicitlySet = process.argv.includes("--mdns")
   const mdnsDomainExplicitlySet = process.argv.includes("--mdns-domain")
-  const corsExplicitlySet = process.argv.includes("--cors")
-
   const mdns = mdnsExplicitlySet ? args.mdns : (config?.server?.mdns ?? args.mdns)
   const mdnsDomain = mdnsDomainExplicitlySet ? args["mdns-domain"] : (config?.server?.mdnsDomain ?? args["mdns-domain"])
   const port = portExplicitlySet ? args.port : (config?.server?.port ?? args.port)

packages/opencode/src/command/command.ts

@@ -0,0 +1,186 @@
+import { BusEvent } from "@/bus/bus-event"
+import { InstanceState } from "@/effect/instance-state"
+import { EffectBridge } from "@/effect/bridge"
+import type { InstanceContext } from "@/project/instance"
+import { SessionID, MessageID } from "@/session/schema"
+import { Effect, Layer, Context } from "effect"
+import z from "zod"
+import { Config } from "../config"
+import { MCP } from "../mcp"
+import { Skill } from "../skill"
+import PROMPT_INITIALIZE from "./template/initialize.txt"
+import PROMPT_REVIEW from "./template/review.txt"
+
+type State = {
+  commands: Record<string, Info>
+}
+
+export const Event = {
+  Executed: BusEvent.define(
+    "command.executed",
+    z.object({
+      name: z.string(),
+      sessionID: SessionID.zod,
+      arguments: z.string(),
+      messageID: MessageID.zod,
+    }),
+  ),
+}
+
+export const Info = z
+  .object({
+    name: z.string(),
+    description: z.string().optional(),
+    agent: z.string().optional(),
+    model: z.string().optional(),
+    source: z.enum(["command", "mcp", "skill"]).optional(),
+    // workaround for zod not supporting async functions natively so we use getters
+    // https://zod.dev/v4/changelog?id=zfunction
+    template: z.promise(z.string()).or(z.string()),
+    subtask: z.boolean().optional(),
+    hints: z.array(z.string()),
+  })
+  .meta({
+    ref: "Command",
+  })
+
+// for some reason zod is inferring `string` for z.promise(z.string()).or(z.string()) so we have to manually override it
+export type Info = Omit<z.infer<typeof Info>, "template"> & { template: Promise<string> | string }
+
+export function hints(template: string) {
+  const result: string[] = []
+  const numbered = template.match(/\$\d+/g)
+  if (numbered) {
+    for (const match of [...new Set(numbered)].sort()) result.push(match)
+  }
+  if (template.includes("$ARGUMENTS")) result.push("$ARGUMENTS")
+  return result
+}
+
+export const Default = {
+  INIT: "init",
+  REVIEW: "review",
+} as const
+
+export interface Interface {
+  readonly get: (name: string) => Effect.Effect<Info | undefined>
+  readonly list: () => Effect.Effect<Info[]>
+}
+
+export class Service extends Context.Service<Service, Interface>()("@opencode/Command") {}
+
+export const layer = Layer.effect(
+  Service,
+  Effect.gen(function* () {
+    const config = yield* Config.Service
+    const mcp = yield* MCP.Service
+    const skill = yield* Skill.Service
+
+    const init = Effect.fn("Command.state")(function* (ctx: InstanceContext) {
+      const cfg = yield* config.get()
+      const bridge = yield* EffectBridge.make()
+      const commands: Record<string, Info> = {}
+
+      commands[Default.INIT] = {
+        name: Default.INIT,
+        description: "guided AGENTS.md setup",
+        source: "command",
+        get template() {
+          return PROMPT_INITIALIZE.replace("${path}", ctx.worktree)
+        },
+        hints: hints(PROMPT_INITIALIZE),
+      }
+      commands[Default.REVIEW] = {
+        name: Default.REVIEW,
+        description: "review changes [commit|branch|pr], defaults to uncommitted",
+        source: "command",
+        get template() {
+          return PROMPT_REVIEW.replace("${path}", ctx.worktree)
+        },
+        subtask: true,
+        hints: hints(PROMPT_REVIEW),
+      }
+
+      for (const [name, command] of Object.entries(cfg.command ?? {})) {
+        commands[name] = {
+          name,
+          agent: command.agent,
+          model: command.model,
+          description: command.description,
+          source: "command",
+          get template() {
+            return command.template
+          },
+          subtask: command.subtask,
+          hints: hints(command.template),
+        }
+      }
+
+      for (const [name, prompt] of Object.entries(yield* mcp.prompts())) {
+        commands[name] = {
+          name,
+          source: "mcp",
+          description: prompt.description,
+          get template() {
+            return bridge.promise(
+              mcp
+                .getPrompt(
+                  prompt.client,
+                  prompt.name,
+                  prompt.arguments
+                    ? Object.fromEntries(prompt.arguments.map((argument, i) => [argument.name, `$${i + 1}`]))
+                    : {},
+                )
+                .pipe(
+                  Effect.map(
+                    (template) =>
+                      template?.messages
+                        .map((message) => (message.content.type === "text" ? message.content.text : ""))
+                        .join("\n") || "",
+                  ),
+                ),
+            )
+          },
+          hints: prompt.arguments?.map((_, i) => `$${i + 1}`) ?? [],
+        }
+      }
+
+      for (const item of yield* skill.all()) {
+        if (commands[item.name]) continue
+        commands[item.name] = {
+          name: item.name,
+          description: item.description,
+          source: "skill",
+          get template() {
+            return item.content
+          },
+          hints: [],
+        }
+      }
+
+      return {
+        commands,
+      }
+    })
+
+    const state = yield* InstanceState.make<State>((ctx) => init(ctx))
+
+    const get = Effect.fn("Command.get")(function* (name: string) {
+      const s = yield* InstanceState.get(state)
+      return s.commands[name]
+    })
+
+    const list = Effect.fn("Command.list")(function* () {
+      const s = yield* InstanceState.get(state)
+      return Object.values(s.commands)
+    })
+
+    return Service.of({ get, list })
+  }),
+)
+
+export const defaultLayer = layer.pipe(
+  Layer.provide(Config.defaultLayer),
+  Layer.provide(MCP.defaultLayer),
+  Layer.provide(Skill.defaultLayer),
+)

packages/opencode/src/command/index.ts

@@ -1,191 +1 @@
-import { BusEvent } from "@/bus/bus-event"
-import { InstanceState } from "@/effect/instance-state"
-import { EffectBridge } from "@/effect/bridge"
-import type { InstanceContext } from "@/project/instance"
-import { SessionID, MessageID } from "@/session/schema"
-import { Effect, Layer, Context } from "effect"
-import z from "zod"
-import { Config } from "../config"
-import { MCP } from "../mcp"
-import { Skill } from "../skill"
-import { Log } from "../util/log"
-import PROMPT_INITIALIZE from "./template/initialize.txt"
-import PROMPT_REVIEW from "./template/review.txt"
-
-export namespace Command {
-  const log = Log.create({ service: "command" })
-
-  type State = {
-    commands: Record<string, Info>
-  }
-
-  export const Event = {
-    Executed: BusEvent.define(
-      "command.executed",
-      z.object({
-        name: z.string(),
-        sessionID: SessionID.zod,
-        arguments: z.string(),
-        messageID: MessageID.zod,
-      }),
-    ),
-  }
-
-  export const Info = z
-    .object({
-      name: z.string(),
-      description: z.string().optional(),
-      agent: z.string().optional(),
-      model: z.string().optional(),
-      source: z.enum(["command", "mcp", "skill"]).optional(),
-      // workaround for zod not supporting async functions natively so we use getters
-      // https://zod.dev/v4/changelog?id=zfunction
-      template: z.promise(z.string()).or(z.string()),
-      subtask: z.boolean().optional(),
-      hints: z.array(z.string()),
-    })
-    .meta({
-      ref: "Command",
-    })
-
-  // for some reason zod is inferring `string` for z.promise(z.string()).or(z.string()) so we have to manually override it
-  export type Info = Omit<z.infer<typeof Info>, "template"> & { template: Promise<string> | string }
-
-  export function hints(template: string) {
-    const result: string[] = []
-    const numbered = template.match(/\$\d+/g)
-    if (numbered) {
-      for (const match of [...new Set(numbered)].sort()) result.push(match)
-    }
-    if (template.includes("$ARGUMENTS")) result.push("$ARGUMENTS")
-    return result
-  }
-
-  export const Default = {
-    INIT: "init",
-    REVIEW: "review",
-  } as const
-
-  export interface Interface {
-    readonly get: (name: string) => Effect.Effect<Info | undefined>
-    readonly list: () => Effect.Effect<Info[]>
-  }
-
-  export class Service extends Context.Service<Service, Interface>()("@opencode/Command") {}
-
-  export const layer = Layer.effect(
-    Service,
-    Effect.gen(function* () {
-      const config = yield* Config.Service
-      const mcp = yield* MCP.Service
-      const skill = yield* Skill.Service
-
-      const init = Effect.fn("Command.state")(function* (ctx: InstanceContext) {
-        const cfg = yield* config.get()
-        const bridge = yield* EffectBridge.make()
-        const commands: Record<string, Info> = {}
-
-        commands[Default.INIT] = {
-          name: Default.INIT,
-          description: "guided AGENTS.md setup",
-          source: "command",
-          get template() {
-            return PROMPT_INITIALIZE.replace("${path}", ctx.worktree)
-          },
-          hints: hints(PROMPT_INITIALIZE),
-        }
-        commands[Default.REVIEW] = {
-          name: Default.REVIEW,
-          description: "review changes [commit|branch|pr], defaults to uncommitted",
-          source: "command",
-          get template() {
-            return PROMPT_REVIEW.replace("${path}", ctx.worktree)
-          },
-          subtask: true,
-          hints: hints(PROMPT_REVIEW),
-        }
-
-        for (const [name, command] of Object.entries(cfg.command ?? {})) {
-          commands[name] = {
-            name,
-            agent: command.agent,
-            model: command.model,
-            description: command.description,
-            source: "command",
-            get template() {
-              return command.template
-            },
-            subtask: command.subtask,
-            hints: hints(command.template),
-          }
-        }
-
-        for (const [name, prompt] of Object.entries(yield* mcp.prompts())) {
-          commands[name] = {
-            name,
-            source: "mcp",
-            description: prompt.description,
-            get template() {
-              return bridge.promise(
-                mcp
-                  .getPrompt(
-                    prompt.client,
-                    prompt.name,
-                    prompt.arguments
-                      ? Object.fromEntries(prompt.arguments.map((argument, i) => [argument.name, `$${i + 1}`]))
-                      : {},
-                  )
-                  .pipe(
-                    Effect.map(
-                      (template) =>
-                        template?.messages
-                          .map((message) => (message.content.type === "text" ? message.content.text : ""))
-                          .join("\n") || "",
-                    ),
-                  ),
-              )
-            },
-            hints: prompt.arguments?.map((_, i) => `$${i + 1}`) ?? [],
-          }
-        }
-
-        for (const item of yield* skill.all()) {
-          if (commands[item.name]) continue
-          commands[item.name] = {
-            name: item.name,
-            description: item.description,
-            source: "skill",
-            get template() {
-              return item.content
-            },
-            hints: [],
-          }
-        }
-
-        return {
-          commands,
-        }
-      })
-
-      const state = yield* InstanceState.make<State>((ctx) => init(ctx))
-
-      const get = Effect.fn("Command.get")(function* (name: string) {
-        const s = yield* InstanceState.get(state)
-        return s.commands[name]
-      })
-
-      const list = Effect.fn("Command.list")(function* () {
-        const s = yield* InstanceState.get(state)
-        return Object.values(s.commands)
-      })
-
-      return Service.of({ get, list })
-    }),
-  )
-
-  export const defaultLayer = layer.pipe(
-    Layer.provide(Config.defaultLayer),
-    Layer.provide(MCP.defaultLayer),
-    Layer.provide(Skill.defaultLayer),
-  )
-}
+export * as Command from "./command"

packages/opencode/src/config/config.ts

@@ -34,7 +34,8 @@ import type { ConsoleState } from "./console-state"
 import { AppFileSystem } from "@opencode-ai/shared/filesystem"
 import { InstanceState } from "@/effect/instance-state"
 import { Context, Duration, Effect, Exit, Fiber, Layer, Option } from "effect"
-import { Flock } from "@opencode-ai/shared/util/flock"
+import { EffectFlock } from "@opencode-ai/shared/util/effect-flock"
+
 import { isPathPluginSpec, parsePluginSpecifier, resolvePathPluginTarget } from "@/plugin/shared"
 import { Npm } from "../npm"
 import { InstanceRef } from "@/effect/instance-ref"
@@ -510,7 +511,7 @@ export const Agent = z
     permission: Permission.optional(),
   })
   .catchall(z.any())
-  .transform((agent, ctx) => {
+  .transform((agent, _ctx) => {
     const knownKeys = new Set([
       "name",
       "model",
@@ -1095,7 +1096,7 @@ function patchJsonc(input: string, patch: unknown, path: string[] = []): string
 }
 
 function writable(info: Info) {
-  const { plugin_origins, ...next } = info
+  const { plugin_origins: _plugin_origins, ...next } = info
   return next
 }
 
@@ -1144,497 +1145,483 @@ export const ConfigDirectoryTypoError = NamedError.create(
   }),
 )
 
-export const layer: Layer.Layer<Service, never, AppFileSystem.Service | Auth.Service | Account.Service | Env.Service> =
-  Layer.effect(
-    Service,
-    Effect.gen(function* () {
-      const fs = yield* AppFileSystem.Service
-      const authSvc = yield* Auth.Service
-      const accountSvc = yield* Account.Service
-      const env = yield* Env.Service
+export const layer: Layer.Layer<
+  Service,
+  never,
+  AppFileSystem.Service | Auth.Service | Account.Service | Env.Service | EffectFlock.Service
+> = Layer.effect(
+  Service,
+  Effect.gen(function* () {
+    const fs = yield* AppFileSystem.Service
+    const authSvc = yield* Auth.Service
+    const accountSvc = yield* Account.Service
+    const env = yield* Env.Service
+    const flock = yield* EffectFlock.Service
 
-      const readConfigFile = Effect.fnUntraced(function* (filepath: string) {
-        return yield* fs.readFileString(filepath).pipe(
-          Effect.catchIf(
-            (e) => e.reason._tag === "NotFound",
-            () => Effect.succeed(undefined),
-          ),
-          Effect.orDie,
-        )
-      })
-
-      const loadConfig = Effect.fnUntraced(function* (
-        text: string,
-        options: { path: string } | { dir: string; source: string },
-      ) {
-        const original = text
-        const source = "path" in options ? options.path : options.source
-        const isFile = "path" in options
-        const data = yield* Effect.promise(() =>
-          ConfigPaths.parseText(text, "path" in options ? options.path : { source: options.source, dir: options.dir }),
-        )
-
-        const normalized = (() => {
-          if (!data || typeof data !== "object" || Array.isArray(data)) return data
-          const copy = { ...(data as Record<string, unknown>) }
-          const hadLegacy = "theme" in copy || "keybinds" in copy || "tui" in copy
-          if (!hadLegacy) return copy
-          delete copy.theme
-          delete copy.keybinds
-          delete copy.tui
-          log.warn("tui keys in opencode config are deprecated; move them to tui.json", { path: source })
-          return copy
-        })()
-
-        const parsed = Info.safeParse(normalized)
-        if (parsed.success) {
-          if (!parsed.data.$schema && isFile) {
-            parsed.data.$schema = "https://opencode.ai/config.json"
-            const updated = original.replace(/^\s*\{/, '{\n  "$schema": "https://opencode.ai/config.json",')
-            yield* fs.writeFileString(options.path, updated).pipe(Effect.catch(() => Effect.void))
-          }
-          const data = parsed.data
-          if (data.plugin && isFile) {
-            const list = data.plugin
-            for (let i = 0; i < list.length; i++) {
-              list[i] = yield* Effect.promise(() => resolvePluginSpec(list[i], options.path))
-            }
-          }
-          return data
-        }
-
-        throw new InvalidError({
-          path: source,
-          issues: parsed.error.issues,
-        })
-      })
-
-      const loadFile = Effect.fnUntraced(function* (filepath: string) {
-        log.info("loading", { path: filepath })
-        const text = yield* readConfigFile(filepath)
-        if (!text) return {} as Info
-        return yield* loadConfig(text, { path: filepath })
-      })
-
-      const loadGlobal = Effect.fnUntraced(function* () {
-        let result: Info = pipe(
-          {},
-          mergeDeep(yield* loadFile(path.join(Global.Path.config, "config.json"))),
-          mergeDeep(yield* loadFile(path.join(Global.Path.config, "opencode.json"))),
-          mergeDeep(yield* loadFile(path.join(Global.Path.config, "opencode.jsonc"))),
-        )
-
-        const legacy = path.join(Global.Path.config, "config")
-        if (existsSync(legacy)) {
-          yield* Effect.promise(() =>
-            import(pathToFileURL(legacy).href, { with: { type: "toml" } })
-              .then(async (mod) => {
-                const { provider, model, ...rest } = mod.default
-                if (provider && model) result.model = `${provider}/${model}`
-                result["$schema"] = "https://opencode.ai/config.json"
-                result = mergeDeep(result, rest)
-                await fsNode.writeFile(path.join(Global.Path.config, "config.json"), JSON.stringify(result, null, 2))
-                await fsNode.unlink(legacy)
-              })
-              .catch(() => {}),
-          )
-        }
-
-        return result
-      })
-
-      const [cachedGlobal, invalidateGlobal] = yield* Effect.cachedInvalidateWithTTL(
-        loadGlobal().pipe(
-          Effect.tapError((error) =>
-            Effect.sync(() => log.error("failed to load global config, using defaults", { error: String(error) })),
-          ),
-          Effect.orElseSucceed((): Info => ({})),
+    const readConfigFile = Effect.fnUntraced(function* (filepath: string) {
+      return yield* fs.readFileString(filepath).pipe(
+        Effect.catchIf(
+          (e) => e.reason._tag === "NotFound",
+          () => Effect.succeed(undefined),
         ),
-        Duration.infinity,
+        Effect.orDie,
+      )
+    })
+
+    const loadConfig = Effect.fnUntraced(function* (
+      text: string,
+      options: { path: string } | { dir: string; source: string },
+    ) {
+      const original = text
+      const source = "path" in options ? options.path : options.source
+      const isFile = "path" in options
+      const data = yield* Effect.promise(() =>
+        ConfigPaths.parseText(text, "path" in options ? options.path : { source: options.source, dir: options.dir }),
       )
 
-      const getGlobal = Effect.fn("Config.getGlobal")(function* () {
-        return yield* cachedGlobal
+      const normalized = (() => {
+        if (!data || typeof data !== "object" || Array.isArray(data)) return data
+        const copy = { ...(data as Record<string, unknown>) }
+        const hadLegacy = "theme" in copy || "keybinds" in copy || "tui" in copy
+        if (!hadLegacy) return copy
+        delete copy.theme
+        delete copy.keybinds
+        delete copy.tui
+        log.warn("tui keys in opencode config are deprecated; move them to tui.json", { path: source })
+        return copy
+      })()
+
+      const parsed = Info.safeParse(normalized)
+      if (parsed.success) {
+        if (!parsed.data.$schema && isFile) {
+          parsed.data.$schema = "https://opencode.ai/config.json"
+          const updated = original.replace(/^\s*\{/, '{\n  "$schema": "https://opencode.ai/config.json",')
+          yield* fs.writeFileString(options.path, updated).pipe(Effect.catch(() => Effect.void))
+        }
+        const data = parsed.data
+        if (data.plugin && isFile) {
+          const list = data.plugin
+          for (let i = 0; i < list.length; i++) {
+            list[i] = yield* Effect.promise(() => resolvePluginSpec(list[i], options.path))
+          }
+        }
+        return data
+      }
+
+      throw new InvalidError({
+        path: source,
+        issues: parsed.error.issues,
+      })
+    })
+
+    const loadFile = Effect.fnUntraced(function* (filepath: string) {
+      log.info("loading", { path: filepath })
+      const text = yield* readConfigFile(filepath)
+      if (!text) return {} as Info
+      return yield* loadConfig(text, { path: filepath })
+    })
+
+    const loadGlobal = Effect.fnUntraced(function* () {
+      let result: Info = pipe(
+        {},
+        mergeDeep(yield* loadFile(path.join(Global.Path.config, "config.json"))),
+        mergeDeep(yield* loadFile(path.join(Global.Path.config, "opencode.json"))),
+        mergeDeep(yield* loadFile(path.join(Global.Path.config, "opencode.jsonc"))),
+      )
+
+      const legacy = path.join(Global.Path.config, "config")
+      if (existsSync(legacy)) {
+        yield* Effect.promise(() =>
+          import(pathToFileURL(legacy).href, { with: { type: "toml" } })
+            .then(async (mod) => {
+              const { provider, model, ...rest } = mod.default
+              if (provider && model) result.model = `${provider}/${model}`
+              result["$schema"] = "https://opencode.ai/config.json"
+              result = mergeDeep(result, rest)
+              await fsNode.writeFile(path.join(Global.Path.config, "config.json"), JSON.stringify(result, null, 2))
+              await fsNode.unlink(legacy)
+            })
+            .catch(() => {}),
+        )
+      }
+
+      return result
+    })
+
+    const [cachedGlobal, invalidateGlobal] = yield* Effect.cachedInvalidateWithTTL(
+      loadGlobal().pipe(
+        Effect.tapError((error) =>
+          Effect.sync(() => log.error("failed to load global config, using defaults", { error: String(error) })),
+        ),
+        Effect.orElseSucceed((): Info => ({})),
+      ),
+      Duration.infinity,
+    )
+
+    const getGlobal = Effect.fn("Config.getGlobal")(function* () {
+      return yield* cachedGlobal
+    })
+
+    const install = Effect.fn("Config.install")(function* (dir: string) {
+      const pkg = path.join(dir, "package.json")
+      const gitignore = path.join(dir, ".gitignore")
+      const plugin = path.join(dir, "node_modules", "@opencode-ai", "plugin", "package.json")
+      const target = Installation.isLocal() ? "*" : Installation.VERSION
+      const json = yield* fs.readJson(pkg).pipe(
+        Effect.catch(() => Effect.succeed({} satisfies Package)),
+        Effect.map((x): Package => (isRecord(x) ? (x as Package) : {})),
+      )
+      const hasDep = json.dependencies?.["@opencode-ai/plugin"] === target
+      const hasIgnore = yield* fs.existsSafe(gitignore)
+      const hasPkg = yield* fs.existsSafe(plugin)
+
+      if (!hasDep) {
+        yield* fs.writeJson(pkg, {
+          ...json,
+          dependencies: {
+            ...json.dependencies,
+            "@opencode-ai/plugin": target,
+          },
+        })
+      }
+
+      if (!hasIgnore) {
+        yield* fs.writeFileString(
+          gitignore,
+          ["node_modules", "package.json", "package-lock.json", "bun.lock", ".gitignore"].join("\n"),
+        )
+      }
+
+      if (hasDep && hasIgnore && hasPkg) return
+
+      yield* Effect.promise(() => Npm.install(dir))
+    })
+
+    const installDependencies = Effect.fn("Config.installDependencies")(function* (dir: string, input?: InstallInput) {
+      if (
+        !(yield* fs.access(dir, { writable: true }).pipe(
+          Effect.as(true),
+          Effect.orElseSucceed(() => false),
+        ))
+      )
+        return
+
+      const key = process.platform === "win32" ? "config-install:win32" : `config-install:${AppFileSystem.resolve(dir)}`
+
+      yield* flock.withLock(install(dir), key).pipe(Effect.orDie)
+    })
+
+    const loadInstanceState = Effect.fn("Config.loadInstanceState")(function* (ctx: InstanceContext) {
+      const auth = yield* authSvc.all().pipe(Effect.orDie)
+
+      let result: Info = {}
+      const consoleManagedProviders = new Set<string>()
+      let activeOrgName: string | undefined
+
+      const scope = Effect.fnUntraced(function* (source: string) {
+        if (source.startsWith("http://") || source.startsWith("https://")) return "global"
+        if (source === "OPENCODE_CONFIG_CONTENT") return "local"
+        if (yield* InstanceRef.use((ctx) => Effect.succeed(Instance.containsPath(source, ctx)))) return "local"
+        return "global"
       })
 
-      const install = Effect.fn("Config.install")(function* (dir: string) {
-        const pkg = path.join(dir, "package.json")
-        const gitignore = path.join(dir, ".gitignore")
-        const plugin = path.join(dir, "node_modules", "@opencode-ai", "plugin", "package.json")
-        const target = Installation.isLocal() ? "*" : Installation.VERSION
-        const json = yield* fs.readJson(pkg).pipe(
-          Effect.catch(() => Effect.succeed({} satisfies Package)),
-          Effect.map((x): Package => (isRecord(x) ? (x as Package) : {})),
-        )
-        const hasDep = json.dependencies?.["@opencode-ai/plugin"] === target
-        const hasIgnore = yield* fs.existsSafe(gitignore)
-        const hasPkg = yield* fs.existsSafe(plugin)
+      const track = Effect.fnUntraced(function* (source: string, list: PluginSpec[] | undefined, kind?: PluginScope) {
+        if (!list?.length) return
+        const hit = kind ?? (yield* scope(source))
+        const plugins = deduplicatePluginOrigins([
+          ...(result.plugin_origins ?? []),
+          ...list.map((spec) => ({ spec, source, scope: hit })),
+        ])
+        result.plugin = plugins.map((item) => item.spec)
+        result.plugin_origins = plugins
+      })
 
-        if (!hasDep) {
-          yield* fs.writeJson(pkg, {
-            ...json,
-            dependencies: {
-              ...json.dependencies,
-              "@opencode-ai/plugin": target,
-            },
+      const merge = (source: string, next: Info, kind?: PluginScope) => {
+        result = mergeConfigConcatArrays(result, next)
+        return track(source, next.plugin, kind)
+      }
+
+      for (const [key, value] of Object.entries(auth)) {
+        if (value.type === "wellknown") {
+          const url = key.replace(/\/+$/, "")
+          process.env[value.key] = value.token
+          log.debug("fetching remote config", { url: `${url}/.well-known/opencode` })
+          const response = yield* Effect.promise(() => fetch(`${url}/.well-known/opencode`))
+          if (!response.ok) {
+            throw new Error(`failed to fetch remote config from ${url}: ${response.status}`)
+          }
+          const wellknown = (yield* Effect.promise(() => response.json())) as any
+          const remoteConfig = wellknown.config ?? {}
+          if (!remoteConfig.$schema) remoteConfig.$schema = "https://opencode.ai/config.json"
+          const source = `${url}/.well-known/opencode`
+          const next = yield* loadConfig(JSON.stringify(remoteConfig), {
+            dir: path.dirname(source),
+            source,
           })
+          yield* merge(source, next, "global")
+          log.debug("loaded remote config from well-known", { url })
+        }
+      }
+
+      const global = yield* getGlobal()
+      yield* merge(Global.Path.config, global, "global")
+
+      if (Flag.OPENCODE_CONFIG) {
+        yield* merge(Flag.OPENCODE_CONFIG, yield* loadFile(Flag.OPENCODE_CONFIG))
+        log.debug("loaded custom config", { path: Flag.OPENCODE_CONFIG })
+      }
+
+      if (!Flag.OPENCODE_DISABLE_PROJECT_CONFIG) {
+        for (const file of yield* Effect.promise(() =>
+          ConfigPaths.projectFiles("opencode", ctx.directory, ctx.worktree),
+        )) {
+          yield* merge(file, yield* loadFile(file), "local")
+        }
+      }
+
+      result.agent = result.agent || {}
+      result.mode = result.mode || {}
+      result.plugin = result.plugin || []
+
+      const directories = yield* Effect.promise(() => ConfigPaths.directories(ctx.directory, ctx.worktree))
+
+      if (Flag.OPENCODE_CONFIG_DIR) {
+        log.debug("loading config from OPENCODE_CONFIG_DIR", { path: Flag.OPENCODE_CONFIG_DIR })
+      }
+
+      const deps: Fiber.Fiber<void, never>[] = []
+
+      for (const dir of unique(directories)) {
+        if (dir.endsWith(".opencode") || dir === Flag.OPENCODE_CONFIG_DIR) {
+          for (const file of ["opencode.json", "opencode.jsonc"]) {
+            const source = path.join(dir, file)
+            log.debug(`loading config from ${source}`)
+            yield* merge(source, yield* loadFile(source))
+            result.agent ??= {}
+            result.mode ??= {}
+            result.plugin ??= []
+          }
         }
 
-        if (!hasIgnore) {
-          yield* fs.writeFileString(
-            gitignore,
-            ["node_modules", "package.json", "package-lock.json", "bun.lock", ".gitignore"].join("\n"),
-          )
-        }
-
-        if (hasDep && hasIgnore && hasPkg) return
-
-        yield* Effect.promise(() => Npm.install(dir))
-      })
-
-      const installDependencies = Effect.fn("Config.installDependencies")(function* (
-        dir: string,
-        input?: InstallInput,
-      ) {
-        if (
-          !(yield* fs.access(dir, { writable: true }).pipe(
-            Effect.as(true),
-            Effect.orElseSucceed(() => false),
-          ))
-        )
-          return
-
-        const key =
-          process.platform === "win32" ? "config-install:win32" : `config-install:${AppFileSystem.resolve(dir)}`
-
-        yield* Effect.acquireUseRelease(
-          Effect.promise((signal) =>
-            Flock.acquire(key, {
-              signal,
-              onWait: (tick) =>
-                input?.waitTick?.({
-                  dir,
-                  attempt: tick.attempt,
-                  delay: tick.delay,
-                  waited: tick.waited,
-                }),
-            }),
+        const dep = yield* installDependencies(dir).pipe(
+          Effect.exit,
+          Effect.tap((exit) =>
+            Exit.isFailure(exit)
+              ? Effect.sync(() => {
+                  log.warn("background dependency install failed", { dir, error: String(exit.cause) })
+                })
+              : Effect.void,
           ),
-          () => install(dir),
-          (lease) => Effect.promise(() => lease.release()),
+          Effect.asVoid,
+          Effect.forkScoped,
         )
-      })
+        deps.push(dep)
 
-      const loadInstanceState = Effect.fn("Config.loadInstanceState")(function* (ctx: InstanceContext) {
-        const auth = yield* authSvc.all().pipe(Effect.orDie)
+        result.command = mergeDeep(result.command ?? {}, yield* Effect.promise(() => loadCommand(dir)))
+        result.agent = mergeDeep(result.agent, yield* Effect.promise(() => loadAgent(dir)))
+        result.agent = mergeDeep(result.agent, yield* Effect.promise(() => loadMode(dir)))
+        const list = yield* Effect.promise(() => loadPlugin(dir))
+        yield* track(dir, list)
+      }
 
-        let result: Info = {}
-        const consoleManagedProviders = new Set<string>()
-        let activeOrgName: string | undefined
-
-        const scope = Effect.fnUntraced(function* (source: string) {
-          if (source.startsWith("http://") || source.startsWith("https://")) return "global"
-          if (source === "OPENCODE_CONFIG_CONTENT") return "local"
-          if (yield* InstanceRef.use((ctx) => Effect.succeed(Instance.containsPath(source, ctx)))) return "local"
-          return "global"
+      if (process.env.OPENCODE_CONFIG_CONTENT) {
+        const source = "OPENCODE_CONFIG_CONTENT"
+        const next = yield* loadConfig(process.env.OPENCODE_CONFIG_CONTENT, {
+          dir: ctx.directory,
+          source,
         })
+        yield* merge(source, next, "local")
+        log.debug("loaded custom config from OPENCODE_CONFIG_CONTENT")
+      }
 
-        const track = Effect.fnUntraced(function* (source: string, list: PluginSpec[] | undefined, kind?: PluginScope) {
-          if (!list?.length) return
-          const hit = kind ?? (yield* scope(source))
-          const plugins = deduplicatePluginOrigins([
-            ...(result.plugin_origins ?? []),
-            ...list.map((spec) => ({ spec, source, scope: hit })),
-          ])
-          result.plugin = plugins.map((item) => item.spec)
-          result.plugin_origins = plugins
-        })
+      const activeAccount = Option.getOrUndefined(
+        yield* accountSvc.active().pipe(Effect.catch(() => Effect.succeed(Option.none()))),
+      )
+      if (activeAccount?.active_org_id) {
+        const accountID = activeAccount.id
+        const orgID = activeAccount.active_org_id
+        const url = activeAccount.url
+        yield* Effect.gen(function* () {
+          const [configOpt, tokenOpt] = yield* Effect.all(
+            [accountSvc.config(accountID, orgID), accountSvc.token(accountID)],
+            { concurrency: 2 },
+          )
+          if (Option.isSome(tokenOpt)) {
+            process.env["OPENCODE_CONSOLE_TOKEN"] = tokenOpt.value
+            yield* env.set("OPENCODE_CONSOLE_TOKEN", tokenOpt.value)
+          }
 
-        const merge = (source: string, next: Info, kind?: PluginScope) => {
-          result = mergeConfigConcatArrays(result, next)
-          return track(source, next.plugin, kind)
-        }
-
-        for (const [key, value] of Object.entries(auth)) {
-          if (value.type === "wellknown") {
-            const url = key.replace(/\/+$/, "")
-            process.env[value.key] = value.token
-            log.debug("fetching remote config", { url: `${url}/.well-known/opencode` })
-            const response = yield* Effect.promise(() => fetch(`${url}/.well-known/opencode`))
-            if (!response.ok) {
-              throw new Error(`failed to fetch remote config from ${url}: ${response.status}`)
-            }
-            const wellknown = (yield* Effect.promise(() => response.json())) as any
-            const remoteConfig = wellknown.config ?? {}
-            if (!remoteConfig.$schema) remoteConfig.$schema = "https://opencode.ai/config.json"
-            const source = `${url}/.well-known/opencode`
-            const next = yield* loadConfig(JSON.stringify(remoteConfig), {
+          if (Option.isSome(configOpt)) {
+            const source = `${url}/api/config`
+            const next = yield* loadConfig(JSON.stringify(configOpt.value), {
               dir: path.dirname(source),
               source,
             })
+            for (const providerID of Object.keys(next.provider ?? {})) {
+              consoleManagedProviders.add(providerID)
+            }
             yield* merge(source, next, "global")
-            log.debug("loaded remote config from well-known", { url })
           }
-        }
-
-        const global = yield* getGlobal()
-        yield* merge(Global.Path.config, global, "global")
-
-        if (Flag.OPENCODE_CONFIG) {
-          yield* merge(Flag.OPENCODE_CONFIG, yield* loadFile(Flag.OPENCODE_CONFIG))
-          log.debug("loaded custom config", { path: Flag.OPENCODE_CONFIG })
-        }
-
-        if (!Flag.OPENCODE_DISABLE_PROJECT_CONFIG) {
-          for (const file of yield* Effect.promise(() =>
-            ConfigPaths.projectFiles("opencode", ctx.directory, ctx.worktree),
-          )) {
-            yield* merge(file, yield* loadFile(file), "local")
-          }
-        }
-
-        result.agent = result.agent || {}
-        result.mode = result.mode || {}
-        result.plugin = result.plugin || []
-
-        const directories = yield* Effect.promise(() => ConfigPaths.directories(ctx.directory, ctx.worktree))
-
-        if (Flag.OPENCODE_CONFIG_DIR) {
-          log.debug("loading config from OPENCODE_CONFIG_DIR", { path: Flag.OPENCODE_CONFIG_DIR })
-        }
-
-        const deps: Fiber.Fiber<void, never>[] = []
-
-        for (const dir of unique(directories)) {
-          if (dir.endsWith(".opencode") || dir === Flag.OPENCODE_CONFIG_DIR) {
-            for (const file of ["opencode.json", "opencode.jsonc"]) {
-              const source = path.join(dir, file)
-              log.debug(`loading config from ${source}`)
-              yield* merge(source, yield* loadFile(source))
-              result.agent ??= {}
-              result.mode ??= {}
-              result.plugin ??= []
-            }
-          }
-
-          const dep = yield* installDependencies(dir).pipe(
-            Effect.exit,
-            Effect.tap((exit) =>
-              Exit.isFailure(exit)
-                ? Effect.sync(() => {
-                    log.warn("background dependency install failed", { dir, error: String(exit.cause) })
-                  })
-                : Effect.void,
-            ),
-            Effect.asVoid,
-            Effect.forkScoped,
-          )
-          deps.push(dep)
-
-          result.command = mergeDeep(result.command ?? {}, yield* Effect.promise(() => loadCommand(dir)))
-          result.agent = mergeDeep(result.agent, yield* Effect.promise(() => loadAgent(dir)))
-          result.agent = mergeDeep(result.agent, yield* Effect.promise(() => loadMode(dir)))
-          const list = yield* Effect.promise(() => loadPlugin(dir))
-          yield* track(dir, list)
-        }
-
-        if (process.env.OPENCODE_CONFIG_CONTENT) {
-          const source = "OPENCODE_CONFIG_CONTENT"
-          const next = yield* loadConfig(process.env.OPENCODE_CONFIG_CONTENT, {
-            dir: ctx.directory,
-            source,
-          })
-          yield* merge(source, next, "local")
-          log.debug("loaded custom config from OPENCODE_CONFIG_CONTENT")
-        }
-
-        const activeAccount = Option.getOrUndefined(
-          yield* accountSvc.active().pipe(Effect.catch(() => Effect.succeed(Option.none()))),
+        }).pipe(
+          Effect.withSpan("Config.loadActiveOrgConfig"),
+          Effect.catch((err) => {
+            log.debug("failed to fetch remote account config", {
+              error: err instanceof Error ? err.message : String(err),
+            })
+            return Effect.void
+          }),
         )
-        if (activeAccount?.active_org_id) {
-          const accountID = activeAccount.id
-          const orgID = activeAccount.active_org_id
-          const url = activeAccount.url
-          yield* Effect.gen(function* () {
-            const [configOpt, tokenOpt] = yield* Effect.all(
-              [accountSvc.config(accountID, orgID), accountSvc.token(accountID)],
-              { concurrency: 2 },
-            )
-            if (Option.isSome(tokenOpt)) {
-              process.env["OPENCODE_CONSOLE_TOKEN"] = tokenOpt.value
-              yield* env.set("OPENCODE_CONSOLE_TOKEN", tokenOpt.value)
-            }
+      }
 
-            if (Option.isSome(configOpt)) {
-              const source = `${url}/api/config`
-              const next = yield* loadConfig(JSON.stringify(configOpt.value), {
-                dir: path.dirname(source),
-                source,
-              })
-              for (const providerID of Object.keys(next.provider ?? {})) {
-                consoleManagedProviders.add(providerID)
-              }
-              yield* merge(source, next, "global")
-            }
-          }).pipe(
-            Effect.withSpan("Config.loadActiveOrgConfig"),
-            Effect.catch((err) => {
-              log.debug("failed to fetch remote account config", {
-                error: err instanceof Error ? err.message : String(err),
-              })
-              return Effect.void
-            }),
-          )
+      if (existsSync(managedDir)) {
+        for (const file of ["opencode.json", "opencode.jsonc"]) {
+          const source = path.join(managedDir, file)
+          yield* merge(source, yield* loadFile(source), "global")
         }
+      }
 
-        if (existsSync(managedDir)) {
-          for (const file of ["opencode.json", "opencode.jsonc"]) {
-            const source = path.join(managedDir, file)
-            yield* merge(source, yield* loadFile(source), "global")
-          }
-        }
+      // macOS managed preferences (.mobileconfig deployed via MDM) override everything
+      result = mergeConfigConcatArrays(result, yield* Effect.promise(() => readManagedPreferences()))
 
-        // macOS managed preferences (.mobileconfig deployed via MDM) override everything
-        result = mergeConfigConcatArrays(result, yield* Effect.promise(() => readManagedPreferences()))
-
-        for (const [name, mode] of Object.entries(result.mode ?? {})) {
-          result.agent = mergeDeep(result.agent ?? {}, {
-            [name]: {
-              ...mode,
-              mode: "primary" as const,
-            },
-          })
-        }
-
-        if (Flag.OPENCODE_PERMISSION) {
-          result.permission = mergeDeep(result.permission ?? {}, JSON.parse(Flag.OPENCODE_PERMISSION))
-        }
-
-        if (result.tools) {
-          const perms: Record<string, PermissionAction> = {}
-          for (const [tool, enabled] of Object.entries(result.tools)) {
-            const action: PermissionAction = enabled ? "allow" : "deny"
-            if (tool === "write" || tool === "edit" || tool === "patch" || tool === "multiedit") {
-              perms.edit = action
-              continue
-            }
-            perms[tool] = action
-          }
-          result.permission = mergeDeep(perms, result.permission ?? {})
-        }
-
-        if (!result.username) result.username = os.userInfo().username
-
-        if (result.autoshare === true && !result.share) {
-          result.share = "auto"
-        }
-
-        if (Flag.OPENCODE_DISABLE_AUTOCOMPACT) {
-          result.compaction = { ...result.compaction, auto: false }
-        }
-        if (Flag.OPENCODE_DISABLE_PRUNE) {
-          result.compaction = { ...result.compaction, prune: false }
-        }
-
-        return {
-          config: result,
-          directories,
-          deps,
-          consoleState: {
-            consoleManagedProviders: Array.from(consoleManagedProviders),
-            activeOrgName,
-            switchableOrgCount: 0,
+      for (const [name, mode] of Object.entries(result.mode ?? {})) {
+        result.agent = mergeDeep(result.agent ?? {}, {
+          [name]: {
+            ...mode,
+            mode: "primary" as const,
           },
+        })
+      }
+
+      if (Flag.OPENCODE_PERMISSION) {
+        result.permission = mergeDeep(result.permission ?? {}, JSON.parse(Flag.OPENCODE_PERMISSION))
+      }
+
+      if (result.tools) {
+        const perms: Record<string, PermissionAction> = {}
+        for (const [tool, enabled] of Object.entries(result.tools)) {
+          const action: PermissionAction = enabled ? "allow" : "deny"
+          if (tool === "write" || tool === "edit" || tool === "patch" || tool === "multiedit") {
+            perms.edit = action
+            continue
+          }
+          perms[tool] = action
         }
-      })
+        result.permission = mergeDeep(perms, result.permission ?? {})
+      }
 
-      const state = yield* InstanceState.make<State>(
-        Effect.fn("Config.state")(function* (ctx) {
-          return yield* loadInstanceState(ctx)
-        }),
-      )
+      if (!result.username) result.username = os.userInfo().username
 
-      const get = Effect.fn("Config.get")(function* () {
-        return yield* InstanceState.use(state, (s) => s.config)
-      })
+      if (result.autoshare === true && !result.share) {
+        result.share = "auto"
+      }
 
-      const directories = Effect.fn("Config.directories")(function* () {
-        return yield* InstanceState.use(state, (s) => s.directories)
-      })
+      if (Flag.OPENCODE_DISABLE_AUTOCOMPACT) {
+        result.compaction = { ...result.compaction, auto: false }
+      }
+      if (Flag.OPENCODE_DISABLE_PRUNE) {
+        result.compaction = { ...result.compaction, prune: false }
+      }
 
-      const getConsoleState = Effect.fn("Config.getConsoleState")(function* () {
-        return yield* InstanceState.use(state, (s) => s.consoleState)
-      })
-
-      const waitForDependencies = Effect.fn("Config.waitForDependencies")(function* () {
-        yield* InstanceState.useEffect(state, (s) =>
-          Effect.forEach(s.deps, Fiber.join, { concurrency: "unbounded" }).pipe(Effect.asVoid),
-        )
-      })
-
-      const update = Effect.fn("Config.update")(function* (config: Info) {
-        const dir = yield* InstanceState.directory
-        const file = path.join(dir, "config.json")
-        const existing = yield* loadFile(file)
-        yield* fs
-          .writeFileString(file, JSON.stringify(mergeDeep(writable(existing), writable(config)), null, 2))
-          .pipe(Effect.orDie)
-        yield* Effect.promise(() => Instance.dispose())
-      })
-
-      const invalidate = Effect.fn("Config.invalidate")(function* (wait?: boolean) {
-        yield* invalidateGlobal
-        const task = Instance.disposeAll()
-          .catch(() => undefined)
-          .finally(() =>
-            GlobalBus.emit("event", {
-              directory: "global",
-              payload: {
-                type: Event.Disposed.type,
-                properties: {},
-              },
-            }),
-          )
-        if (wait) yield* Effect.promise(() => task)
-        else void task
-      })
-
-      const updateGlobal = Effect.fn("Config.updateGlobal")(function* (config: Info) {
-        const file = globalConfigFile()
-        const before = (yield* readConfigFile(file)) ?? "{}"
-        const input = writable(config)
-
-        let next: Info
-        if (!file.endsWith(".jsonc")) {
-          const existing = parseConfig(before, file)
-          const merged = mergeDeep(writable(existing), input)
-          yield* fs.writeFileString(file, JSON.stringify(merged, null, 2)).pipe(Effect.orDie)
-          next = merged
-        } else {
-          const updated = patchJsonc(before, input)
-          next = parseConfig(updated, file)
-          yield* fs.writeFileString(file, updated).pipe(Effect.orDie)
-        }
-
-        yield* invalidate()
-        return next
-      })
-
-      return Service.of({
-        get,
-        getGlobal,
-        getConsoleState,
-        installDependencies,
-        update,
-        updateGlobal,
-        invalidate,
+      return {
+        config: result,
         directories,
-        waitForDependencies,
-      })
-    }),
-  )
+        deps,
+        consoleState: {
+          consoleManagedProviders: Array.from(consoleManagedProviders),
+          activeOrgName,
+          switchableOrgCount: 0,
+        },
+      }
+    })
+
+    const state = yield* InstanceState.make<State>(
+      Effect.fn("Config.state")(function* (ctx) {
+        return yield* loadInstanceState(ctx)
+      }),
+    )
+
+    const get = Effect.fn("Config.get")(function* () {
+      return yield* InstanceState.use(state, (s) => s.config)
+    })
+
+    const directories = Effect.fn("Config.directories")(function* () {
+      return yield* InstanceState.use(state, (s) => s.directories)
+    })
+
+    const getConsoleState = Effect.fn("Config.getConsoleState")(function* () {
+      return yield* InstanceState.use(state, (s) => s.consoleState)
+    })
+
+    const waitForDependencies = Effect.fn("Config.waitForDependencies")(function* () {
+      yield* InstanceState.useEffect(state, (s) =>
+        Effect.forEach(s.deps, Fiber.join, { concurrency: "unbounded" }).pipe(Effect.asVoid),
+      )
+    })
+
+    const update = Effect.fn("Config.update")(function* (config: Info) {
+      const dir = yield* InstanceState.directory
+      const file = path.join(dir, "config.json")
+      const existing = yield* loadFile(file)
+      yield* fs
+        .writeFileString(file, JSON.stringify(mergeDeep(writable(existing), writable(config)), null, 2))
+        .pipe(Effect.orDie)
+      yield* Effect.promise(() => Instance.dispose())
+    })
+
+    const invalidate = Effect.fn("Config.invalidate")(function* (wait?: boolean) {
+      yield* invalidateGlobal
+      const task = Instance.disposeAll()
+        .catch(() => undefined)
+        .finally(() =>
+          GlobalBus.emit("event", {
+            directory: "global",
+            payload: {
+              type: Event.Disposed.type,
+              properties: {},
+            },
+          }),
+        )
+      if (wait) yield* Effect.promise(() => task)
+      else void task
+    })
+
+    const updateGlobal = Effect.fn("Config.updateGlobal")(function* (config: Info) {
+      const file = globalConfigFile()
+      const before = (yield* readConfigFile(file)) ?? "{}"
+      const input = writable(config)
+
+      let next: Info
+      if (!file.endsWith(".jsonc")) {
+        const existing = parseConfig(before, file)
+        const merged = mergeDeep(writable(existing), input)
+        yield* fs.writeFileString(file, JSON.stringify(merged, null, 2)).pipe(Effect.orDie)
+        next = merged
+      } else {
+        const updated = patchJsonc(before, input)
+        next = parseConfig(updated, file)
+        yield* fs.writeFileString(file, updated).pipe(Effect.orDie)
+      }
+
+      yield* invalidate()
+      return next
+    })
+
+    return Service.of({
+      get,
+      getGlobal,
+      getConsoleState,
+      installDependencies,
+      update,
+      updateGlobal,
+      invalidate,
+      directories,
+      waitForDependencies,
+    })
+  }),
+)
 
 export const defaultLayer = layer.pipe(
+  Layer.provide(EffectFlock.defaultLayer),
   Layer.provide(AppFileSystem.defaultLayer),
   Layer.provide(Env.defaultLayer),
   Layer.provide(Auth.defaultLayer),

packages/opencode/src/control-plane/workspace.ts

@@ -328,7 +328,7 @@ export namespace Workspace {
       try {
         const adaptor = await getAdaptor(info.projectID, row.type)
         await adaptor.remove(info)
-      } catch (err) {
+      } catch {
         log.error("adaptor not available when removing workspace", { type: row.type })
       }
       Database.use((db) => db.delete(WorkspaceTable).where(eq(WorkspaceTable.id, id)).run())
@@ -404,7 +404,7 @@ export namespace Workspace {
           return synced(state)
         },
       })
-    } catch (error) {
+    } catch {
       if (signal?.aborted) throw signal.reason ?? new Error("Request aborted")
       throw new Error(`Timed out waiting for sync fence: ${JSON.stringify(state)}`)
     }

packages/opencode/src/effect/app-runtime.ts

@@ -15,7 +15,7 @@ import { FileWatcher } from "@/file/watcher"
 import { Storage } from "@/storage/storage"
 import { Snapshot } from "@/snapshot"
 import { Plugin } from "@/plugin"
-import { Provider } from "@/provider/provider"
+import { Provider } from "@/provider"
 import { ProviderAuth } from "@/provider/auth"
 import { Agent } from "@/agent/agent"
 import { Skill } from "@/skill"

packages/opencode/src/env/env.ts

@@ -0,0 +1,35 @@
+import { Context, Effect, Layer } from "effect"
+import { InstanceState } from "@/effect/instance-state"
+
+type State = Record<string, string | undefined>
+
+export interface Interface {
+  readonly get: (key: string) => Effect.Effect<string | undefined>
+  readonly all: () => Effect.Effect<State>
+  readonly set: (key: string, value: string) => Effect.Effect<void>
+  readonly remove: (key: string) => Effect.Effect<void>
+}
+
+export class Service extends Context.Service<Service, Interface>()("@opencode/Env") {}
+
+export const layer = Layer.effect(
+  Service,
+  Effect.gen(function* () {
+    const state = yield* InstanceState.make<State>(Effect.fn("Env.state")(() => Effect.succeed({ ...process.env })))
+
+    const get = Effect.fn("Env.get")((key: string) => InstanceState.use(state, (env) => env[key]))
+    const all = Effect.fn("Env.all")(() => InstanceState.get(state))
+    const set = Effect.fn("Env.set")(function* (key: string, value: string) {
+      const env = yield* InstanceState.get(state)
+      env[key] = value
+    })
+    const remove = Effect.fn("Env.remove")(function* (key: string) {
+      const env = yield* InstanceState.get(state)
+      delete env[key]
+    })
+
+    return Service.of({ get, all, set, remove })
+  }),
+)
+
+export const defaultLayer = layer

packages/opencode/src/env/index.ts

@@ -1,37 +1 @@
-import { Context, Effect, Layer } from "effect"
-import { InstanceState } from "@/effect/instance-state"
-
-export namespace Env {
-  type State = Record<string, string | undefined>
-
-  export interface Interface {
-    readonly get: (key: string) => Effect.Effect<string | undefined>
-    readonly all: () => Effect.Effect<State>
-    readonly set: (key: string, value: string) => Effect.Effect<void>
-    readonly remove: (key: string) => Effect.Effect<void>
-  }
-
-  export class Service extends Context.Service<Service, Interface>()("@opencode/Env") {}
-
-  export const layer = Layer.effect(
-    Service,
-    Effect.gen(function* () {
-      const state = yield* InstanceState.make<State>(Effect.fn("Env.state")(() => Effect.succeed({ ...process.env })))
-
-      const get = Effect.fn("Env.get")((key: string) => InstanceState.use(state, (env) => env[key]))
-      const all = Effect.fn("Env.all")(() => InstanceState.get(state))
-      const set = Effect.fn("Env.set")(function* (key: string, value: string) {
-        const env = yield* InstanceState.get(state)
-        env[key] = value
-      })
-      const remove = Effect.fn("Env.remove")(function* (key: string) {
-        const env = yield* InstanceState.get(state)
-        delete env[key]
-      })
-
-      return Service.of({ get, all, set, remove })
-    }),
-  )
-
-  export const defaultLayer = layer
-}
+export * as Env from "./env"

packages/opencode/src/file/file.ts

@@ -0,0 +1,653 @@
+import { BusEvent } from "@/bus/bus-event"
+import { InstanceState } from "@/effect/instance-state"
+
+import { AppFileSystem } from "@opencode-ai/shared/filesystem"
+import { Git } from "@/git"
+import { Effect, Layer, Context } from "effect"
+import * as Stream from "effect/Stream"
+import { formatPatch, structuredPatch } from "diff"
+import fuzzysort from "fuzzysort"
+import ignore from "ignore"
+import path from "path"
+import z from "zod"
+import { Global } from "../global"
+import { Instance } from "../project/instance"
+import { Log } from "../util/log"
+import { Protected } from "./protected"
+import { Ripgrep } from "./ripgrep"
+
+export const Info = z
+  .object({
+    path: z.string(),
+    added: z.number().int(),
+    removed: z.number().int(),
+    status: z.enum(["added", "deleted", "modified"]),
+  })
+  .meta({
+    ref: "File",
+  })
+
+export type Info = z.infer<typeof Info>
+
+export const Node = z
+  .object({
+    name: z.string(),
+    path: z.string(),
+    absolute: z.string(),
+    type: z.enum(["file", "directory"]),
+    ignored: z.boolean(),
+  })
+  .meta({
+    ref: "FileNode",
+  })
+export type Node = z.infer<typeof Node>
+
+export const Content = z
+  .object({
+    type: z.enum(["text", "binary"]),
+    content: z.string(),
+    diff: z.string().optional(),
+    patch: z
+      .object({
+        oldFileName: z.string(),
+        newFileName: z.string(),
+        oldHeader: z.string().optional(),
+        newHeader: z.string().optional(),
+        hunks: z.array(
+          z.object({
+            oldStart: z.number(),
+            oldLines: z.number(),
+            newStart: z.number(),
+            newLines: z.number(),
+            lines: z.array(z.string()),
+          }),
+        ),
+        index: z.string().optional(),
+      })
+      .optional(),
+    encoding: z.literal("base64").optional(),
+    mimeType: z.string().optional(),
+  })
+  .meta({
+    ref: "FileContent",
+  })
+export type Content = z.infer<typeof Content>
+
+export const Event = {
+  Edited: BusEvent.define(
+    "file.edited",
+    z.object({
+      file: z.string(),
+    }),
+  ),
+}
+
+const log = Log.create({ service: "file" })
+
+const binary = new Set([
+  "exe",
+  "dll",
+  "pdb",
+  "bin",
+  "so",
+  "dylib",
+  "o",
+  "a",
+  "lib",
+  "wav",
+  "mp3",
+  "ogg",
+  "oga",
+  "ogv",
+  "ogx",
+  "flac",
+  "aac",
+  "wma",
+  "m4a",
+  "weba",
+  "mp4",
+  "avi",
+  "mov",
+  "wmv",
+  "flv",
+  "webm",
+  "mkv",
+  "zip",
+  "tar",
+  "gz",
+  "gzip",
+  "bz",
+  "bz2",
+  "bzip",
+  "bzip2",
+  "7z",
+  "rar",
+  "xz",
+  "lz",
+  "z",
+  "pdf",
+  "doc",
+  "docx",
+  "ppt",
+  "pptx",
+  "xls",
+  "xlsx",
+  "dmg",
+  "iso",
+  "img",
+  "vmdk",
+  "ttf",
+  "otf",
+  "woff",
+  "woff2",
+  "eot",
+  "sqlite",
+  "db",
+  "mdb",
+  "apk",
+  "ipa",
+  "aab",
+  "xapk",
+  "app",
+  "pkg",
+  "deb",
+  "rpm",
+  "snap",
+  "flatpak",
+  "appimage",
+  "msi",
+  "msp",
+  "jar",
+  "war",
+  "ear",
+  "class",
+  "kotlin_module",
+  "dex",
+  "vdex",
+  "odex",
+  "oat",
+  "art",
+  "wasm",
+  "wat",
+  "bc",
+  "ll",
+  "s",
+  "ko",
+  "sys",
+  "drv",
+  "efi",
+  "rom",
+  "com",
+])
+
+const image = new Set([
+  "png",
+  "jpg",
+  "jpeg",
+  "gif",
+  "bmp",
+  "webp",
+  "ico",
+  "tif",
+  "tiff",
+  "svg",
+  "svgz",
+  "avif",
+  "apng",
+  "jxl",
+  "heic",
+  "heif",
+  "raw",
+  "cr2",
+  "nef",
+  "arw",
+  "dng",
+  "orf",
+  "raf",
+  "pef",
+  "x3f",
+])
+
+const text = new Set([
+  "ts",
+  "tsx",
+  "mts",
+  "cts",
+  "mtsx",
+  "ctsx",
+  "js",
+  "jsx",
+  "mjs",
+  "cjs",
+  "sh",
+  "bash",
+  "zsh",
+  "fish",
+  "ps1",
+  "psm1",
+  "cmd",
+  "bat",
+  "json",
+  "jsonc",
+  "json5",
+  "yaml",
+  "yml",
+  "toml",
+  "md",
+  "mdx",
+  "txt",
+  "xml",
+  "html",
+  "htm",
+  "css",
+  "scss",
+  "sass",
+  "less",
+  "graphql",
+  "gql",
+  "sql",
+  "ini",
+  "cfg",
+  "conf",
+  "env",
+])
+
+const textName = new Set([
+  "dockerfile",
+  "makefile",
+  ".gitignore",
+  ".gitattributes",
+  ".editorconfig",
+  ".npmrc",
+  ".nvmrc",
+  ".prettierrc",
+  ".eslintrc",
+])
+
+const mime: Record<string, string> = {
+  png: "image/png",
+  jpg: "image/jpeg",
+  jpeg: "image/jpeg",
+  gif: "image/gif",
+  bmp: "image/bmp",
+  webp: "image/webp",
+  ico: "image/x-icon",
+  tif: "image/tiff",
+  tiff: "image/tiff",
+  svg: "image/svg+xml",
+  svgz: "image/svg+xml",
+  avif: "image/avif",
+  apng: "image/apng",
+  jxl: "image/jxl",
+  heic: "image/heic",
+  heif: "image/heif",
+}
+
+type Entry = { files: string[]; dirs: string[] }
+
+const ext = (file: string) => path.extname(file).toLowerCase().slice(1)
+const name = (file: string) => path.basename(file).toLowerCase()
+const isImageByExtension = (file: string) => image.has(ext(file))
+const isTextByExtension = (file: string) => text.has(ext(file))
+const isTextByName = (file: string) => textName.has(name(file))
+const isBinaryByExtension = (file: string) => binary.has(ext(file))
+const isImage = (mimeType: string) => mimeType.startsWith("image/")
+const getImageMimeType = (file: string) => mime[ext(file)] || "image/" + ext(file)
+
+function shouldEncode(mimeType: string) {
+  const type = mimeType.toLowerCase()
+  log.debug("shouldEncode", { type })
+  if (!type) return false
+  if (type.startsWith("text/")) return false
+  if (type.includes("charset=")) return false
+  const top = type.split("/", 2)[0]
+  return ["image", "audio", "video", "font", "model", "multipart"].includes(top)
+}
+
+const hidden = (item: string) => {
+  const normalized = item.replaceAll("\\", "/").replace(/\/+$/, "")
+  return normalized.split("/").some((part) => part.startsWith(".") && part.length > 1)
+}
+
+const sortHiddenLast = (items: string[], prefer: boolean) => {
+  if (prefer) return items
+  const visible: string[] = []
+  const hiddenItems: string[] = []
+  for (const item of items) {
+    if (hidden(item)) hiddenItems.push(item)
+    else visible.push(item)
+  }
+  return [...visible, ...hiddenItems]
+}
+
+interface State {
+  cache: Entry
+}
+
+export interface Interface {
+  readonly init: () => Effect.Effect<void>
+  readonly status: () => Effect.Effect<Info[]>
+  readonly read: (file: string) => Effect.Effect<Content>
+  readonly list: (dir?: string) => Effect.Effect<Node[]>
+  readonly search: (input: {
+    query: string
+    limit?: number
+    dirs?: boolean
+    type?: "file" | "directory"
+  }) => Effect.Effect<string[]>
+}
+
+export class Service extends Context.Service<Service, Interface>()("@opencode/File") {}
+
+export const layer = Layer.effect(
+  Service,
+  Effect.gen(function* () {
+    const appFs = yield* AppFileSystem.Service
+    const rg = yield* Ripgrep.Service
+    const git = yield* Git.Service
+
+    const state = yield* InstanceState.make<State>(
+      Effect.fn("File.state")(() =>
+        Effect.succeed({
+          cache: { files: [], dirs: [] } as Entry,
+        }),
+      ),
+    )
+
+    const scan = Effect.fn("File.scan")(function* () {
+      if (Instance.directory === path.parse(Instance.directory).root) return
+      const isGlobalHome = Instance.directory === Global.Path.home && Instance.project.id === "global"
+      const next: Entry = { files: [], dirs: [] }
+
+      if (isGlobalHome) {
+        const dirs = new Set<string>()
+        const protectedNames = Protected.names()
+        const ignoreNested = new Set(["node_modules", "dist", "build", "target", "vendor"])
+        const shouldIgnoreName = (name: string) => name.startsWith(".") || protectedNames.has(name)
+        const shouldIgnoreNested = (name: string) => name.startsWith(".") || ignoreNested.has(name)
+        const top = yield* appFs.readDirectoryEntries(Instance.directory).pipe(Effect.orElseSucceed(() => []))
+
+        for (const entry of top) {
+          if (entry.type !== "directory") continue
+          if (shouldIgnoreName(entry.name)) continue
+          dirs.add(entry.name + "/")
+
+          const base = path.join(Instance.directory, entry.name)
+          const children = yield* appFs.readDirectoryEntries(base).pipe(Effect.orElseSucceed(() => []))
+          for (const child of children) {
+            if (child.type !== "directory") continue
+            if (shouldIgnoreNested(child.name)) continue
+            dirs.add(entry.name + "/" + child.name + "/")
+          }
+        }
+
+        next.dirs = Array.from(dirs).toSorted()
+      } else {
+        const files = yield* rg.files({ cwd: Instance.directory }).pipe(
+          Stream.runCollect,
+          Effect.map((chunk) => [...chunk]),
+        )
+        const seen = new Set<string>()
+        for (const file of files) {
+          next.files.push(file)
+          let current = file
+          while (true) {
+            const dir = path.dirname(current)
+            if (dir === ".") break
+            if (dir === current) break
+            current = dir
+            if (seen.has(dir)) continue
+            seen.add(dir)
+            next.dirs.push(dir + "/")
+          }
+        }
+      }
+
+      const s = yield* InstanceState.get(state)
+      s.cache = next
+    })
+
+    let cachedScan = yield* Effect.cached(scan().pipe(Effect.catchCause(() => Effect.void)))
+
+    const ensure = Effect.fn("File.ensure")(function* () {
+      yield* cachedScan
+      cachedScan = yield* Effect.cached(scan().pipe(Effect.catchCause(() => Effect.void)))
+    })
+
+    const gitText = Effect.fnUntraced(function* (args: string[]) {
+      return (yield* git.run(args, { cwd: Instance.directory })).text()
+    })
+
+    const init = Effect.fn("File.init")(function* () {
+      yield* ensure()
+    })
+
+    const status = Effect.fn("File.status")(function* () {
+      if (Instance.project.vcs !== "git") return []
+
+      const diffOutput = yield* gitText([
+        "-c",
+        "core.fsmonitor=false",
+        "-c",
+        "core.quotepath=false",
+        "diff",
+        "--numstat",
+        "HEAD",
+      ])
+
+      const changed: Info[] = []
+
+      if (diffOutput.trim()) {
+        for (const line of diffOutput.trim().split("\n")) {
+          const [added, removed, file] = line.split("\t")
+          changed.push({
+            path: file,
+            added: added === "-" ? 0 : parseInt(added, 10),
+            removed: removed === "-" ? 0 : parseInt(removed, 10),
+            status: "modified",
+          })
+        }
+      }
+
+      const untrackedOutput = yield* gitText([
+        "-c",
+        "core.fsmonitor=false",
+        "-c",
+        "core.quotepath=false",
+        "ls-files",
+        "--others",
+        "--exclude-standard",
+      ])
+
+      if (untrackedOutput.trim()) {
+        for (const file of untrackedOutput.trim().split("\n")) {
+          const content = yield* appFs
+            .readFileString(path.join(Instance.directory, file))
+            .pipe(Effect.catch(() => Effect.succeed<string | undefined>(undefined)))
+          if (content === undefined) continue
+          changed.push({
+            path: file,
+            added: content.split("\n").length,
+            removed: 0,
+            status: "added",
+          })
+        }
+      }
+
+      const deletedOutput = yield* gitText([
+        "-c",
+        "core.fsmonitor=false",
+        "-c",
+        "core.quotepath=false",
+        "diff",
+        "--name-only",
+        "--diff-filter=D",
+        "HEAD",
+      ])
+
+      if (deletedOutput.trim()) {
+        for (const file of deletedOutput.trim().split("\n")) {
+          changed.push({
+            path: file,
+            added: 0,
+            removed: 0,
+            status: "deleted",
+          })
+        }
+      }
+
+      return changed.map((item) => {
+        const full = path.isAbsolute(item.path) ? item.path : path.join(Instance.directory, item.path)
+        return {
+          ...item,
+          path: path.relative(Instance.directory, full),
+        }
+      })
+    })
+
+    const read: Interface["read"] = Effect.fn("File.read")(function* (file: string) {
+      using _ = log.time("read", { file })
+      const full = path.join(Instance.directory, file)
+
+      if (!Instance.containsPath(full)) throw new Error("Access denied: path escapes project directory")
+
+      if (isImageByExtension(file)) {
+        const exists = yield* appFs.existsSafe(full)
+        if (exists) {
+          const bytes = yield* appFs.readFile(full).pipe(Effect.catch(() => Effect.succeed(new Uint8Array())))
+          return {
+            type: "text" as const,
+            content: Buffer.from(bytes).toString("base64"),
+            mimeType: getImageMimeType(file),
+            encoding: "base64" as const,
+          }
+        }
+        return { type: "text" as const, content: "" }
+      }
+
+      const knownText = isTextByExtension(file) || isTextByName(file)
+
+      if (isBinaryByExtension(file) && !knownText) return { type: "binary" as const, content: "" }
+
+      const exists = yield* appFs.existsSafe(full)
+      if (!exists) return { type: "text" as const, content: "" }
+
+      const mimeType = AppFileSystem.mimeType(full)
+      const encode = knownText ? false : shouldEncode(mimeType)
+
+      if (encode && !isImage(mimeType)) return { type: "binary" as const, content: "", mimeType }
+
+      if (encode) {
+        const bytes = yield* appFs.readFile(full).pipe(Effect.catch(() => Effect.succeed(new Uint8Array())))
+        return {
+          type: "text" as const,
+          content: Buffer.from(bytes).toString("base64"),
+          mimeType,
+          encoding: "base64" as const,
+        }
+      }
+
+      const content = yield* appFs.readFileString(full).pipe(
+        Effect.map((s) => s.trim()),
+        Effect.catch(() => Effect.succeed("")),
+      )
+
+      if (Instance.project.vcs === "git") {
+        let diff = yield* gitText(["-c", "core.fsmonitor=false", "diff", "--", file])
+        if (!diff.trim()) {
+          diff = yield* gitText(["-c", "core.fsmonitor=false", "diff", "--staged", "--", file])
+        }
+        if (diff.trim()) {
+          const original = yield* git.show(Instance.directory, "HEAD", file)
+          const patch = structuredPatch(file, file, original, content, "old", "new", {
+            context: Infinity,
+            ignoreWhitespace: true,
+          })
+          return { type: "text" as const, content, patch, diff: formatPatch(patch) }
+        }
+        return { type: "text" as const, content }
+      }
+
+      return { type: "text" as const, content }
+    })
+
+    const list = Effect.fn("File.list")(function* (dir?: string) {
+      const exclude = [".git", ".DS_Store"]
+      let ignored = (_: string) => false
+      if (Instance.project.vcs === "git") {
+        const ig = ignore()
+        const gitignore = path.join(Instance.project.worktree, ".gitignore")
+        const gitignoreText = yield* appFs.readFileString(gitignore).pipe(Effect.catch(() => Effect.succeed("")))
+        if (gitignoreText) ig.add(gitignoreText)
+        const ignoreFile = path.join(Instance.project.worktree, ".ignore")
+        const ignoreText = yield* appFs.readFileString(ignoreFile).pipe(Effect.catch(() => Effect.succeed("")))
+        if (ignoreText) ig.add(ignoreText)
+        ignored = ig.ignores.bind(ig)
+      }
+
+      const resolved = dir ? path.join(Instance.directory, dir) : Instance.directory
+      if (!Instance.containsPath(resolved)) throw new Error("Access denied: path escapes project directory")
+
+      const entries = yield* appFs.readDirectoryEntries(resolved).pipe(Effect.orElseSucceed(() => []))
+
+      const nodes: Node[] = []
+      for (const entry of entries) {
+        if (exclude.includes(entry.name)) continue
+        const absolute = path.join(resolved, entry.name)
+        const file = path.relative(Instance.directory, absolute)
+        const type = entry.type === "directory" ? "directory" : "file"
+        nodes.push({
+          name: entry.name,
+          path: file,
+          absolute,
+          type,
+          ignored: ignored(type === "directory" ? file + "/" : file),
+        })
+      }
+      return nodes.sort((a, b) => {
+        if (a.type !== b.type) return a.type === "directory" ? -1 : 1
+        return a.name.localeCompare(b.name)
+      })
+    })
+
+    const search = Effect.fn("File.search")(function* (input: {
+      query: string
+      limit?: number
+      dirs?: boolean
+      type?: "file" | "directory"
+    }) {
+      yield* ensure()
+      const { cache } = yield* InstanceState.get(state)
+
+      const query = input.query.trim()
+      const limit = input.limit ?? 100
+      const kind = input.type ?? (input.dirs === false ? "file" : "all")
+      log.info("search", { query, kind })
+
+      const preferHidden = query.startsWith(".") || query.includes("/.")
+
+      if (!query) {
+        if (kind === "file") return cache.files.slice(0, limit)
+        return sortHiddenLast(cache.dirs.toSorted(), preferHidden).slice(0, limit)
+      }
+
+      const items = kind === "file" ? cache.files : kind === "directory" ? cache.dirs : [...cache.files, ...cache.dirs]
+
+      const searchLimit = kind === "directory" && !preferHidden ? limit * 20 : limit
+      const sorted = fuzzysort.go(query, items, { limit: searchLimit }).map((item) => item.target)
+      const output = kind === "directory" ? sortHiddenLast(sorted, preferHidden).slice(0, limit) : sorted
+
+      log.info("search", { query, kind, results: output.length })
+      return output
+    })
+
+    log.info("init")
+    return Service.of({ init, status, read, list, search })
+  }),
+)
+
+export const defaultLayer = layer.pipe(
+  Layer.provide(Ripgrep.defaultLayer),
+  Layer.provide(AppFileSystem.defaultLayer),
+  Layer.provide(Git.defaultLayer),
+)

packages/opencode/src/file/index.ts

@@ -1,656 +1 @@
-import { BusEvent } from "@/bus/bus-event"
-import { InstanceState } from "@/effect/instance-state"
-
-import { AppFileSystem } from "@opencode-ai/shared/filesystem"
-import { Git } from "@/git"
-import { Effect, Layer, Context } from "effect"
-import * as Stream from "effect/Stream"
-import { formatPatch, structuredPatch } from "diff"
-import fuzzysort from "fuzzysort"
-import ignore from "ignore"
-import path from "path"
-import z from "zod"
-import { Global } from "../global"
-import { Instance } from "../project/instance"
-import { Log } from "../util/log"
-import { Protected } from "./protected"
-import { Ripgrep } from "./ripgrep"
-
-export namespace File {
-  export const Info = z
-    .object({
-      path: z.string(),
-      added: z.number().int(),
-      removed: z.number().int(),
-      status: z.enum(["added", "deleted", "modified"]),
-    })
-    .meta({
-      ref: "File",
-    })
-
-  export type Info = z.infer<typeof Info>
-
-  export const Node = z
-    .object({
-      name: z.string(),
-      path: z.string(),
-      absolute: z.string(),
-      type: z.enum(["file", "directory"]),
-      ignored: z.boolean(),
-    })
-    .meta({
-      ref: "FileNode",
-    })
-  export type Node = z.infer<typeof Node>
-
-  export const Content = z
-    .object({
-      type: z.enum(["text", "binary"]),
-      content: z.string(),
-      diff: z.string().optional(),
-      patch: z
-        .object({
-          oldFileName: z.string(),
-          newFileName: z.string(),
-          oldHeader: z.string().optional(),
-          newHeader: z.string().optional(),
-          hunks: z.array(
-            z.object({
-              oldStart: z.number(),
-              oldLines: z.number(),
-              newStart: z.number(),
-              newLines: z.number(),
-              lines: z.array(z.string()),
-            }),
-          ),
-          index: z.string().optional(),
-        })
-        .optional(),
-      encoding: z.literal("base64").optional(),
-      mimeType: z.string().optional(),
-    })
-    .meta({
-      ref: "FileContent",
-    })
-  export type Content = z.infer<typeof Content>
-
-  export const Event = {
-    Edited: BusEvent.define(
-      "file.edited",
-      z.object({
-        file: z.string(),
-      }),
-    ),
-  }
-
-  const log = Log.create({ service: "file" })
-
-  const binary = new Set([
-    "exe",
-    "dll",
-    "pdb",
-    "bin",
-    "so",
-    "dylib",
-    "o",
-    "a",
-    "lib",
-    "wav",
-    "mp3",
-    "ogg",
-    "oga",
-    "ogv",
-    "ogx",
-    "flac",
-    "aac",
-    "wma",
-    "m4a",
-    "weba",
-    "mp4",
-    "avi",
-    "mov",
-    "wmv",
-    "flv",
-    "webm",
-    "mkv",
-    "zip",
-    "tar",
-    "gz",
-    "gzip",
-    "bz",
-    "bz2",
-    "bzip",
-    "bzip2",
-    "7z",
-    "rar",
-    "xz",
-    "lz",
-    "z",
-    "pdf",
-    "doc",
-    "docx",
-    "ppt",
-    "pptx",
-    "xls",
-    "xlsx",
-    "dmg",
-    "iso",
-    "img",
-    "vmdk",
-    "ttf",
-    "otf",
-    "woff",
-    "woff2",
-    "eot",
-    "sqlite",
-    "db",
-    "mdb",
-    "apk",
-    "ipa",
-    "aab",
-    "xapk",
-    "app",
-    "pkg",
-    "deb",
-    "rpm",
-    "snap",
-    "flatpak",
-    "appimage",
-    "msi",
-    "msp",
-    "jar",
-    "war",
-    "ear",
-    "class",
-    "kotlin_module",
-    "dex",
-    "vdex",
-    "odex",
-    "oat",
-    "art",
-    "wasm",
-    "wat",
-    "bc",
-    "ll",
-    "s",
-    "ko",
-    "sys",
-    "drv",
-    "efi",
-    "rom",
-    "com",
-  ])
-
-  const image = new Set([
-    "png",
-    "jpg",
-    "jpeg",
-    "gif",
-    "bmp",
-    "webp",
-    "ico",
-    "tif",
-    "tiff",
-    "svg",
-    "svgz",
-    "avif",
-    "apng",
-    "jxl",
-    "heic",
-    "heif",
-    "raw",
-    "cr2",
-    "nef",
-    "arw",
-    "dng",
-    "orf",
-    "raf",
-    "pef",
-    "x3f",
-  ])
-
-  const text = new Set([
-    "ts",
-    "tsx",
-    "mts",
-    "cts",
-    "mtsx",
-    "ctsx",
-    "js",
-    "jsx",
-    "mjs",
-    "cjs",
-    "sh",
-    "bash",
-    "zsh",
-    "fish",
-    "ps1",
-    "psm1",
-    "cmd",
-    "bat",
-    "json",
-    "jsonc",
-    "json5",
-    "yaml",
-    "yml",
-    "toml",
-    "md",
-    "mdx",
-    "txt",
-    "xml",
-    "html",
-    "htm",
-    "css",
-    "scss",
-    "sass",
-    "less",
-    "graphql",
-    "gql",
-    "sql",
-    "ini",
-    "cfg",
-    "conf",
-    "env",
-  ])
-
-  const textName = new Set([
-    "dockerfile",
-    "makefile",
-    ".gitignore",
-    ".gitattributes",
-    ".editorconfig",
-    ".npmrc",
-    ".nvmrc",
-    ".prettierrc",
-    ".eslintrc",
-  ])
-
-  const mime: Record<string, string> = {
-    png: "image/png",
-    jpg: "image/jpeg",
-    jpeg: "image/jpeg",
-    gif: "image/gif",
-    bmp: "image/bmp",
-    webp: "image/webp",
-    ico: "image/x-icon",
-    tif: "image/tiff",
-    tiff: "image/tiff",
-    svg: "image/svg+xml",
-    svgz: "image/svg+xml",
-    avif: "image/avif",
-    apng: "image/apng",
-    jxl: "image/jxl",
-    heic: "image/heic",
-    heif: "image/heif",
-  }
-
-  type Entry = { files: string[]; dirs: string[] }
-
-  const ext = (file: string) => path.extname(file).toLowerCase().slice(1)
-  const name = (file: string) => path.basename(file).toLowerCase()
-  const isImageByExtension = (file: string) => image.has(ext(file))
-  const isTextByExtension = (file: string) => text.has(ext(file))
-  const isTextByName = (file: string) => textName.has(name(file))
-  const isBinaryByExtension = (file: string) => binary.has(ext(file))
-  const isImage = (mimeType: string) => mimeType.startsWith("image/")
-  const getImageMimeType = (file: string) => mime[ext(file)] || "image/" + ext(file)
-
-  function shouldEncode(mimeType: string) {
-    const type = mimeType.toLowerCase()
-    log.debug("shouldEncode", { type })
-    if (!type) return false
-    if (type.startsWith("text/")) return false
-    if (type.includes("charset=")) return false
-    const top = type.split("/", 2)[0]
-    return ["image", "audio", "video", "font", "model", "multipart"].includes(top)
-  }
-
-  const hidden = (item: string) => {
-    const normalized = item.replaceAll("\\", "/").replace(/\/+$/, "")
-    return normalized.split("/").some((part) => part.startsWith(".") && part.length > 1)
-  }
-
-  const sortHiddenLast = (items: string[], prefer: boolean) => {
-    if (prefer) return items
-    const visible: string[] = []
-    const hiddenItems: string[] = []
-    for (const item of items) {
-      if (hidden(item)) hiddenItems.push(item)
-      else visible.push(item)
-    }
-    return [...visible, ...hiddenItems]
-  }
-
-  interface State {
-    cache: Entry
-  }
-
-  export interface Interface {
-    readonly init: () => Effect.Effect<void>
-    readonly status: () => Effect.Effect<File.Info[]>
-    readonly read: (file: string) => Effect.Effect<File.Content>
-    readonly list: (dir?: string) => Effect.Effect<File.Node[]>
-    readonly search: (input: {
-      query: string
-      limit?: number
-      dirs?: boolean
-      type?: "file" | "directory"
-    }) => Effect.Effect<string[]>
-  }
-
-  export class Service extends Context.Service<Service, Interface>()("@opencode/File") {}
-
-  export const layer = Layer.effect(
-    Service,
-    Effect.gen(function* () {
-      const appFs = yield* AppFileSystem.Service
-      const rg = yield* Ripgrep.Service
-      const git = yield* Git.Service
-
-      const state = yield* InstanceState.make<State>(
-        Effect.fn("File.state")(() =>
-          Effect.succeed({
-            cache: { files: [], dirs: [] } as Entry,
-          }),
-        ),
-      )
-
-      const scan = Effect.fn("File.scan")(function* () {
-        if (Instance.directory === path.parse(Instance.directory).root) return
-        const isGlobalHome = Instance.directory === Global.Path.home && Instance.project.id === "global"
-        const next: Entry = { files: [], dirs: [] }
-
-        if (isGlobalHome) {
-          const dirs = new Set<string>()
-          const protectedNames = Protected.names()
-          const ignoreNested = new Set(["node_modules", "dist", "build", "target", "vendor"])
-          const shouldIgnoreName = (name: string) => name.startsWith(".") || protectedNames.has(name)
-          const shouldIgnoreNested = (name: string) => name.startsWith(".") || ignoreNested.has(name)
-          const top = yield* appFs.readDirectoryEntries(Instance.directory).pipe(Effect.orElseSucceed(() => []))
-
-          for (const entry of top) {
-            if (entry.type !== "directory") continue
-            if (shouldIgnoreName(entry.name)) continue
-            dirs.add(entry.name + "/")
-
-            const base = path.join(Instance.directory, entry.name)
-            const children = yield* appFs.readDirectoryEntries(base).pipe(Effect.orElseSucceed(() => []))
-            for (const child of children) {
-              if (child.type !== "directory") continue
-              if (shouldIgnoreNested(child.name)) continue
-              dirs.add(entry.name + "/" + child.name + "/")
-            }
-          }
-
-          next.dirs = Array.from(dirs).toSorted()
-        } else {
-          const files = yield* rg.files({ cwd: Instance.directory }).pipe(
-            Stream.runCollect,
-            Effect.map((chunk) => [...chunk]),
-          )
-          const seen = new Set<string>()
-          for (const file of files) {
-            next.files.push(file)
-            let current = file
-            while (true) {
-              const dir = path.dirname(current)
-              if (dir === ".") break
-              if (dir === current) break
-              current = dir
-              if (seen.has(dir)) continue
-              seen.add(dir)
-              next.dirs.push(dir + "/")
-            }
-          }
-        }
-
-        const s = yield* InstanceState.get(state)
-        s.cache = next
-      })
-
-      let cachedScan = yield* Effect.cached(scan().pipe(Effect.catchCause(() => Effect.void)))
-
-      const ensure = Effect.fn("File.ensure")(function* () {
-        yield* cachedScan
-        cachedScan = yield* Effect.cached(scan().pipe(Effect.catchCause(() => Effect.void)))
-      })
-
-      const gitText = Effect.fnUntraced(function* (args: string[]) {
-        return (yield* git.run(args, { cwd: Instance.directory })).text()
-      })
-
-      const init = Effect.fn("File.init")(function* () {
-        yield* ensure()
-      })
-
-      const status = Effect.fn("File.status")(function* () {
-        if (Instance.project.vcs !== "git") return []
-
-        const diffOutput = yield* gitText([
-          "-c",
-          "core.fsmonitor=false",
-          "-c",
-          "core.quotepath=false",
-          "diff",
-          "--numstat",
-          "HEAD",
-        ])
-
-        const changed: File.Info[] = []
-
-        if (diffOutput.trim()) {
-          for (const line of diffOutput.trim().split("\n")) {
-            const [added, removed, file] = line.split("\t")
-            changed.push({
-              path: file,
-              added: added === "-" ? 0 : parseInt(added, 10),
-              removed: removed === "-" ? 0 : parseInt(removed, 10),
-              status: "modified",
-            })
-          }
-        }
-
-        const untrackedOutput = yield* gitText([
-          "-c",
-          "core.fsmonitor=false",
-          "-c",
-          "core.quotepath=false",
-          "ls-files",
-          "--others",
-          "--exclude-standard",
-        ])
-
-        if (untrackedOutput.trim()) {
-          for (const file of untrackedOutput.trim().split("\n")) {
-            const content = yield* appFs
-              .readFileString(path.join(Instance.directory, file))
-              .pipe(Effect.catch(() => Effect.succeed<string | undefined>(undefined)))
-            if (content === undefined) continue
-            changed.push({
-              path: file,
-              added: content.split("\n").length,
-              removed: 0,
-              status: "added",
-            })
-          }
-        }
-
-        const deletedOutput = yield* gitText([
-          "-c",
-          "core.fsmonitor=false",
-          "-c",
-          "core.quotepath=false",
-          "diff",
-          "--name-only",
-          "--diff-filter=D",
-          "HEAD",
-        ])
-
-        if (deletedOutput.trim()) {
-          for (const file of deletedOutput.trim().split("\n")) {
-            changed.push({
-              path: file,
-              added: 0,
-              removed: 0,
-              status: "deleted",
-            })
-          }
-        }
-
-        return changed.map((item) => {
-          const full = path.isAbsolute(item.path) ? item.path : path.join(Instance.directory, item.path)
-          return {
-            ...item,
-            path: path.relative(Instance.directory, full),
-          }
-        })
-      })
-
-      const read: Interface["read"] = Effect.fn("File.read")(function* (file: string) {
-        using _ = log.time("read", { file })
-        const full = path.join(Instance.directory, file)
-
-        if (!Instance.containsPath(full)) throw new Error("Access denied: path escapes project directory")
-
-        if (isImageByExtension(file)) {
-          const exists = yield* appFs.existsSafe(full)
-          if (exists) {
-            const bytes = yield* appFs.readFile(full).pipe(Effect.catch(() => Effect.succeed(new Uint8Array())))
-            return {
-              type: "text" as const,
-              content: Buffer.from(bytes).toString("base64"),
-              mimeType: getImageMimeType(file),
-              encoding: "base64" as const,
-            }
-          }
-          return { type: "text" as const, content: "" }
-        }
-
-        const knownText = isTextByExtension(file) || isTextByName(file)
-
-        if (isBinaryByExtension(file) && !knownText) return { type: "binary" as const, content: "" }
-
-        const exists = yield* appFs.existsSafe(full)
-        if (!exists) return { type: "text" as const, content: "" }
-
-        const mimeType = AppFileSystem.mimeType(full)
-        const encode = knownText ? false : shouldEncode(mimeType)
-
-        if (encode && !isImage(mimeType)) return { type: "binary" as const, content: "", mimeType }
-
-        if (encode) {
-          const bytes = yield* appFs.readFile(full).pipe(Effect.catch(() => Effect.succeed(new Uint8Array())))
-          return {
-            type: "text" as const,
-            content: Buffer.from(bytes).toString("base64"),
-            mimeType,
-            encoding: "base64" as const,
-          }
-        }
-
-        const content = yield* appFs.readFileString(full).pipe(
-          Effect.map((s) => s.trim()),
-          Effect.catch(() => Effect.succeed("")),
-        )
-
-        if (Instance.project.vcs === "git") {
-          let diff = yield* gitText(["-c", "core.fsmonitor=false", "diff", "--", file])
-          if (!diff.trim()) {
-            diff = yield* gitText(["-c", "core.fsmonitor=false", "diff", "--staged", "--", file])
-          }
-          if (diff.trim()) {
-            const original = yield* git.show(Instance.directory, "HEAD", file)
-            const patch = structuredPatch(file, file, original, content, "old", "new", {
-              context: Infinity,
-              ignoreWhitespace: true,
-            })
-            return { type: "text" as const, content, patch, diff: formatPatch(patch) }
-          }
-          return { type: "text" as const, content }
-        }
-
-        return { type: "text" as const, content }
-      })
-
-      const list = Effect.fn("File.list")(function* (dir?: string) {
-        const exclude = [".git", ".DS_Store"]
-        let ignored = (_: string) => false
-        if (Instance.project.vcs === "git") {
-          const ig = ignore()
-          const gitignore = path.join(Instance.project.worktree, ".gitignore")
-          const gitignoreText = yield* appFs.readFileString(gitignore).pipe(Effect.catch(() => Effect.succeed("")))
-          if (gitignoreText) ig.add(gitignoreText)
-          const ignoreFile = path.join(Instance.project.worktree, ".ignore")
-          const ignoreText = yield* appFs.readFileString(ignoreFile).pipe(Effect.catch(() => Effect.succeed("")))
-          if (ignoreText) ig.add(ignoreText)
-          ignored = ig.ignores.bind(ig)
-        }
-
-        const resolved = dir ? path.join(Instance.directory, dir) : Instance.directory
-        if (!Instance.containsPath(resolved)) throw new Error("Access denied: path escapes project directory")
-
-        const entries = yield* appFs.readDirectoryEntries(resolved).pipe(Effect.orElseSucceed(() => []))
-
-        const nodes: File.Node[] = []
-        for (const entry of entries) {
-          if (exclude.includes(entry.name)) continue
-          const absolute = path.join(resolved, entry.name)
-          const file = path.relative(Instance.directory, absolute)
-          const type = entry.type === "directory" ? "directory" : "file"
-          nodes.push({
-            name: entry.name,
-            path: file,
-            absolute,
-            type,
-            ignored: ignored(type === "directory" ? file + "/" : file),
-          })
-        }
-        return nodes.sort((a, b) => {
-          if (a.type !== b.type) return a.type === "directory" ? -1 : 1
-          return a.name.localeCompare(b.name)
-        })
-      })
-
-      const search = Effect.fn("File.search")(function* (input: {
-        query: string
-        limit?: number
-        dirs?: boolean
-        type?: "file" | "directory"
-      }) {
-        yield* ensure()
-        const { cache } = yield* InstanceState.get(state)
-
-        const query = input.query.trim()
-        const limit = input.limit ?? 100
-        const kind = input.type ?? (input.dirs === false ? "file" : "all")
-        log.info("search", { query, kind })
-
-        const preferHidden = query.startsWith(".") || query.includes("/.")
-
-        if (!query) {
-          if (kind === "file") return cache.files.slice(0, limit)
-          return sortHiddenLast(cache.dirs.toSorted(), preferHidden).slice(0, limit)
-        }
-
-        const items =
-          kind === "file" ? cache.files : kind === "directory" ? cache.dirs : [...cache.files, ...cache.dirs]
-
-        const searchLimit = kind === "directory" && !preferHidden ? limit * 20 : limit
-        const sorted = fuzzysort.go(query, items, { limit: searchLimit }).map((item) => item.target)
-        const output = kind === "directory" ? sortHiddenLast(sorted, preferHidden).slice(0, limit) : sorted
-
-        log.info("search", { query, kind, results: output.length })
-        return output
-      })
-
-      log.info("init")
-      return Service.of({ init, status, read, list, search })
-    }),
-  )
-
-  export const defaultLayer = layer.pipe(
-    Layer.provide(Ripgrep.defaultLayer),
-    Layer.provide(AppFileSystem.defaultLayer),
-    Layer.provide(Git.defaultLayer),
-  )
-}
+export * as File from "./file"

packages/opencode/src/format/format.ts

@@ -0,0 +1,192 @@
+import { Effect, Layer, Context } from "effect"
+import { ChildProcess, ChildProcessSpawner } from "effect/unstable/process"
+import * as CrossSpawnSpawner from "@/effect/cross-spawn-spawner"
+import { InstanceState } from "@/effect/instance-state"
+import path from "path"
+import { mergeDeep } from "remeda"
+import z from "zod"
+import { Config } from "../config"
+import { Log } from "../util/log"
+import * as Formatter from "./formatter"
+
+const log = Log.create({ service: "format" })
+
+export const Status = z
+  .object({
+    name: z.string(),
+    extensions: z.string().array(),
+    enabled: z.boolean(),
+  })
+  .meta({
+    ref: "FormatterStatus",
+  })
+export type Status = z.infer<typeof Status>
+
+export interface Interface {
+  readonly init: () => Effect.Effect<void>
+  readonly status: () => Effect.Effect<Status[]>
+  readonly file: (filepath: string) => Effect.Effect<void>
+}
+
+export class Service extends Context.Service<Service, Interface>()("@opencode/Format") {}
+
+export const layer = Layer.effect(
+  Service,
+  Effect.gen(function* () {
+    const config = yield* Config.Service
+    const spawner = yield* ChildProcessSpawner.ChildProcessSpawner
+
+    const state = yield* InstanceState.make(
+      Effect.fn("Format.state")(function* (_ctx) {
+        const commands: Record<string, string[] | false> = {}
+        const formatters: Record<string, Formatter.Info> = {}
+
+        const cfg = yield* config.get()
+
+        if (cfg.formatter !== false) {
+          for (const item of Object.values(Formatter)) {
+            formatters[item.name] = item
+          }
+          for (const [name, item] of Object.entries(cfg.formatter ?? {})) {
+            // Ruff and uv are both the same formatter, so disabling either should disable both.
+            if (["ruff", "uv"].includes(name) && (cfg.formatter?.ruff?.disabled || cfg.formatter?.uv?.disabled)) {
+              // TODO combine formatters so shared backends like Ruff/uv don't need linked disable handling here.
+              delete formatters.ruff
+              delete formatters.uv
+              continue
+            }
+            if (item.disabled) {
+              delete formatters[name]
+              continue
+            }
+            const info = mergeDeep(formatters[name] ?? {}, {
+              extensions: [],
+              ...item,
+            })
+
+            formatters[name] = {
+              ...info,
+              name,
+              enabled: async () => info.command ?? false,
+            }
+          }
+        } else {
+          log.info("all formatters are disabled")
+        }
+
+        async function getCommand(item: Formatter.Info) {
+          let cmd = commands[item.name]
+          if (cmd === false || cmd === undefined) {
+            cmd = await item.enabled()
+            commands[item.name] = cmd
+          }
+          return cmd
+        }
+
+        async function isEnabled(item: Formatter.Info) {
+          const cmd = await getCommand(item)
+          return cmd !== false
+        }
+
+        async function getFormatter(ext: string) {
+          const matching = Object.values(formatters).filter((item) => item.extensions.includes(ext))
+          const checks = await Promise.all(
+            matching.map(async (item) => {
+              log.info("checking", { name: item.name, ext })
+              const cmd = await getCommand(item)
+              if (cmd) {
+                log.info("enabled", { name: item.name, ext })
+              }
+              return {
+                item,
+                cmd,
+              }
+            }),
+          )
+          return checks.filter((x) => x.cmd).map((x) => ({ item: x.item, cmd: x.cmd! }))
+        }
+
+        function formatFile(filepath: string) {
+          return Effect.gen(function* () {
+            log.info("formatting", { file: filepath })
+            const ext = path.extname(filepath)
+
+            for (const { item, cmd } of yield* Effect.promise(() => getFormatter(ext))) {
+              if (cmd === false) continue
+              log.info("running", { command: cmd })
+              const replaced = cmd.map((x) => x.replace("$FILE", filepath))
+              const dir = yield* InstanceState.directory
+              const code = yield* spawner
+                .spawn(
+                  ChildProcess.make(replaced[0]!, replaced.slice(1), {
+                    cwd: dir,
+                    env: item.environment,
+                    extendEnv: true,
+                  }),
+                )
+                .pipe(
+                  Effect.flatMap((handle) => handle.exitCode),
+                  Effect.scoped,
+                  Effect.catch(() =>
+                    Effect.sync(() => {
+                      log.error("failed to format file", {
+                        error: "spawn failed",
+                        command: cmd,
+                        ...item.environment,
+                        file: filepath,
+                      })
+                      return ChildProcessSpawner.ExitCode(1)
+                    }),
+                  ),
+                )
+              if (code !== 0) {
+                log.error("failed", {
+                  command: cmd,
+                  ...item.environment,
+                })
+              }
+            }
+          })
+        }
+
+        log.info("init")
+
+        return {
+          formatters,
+          isEnabled,
+          formatFile,
+        }
+      }),
+    )
+
+    const init = Effect.fn("Format.init")(function* () {
+      yield* InstanceState.get(state)
+    })
+
+    const status = Effect.fn("Format.status")(function* () {
+      const { formatters, isEnabled } = yield* InstanceState.get(state)
+      const result: Status[] = []
+      for (const formatter of Object.values(formatters)) {
+        const isOn = yield* Effect.promise(() => isEnabled(formatter))
+        result.push({
+          name: formatter.name,
+          extensions: formatter.extensions,
+          enabled: isOn,
+        })
+      }
+      return result
+    })
+
+    const file = Effect.fn("Format.file")(function* (filepath: string) {
+      const { formatFile } = yield* InstanceState.get(state)
+      yield* formatFile(filepath)
+    })
+
+    return Service.of({ init, status, file })
+  }),
+)
+
+export const defaultLayer = layer.pipe(
+  Layer.provide(Config.defaultLayer),
+  Layer.provide(CrossSpawnSpawner.defaultLayer),
+)

packages/opencode/src/format/index.ts

@@ -1,194 +1 @@
-import { Effect, Layer, Context } from "effect"
-import { ChildProcess, ChildProcessSpawner } from "effect/unstable/process"
-import * as CrossSpawnSpawner from "@/effect/cross-spawn-spawner"
-import { InstanceState } from "@/effect/instance-state"
-import path from "path"
-import { mergeDeep } from "remeda"
-import z from "zod"
-import { Config } from "../config"
-import { Log } from "../util/log"
-import * as Formatter from "./formatter"
-
-export namespace Format {
-  const log = Log.create({ service: "format" })
-
-  export const Status = z
-    .object({
-      name: z.string(),
-      extensions: z.string().array(),
-      enabled: z.boolean(),
-    })
-    .meta({
-      ref: "FormatterStatus",
-    })
-  export type Status = z.infer<typeof Status>
-
-  export interface Interface {
-    readonly init: () => Effect.Effect<void>
-    readonly status: () => Effect.Effect<Status[]>
-    readonly file: (filepath: string) => Effect.Effect<void>
-  }
-
-  export class Service extends Context.Service<Service, Interface>()("@opencode/Format") {}
-
-  export const layer = Layer.effect(
-    Service,
-    Effect.gen(function* () {
-      const config = yield* Config.Service
-      const spawner = yield* ChildProcessSpawner.ChildProcessSpawner
-
-      const state = yield* InstanceState.make(
-        Effect.fn("Format.state")(function* (_ctx) {
-          const commands: Record<string, string[] | false> = {}
-          const formatters: Record<string, Formatter.Info> = {}
-
-          const cfg = yield* config.get()
-
-          if (cfg.formatter !== false) {
-            for (const item of Object.values(Formatter)) {
-              formatters[item.name] = item
-            }
-            for (const [name, item] of Object.entries(cfg.formatter ?? {})) {
-              // Ruff and uv are both the same formatter, so disabling either should disable both.
-              if (["ruff", "uv"].includes(name) && (cfg.formatter?.ruff?.disabled || cfg.formatter?.uv?.disabled)) {
-                // TODO combine formatters so shared backends like Ruff/uv don't need linked disable handling here.
-                delete formatters.ruff
-                delete formatters.uv
-                continue
-              }
-              if (item.disabled) {
-                delete formatters[name]
-                continue
-              }
-              const info = mergeDeep(formatters[name] ?? {}, {
-                extensions: [],
-                ...item,
-              })
-
-              formatters[name] = {
-                ...info,
-                name,
-                enabled: async () => info.command ?? false,
-              }
-            }
-          } else {
-            log.info("all formatters are disabled")
-          }
-
-          async function getCommand(item: Formatter.Info) {
-            let cmd = commands[item.name]
-            if (cmd === false || cmd === undefined) {
-              cmd = await item.enabled()
-              commands[item.name] = cmd
-            }
-            return cmd
-          }
-
-          async function isEnabled(item: Formatter.Info) {
-            const cmd = await getCommand(item)
-            return cmd !== false
-          }
-
-          async function getFormatter(ext: string) {
-            const matching = Object.values(formatters).filter((item) => item.extensions.includes(ext))
-            const checks = await Promise.all(
-              matching.map(async (item) => {
-                log.info("checking", { name: item.name, ext })
-                const cmd = await getCommand(item)
-                if (cmd) {
-                  log.info("enabled", { name: item.name, ext })
-                }
-                return {
-                  item,
-                  cmd,
-                }
-              }),
-            )
-            return checks.filter((x) => x.cmd).map((x) => ({ item: x.item, cmd: x.cmd! }))
-          }
-
-          function formatFile(filepath: string) {
-            return Effect.gen(function* () {
-              log.info("formatting", { file: filepath })
-              const ext = path.extname(filepath)
-
-              for (const { item, cmd } of yield* Effect.promise(() => getFormatter(ext))) {
-                if (cmd === false) continue
-                log.info("running", { command: cmd })
-                const replaced = cmd.map((x) => x.replace("$FILE", filepath))
-                const dir = yield* InstanceState.directory
-                const code = yield* spawner
-                  .spawn(
-                    ChildProcess.make(replaced[0]!, replaced.slice(1), {
-                      cwd: dir,
-                      env: item.environment,
-                      extendEnv: true,
-                    }),
-                  )
-                  .pipe(
-                    Effect.flatMap((handle) => handle.exitCode),
-                    Effect.scoped,
-                    Effect.catch(() =>
-                      Effect.sync(() => {
-                        log.error("failed to format file", {
-                          error: "spawn failed",
-                          command: cmd,
-                          ...item.environment,
-                          file: filepath,
-                        })
-                        return ChildProcessSpawner.ExitCode(1)
-                      }),
-                    ),
-                  )
-                if (code !== 0) {
-                  log.error("failed", {
-                    command: cmd,
-                    ...item.environment,
-                  })
-                }
-              }
-            })
-          }
-
-          log.info("init")
-
-          return {
-            formatters,
-            isEnabled,
-            formatFile,
-          }
-        }),
-      )
-
-      const init = Effect.fn("Format.init")(function* () {
-        yield* InstanceState.get(state)
-      })
-
-      const status = Effect.fn("Format.status")(function* () {
-        const { formatters, isEnabled } = yield* InstanceState.get(state)
-        const result: Status[] = []
-        for (const formatter of Object.values(formatters)) {
-          const isOn = yield* Effect.promise(() => isEnabled(formatter))
-          result.push({
-            name: formatter.name,
-            extensions: formatter.extensions,
-            enabled: isOn,
-          })
-        }
-        return result
-      })
-
-      const file = Effect.fn("Format.file")(function* (filepath: string) {
-        const { formatFile } = yield* InstanceState.get(state)
-        yield* formatFile(filepath)
-      })
-
-      return Service.of({ init, status, file })
-    }),
-  )
-
-  export const defaultLayer = layer.pipe(
-    Layer.provide(Config.defaultLayer),
-    Layer.provide(CrossSpawnSpawner.defaultLayer),
-  )
-}
+export * as Format from "./format"

packages/opencode/src/git/git.ts

@@ -0,0 +1,258 @@
+import * as CrossSpawnSpawner from "@/effect/cross-spawn-spawner"
+import { Effect, Layer, Context, Stream } from "effect"
+import { ChildProcess, ChildProcessSpawner } from "effect/unstable/process"
+
+const cfg = [
+  "--no-optional-locks",
+  "-c",
+  "core.autocrlf=false",
+  "-c",
+  "core.fsmonitor=false",
+  "-c",
+  "core.longpaths=true",
+  "-c",
+  "core.symlinks=true",
+  "-c",
+  "core.quotepath=false",
+] as const
+
+const out = (result: { text(): string }) => result.text().trim()
+const nuls = (text: string) => text.split("\0").filter(Boolean)
+const fail = (err: unknown) =>
+  ({
+    exitCode: 1,
+    text: () => "",
+    stdout: Buffer.alloc(0),
+    stderr: Buffer.from(err instanceof Error ? err.message : String(err)),
+  }) satisfies Result
+
+export type Kind = "added" | "deleted" | "modified"
+
+export type Base = {
+  readonly name: string
+  readonly ref: string
+}
+
+export type Item = {
+  readonly file: string
+  readonly code: string
+  readonly status: Kind
+}
+
+export type Stat = {
+  readonly file: string
+  readonly additions: number
+  readonly deletions: number
+}
+
+export interface Result {
+  readonly exitCode: number
+  readonly text: () => string
+  readonly stdout: Buffer
+  readonly stderr: Buffer
+}
+
+export interface Options {
+  readonly cwd: string
+  readonly env?: Record<string, string>
+}
+
+export interface Interface {
+  readonly run: (args: string[], opts: Options) => Effect.Effect<Result>
+  readonly branch: (cwd: string) => Effect.Effect<string | undefined>
+  readonly prefix: (cwd: string) => Effect.Effect<string>
+  readonly defaultBranch: (cwd: string) => Effect.Effect<Base | undefined>
+  readonly hasHead: (cwd: string) => Effect.Effect<boolean>
+  readonly mergeBase: (cwd: string, base: string, head?: string) => Effect.Effect<string | undefined>
+  readonly show: (cwd: string, ref: string, file: string, prefix?: string) => Effect.Effect<string>
+  readonly status: (cwd: string) => Effect.Effect<Item[]>
+  readonly diff: (cwd: string, ref: string) => Effect.Effect<Item[]>
+  readonly stats: (cwd: string, ref: string) => Effect.Effect<Stat[]>
+}
+
+const kind = (code: string): Kind => {
+  if (code === "??") return "added"
+  if (code.includes("U")) return "modified"
+  if (code.includes("A") && !code.includes("D")) return "added"
+  if (code.includes("D") && !code.includes("A")) return "deleted"
+  return "modified"
+}
+
+export class Service extends Context.Service<Service, Interface>()("@opencode/Git") {}
+
+export const layer = Layer.effect(
+  Service,
+  Effect.gen(function* () {
+    const spawner = yield* ChildProcessSpawner.ChildProcessSpawner
+
+    const run = Effect.fn("Git.run")(
+      function* (args: string[], opts: Options) {
+        const proc = ChildProcess.make("git", [...cfg, ...args], {
+          cwd: opts.cwd,
+          env: opts.env,
+          extendEnv: true,
+          stdin: "ignore",
+          stdout: "pipe",
+          stderr: "pipe",
+        })
+        const handle = yield* spawner.spawn(proc)
+        const [stdout, stderr] = yield* Effect.all(
+          [Stream.mkString(Stream.decodeText(handle.stdout)), Stream.mkString(Stream.decodeText(handle.stderr))],
+          { concurrency: 2 },
+        )
+        return {
+          exitCode: yield* handle.exitCode,
+          text: () => stdout,
+          stdout: Buffer.from(stdout),
+          stderr: Buffer.from(stderr),
+        } satisfies Result
+      },
+      Effect.scoped,
+      Effect.catch((err) => Effect.succeed(fail(err))),
+    )
+
+    const text = Effect.fn("Git.text")(function* (args: string[], opts: Options) {
+      return (yield* run(args, opts)).text()
+    })
+
+    const lines = Effect.fn("Git.lines")(function* (args: string[], opts: Options) {
+      return (yield* text(args, opts))
+        .split(/\r?\n/)
+        .map((item) => item.trim())
+        .filter(Boolean)
+    })
+
+    const refs = Effect.fnUntraced(function* (cwd: string) {
+      return yield* lines(["for-each-ref", "--format=%(refname:short)", "refs/heads"], { cwd })
+    })
+
+    const configured = Effect.fnUntraced(function* (cwd: string, list: string[]) {
+      const result = yield* run(["config", "init.defaultBranch"], { cwd })
+      const name = out(result)
+      if (!name || !list.includes(name)) return
+      return { name, ref: name } satisfies Base
+    })
+
+    const primary = Effect.fnUntraced(function* (cwd: string) {
+      const list = yield* lines(["remote"], { cwd })
+      if (list.includes("origin")) return "origin"
+      if (list.length === 1) return list[0]
+      if (list.includes("upstream")) return "upstream"
+      return list[0]
+    })
+
+    const branch = Effect.fn("Git.branch")(function* (cwd: string) {
+      const result = yield* run(["symbolic-ref", "--quiet", "--short", "HEAD"], { cwd })
+      if (result.exitCode !== 0) return
+      const text = out(result)
+      return text || undefined
+    })
+
+    const prefix = Effect.fn("Git.prefix")(function* (cwd: string) {
+      const result = yield* run(["rev-parse", "--show-prefix"], { cwd })
+      if (result.exitCode !== 0) return ""
+      return out(result)
+    })
+
+    const defaultBranch = Effect.fn("Git.defaultBranch")(function* (cwd: string) {
+      const remote = yield* primary(cwd)
+      if (remote) {
+        const head = yield* run(["symbolic-ref", `refs/remotes/${remote}/HEAD`], { cwd })
+        if (head.exitCode === 0) {
+          const ref = out(head).replace(/^refs\/remotes\//, "")
+          const name = ref.startsWith(`${remote}/`) ? ref.slice(`${remote}/`.length) : ""
+          if (name) return { name, ref } satisfies Base
+        }
+      }
+
+      const list = yield* refs(cwd)
+      const next = yield* configured(cwd, list)
+      if (next) return next
+      if (list.includes("main")) return { name: "main", ref: "main" } satisfies Base
+      if (list.includes("master")) return { name: "master", ref: "master" } satisfies Base
+    })
+
+    const hasHead = Effect.fn("Git.hasHead")(function* (cwd: string) {
+      const result = yield* run(["rev-parse", "--verify", "HEAD"], { cwd })
+      return result.exitCode === 0
+    })
+
+    const mergeBase = Effect.fn("Git.mergeBase")(function* (cwd: string, base: string, head = "HEAD") {
+      const result = yield* run(["merge-base", base, head], { cwd })
+      if (result.exitCode !== 0) return
+      const text = out(result)
+      return text || undefined
+    })
+
+    const show = Effect.fn("Git.show")(function* (cwd: string, ref: string, file: string, prefix = "") {
+      const target = prefix ? `${prefix}${file}` : file
+      const result = yield* run(["show", `${ref}:${target}`], { cwd })
+      if (result.exitCode !== 0) return ""
+      if (result.stdout.includes(0)) return ""
+      return result.text()
+    })
+
+    const status = Effect.fn("Git.status")(function* (cwd: string) {
+      return nuls(
+        yield* text(["status", "--porcelain=v1", "--untracked-files=all", "--no-renames", "-z", "--", "."], {
+          cwd,
+        }),
+      ).flatMap((item) => {
+        const file = item.slice(3)
+        if (!file) return []
+        const code = item.slice(0, 2)
+        return [{ file, code, status: kind(code) } satisfies Item]
+      })
+    })
+
+    const diff = Effect.fn("Git.diff")(function* (cwd: string, ref: string) {
+      const list = nuls(
+        yield* text(["diff", "--no-ext-diff", "--no-renames", "--name-status", "-z", ref, "--", "."], { cwd }),
+      )
+      return list.flatMap((code, idx) => {
+        if (idx % 2 !== 0) return []
+        const file = list[idx + 1]
+        if (!code || !file) return []
+        return [{ file, code, status: kind(code) } satisfies Item]
+      })
+    })
+
+    const stats = Effect.fn("Git.stats")(function* (cwd: string, ref: string) {
+      return nuls(
+        yield* text(["diff", "--no-ext-diff", "--no-renames", "--numstat", "-z", ref, "--", "."], { cwd }),
+      ).flatMap((item) => {
+        const a = item.indexOf("\t")
+        const b = item.indexOf("\t", a + 1)
+        if (a === -1 || b === -1) return []
+        const file = item.slice(b + 1)
+        if (!file) return []
+        const adds = item.slice(0, a)
+        const dels = item.slice(a + 1, b)
+        const additions = adds === "-" ? 0 : Number.parseInt(adds || "0", 10)
+        const deletions = dels === "-" ? 0 : Number.parseInt(dels || "0", 10)
+        return [
+          {
+            file,
+            additions: Number.isFinite(additions) ? additions : 0,
+            deletions: Number.isFinite(deletions) ? deletions : 0,
+          } satisfies Stat,
+        ]
+      })
+    })
+
+    return Service.of({
+      run,
+      branch,
+      prefix,
+      defaultBranch,
+      hasHead,
+      mergeBase,
+      show,
+      status,
+      diff,
+      stats,
+    })
+  }),
+)
+
+export const defaultLayer = layer.pipe(Layer.provide(CrossSpawnSpawner.defaultLayer))

packages/opencode/src/git/index.ts

@@ -1,260 +1 @@
-import * as CrossSpawnSpawner from "@/effect/cross-spawn-spawner"
-import { Effect, Layer, Context, Stream } from "effect"
-import { ChildProcess, ChildProcessSpawner } from "effect/unstable/process"
-
-export namespace Git {
-  const cfg = [
-    "--no-optional-locks",
-    "-c",
-    "core.autocrlf=false",
-    "-c",
-    "core.fsmonitor=false",
-    "-c",
-    "core.longpaths=true",
-    "-c",
-    "core.symlinks=true",
-    "-c",
-    "core.quotepath=false",
-  ] as const
-
-  const out = (result: { text(): string }) => result.text().trim()
-  const nuls = (text: string) => text.split("\0").filter(Boolean)
-  const fail = (err: unknown) =>
-    ({
-      exitCode: 1,
-      text: () => "",
-      stdout: Buffer.alloc(0),
-      stderr: Buffer.from(err instanceof Error ? err.message : String(err)),
-    }) satisfies Result
-
-  export type Kind = "added" | "deleted" | "modified"
-
-  export type Base = {
-    readonly name: string
-    readonly ref: string
-  }
-
-  export type Item = {
-    readonly file: string
-    readonly code: string
-    readonly status: Kind
-  }
-
-  export type Stat = {
-    readonly file: string
-    readonly additions: number
-    readonly deletions: number
-  }
-
-  export interface Result {
-    readonly exitCode: number
-    readonly text: () => string
-    readonly stdout: Buffer
-    readonly stderr: Buffer
-  }
-
-  export interface Options {
-    readonly cwd: string
-    readonly env?: Record<string, string>
-  }
-
-  export interface Interface {
-    readonly run: (args: string[], opts: Options) => Effect.Effect<Result>
-    readonly branch: (cwd: string) => Effect.Effect<string | undefined>
-    readonly prefix: (cwd: string) => Effect.Effect<string>
-    readonly defaultBranch: (cwd: string) => Effect.Effect<Base | undefined>
-    readonly hasHead: (cwd: string) => Effect.Effect<boolean>
-    readonly mergeBase: (cwd: string, base: string, head?: string) => Effect.Effect<string | undefined>
-    readonly show: (cwd: string, ref: string, file: string, prefix?: string) => Effect.Effect<string>
-    readonly status: (cwd: string) => Effect.Effect<Item[]>
-    readonly diff: (cwd: string, ref: string) => Effect.Effect<Item[]>
-    readonly stats: (cwd: string, ref: string) => Effect.Effect<Stat[]>
-  }
-
-  const kind = (code: string): Kind => {
-    if (code === "??") return "added"
-    if (code.includes("U")) return "modified"
-    if (code.includes("A") && !code.includes("D")) return "added"
-    if (code.includes("D") && !code.includes("A")) return "deleted"
-    return "modified"
-  }
-
-  export class Service extends Context.Service<Service, Interface>()("@opencode/Git") {}
-
-  export const layer = Layer.effect(
-    Service,
-    Effect.gen(function* () {
-      const spawner = yield* ChildProcessSpawner.ChildProcessSpawner
-
-      const run = Effect.fn("Git.run")(
-        function* (args: string[], opts: Options) {
-          const proc = ChildProcess.make("git", [...cfg, ...args], {
-            cwd: opts.cwd,
-            env: opts.env,
-            extendEnv: true,
-            stdin: "ignore",
-            stdout: "pipe",
-            stderr: "pipe",
-          })
-          const handle = yield* spawner.spawn(proc)
-          const [stdout, stderr] = yield* Effect.all(
-            [Stream.mkString(Stream.decodeText(handle.stdout)), Stream.mkString(Stream.decodeText(handle.stderr))],
-            { concurrency: 2 },
-          )
-          return {
-            exitCode: yield* handle.exitCode,
-            text: () => stdout,
-            stdout: Buffer.from(stdout),
-            stderr: Buffer.from(stderr),
-          } satisfies Result
-        },
-        Effect.scoped,
-        Effect.catch((err) => Effect.succeed(fail(err))),
-      )
-
-      const text = Effect.fn("Git.text")(function* (args: string[], opts: Options) {
-        return (yield* run(args, opts)).text()
-      })
-
-      const lines = Effect.fn("Git.lines")(function* (args: string[], opts: Options) {
-        return (yield* text(args, opts))
-          .split(/\r?\n/)
-          .map((item) => item.trim())
-          .filter(Boolean)
-      })
-
-      const refs = Effect.fnUntraced(function* (cwd: string) {
-        return yield* lines(["for-each-ref", "--format=%(refname:short)", "refs/heads"], { cwd })
-      })
-
-      const configured = Effect.fnUntraced(function* (cwd: string, list: string[]) {
-        const result = yield* run(["config", "init.defaultBranch"], { cwd })
-        const name = out(result)
-        if (!name || !list.includes(name)) return
-        return { name, ref: name } satisfies Base
-      })
-
-      const primary = Effect.fnUntraced(function* (cwd: string) {
-        const list = yield* lines(["remote"], { cwd })
-        if (list.includes("origin")) return "origin"
-        if (list.length === 1) return list[0]
-        if (list.includes("upstream")) return "upstream"
-        return list[0]
-      })
-
-      const branch = Effect.fn("Git.branch")(function* (cwd: string) {
-        const result = yield* run(["symbolic-ref", "--quiet", "--short", "HEAD"], { cwd })
-        if (result.exitCode !== 0) return
-        const text = out(result)
-        return text || undefined
-      })
-
-      const prefix = Effect.fn("Git.prefix")(function* (cwd: string) {
-        const result = yield* run(["rev-parse", "--show-prefix"], { cwd })
-        if (result.exitCode !== 0) return ""
-        return out(result)
-      })
-
-      const defaultBranch = Effect.fn("Git.defaultBranch")(function* (cwd: string) {
-        const remote = yield* primary(cwd)
-        if (remote) {
-          const head = yield* run(["symbolic-ref", `refs/remotes/${remote}/HEAD`], { cwd })
-          if (head.exitCode === 0) {
-            const ref = out(head).replace(/^refs\/remotes\//, "")
-            const name = ref.startsWith(`${remote}/`) ? ref.slice(`${remote}/`.length) : ""
-            if (name) return { name, ref } satisfies Base
-          }
-        }
-
-        const list = yield* refs(cwd)
-        const next = yield* configured(cwd, list)
-        if (next) return next
-        if (list.includes("main")) return { name: "main", ref: "main" } satisfies Base
-        if (list.includes("master")) return { name: "master", ref: "master" } satisfies Base
-      })
-
-      const hasHead = Effect.fn("Git.hasHead")(function* (cwd: string) {
-        const result = yield* run(["rev-parse", "--verify", "HEAD"], { cwd })
-        return result.exitCode === 0
-      })
-
-      const mergeBase = Effect.fn("Git.mergeBase")(function* (cwd: string, base: string, head = "HEAD") {
-        const result = yield* run(["merge-base", base, head], { cwd })
-        if (result.exitCode !== 0) return
-        const text = out(result)
-        return text || undefined
-      })
-
-      const show = Effect.fn("Git.show")(function* (cwd: string, ref: string, file: string, prefix = "") {
-        const target = prefix ? `${prefix}${file}` : file
-        const result = yield* run(["show", `${ref}:${target}`], { cwd })
-        if (result.exitCode !== 0) return ""
-        if (result.stdout.includes(0)) return ""
-        return result.text()
-      })
-
-      const status = Effect.fn("Git.status")(function* (cwd: string) {
-        return nuls(
-          yield* text(["status", "--porcelain=v1", "--untracked-files=all", "--no-renames", "-z", "--", "."], {
-            cwd,
-          }),
-        ).flatMap((item) => {
-          const file = item.slice(3)
-          if (!file) return []
-          const code = item.slice(0, 2)
-          return [{ file, code, status: kind(code) } satisfies Item]
-        })
-      })
-
-      const diff = Effect.fn("Git.diff")(function* (cwd: string, ref: string) {
-        const list = nuls(
-          yield* text(["diff", "--no-ext-diff", "--no-renames", "--name-status", "-z", ref, "--", "."], { cwd }),
-        )
-        return list.flatMap((code, idx) => {
-          if (idx % 2 !== 0) return []
-          const file = list[idx + 1]
-          if (!code || !file) return []
-          return [{ file, code, status: kind(code) } satisfies Item]
-        })
-      })
-
-      const stats = Effect.fn("Git.stats")(function* (cwd: string, ref: string) {
-        return nuls(
-          yield* text(["diff", "--no-ext-diff", "--no-renames", "--numstat", "-z", ref, "--", "."], { cwd }),
-        ).flatMap((item) => {
-          const a = item.indexOf("\t")
-          const b = item.indexOf("\t", a + 1)
-          if (a === -1 || b === -1) return []
-          const file = item.slice(b + 1)
-          if (!file) return []
-          const adds = item.slice(0, a)
-          const dels = item.slice(a + 1, b)
-          const additions = adds === "-" ? 0 : Number.parseInt(adds || "0", 10)
-          const deletions = dels === "-" ? 0 : Number.parseInt(dels || "0", 10)
-          return [
-            {
-              file,
-              additions: Number.isFinite(additions) ? additions : 0,
-              deletions: Number.isFinite(deletions) ? deletions : 0,
-            } satisfies Stat,
-          ]
-        })
-      })
-
-      return Service.of({
-        run,
-        branch,
-        prefix,
-        defaultBranch,
-        hasHead,
-        mergeBase,
-        show,
-        status,
-        diff,
-        stats,
-      })
-    }),
-  )
-
-  export const defaultLayer = layer.pipe(Layer.provide(CrossSpawnSpawner.defaultLayer))
-}
+export * as Git from "./git"

packages/opencode/src/global/global.ts

@@ -0,0 +1,56 @@
+import fs from "fs/promises"
+import { xdgData, xdgCache, xdgConfig, xdgState } from "xdg-basedir"
+import path from "path"
+import os from "os"
+import { Filesystem } from "../util/filesystem"
+import { Flock } from "@opencode-ai/shared/util/flock"
+
+const app = "opencode"
+
+const data = path.join(xdgData!, app)
+const cache = path.join(xdgCache!, app)
+const config = path.join(xdgConfig!, app)
+const state = path.join(xdgState!, app)
+
+export const Path = {
+  // Allow override via OPENCODE_TEST_HOME for test isolation
+  get home() {
+    return process.env.OPENCODE_TEST_HOME || os.homedir()
+  },
+  data,
+  bin: path.join(cache, "bin"),
+  log: path.join(data, "log"),
+  cache,
+  config,
+  state,
+}
+
+// Initialize Flock with global state path
+Flock.setGlobal({ state })
+
+await Promise.all([
+  fs.mkdir(Path.data, { recursive: true }),
+  fs.mkdir(Path.config, { recursive: true }),
+  fs.mkdir(Path.state, { recursive: true }),
+  fs.mkdir(Path.log, { recursive: true }),
+  fs.mkdir(Path.bin, { recursive: true }),
+])
+
+const CACHE_VERSION = "21"
+
+const version = await Filesystem.readText(path.join(Path.cache, "version")).catch(() => "0")
+
+if (version !== CACHE_VERSION) {
+  try {
+    const contents = await fs.readdir(Path.cache)
+    await Promise.all(
+      contents.map((item) =>
+        fs.rm(path.join(Path.cache, item), {
+          recursive: true,
+          force: true,
+        }),
+      ),
+    )
+  } catch {}
+  await Filesystem.write(path.join(Path.cache, "version"), CACHE_VERSION)
+}

packages/opencode/src/global/index.ts

@@ -1,58 +1 @@
-import fs from "fs/promises"
-import { xdgData, xdgCache, xdgConfig, xdgState } from "xdg-basedir"
-import path from "path"
-import os from "os"
-import { Filesystem } from "../util/filesystem"
-import { Flock } from "@opencode-ai/shared/util/flock"
-
-const app = "opencode"
-
-const data = path.join(xdgData!, app)
-const cache = path.join(xdgCache!, app)
-const config = path.join(xdgConfig!, app)
-const state = path.join(xdgState!, app)
-
-export namespace Global {
-  export const Path = {
-    // Allow override via OPENCODE_TEST_HOME for test isolation
-    get home() {
-      return process.env.OPENCODE_TEST_HOME || os.homedir()
-    },
-    data,
-    bin: path.join(cache, "bin"),
-    log: path.join(data, "log"),
-    cache,
-    config,
-    state,
-  }
-}
-
-// Initialize Flock with global state path
-Flock.setGlobal({ state })
-
-await Promise.all([
-  fs.mkdir(Global.Path.data, { recursive: true }),
-  fs.mkdir(Global.Path.config, { recursive: true }),
-  fs.mkdir(Global.Path.state, { recursive: true }),
-  fs.mkdir(Global.Path.log, { recursive: true }),
-  fs.mkdir(Global.Path.bin, { recursive: true }),
-])
-
-const CACHE_VERSION = "21"
-
-const version = await Filesystem.readText(path.join(Global.Path.cache, "version")).catch(() => "0")
-
-if (version !== CACHE_VERSION) {
-  try {
-    const contents = await fs.readdir(Global.Path.cache)
-    await Promise.all(
-      contents.map((item) =>
-        fs.rm(path.join(Global.Path.cache, item), {
-          recursive: true,
-          force: true,
-        }),
-      ),
-    )
-  } catch {}
-  await Filesystem.write(path.join(Global.Path.cache, "version"), CACHE_VERSION)
-}
+export * as Global from "./global"

packages/opencode/src/ide/ide.ts

@@ -0,0 +1,71 @@
+import { BusEvent } from "@/bus/bus-event"
+import z from "zod"
+import { NamedError } from "@opencode-ai/shared/util/error"
+import { Log } from "../util/log"
+import { Process } from "@/util/process"
+
+const SUPPORTED_IDES = [
+  { name: "Windsurf" as const, cmd: "windsurf" },
+  { name: "Visual Studio Code - Insiders" as const, cmd: "code-insiders" },
+  { name: "Visual Studio Code" as const, cmd: "code" },
+  { name: "Cursor" as const, cmd: "cursor" },
+  { name: "VSCodium" as const, cmd: "codium" },
+]
+
+const log = Log.create({ service: "ide" })
+
+export const Event = {
+  Installed: BusEvent.define(
+    "ide.installed",
+    z.object({
+      ide: z.string(),
+    }),
+  ),
+}
+
+export const AlreadyInstalledError = NamedError.create("AlreadyInstalledError", z.object({}))
+
+export const InstallFailedError = NamedError.create(
+  "InstallFailedError",
+  z.object({
+    stderr: z.string(),
+  }),
+)
+
+export function ide() {
+  if (process.env["TERM_PROGRAM"] === "vscode") {
+    const v = process.env["GIT_ASKPASS"]
+    for (const ide of SUPPORTED_IDES) {
+      if (v?.includes(ide.name)) return ide.name
+    }
+  }
+  return "unknown"
+}
+
+export function alreadyInstalled() {
+  return process.env["OPENCODE_CALLER"] === "vscode" || process.env["OPENCODE_CALLER"] === "vscode-insiders"
+}
+
+export async function install(ide: (typeof SUPPORTED_IDES)[number]["name"]) {
+  const cmd = SUPPORTED_IDES.find((i) => i.name === ide)?.cmd
+  if (!cmd) throw new Error(`Unknown IDE: ${ide}`)
+
+  const p = await Process.run([cmd, "--install-extension", "sst-dev.opencode"], {
+    nothrow: true,
+  })
+  const stdout = p.stdout.toString()
+  const stderr = p.stderr.toString()
+
+  log.info("installed", {
+    ide,
+    stdout,
+    stderr,
+  })
+
+  if (p.code !== 0) {
+    throw new InstallFailedError({ stderr })
+  }
+  if (stdout.includes("already installed")) {
+    throw new AlreadyInstalledError({})
+  }
+}

packages/opencode/src/ide/index.ts

@@ -1,73 +1 @@
-import { BusEvent } from "@/bus/bus-event"
-import z from "zod"
-import { NamedError } from "@opencode-ai/shared/util/error"
-import { Log } from "../util/log"
-import { Process } from "@/util/process"
-
-const SUPPORTED_IDES = [
-  { name: "Windsurf" as const, cmd: "windsurf" },
-  { name: "Visual Studio Code - Insiders" as const, cmd: "code-insiders" },
-  { name: "Visual Studio Code" as const, cmd: "code" },
-  { name: "Cursor" as const, cmd: "cursor" },
-  { name: "VSCodium" as const, cmd: "codium" },
-]
-
-export namespace Ide {
-  const log = Log.create({ service: "ide" })
-
-  export const Event = {
-    Installed: BusEvent.define(
-      "ide.installed",
-      z.object({
-        ide: z.string(),
-      }),
-    ),
-  }
-
-  export const AlreadyInstalledError = NamedError.create("AlreadyInstalledError", z.object({}))
-
-  export const InstallFailedError = NamedError.create(
-    "InstallFailedError",
-    z.object({
-      stderr: z.string(),
-    }),
-  )
-
-  export function ide() {
-    if (process.env["TERM_PROGRAM"] === "vscode") {
-      const v = process.env["GIT_ASKPASS"]
-      for (const ide of SUPPORTED_IDES) {
-        if (v?.includes(ide.name)) return ide.name
-      }
-    }
-    return "unknown"
-  }
-
-  export function alreadyInstalled() {
-    return process.env["OPENCODE_CALLER"] === "vscode" || process.env["OPENCODE_CALLER"] === "vscode-insiders"
-  }
-
-  export async function install(ide: (typeof SUPPORTED_IDES)[number]["name"]) {
-    const cmd = SUPPORTED_IDES.find((i) => i.name === ide)?.cmd
-    if (!cmd) throw new Error(`Unknown IDE: ${ide}`)
-
-    const p = await Process.run([cmd, "--install-extension", "sst-dev.opencode"], {
-      nothrow: true,
-    })
-    const stdout = p.stdout.toString()
-    const stderr = p.stderr.toString()
-
-    log.info("installed", {
-      ide,
-      stdout,
-      stderr,
-    })
-
-    if (p.code !== 0) {
-      throw new InstallFailedError({ stderr })
-    }
-    if (stdout.includes("already installed")) {
-      throw new AlreadyInstalledError({})
-    }
-  }
-}
+export * as Ide from "./ide"

packages/opencode/src/installation/index.ts

@@ -1,340 +1 @@
-import { Effect, Layer, Schema, Context, Stream } from "effect"
-import { FetchHttpClient, HttpClient, HttpClientRequest, HttpClientResponse } from "effect/unstable/http"
-import * as CrossSpawnSpawner from "@/effect/cross-spawn-spawner"
-import { withTransientReadRetry } from "@/util/effect-http-client"
-import { ChildProcess, ChildProcessSpawner } from "effect/unstable/process"
-import path from "path"
-import z from "zod"
-import { BusEvent } from "@/bus/bus-event"
-import { Flag } from "../flag/flag"
-import { Log } from "../util/log"
-import { CHANNEL as channel, VERSION as version } from "./meta"
-
-import semver from "semver"
-
-export namespace Installation {
-  const log = Log.create({ service: "installation" })
-
-  export type Method = "curl" | "npm" | "yarn" | "pnpm" | "bun" | "brew" | "scoop" | "choco" | "unknown"
-
-  export type ReleaseType = "patch" | "minor" | "major"
-
-  export const Event = {
-    Updated: BusEvent.define(
-      "installation.updated",
-      z.object({
-        version: z.string(),
-      }),
-    ),
-    UpdateAvailable: BusEvent.define(
-      "installation.update-available",
-      z.object({
-        version: z.string(),
-      }),
-    ),
-  }
-
-  export function getReleaseType(current: string, latest: string): ReleaseType {
-    const currMajor = semver.major(current)
-    const currMinor = semver.minor(current)
-    const newMajor = semver.major(latest)
-    const newMinor = semver.minor(latest)
-
-    if (newMajor > currMajor) return "major"
-    if (newMinor > currMinor) return "minor"
-    return "patch"
-  }
-
-  export const Info = z
-    .object({
-      version: z.string(),
-      latest: z.string(),
-    })
-    .meta({
-      ref: "InstallationInfo",
-    })
-  export type Info = z.infer<typeof Info>
-
-  export const VERSION = version
-  export const CHANNEL = channel
-  export const USER_AGENT = `opencode/${CHANNEL}/${VERSION}/${Flag.OPENCODE_CLIENT}`
-
-  export function isPreview() {
-    return CHANNEL !== "latest"
-  }
-
-  export function isLocal() {
-    return CHANNEL === "local"
-  }
-
-  export class UpgradeFailedError extends Schema.TaggedErrorClass<UpgradeFailedError>()("UpgradeFailedError", {
-    stderr: Schema.String,
-  }) {}
-
-  // Response schemas for external version APIs
-  const GitHubRelease = Schema.Struct({ tag_name: Schema.String })
-  const NpmPackage = Schema.Struct({ version: Schema.String })
-  const BrewFormula = Schema.Struct({ versions: Schema.Struct({ stable: Schema.String }) })
-  const BrewInfoV2 = Schema.Struct({
-    formulae: Schema.Array(Schema.Struct({ versions: Schema.Struct({ stable: Schema.String }) })),
-  })
-  const ChocoPackage = Schema.Struct({
-    d: Schema.Struct({ results: Schema.Array(Schema.Struct({ Version: Schema.String })) }),
-  })
-  const ScoopManifest = NpmPackage
-
-  export interface Interface {
-    readonly info: () => Effect.Effect<Info>
-    readonly method: () => Effect.Effect<Method>
-    readonly latest: (method?: Method) => Effect.Effect<string>
-    readonly upgrade: (method: Method, target: string) => Effect.Effect<void, UpgradeFailedError>
-  }
-
-  export class Service extends Context.Service<Service, Interface>()("@opencode/Installation") {}
-
-  export const layer: Layer.Layer<Service, never, HttpClient.HttpClient | ChildProcessSpawner.ChildProcessSpawner> =
-    Layer.effect(
-      Service,
-      Effect.gen(function* () {
-        const http = yield* HttpClient.HttpClient
-        const httpOk = HttpClient.filterStatusOk(withTransientReadRetry(http))
-        const spawner = yield* ChildProcessSpawner.ChildProcessSpawner
-
-        const text = Effect.fnUntraced(
-          function* (cmd: string[], opts?: { cwd?: string; env?: Record<string, string> }) {
-            const proc = ChildProcess.make(cmd[0], cmd.slice(1), {
-              cwd: opts?.cwd,
-              env: opts?.env,
-              extendEnv: true,
-            })
-            const handle = yield* spawner.spawn(proc)
-            const out = yield* Stream.mkString(Stream.decodeText(handle.stdout))
-            yield* handle.exitCode
-            return out
-          },
-          Effect.scoped,
-          Effect.catch(() => Effect.succeed("")),
-        )
-
-        const run = Effect.fnUntraced(
-          function* (cmd: string[], opts?: { cwd?: string; env?: Record<string, string> }) {
-            const proc = ChildProcess.make(cmd[0], cmd.slice(1), {
-              cwd: opts?.cwd,
-              env: opts?.env,
-              extendEnv: true,
-            })
-            const handle = yield* spawner.spawn(proc)
-            const [stdout, stderr] = yield* Effect.all(
-              [Stream.mkString(Stream.decodeText(handle.stdout)), Stream.mkString(Stream.decodeText(handle.stderr))],
-              { concurrency: 2 },
-            )
-            const code = yield* handle.exitCode
-            return { code, stdout, stderr }
-          },
-          Effect.scoped,
-          Effect.catch(() => Effect.succeed({ code: ChildProcessSpawner.ExitCode(1), stdout: "", stderr: "" })),
-        )
-
-        const getBrewFormula = Effect.fnUntraced(function* () {
-          const tapFormula = yield* text(["brew", "list", "--formula", "anomalyco/tap/opencode"])
-          if (tapFormula.includes("opencode")) return "anomalyco/tap/opencode"
-          const coreFormula = yield* text(["brew", "list", "--formula", "opencode"])
-          if (coreFormula.includes("opencode")) return "opencode"
-          return "opencode"
-        })
-
-        const upgradeCurl = Effect.fnUntraced(
-          function* (target: string) {
-            const response = yield* httpOk.execute(HttpClientRequest.get("https://opencode.ai/install"))
-            const body = yield* response.text
-            const bodyBytes = new TextEncoder().encode(body)
-            const proc = ChildProcess.make("bash", [], {
-              stdin: Stream.make(bodyBytes),
-              env: { VERSION: target },
-              extendEnv: true,
-            })
-            const handle = yield* spawner.spawn(proc)
-            const [stdout, stderr] = yield* Effect.all(
-              [Stream.mkString(Stream.decodeText(handle.stdout)), Stream.mkString(Stream.decodeText(handle.stderr))],
-              { concurrency: 2 },
-            )
-            const code = yield* handle.exitCode
-            return { code, stdout, stderr }
-          },
-          Effect.scoped,
-          Effect.orDie,
-        )
-
-        const methodImpl = Effect.fn("Installation.method")(function* () {
-          if (process.execPath.includes(path.join(".opencode", "bin"))) return "curl" as Method
-          if (process.execPath.includes(path.join(".local", "bin"))) return "curl" as Method
-          const exec = process.execPath.toLowerCase()
-
-          const checks: Array<{ name: Method; command: () => Effect.Effect<string> }> = [
-            { name: "npm", command: () => text(["npm", "list", "-g", "--depth=0"]) },
-            { name: "yarn", command: () => text(["yarn", "global", "list"]) },
-            { name: "pnpm", command: () => text(["pnpm", "list", "-g", "--depth=0"]) },
-            { name: "bun", command: () => text(["bun", "pm", "ls", "-g"]) },
-            { name: "brew", command: () => text(["brew", "list", "--formula", "opencode"]) },
-            { name: "scoop", command: () => text(["scoop", "list", "opencode"]) },
-            { name: "choco", command: () => text(["choco", "list", "--limit-output", "opencode"]) },
-          ]
-
-          checks.sort((a, b) => {
-            const aMatches = exec.includes(a.name)
-            const bMatches = exec.includes(b.name)
-            if (aMatches && !bMatches) return -1
-            if (!aMatches && bMatches) return 1
-            return 0
-          })
-
-          for (const check of checks) {
-            const output = yield* check.command()
-            const installedName =
-              check.name === "brew" || check.name === "choco" || check.name === "scoop" ? "opencode" : "opencode-ai"
-            if (output.includes(installedName)) {
-              return check.name
-            }
-          }
-
-          return "unknown" as Method
-        })
-
-        const latestImpl = Effect.fn("Installation.latest")(function* (installMethod?: Method) {
-          const detectedMethod = installMethod || (yield* methodImpl())
-
-          if (detectedMethod === "brew") {
-            const formula = yield* getBrewFormula()
-            if (formula.includes("/")) {
-              const infoJson = yield* text(["brew", "info", "--json=v2", formula])
-              const info = yield* Schema.decodeUnknownEffect(Schema.fromJsonString(BrewInfoV2))(infoJson)
-              return info.formulae[0].versions.stable
-            }
-            const response = yield* httpOk.execute(
-              HttpClientRequest.get("https://formulae.brew.sh/api/formula/opencode.json").pipe(
-                HttpClientRequest.acceptJson,
-              ),
-            )
-            const data = yield* HttpClientResponse.schemaBodyJson(BrewFormula)(response)
-            return data.versions.stable
-          }
-
-          if (detectedMethod === "npm" || detectedMethod === "bun" || detectedMethod === "pnpm") {
-            const r = (yield* text(["npm", "config", "get", "registry"])).trim()
-            const reg = r || "https://registry.npmjs.org"
-            const registry = reg.endsWith("/") ? reg.slice(0, -1) : reg
-            const channel = CHANNEL
-            const response = yield* httpOk.execute(
-              HttpClientRequest.get(`${registry}/opencode-ai/${channel}`).pipe(HttpClientRequest.acceptJson),
-            )
-            const data = yield* HttpClientResponse.schemaBodyJson(NpmPackage)(response)
-            return data.version
-          }
-
-          if (detectedMethod === "choco") {
-            const response = yield* httpOk.execute(
-              HttpClientRequest.get(
-                "https://community.chocolatey.org/api/v2/Packages?$filter=Id%20eq%20%27opencode%27%20and%20IsLatestVersion&$select=Version",
-              ).pipe(HttpClientRequest.setHeaders({ Accept: "application/json;odata=verbose" })),
-            )
-            const data = yield* HttpClientResponse.schemaBodyJson(ChocoPackage)(response)
-            return data.d.results[0].Version
-          }
-
-          if (detectedMethod === "scoop") {
-            const response = yield* httpOk.execute(
-              HttpClientRequest.get(
-                "https://raw.githubusercontent.com/ScoopInstaller/Main/master/bucket/opencode.json",
-              ).pipe(HttpClientRequest.setHeaders({ Accept: "application/json" })),
-            )
-            const data = yield* HttpClientResponse.schemaBodyJson(ScoopManifest)(response)
-            return data.version
-          }
-
-          const response = yield* httpOk.execute(
-            HttpClientRequest.get("https://api.github.com/repos/anomalyco/opencode/releases/latest").pipe(
-              HttpClientRequest.acceptJson,
-            ),
-          )
-          const data = yield* HttpClientResponse.schemaBodyJson(GitHubRelease)(response)
-          return data.tag_name.replace(/^v/, "")
-        }, Effect.orDie)
-
-        const upgradeImpl = Effect.fn("Installation.upgrade")(function* (m: Method, target: string) {
-          let result: { code: ChildProcessSpawner.ExitCode; stdout: string; stderr: string } | undefined
-          switch (m) {
-            case "curl":
-              result = yield* upgradeCurl(target)
-              break
-            case "npm":
-              result = yield* run(["npm", "install", "-g", `opencode-ai@${target}`])
-              break
-            case "pnpm":
-              result = yield* run(["pnpm", "install", "-g", `opencode-ai@${target}`])
-              break
-            case "bun":
-              result = yield* run(["bun", "install", "-g", `opencode-ai@${target}`])
-              break
-            case "brew": {
-              const formula = yield* getBrewFormula()
-              const env = { HOMEBREW_NO_AUTO_UPDATE: "1" }
-              if (formula.includes("/")) {
-                const tap = yield* run(["brew", "tap", "anomalyco/tap"], { env })
-                if (tap.code !== 0) {
-                  result = tap
-                  break
-                }
-                const repo = yield* text(["brew", "--repo", "anomalyco/tap"])
-                const dir = repo.trim()
-                if (dir) {
-                  const pull = yield* run(["git", "pull", "--ff-only"], { cwd: dir, env })
-                  if (pull.code !== 0) {
-                    result = pull
-                    break
-                  }
-                }
-              }
-              result = yield* run(["brew", "upgrade", formula], { env })
-              break
-            }
-            case "choco":
-              result = yield* run(["choco", "upgrade", "opencode", `--version=${target}`, "-y"])
-              break
-            case "scoop":
-              result = yield* run(["scoop", "install", `opencode@${target}`])
-              break
-            default:
-              return yield* new UpgradeFailedError({ stderr: `Unknown method: ${m}` })
-          }
-          if (!result || result.code !== 0) {
-            const stderr = m === "choco" ? "not running from an elevated command shell" : result?.stderr || ""
-            return yield* new UpgradeFailedError({ stderr })
-          }
-          log.info("upgraded", {
-            method: m,
-            target,
-            stdout: result.stdout,
-            stderr: result.stderr,
-          })
-          yield* text([process.execPath, "--version"])
-        })
-
-        return Service.of({
-          info: Effect.fn("Installation.info")(function* () {
-            return {
-              version: VERSION,
-              latest: yield* latestImpl(),
-            }
-          }),
-          method: methodImpl,
-          latest: latestImpl,
-          upgrade: upgradeImpl,
-        })
-      }),
-    )
-
-  export const defaultLayer = layer.pipe(
-    Layer.provide(FetchHttpClient.layer),
-    Layer.provide(CrossSpawnSpawner.defaultLayer),
-  )
-}
+export * as Installation from "./installation"

packages/opencode/src/installation/installation.ts

@@ -0,0 +1,338 @@
+import { Effect, Layer, Schema, Context, Stream } from "effect"
+import { FetchHttpClient, HttpClient, HttpClientRequest, HttpClientResponse } from "effect/unstable/http"
+import * as CrossSpawnSpawner from "@/effect/cross-spawn-spawner"
+import { withTransientReadRetry } from "@/util/effect-http-client"
+import { ChildProcess, ChildProcessSpawner } from "effect/unstable/process"
+import path from "path"
+import z from "zod"
+import { BusEvent } from "@/bus/bus-event"
+import { Flag } from "../flag/flag"
+import { Log } from "../util/log"
+import { CHANNEL as channel, VERSION as version } from "./meta"
+
+import semver from "semver"
+
+const log = Log.create({ service: "installation" })
+
+export type Method = "curl" | "npm" | "yarn" | "pnpm" | "bun" | "brew" | "scoop" | "choco" | "unknown"
+
+export type ReleaseType = "patch" | "minor" | "major"
+
+export const Event = {
+  Updated: BusEvent.define(
+    "installation.updated",
+    z.object({
+      version: z.string(),
+    }),
+  ),
+  UpdateAvailable: BusEvent.define(
+    "installation.update-available",
+    z.object({
+      version: z.string(),
+    }),
+  ),
+}
+
+export function getReleaseType(current: string, latest: string): ReleaseType {
+  const currMajor = semver.major(current)
+  const currMinor = semver.minor(current)
+  const newMajor = semver.major(latest)
+  const newMinor = semver.minor(latest)
+
+  if (newMajor > currMajor) return "major"
+  if (newMinor > currMinor) return "minor"
+  return "patch"
+}
+
+export const Info = z
+  .object({
+    version: z.string(),
+    latest: z.string(),
+  })
+  .meta({
+    ref: "InstallationInfo",
+  })
+export type Info = z.infer<typeof Info>
+
+export const VERSION = version
+export const CHANNEL = channel
+export const USER_AGENT = `opencode/${CHANNEL}/${VERSION}/${Flag.OPENCODE_CLIENT}`
+
+export function isPreview() {
+  return CHANNEL !== "latest"
+}
+
+export function isLocal() {
+  return CHANNEL === "local"
+}
+
+export class UpgradeFailedError extends Schema.TaggedErrorClass<UpgradeFailedError>()("UpgradeFailedError", {
+  stderr: Schema.String,
+}) {}
+
+// Response schemas for external version APIs
+const GitHubRelease = Schema.Struct({ tag_name: Schema.String })
+const NpmPackage = Schema.Struct({ version: Schema.String })
+const BrewFormula = Schema.Struct({ versions: Schema.Struct({ stable: Schema.String }) })
+const BrewInfoV2 = Schema.Struct({
+  formulae: Schema.Array(Schema.Struct({ versions: Schema.Struct({ stable: Schema.String }) })),
+})
+const ChocoPackage = Schema.Struct({
+  d: Schema.Struct({ results: Schema.Array(Schema.Struct({ Version: Schema.String })) }),
+})
+const ScoopManifest = NpmPackage
+
+export interface Interface {
+  readonly info: () => Effect.Effect<Info>
+  readonly method: () => Effect.Effect<Method>
+  readonly latest: (method?: Method) => Effect.Effect<string>
+  readonly upgrade: (method: Method, target: string) => Effect.Effect<void, UpgradeFailedError>
+}
+
+export class Service extends Context.Service<Service, Interface>()("@opencode/Installation") {}
+
+export const layer: Layer.Layer<Service, never, HttpClient.HttpClient | ChildProcessSpawner.ChildProcessSpawner> =
+  Layer.effect(
+    Service,
+    Effect.gen(function* () {
+      const http = yield* HttpClient.HttpClient
+      const httpOk = HttpClient.filterStatusOk(withTransientReadRetry(http))
+      const spawner = yield* ChildProcessSpawner.ChildProcessSpawner
+
+      const text = Effect.fnUntraced(
+        function* (cmd: string[], opts?: { cwd?: string; env?: Record<string, string> }) {
+          const proc = ChildProcess.make(cmd[0], cmd.slice(1), {
+            cwd: opts?.cwd,
+            env: opts?.env,
+            extendEnv: true,
+          })
+          const handle = yield* spawner.spawn(proc)
+          const out = yield* Stream.mkString(Stream.decodeText(handle.stdout))
+          yield* handle.exitCode
+          return out
+        },
+        Effect.scoped,
+        Effect.catch(() => Effect.succeed("")),
+      )
+
+      const run = Effect.fnUntraced(
+        function* (cmd: string[], opts?: { cwd?: string; env?: Record<string, string> }) {
+          const proc = ChildProcess.make(cmd[0], cmd.slice(1), {
+            cwd: opts?.cwd,
+            env: opts?.env,
+            extendEnv: true,
+          })
+          const handle = yield* spawner.spawn(proc)
+          const [stdout, stderr] = yield* Effect.all(
+            [Stream.mkString(Stream.decodeText(handle.stdout)), Stream.mkString(Stream.decodeText(handle.stderr))],
+            { concurrency: 2 },
+          )
+          const code = yield* handle.exitCode
+          return { code, stdout, stderr }
+        },
+        Effect.scoped,
+        Effect.catch(() => Effect.succeed({ code: ChildProcessSpawner.ExitCode(1), stdout: "", stderr: "" })),
+      )
+
+      const getBrewFormula = Effect.fnUntraced(function* () {
+        const tapFormula = yield* text(["brew", "list", "--formula", "anomalyco/tap/opencode"])
+        if (tapFormula.includes("opencode")) return "anomalyco/tap/opencode"
+        const coreFormula = yield* text(["brew", "list", "--formula", "opencode"])
+        if (coreFormula.includes("opencode")) return "opencode"
+        return "opencode"
+      })
+
+      const upgradeCurl = Effect.fnUntraced(
+        function* (target: string) {
+          const response = yield* httpOk.execute(HttpClientRequest.get("https://opencode.ai/install"))
+          const body = yield* response.text
+          const bodyBytes = new TextEncoder().encode(body)
+          const proc = ChildProcess.make("bash", [], {
+            stdin: Stream.make(bodyBytes),
+            env: { VERSION: target },
+            extendEnv: true,
+          })
+          const handle = yield* spawner.spawn(proc)
+          const [stdout, stderr] = yield* Effect.all(
+            [Stream.mkString(Stream.decodeText(handle.stdout)), Stream.mkString(Stream.decodeText(handle.stderr))],
+            { concurrency: 2 },
+          )
+          const code = yield* handle.exitCode
+          return { code, stdout, stderr }
+        },
+        Effect.scoped,
+        Effect.orDie,
+      )
+
+      const methodImpl = Effect.fn("Installation.method")(function* () {
+        if (process.execPath.includes(path.join(".opencode", "bin"))) return "curl" as Method
+        if (process.execPath.includes(path.join(".local", "bin"))) return "curl" as Method
+        const exec = process.execPath.toLowerCase()
+
+        const checks: Array<{ name: Method; command: () => Effect.Effect<string> }> = [
+          { name: "npm", command: () => text(["npm", "list", "-g", "--depth=0"]) },
+          { name: "yarn", command: () => text(["yarn", "global", "list"]) },
+          { name: "pnpm", command: () => text(["pnpm", "list", "-g", "--depth=0"]) },
+          { name: "bun", command: () => text(["bun", "pm", "ls", "-g"]) },
+          { name: "brew", command: () => text(["brew", "list", "--formula", "opencode"]) },
+          { name: "scoop", command: () => text(["scoop", "list", "opencode"]) },
+          { name: "choco", command: () => text(["choco", "list", "--limit-output", "opencode"]) },
+        ]
+
+        checks.sort((a, b) => {
+          const aMatches = exec.includes(a.name)
+          const bMatches = exec.includes(b.name)
+          if (aMatches && !bMatches) return -1
+          if (!aMatches && bMatches) return 1
+          return 0
+        })
+
+        for (const check of checks) {
+          const output = yield* check.command()
+          const installedName =
+            check.name === "brew" || check.name === "choco" || check.name === "scoop" ? "opencode" : "opencode-ai"
+          if (output.includes(installedName)) {
+            return check.name
+          }
+        }
+
+        return "unknown" as Method
+      })
+
+      const latestImpl = Effect.fn("Installation.latest")(function* (installMethod?: Method) {
+        const detectedMethod = installMethod || (yield* methodImpl())
+
+        if (detectedMethod === "brew") {
+          const formula = yield* getBrewFormula()
+          if (formula.includes("/")) {
+            const infoJson = yield* text(["brew", "info", "--json=v2", formula])
+            const info = yield* Schema.decodeUnknownEffect(Schema.fromJsonString(BrewInfoV2))(infoJson)
+            return info.formulae[0].versions.stable
+          }
+          const response = yield* httpOk.execute(
+            HttpClientRequest.get("https://formulae.brew.sh/api/formula/opencode.json").pipe(
+              HttpClientRequest.acceptJson,
+            ),
+          )
+          const data = yield* HttpClientResponse.schemaBodyJson(BrewFormula)(response)
+          return data.versions.stable
+        }
+
+        if (detectedMethod === "npm" || detectedMethod === "bun" || detectedMethod === "pnpm") {
+          const r = (yield* text(["npm", "config", "get", "registry"])).trim()
+          const reg = r || "https://registry.npmjs.org"
+          const registry = reg.endsWith("/") ? reg.slice(0, -1) : reg
+          const channel = CHANNEL
+          const response = yield* httpOk.execute(
+            HttpClientRequest.get(`${registry}/opencode-ai/${channel}`).pipe(HttpClientRequest.acceptJson),
+          )
+          const data = yield* HttpClientResponse.schemaBodyJson(NpmPackage)(response)
+          return data.version
+        }
+
+        if (detectedMethod === "choco") {
+          const response = yield* httpOk.execute(
+            HttpClientRequest.get(
+              "https://community.chocolatey.org/api/v2/Packages?$filter=Id%20eq%20%27opencode%27%20and%20IsLatestVersion&$select=Version",
+            ).pipe(HttpClientRequest.setHeaders({ Accept: "application/json;odata=verbose" })),
+          )
+          const data = yield* HttpClientResponse.schemaBodyJson(ChocoPackage)(response)
+          return data.d.results[0].Version
+        }
+
+        if (detectedMethod === "scoop") {
+          const response = yield* httpOk.execute(
+            HttpClientRequest.get(
+              "https://raw.githubusercontent.com/ScoopInstaller/Main/master/bucket/opencode.json",
+            ).pipe(HttpClientRequest.setHeaders({ Accept: "application/json" })),
+          )
+          const data = yield* HttpClientResponse.schemaBodyJson(ScoopManifest)(response)
+          return data.version
+        }
+
+        const response = yield* httpOk.execute(
+          HttpClientRequest.get("https://api.github.com/repos/anomalyco/opencode/releases/latest").pipe(
+            HttpClientRequest.acceptJson,
+          ),
+        )
+        const data = yield* HttpClientResponse.schemaBodyJson(GitHubRelease)(response)
+        return data.tag_name.replace(/^v/, "")
+      }, Effect.orDie)
+
+      const upgradeImpl = Effect.fn("Installation.upgrade")(function* (m: Method, target: string) {
+        let result: { code: ChildProcessSpawner.ExitCode; stdout: string; stderr: string } | undefined
+        switch (m) {
+          case "curl":
+            result = yield* upgradeCurl(target)
+            break
+          case "npm":
+            result = yield* run(["npm", "install", "-g", `opencode-ai@${target}`])
+            break
+          case "pnpm":
+            result = yield* run(["pnpm", "install", "-g", `opencode-ai@${target}`])
+            break
+          case "bun":
+            result = yield* run(["bun", "install", "-g", `opencode-ai@${target}`])
+            break
+          case "brew": {
+            const formula = yield* getBrewFormula()
+            const env = { HOMEBREW_NO_AUTO_UPDATE: "1" }
+            if (formula.includes("/")) {
+              const tap = yield* run(["brew", "tap", "anomalyco/tap"], { env })
+              if (tap.code !== 0) {
+                result = tap
+                break
+              }
+              const repo = yield* text(["brew", "--repo", "anomalyco/tap"])
+              const dir = repo.trim()
+              if (dir) {
+                const pull = yield* run(["git", "pull", "--ff-only"], { cwd: dir, env })
+                if (pull.code !== 0) {
+                  result = pull
+                  break
+                }
+              }
+            }
+            result = yield* run(["brew", "upgrade", formula], { env })
+            break
+          }
+          case "choco":
+            result = yield* run(["choco", "upgrade", "opencode", `--version=${target}`, "-y"])
+            break
+          case "scoop":
+            result = yield* run(["scoop", "install", `opencode@${target}`])
+            break
+          default:
+            return yield* new UpgradeFailedError({ stderr: `Unknown method: ${m}` })
+        }
+        if (!result || result.code !== 0) {
+          const stderr = m === "choco" ? "not running from an elevated command shell" : result?.stderr || ""
+          return yield* new UpgradeFailedError({ stderr })
+        }
+        log.info("upgraded", {
+          method: m,
+          target,
+          stdout: result.stdout,
+          stderr: result.stderr,
+        })
+        yield* text([process.execPath, "--version"])
+      })
+
+      return Service.of({
+        info: Effect.fn("Installation.info")(function* () {
+          return {
+            version: VERSION,
+            latest: yield* latestImpl(),
+          }
+        }),
+        method: methodImpl,
+        latest: latestImpl,
+        upgrade: upgradeImpl,
+      })
+    }),
+  )
+
+export const defaultLayer = layer.pipe(
+  Layer.provide(FetchHttpClient.layer),
+  Layer.provide(CrossSpawnSpawner.defaultLayer),
+)

packages/opencode/src/mcp/index.ts

@@ -1,930 +1 @@
-import { dynamicTool, type Tool, jsonSchema, type JSONSchema7 } from "ai"
-import { Client } from "@modelcontextprotocol/sdk/client/index.js"
-import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/streamableHttp.js"
-import { SSEClientTransport } from "@modelcontextprotocol/sdk/client/sse.js"
-import { StdioClientTransport } from "@modelcontextprotocol/sdk/client/stdio.js"
-import { UnauthorizedError } from "@modelcontextprotocol/sdk/client/auth.js"
-import {
-  CallToolResultSchema,
-  type Tool as MCPToolDef,
-  ToolListChangedNotificationSchema,
-} from "@modelcontextprotocol/sdk/types.js"
-import { Config } from "../config"
-import { Log } from "../util/log"
-import { NamedError } from "@opencode-ai/shared/util/error"
-import z from "zod/v4"
-import { Instance } from "../project/instance"
-import { Installation } from "../installation"
-import { withTimeout } from "@/util/timeout"
-import { AppFileSystem } from "@opencode-ai/shared/filesystem"
-import { McpOAuthProvider } from "./oauth-provider"
-import { McpOAuthCallback } from "./oauth-callback"
-import { McpAuth } from "./auth"
-import { BusEvent } from "../bus/bus-event"
-import { Bus } from "@/bus"
-import { TuiEvent } from "@/cli/cmd/tui/event"
-import open from "open"
-import { Effect, Exit, Layer, Option, Context, Stream } from "effect"
-import { EffectBridge } from "@/effect/bridge"
-import { InstanceState } from "@/effect/instance-state"
-import { ChildProcess, ChildProcessSpawner } from "effect/unstable/process"
-import * as CrossSpawnSpawner from "@/effect/cross-spawn-spawner"
-
-export namespace MCP {
-  const log = Log.create({ service: "mcp" })
-  const DEFAULT_TIMEOUT = 30_000
-
-  export const Resource = z
-    .object({
-      name: z.string(),
-      uri: z.string(),
-      description: z.string().optional(),
-      mimeType: z.string().optional(),
-      client: z.string(),
-    })
-    .meta({ ref: "McpResource" })
-  export type Resource = z.infer<typeof Resource>
-
-  export const ToolsChanged = BusEvent.define(
-    "mcp.tools.changed",
-    z.object({
-      server: z.string(),
-    }),
-  )
-
-  export const BrowserOpenFailed = BusEvent.define(
-    "mcp.browser.open.failed",
-    z.object({
-      mcpName: z.string(),
-      url: z.string(),
-    }),
-  )
-
-  export const Failed = NamedError.create(
-    "MCPFailed",
-    z.object({
-      name: z.string(),
-    }),
-  )
-
-  type MCPClient = Client
-
-  export const Status = z
-    .discriminatedUnion("status", [
-      z
-        .object({
-          status: z.literal("connected"),
-        })
-        .meta({
-          ref: "MCPStatusConnected",
-        }),
-      z
-        .object({
-          status: z.literal("disabled"),
-        })
-        .meta({
-          ref: "MCPStatusDisabled",
-        }),
-      z
-        .object({
-          status: z.literal("failed"),
-          error: z.string(),
-        })
-        .meta({
-          ref: "MCPStatusFailed",
-        }),
-      z
-        .object({
-          status: z.literal("needs_auth"),
-        })
-        .meta({
-          ref: "MCPStatusNeedsAuth",
-        }),
-      z
-        .object({
-          status: z.literal("needs_client_registration"),
-          error: z.string(),
-        })
-        .meta({
-          ref: "MCPStatusNeedsClientRegistration",
-        }),
-    ])
-    .meta({
-      ref: "MCPStatus",
-    })
-  export type Status = z.infer<typeof Status>
-
-  // Store transports for OAuth servers to allow finishing auth
-  type TransportWithAuth = StreamableHTTPClientTransport | SSEClientTransport
-  const pendingOAuthTransports = new Map<string, TransportWithAuth>()
-
-  // Prompt cache types
-  type PromptInfo = Awaited<ReturnType<MCPClient["listPrompts"]>>["prompts"][number]
-  type ResourceInfo = Awaited<ReturnType<MCPClient["listResources"]>>["resources"][number]
-  type McpEntry = NonNullable<Config.Info["mcp"]>[string]
-
-  function isMcpConfigured(entry: McpEntry): entry is Config.Mcp {
-    return typeof entry === "object" && entry !== null && "type" in entry
-  }
-
-  const sanitize = (s: string) => s.replace(/[^a-zA-Z0-9_-]/g, "_")
-
-  // Convert MCP tool definition to AI SDK Tool type
-  function convertMcpTool(mcpTool: MCPToolDef, client: MCPClient, timeout?: number): Tool {
-    const inputSchema = mcpTool.inputSchema
-
-    // Spread first, then override type to ensure it's always "object"
-    const schema: JSONSchema7 = {
-      ...(inputSchema as JSONSchema7),
-      type: "object",
-      properties: (inputSchema.properties ?? {}) as JSONSchema7["properties"],
-      additionalProperties: false,
-    }
-
-    return dynamicTool({
-      description: mcpTool.description ?? "",
-      inputSchema: jsonSchema(schema),
-      execute: async (args: unknown) => {
-        return client.callTool(
-          {
-            name: mcpTool.name,
-            arguments: (args || {}) as Record<string, unknown>,
-          },
-          CallToolResultSchema,
-          {
-            resetTimeoutOnProgress: true,
-            timeout,
-          },
-        )
-      },
-    })
-  }
-
-  function defs(key: string, client: MCPClient, timeout?: number) {
-    return Effect.tryPromise({
-      try: () => withTimeout(client.listTools(), timeout ?? DEFAULT_TIMEOUT),
-      catch: (err) => (err instanceof Error ? err : new Error(String(err))),
-    }).pipe(
-      Effect.map((result) => result.tools),
-      Effect.catch((err) => {
-        log.error("failed to get tools from client", { key, error: err })
-        return Effect.succeed(undefined)
-      }),
-    )
-  }
-
-  function fetchFromClient<T extends { name: string }>(
-    clientName: string,
-    client: Client,
-    listFn: (c: Client) => Promise<T[]>,
-    label: string,
-  ) {
-    return Effect.tryPromise({
-      try: () => listFn(client),
-      catch: (e: any) => {
-        log.error(`failed to get ${label}`, { clientName, error: e.message })
-        return e
-      },
-    }).pipe(
-      Effect.map((items) => {
-        const out: Record<string, T & { client: string }> = {}
-        const sanitizedClient = sanitize(clientName)
-        for (const item of items) {
-          out[sanitizedClient + ":" + sanitize(item.name)] = { ...item, client: clientName }
-        }
-        return out
-      }),
-      Effect.orElseSucceed(() => undefined),
-    )
-  }
-
-  interface CreateResult {
-    mcpClient?: MCPClient
-    status: Status
-    defs?: MCPToolDef[]
-  }
-
-  interface AuthResult {
-    authorizationUrl: string
-    oauthState: string
-    client?: MCPClient
-  }
-
-  // --- Effect Service ---
-
-  interface State {
-    status: Record<string, Status>
-    clients: Record<string, MCPClient>
-    defs: Record<string, MCPToolDef[]>
-  }
-
-  export interface Interface {
-    readonly status: () => Effect.Effect<Record<string, Status>>
-    readonly clients: () => Effect.Effect<Record<string, MCPClient>>
-    readonly tools: () => Effect.Effect<Record<string, Tool>>
-    readonly prompts: () => Effect.Effect<Record<string, PromptInfo & { client: string }>>
-    readonly resources: () => Effect.Effect<Record<string, ResourceInfo & { client: string }>>
-    readonly add: (name: string, mcp: Config.Mcp) => Effect.Effect<{ status: Record<string, Status> | Status }>
-    readonly connect: (name: string) => Effect.Effect<void>
-    readonly disconnect: (name: string) => Effect.Effect<void>
-    readonly getPrompt: (
-      clientName: string,
-      name: string,
-      args?: Record<string, string>,
-    ) => Effect.Effect<Awaited<ReturnType<MCPClient["getPrompt"]>> | undefined>
-    readonly readResource: (
-      clientName: string,
-      resourceUri: string,
-    ) => Effect.Effect<Awaited<ReturnType<MCPClient["readResource"]>> | undefined>
-    readonly startAuth: (mcpName: string) => Effect.Effect<{ authorizationUrl: string; oauthState: string }>
-    readonly authenticate: (mcpName: string) => Effect.Effect<Status>
-    readonly finishAuth: (mcpName: string, authorizationCode: string) => Effect.Effect<Status>
-    readonly removeAuth: (mcpName: string) => Effect.Effect<void>
-    readonly supportsOAuth: (mcpName: string) => Effect.Effect<boolean>
-    readonly hasStoredTokens: (mcpName: string) => Effect.Effect<boolean>
-    readonly getAuthStatus: (mcpName: string) => Effect.Effect<AuthStatus>
-  }
-
-  export class Service extends Context.Service<Service, Interface>()("@opencode/MCP") {}
-
-  export const layer = Layer.effect(
-    Service,
-    Effect.gen(function* () {
-      const spawner = yield* ChildProcessSpawner.ChildProcessSpawner
-      const auth = yield* McpAuth.Service
-      const bus = yield* Bus.Service
-
-      type Transport = StdioClientTransport | StreamableHTTPClientTransport | SSEClientTransport
-
-      /**
-       * Connect a client via the given transport with resource safety:
-       * on failure the transport is closed; on success the caller owns it.
-       */
-      const connectTransport = (transport: Transport, timeout: number) =>
-        Effect.acquireUseRelease(
-          Effect.succeed(transport),
-          (t) =>
-            Effect.tryPromise({
-              try: () => {
-                const client = new Client({ name: "opencode", version: Installation.VERSION })
-                return withTimeout(client.connect(t), timeout).then(() => client)
-              },
-              catch: (e) => (e instanceof Error ? e : new Error(String(e))),
-            }),
-          (t, exit) => (Exit.isFailure(exit) ? Effect.tryPromise(() => t.close()).pipe(Effect.ignore) : Effect.void),
-        )
-
-      const DISABLED_RESULT: CreateResult = { status: { status: "disabled" } }
-
-      const connectRemote = Effect.fn("MCP.connectRemote")(function* (
-        key: string,
-        mcp: Config.Mcp & { type: "remote" },
-      ) {
-        const oauthDisabled = mcp.oauth === false
-        const oauthConfig = typeof mcp.oauth === "object" ? mcp.oauth : undefined
-        let authProvider: McpOAuthProvider | undefined
-
-        if (!oauthDisabled) {
-          authProvider = new McpOAuthProvider(
-            key,
-            mcp.url,
-            {
-              clientId: oauthConfig?.clientId,
-              clientSecret: oauthConfig?.clientSecret,
-              scope: oauthConfig?.scope,
-              redirectUri: oauthConfig?.redirectUri,
-            },
-            {
-              onRedirect: async (url) => {
-                log.info("oauth redirect requested", { key, url: url.toString() })
-              },
-            },
-            auth,
-          )
-        }
-
-        const transports: Array<{ name: string; transport: TransportWithAuth }> = [
-          {
-            name: "StreamableHTTP",
-            transport: new StreamableHTTPClientTransport(new URL(mcp.url), {
-              authProvider,
-              requestInit: mcp.headers ? { headers: mcp.headers } : undefined,
-            }),
-          },
-          {
-            name: "SSE",
-            transport: new SSEClientTransport(new URL(mcp.url), {
-              authProvider,
-              requestInit: mcp.headers ? { headers: mcp.headers } : undefined,
-            }),
-          },
-        ]
-
-        const connectTimeout = mcp.timeout ?? DEFAULT_TIMEOUT
-        let lastStatus: Status | undefined
-
-        for (const { name, transport } of transports) {
-          const result = yield* connectTransport(transport, connectTimeout).pipe(
-            Effect.map((client) => ({ client, transportName: name })),
-            Effect.catch((error) => {
-              const lastError = error instanceof Error ? error : new Error(String(error))
-              const isAuthError =
-                error instanceof UnauthorizedError || (authProvider && lastError.message.includes("OAuth"))
-
-              if (isAuthError) {
-                log.info("mcp server requires authentication", { key, transport: name })
-
-                if (lastError.message.includes("registration") || lastError.message.includes("client_id")) {
-                  lastStatus = {
-                    status: "needs_client_registration" as const,
-                    error: "Server does not support dynamic client registration. Please provide clientId in config.",
-                  }
-                  return bus
-                    .publish(TuiEvent.ToastShow, {
-                      title: "MCP Authentication Required",
-                      message: `Server "${key}" requires a pre-registered client ID. Add clientId to your config.`,
-                      variant: "warning",
-                      duration: 8000,
-                    })
-                    .pipe(Effect.ignore, Effect.as(undefined))
-                } else {
-                  pendingOAuthTransports.set(key, transport)
-                  lastStatus = { status: "needs_auth" as const }
-                  return bus
-                    .publish(TuiEvent.ToastShow, {
-                      title: "MCP Authentication Required",
-                      message: `Server "${key}" requires authentication. Run: opencode mcp auth ${key}`,
-                      variant: "warning",
-                      duration: 8000,
-                    })
-                    .pipe(Effect.ignore, Effect.as(undefined))
-                }
-              }
-
-              log.debug("transport connection failed", {
-                key,
-                transport: name,
-                url: mcp.url,
-                error: lastError.message,
-              })
-              lastStatus = { status: "failed" as const, error: lastError.message }
-              return Effect.succeed(undefined)
-            }),
-          )
-          if (result) {
-            log.info("connected", { key, transport: result.transportName })
-            return { client: result.client as MCPClient | undefined, status: { status: "connected" } as Status }
-          }
-          // If this was an auth error, stop trying other transports
-          if (lastStatus?.status === "needs_auth" || lastStatus?.status === "needs_client_registration") break
-        }
-
-        return {
-          client: undefined as MCPClient | undefined,
-          status: (lastStatus ?? { status: "failed", error: "Unknown error" }) as Status,
-        }
-      })
-
-      const connectLocal = Effect.fn("MCP.connectLocal")(function* (key: string, mcp: Config.Mcp & { type: "local" }) {
-        const [cmd, ...args] = mcp.command
-        const cwd = Instance.directory
-        const transport = new StdioClientTransport({
-          stderr: "pipe",
-          command: cmd,
-          args,
-          cwd,
-          env: {
-            ...process.env,
-            ...(cmd === "opencode" ? { BUN_BE_BUN: "1" } : {}),
-            ...mcp.environment,
-          },
-        })
-        transport.stderr?.on("data", (chunk: Buffer) => {
-          log.info(`mcp stderr: ${chunk.toString()}`, { key })
-        })
-
-        const connectTimeout = mcp.timeout ?? DEFAULT_TIMEOUT
-        return yield* connectTransport(transport, connectTimeout).pipe(
-          Effect.map((client): { client: MCPClient | undefined; status: Status } => ({
-            client,
-            status: { status: "connected" },
-          })),
-          Effect.catch((error): Effect.Effect<{ client: MCPClient | undefined; status: Status }> => {
-            const msg = error instanceof Error ? error.message : String(error)
-            log.error("local mcp startup failed", { key, command: mcp.command, cwd, error: msg })
-            return Effect.succeed({ client: undefined, status: { status: "failed", error: msg } })
-          }),
-        )
-      })
-
-      const create = Effect.fn("MCP.create")(function* (key: string, mcp: Config.Mcp) {
-        if (mcp.enabled === false) {
-          log.info("mcp server disabled", { key })
-          return DISABLED_RESULT
-        }
-
-        log.info("found", { key, type: mcp.type })
-
-        const { client: mcpClient, status } =
-          mcp.type === "remote"
-            ? yield* connectRemote(key, mcp as Config.Mcp & { type: "remote" })
-            : yield* connectLocal(key, mcp as Config.Mcp & { type: "local" })
-
-        if (!mcpClient) {
-          return { status } satisfies CreateResult
-        }
-
-        const listed = yield* defs(key, mcpClient, mcp.timeout)
-        if (!listed) {
-          yield* Effect.tryPromise(() => mcpClient.close()).pipe(Effect.ignore)
-          return { status: { status: "failed", error: "Failed to get tools" } } satisfies CreateResult
-        }
-
-        log.info("create() successfully created client", { key, toolCount: listed.length })
-        return { mcpClient, status, defs: listed } satisfies CreateResult
-      })
-      const cfgSvc = yield* Config.Service
-
-      const descendants = Effect.fnUntraced(
-        function* (pid: number) {
-          if (process.platform === "win32") return [] as number[]
-          const pids: number[] = []
-          const queue = [pid]
-          while (queue.length > 0) {
-            const current = queue.shift()!
-            const handle = yield* spawner.spawn(
-              ChildProcess.make("pgrep", ["-P", String(current)], { stdin: "ignore" }),
-            )
-            const text = yield* Stream.mkString(Stream.decodeText(handle.stdout))
-            yield* handle.exitCode
-            for (const tok of text.split("\n")) {
-              const cpid = parseInt(tok, 10)
-              if (!isNaN(cpid) && !pids.includes(cpid)) {
-                pids.push(cpid)
-                queue.push(cpid)
-              }
-            }
-          }
-          return pids
-        },
-        Effect.scoped,
-        Effect.catch(() => Effect.succeed([] as number[])),
-      )
-
-      function watch(s: State, name: string, client: MCPClient, bridge: EffectBridge.Shape, timeout?: number) {
-        client.setNotificationHandler(ToolListChangedNotificationSchema, async () => {
-          log.info("tools list changed notification received", { server: name })
-          if (s.clients[name] !== client || s.status[name]?.status !== "connected") return
-
-          const listed = await bridge.promise(defs(name, client, timeout))
-          if (!listed) return
-          if (s.clients[name] !== client || s.status[name]?.status !== "connected") return
-
-          s.defs[name] = listed
-          await bridge.promise(bus.publish(ToolsChanged, { server: name }).pipe(Effect.ignore))
-        })
-      }
-
-      const state = yield* InstanceState.make<State>(
-        Effect.fn("MCP.state")(function* () {
-          const cfg = yield* cfgSvc.get()
-          const bridge = yield* EffectBridge.make()
-          const config = cfg.mcp ?? {}
-          const s: State = {
-            status: {},
-            clients: {},
-            defs: {},
-          }
-
-          yield* Effect.forEach(
-            Object.entries(config),
-            ([key, mcp]) =>
-              Effect.gen(function* () {
-                if (!isMcpConfigured(mcp)) {
-                  log.error("Ignoring MCP config entry without type", { key })
-                  return
-                }
-
-                if (mcp.enabled === false) {
-                  s.status[key] = { status: "disabled" }
-                  return
-                }
-
-                const result = yield* create(key, mcp).pipe(Effect.catch(() => Effect.void))
-                if (!result) return
-
-                s.status[key] = result.status
-                if (result.mcpClient) {
-                  s.clients[key] = result.mcpClient
-                  s.defs[key] = result.defs!
-                  watch(s, key, result.mcpClient, bridge, mcp.timeout)
-                }
-              }),
-            { concurrency: "unbounded" },
-          )
-
-          yield* Effect.addFinalizer(() =>
-            Effect.gen(function* () {
-              yield* Effect.forEach(
-                Object.values(s.clients),
-                (client) =>
-                  Effect.gen(function* () {
-                    const pid = (client.transport as any)?.pid
-                    if (typeof pid === "number") {
-                      const pids = yield* descendants(pid)
-                      for (const dpid of pids) {
-                        try {
-                          process.kill(dpid, "SIGTERM")
-                        } catch {}
-                      }
-                    }
-                    yield* Effect.tryPromise(() => client.close()).pipe(Effect.ignore)
-                  }),
-                { concurrency: "unbounded" },
-              )
-              pendingOAuthTransports.clear()
-            }),
-          )
-
-          return s
-        }),
-      )
-
-      function closeClient(s: State, name: string) {
-        const client = s.clients[name]
-        delete s.defs[name]
-        if (!client) return Effect.void
-        return Effect.tryPromise(() => client.close()).pipe(Effect.ignore)
-      }
-
-      const storeClient = Effect.fnUntraced(function* (
-        s: State,
-        name: string,
-        client: MCPClient,
-        listed: MCPToolDef[],
-        timeout?: number,
-      ) {
-        const bridge = yield* EffectBridge.make()
-        yield* closeClient(s, name)
-        s.status[name] = { status: "connected" }
-        s.clients[name] = client
-        s.defs[name] = listed
-        watch(s, name, client, bridge, timeout)
-        return s.status[name]
-      })
-
-      const status = Effect.fn("MCP.status")(function* () {
-        const s = yield* InstanceState.get(state)
-
-        const cfg = yield* cfgSvc.get()
-        const config = cfg.mcp ?? {}
-        const result: Record<string, Status> = {}
-
-        for (const [key, mcp] of Object.entries(config)) {
-          if (!isMcpConfigured(mcp)) continue
-          result[key] = s.status[key] ?? { status: "disabled" }
-        }
-
-        return result
-      })
-
-      const clients = Effect.fn("MCP.clients")(function* () {
-        const s = yield* InstanceState.get(state)
-        return s.clients
-      })
-
-      const createAndStore = Effect.fn("MCP.createAndStore")(function* (name: string, mcp: Config.Mcp) {
-        const s = yield* InstanceState.get(state)
-        const result = yield* create(name, mcp)
-
-        s.status[name] = result.status
-        if (!result.mcpClient) {
-          yield* closeClient(s, name)
-          delete s.clients[name]
-          return result.status
-        }
-
-        return yield* storeClient(s, name, result.mcpClient, result.defs!, mcp.timeout)
-      })
-
-      const add = Effect.fn("MCP.add")(function* (name: string, mcp: Config.Mcp) {
-        yield* createAndStore(name, mcp)
-        const s = yield* InstanceState.get(state)
-        return { status: s.status }
-      })
-
-      const connect = Effect.fn("MCP.connect")(function* (name: string) {
-        const mcp = yield* getMcpConfig(name)
-        if (!mcp) {
-          log.error("MCP config not found or invalid", { name })
-          return
-        }
-        yield* createAndStore(name, { ...mcp, enabled: true })
-      })
-
-      const disconnect = Effect.fn("MCP.disconnect")(function* (name: string) {
-        const s = yield* InstanceState.get(state)
-        yield* closeClient(s, name)
-        delete s.clients[name]
-        s.status[name] = { status: "disabled" }
-      })
-
-      const tools = Effect.fn("MCP.tools")(function* () {
-        const result: Record<string, Tool> = {}
-        const s = yield* InstanceState.get(state)
-
-        const cfg = yield* cfgSvc.get()
-        const config = cfg.mcp ?? {}
-        const defaultTimeout = cfg.experimental?.mcp_timeout
-
-        const connectedClients = Object.entries(s.clients).filter(
-          ([clientName]) => s.status[clientName]?.status === "connected",
-        )
-
-        yield* Effect.forEach(
-          connectedClients,
-          ([clientName, client]) =>
-            Effect.gen(function* () {
-              const mcpConfig = config[clientName]
-              const entry = mcpConfig && isMcpConfigured(mcpConfig) ? mcpConfig : undefined
-
-              const listed = s.defs[clientName]
-              if (!listed) {
-                log.warn("missing cached tools for connected server", { clientName })
-                return
-              }
-
-              const timeout = entry?.timeout ?? defaultTimeout
-              for (const mcpTool of listed) {
-                result[sanitize(clientName) + "_" + sanitize(mcpTool.name)] = convertMcpTool(mcpTool, client, timeout)
-              }
-            }),
-          { concurrency: "unbounded" },
-        )
-        return result
-      })
-
-      function collectFromConnected<T extends { name: string }>(
-        s: State,
-        listFn: (c: Client) => Promise<T[]>,
-        label: string,
-      ) {
-        return Effect.forEach(
-          Object.entries(s.clients).filter(([name]) => s.status[name]?.status === "connected"),
-          ([clientName, client]) =>
-            fetchFromClient(clientName, client, listFn, label).pipe(Effect.map((items) => Object.entries(items ?? {}))),
-          { concurrency: "unbounded" },
-        ).pipe(Effect.map((results) => Object.fromEntries<T & { client: string }>(results.flat())))
-      }
-
-      const prompts = Effect.fn("MCP.prompts")(function* () {
-        const s = yield* InstanceState.get(state)
-        return yield* collectFromConnected(s, (c) => c.listPrompts().then((r) => r.prompts), "prompts")
-      })
-
-      const resources = Effect.fn("MCP.resources")(function* () {
-        const s = yield* InstanceState.get(state)
-        return yield* collectFromConnected(s, (c) => c.listResources().then((r) => r.resources), "resources")
-      })
-
-      const withClient = Effect.fnUntraced(function* <A>(
-        clientName: string,
-        fn: (client: MCPClient) => Promise<A>,
-        label: string,
-        meta?: Record<string, unknown>,
-      ) {
-        const s = yield* InstanceState.get(state)
-        const client = s.clients[clientName]
-        if (!client) {
-          log.warn(`client not found for ${label}`, { clientName })
-          return undefined
-        }
-        return yield* Effect.tryPromise({
-          try: () => fn(client),
-          catch: (e: any) => {
-            log.error(`failed to ${label}`, { clientName, ...meta, error: e?.message })
-            return e
-          },
-        }).pipe(Effect.orElseSucceed(() => undefined))
-      })
-
-      const getPrompt = Effect.fn("MCP.getPrompt")(function* (
-        clientName: string,
-        name: string,
-        args?: Record<string, string>,
-      ) {
-        return yield* withClient(clientName, (client) => client.getPrompt({ name, arguments: args }), "getPrompt", {
-          promptName: name,
-        })
-      })
-
-      const readResource = Effect.fn("MCP.readResource")(function* (clientName: string, resourceUri: string) {
-        return yield* withClient(clientName, (client) => client.readResource({ uri: resourceUri }), "readResource", {
-          resourceUri,
-        })
-      })
-
-      const getMcpConfig = Effect.fnUntraced(function* (mcpName: string) {
-        const cfg = yield* cfgSvc.get()
-        const mcpConfig = cfg.mcp?.[mcpName]
-        if (!mcpConfig || !isMcpConfigured(mcpConfig)) return undefined
-        return mcpConfig
-      })
-
-      const startAuth = Effect.fn("MCP.startAuth")(function* (mcpName: string) {
-        const mcpConfig = yield* getMcpConfig(mcpName)
-        if (!mcpConfig) throw new Error(`MCP server ${mcpName} not found or disabled`)
-        if (mcpConfig.type !== "remote") throw new Error(`MCP server ${mcpName} is not a remote server`)
-        if (mcpConfig.oauth === false) throw new Error(`MCP server ${mcpName} has OAuth explicitly disabled`)
-
-        // OAuth config is optional - if not provided, we'll use auto-discovery
-        const oauthConfig = typeof mcpConfig.oauth === "object" ? mcpConfig.oauth : undefined
-
-        // Start the callback server with custom redirectUri if configured
-        yield* Effect.promise(() => McpOAuthCallback.ensureRunning(oauthConfig?.redirectUri))
-
-        const oauthState = Array.from(crypto.getRandomValues(new Uint8Array(32)))
-          .map((b) => b.toString(16).padStart(2, "0"))
-          .join("")
-        yield* auth.updateOAuthState(mcpName, oauthState)
-        let capturedUrl: URL | undefined
-        const authProvider = new McpOAuthProvider(
-          mcpName,
-          mcpConfig.url,
-          {
-            clientId: oauthConfig?.clientId,
-            clientSecret: oauthConfig?.clientSecret,
-            scope: oauthConfig?.scope,
-            redirectUri: oauthConfig?.redirectUri,
-          },
-          {
-            onRedirect: async (url) => {
-              capturedUrl = url
-            },
-          },
-          auth,
-        )
-
-        const transport = new StreamableHTTPClientTransport(new URL(mcpConfig.url), { authProvider })
-
-        return yield* Effect.tryPromise({
-          try: () => {
-            const client = new Client({ name: "opencode", version: Installation.VERSION })
-            return client
-              .connect(transport)
-              .then(() => ({ authorizationUrl: "", oauthState, client }) satisfies AuthResult)
-          },
-          catch: (error) => error,
-        }).pipe(
-          Effect.catch((error) => {
-            if (error instanceof UnauthorizedError && capturedUrl) {
-              pendingOAuthTransports.set(mcpName, transport)
-              return Effect.succeed({ authorizationUrl: capturedUrl.toString(), oauthState } satisfies AuthResult)
-            }
-            return Effect.die(error)
-          }),
-        )
-      })
-
-      const authenticate = Effect.fn("MCP.authenticate")(function* (mcpName: string) {
-        const result = yield* startAuth(mcpName)
-        if (!result.authorizationUrl) {
-          const client = "client" in result ? result.client : undefined
-          const mcpConfig = yield* getMcpConfig(mcpName)
-          if (!mcpConfig) {
-            yield* Effect.tryPromise(() => client?.close() ?? Promise.resolve()).pipe(Effect.ignore)
-            return { status: "failed", error: "MCP config not found after auth" } as Status
-          }
-
-          const listed = client ? yield* defs(mcpName, client, mcpConfig.timeout) : undefined
-          if (!client || !listed) {
-            yield* Effect.tryPromise(() => client?.close() ?? Promise.resolve()).pipe(Effect.ignore)
-            return { status: "failed", error: "Failed to get tools" } as Status
-          }
-
-          const s = yield* InstanceState.get(state)
-          yield* auth.clearOAuthState(mcpName)
-          return yield* storeClient(s, mcpName, client, listed, mcpConfig.timeout)
-        }
-
-        log.info("opening browser for oauth", { mcpName, url: result.authorizationUrl, state: result.oauthState })
-
-        const callbackPromise = McpOAuthCallback.waitForCallback(result.oauthState, mcpName)
-
-        yield* Effect.tryPromise(() => open(result.authorizationUrl)).pipe(
-          Effect.flatMap((subprocess) =>
-            Effect.callback<void, Error>((resume) => {
-              const timer = setTimeout(() => resume(Effect.void), 500)
-              subprocess.on("error", (err) => {
-                clearTimeout(timer)
-                resume(Effect.fail(err))
-              })
-              subprocess.on("exit", (code) => {
-                if (code !== null && code !== 0) {
-                  clearTimeout(timer)
-                  resume(Effect.fail(new Error(`Browser open failed with exit code ${code}`)))
-                }
-              })
-            }),
-          ),
-          Effect.catch(() => {
-            log.warn("failed to open browser, user must open URL manually", { mcpName })
-            return bus.publish(BrowserOpenFailed, { mcpName, url: result.authorizationUrl }).pipe(Effect.ignore)
-          }),
-        )
-
-        const code = yield* Effect.promise(() => callbackPromise)
-
-        const storedState = yield* auth.getOAuthState(mcpName)
-        if (storedState !== result.oauthState) {
-          yield* auth.clearOAuthState(mcpName)
-          throw new Error("OAuth state mismatch - potential CSRF attack")
-        }
-        yield* auth.clearOAuthState(mcpName)
-        return yield* finishAuth(mcpName, code)
-      })
-
-      const finishAuth = Effect.fn("MCP.finishAuth")(function* (mcpName: string, authorizationCode: string) {
-        const transport = pendingOAuthTransports.get(mcpName)
-        if (!transport) throw new Error(`No pending OAuth flow for MCP server: ${mcpName}`)
-
-        const result = yield* Effect.tryPromise({
-          try: () => transport.finishAuth(authorizationCode).then(() => true as const),
-          catch: (error) => {
-            log.error("failed to finish oauth", { mcpName, error })
-            return error
-          },
-        }).pipe(Effect.option)
-
-        if (Option.isNone(result)) {
-          return { status: "failed", error: "OAuth completion failed" } as Status
-        }
-
-        yield* auth.clearCodeVerifier(mcpName)
-        pendingOAuthTransports.delete(mcpName)
-
-        const mcpConfig = yield* getMcpConfig(mcpName)
-        if (!mcpConfig) return { status: "failed", error: "MCP config not found after auth" } as Status
-
-        return yield* createAndStore(mcpName, mcpConfig)
-      })
-
-      const removeAuth = Effect.fn("MCP.removeAuth")(function* (mcpName: string) {
-        yield* auth.remove(mcpName)
-        McpOAuthCallback.cancelPending(mcpName)
-        pendingOAuthTransports.delete(mcpName)
-        log.info("removed oauth credentials", { mcpName })
-      })
-
-      const supportsOAuth = Effect.fn("MCP.supportsOAuth")(function* (mcpName: string) {
-        const mcpConfig = yield* getMcpConfig(mcpName)
-        if (!mcpConfig) return false
-        return mcpConfig.type === "remote" && mcpConfig.oauth !== false
-      })
-
-      const hasStoredTokens = Effect.fn("MCP.hasStoredTokens")(function* (mcpName: string) {
-        const entry = yield* auth.get(mcpName)
-        return !!entry?.tokens
-      })
-
-      const getAuthStatus = Effect.fn("MCP.getAuthStatus")(function* (mcpName: string) {
-        const entry = yield* auth.get(mcpName)
-        if (!entry?.tokens) return "not_authenticated" as AuthStatus
-        const expired = yield* auth.isTokenExpired(mcpName)
-        return (expired ? "expired" : "authenticated") as AuthStatus
-      })
-
-      return Service.of({
-        status,
-        clients,
-        tools,
-        prompts,
-        resources,
-        add,
-        connect,
-        disconnect,
-        getPrompt,
-        readResource,
-        startAuth,
-        authenticate,
-        finishAuth,
-        removeAuth,
-        supportsOAuth,
-        hasStoredTokens,
-        getAuthStatus,
-      })
-    }),
-  )
-
-  export type AuthStatus = "authenticated" | "expired" | "not_authenticated"
-
-  // --- Per-service runtime ---
-
-  export const defaultLayer = layer.pipe(
-    Layer.provide(McpAuth.layer),
-    Layer.provide(Bus.layer),
-    Layer.provide(Config.defaultLayer),
-    Layer.provide(CrossSpawnSpawner.defaultLayer),
-    Layer.provide(AppFileSystem.defaultLayer),
-  )
-}
+export * as MCP from "./mcp"

packages/opencode/src/mcp/mcp.ts

@@ -0,0 +1,923 @@
+import { dynamicTool, type Tool, jsonSchema, type JSONSchema7 } from "ai"
+import { Client } from "@modelcontextprotocol/sdk/client/index.js"
+import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/streamableHttp.js"
+import { SSEClientTransport } from "@modelcontextprotocol/sdk/client/sse.js"
+import { StdioClientTransport } from "@modelcontextprotocol/sdk/client/stdio.js"
+import { UnauthorizedError } from "@modelcontextprotocol/sdk/client/auth.js"
+import {
+  CallToolResultSchema,
+  type Tool as MCPToolDef,
+  ToolListChangedNotificationSchema,
+} from "@modelcontextprotocol/sdk/types.js"
+import { Config } from "../config"
+import { Log } from "../util/log"
+import { NamedError } from "@opencode-ai/shared/util/error"
+import z from "zod/v4"
+import { Instance } from "../project/instance"
+import { Installation } from "../installation"
+import { withTimeout } from "@/util/timeout"
+import { AppFileSystem } from "@opencode-ai/shared/filesystem"
+import { McpOAuthProvider } from "./oauth-provider"
+import { McpOAuthCallback } from "./oauth-callback"
+import { McpAuth } from "./auth"
+import { BusEvent } from "../bus/bus-event"
+import { Bus } from "@/bus"
+import { TuiEvent } from "@/cli/cmd/tui/event"
+import open from "open"
+import { Effect, Exit, Layer, Option, Context, Stream } from "effect"
+import { EffectBridge } from "@/effect/bridge"
+import { InstanceState } from "@/effect/instance-state"
+import { ChildProcess, ChildProcessSpawner } from "effect/unstable/process"
+import * as CrossSpawnSpawner from "@/effect/cross-spawn-spawner"
+
+const log = Log.create({ service: "mcp" })
+const DEFAULT_TIMEOUT = 30_000
+
+export const Resource = z
+  .object({
+    name: z.string(),
+    uri: z.string(),
+    description: z.string().optional(),
+    mimeType: z.string().optional(),
+    client: z.string(),
+  })
+  .meta({ ref: "McpResource" })
+export type Resource = z.infer<typeof Resource>
+
+export const ToolsChanged = BusEvent.define(
+  "mcp.tools.changed",
+  z.object({
+    server: z.string(),
+  }),
+)
+
+export const BrowserOpenFailed = BusEvent.define(
+  "mcp.browser.open.failed",
+  z.object({
+    mcpName: z.string(),
+    url: z.string(),
+  }),
+)
+
+export const Failed = NamedError.create(
+  "MCPFailed",
+  z.object({
+    name: z.string(),
+  }),
+)
+
+type MCPClient = Client
+
+export const Status = z
+  .discriminatedUnion("status", [
+    z
+      .object({
+        status: z.literal("connected"),
+      })
+      .meta({
+        ref: "MCPStatusConnected",
+      }),
+    z
+      .object({
+        status: z.literal("disabled"),
+      })
+      .meta({
+        ref: "MCPStatusDisabled",
+      }),
+    z
+      .object({
+        status: z.literal("failed"),
+        error: z.string(),
+      })
+      .meta({
+        ref: "MCPStatusFailed",
+      }),
+    z
+      .object({
+        status: z.literal("needs_auth"),
+      })
+      .meta({
+        ref: "MCPStatusNeedsAuth",
+      }),
+    z
+      .object({
+        status: z.literal("needs_client_registration"),
+        error: z.string(),
+      })
+      .meta({
+        ref: "MCPStatusNeedsClientRegistration",
+      }),
+  ])
+  .meta({
+    ref: "MCPStatus",
+  })
+export type Status = z.infer<typeof Status>
+
+// Store transports for OAuth servers to allow finishing auth
+type TransportWithAuth = StreamableHTTPClientTransport | SSEClientTransport
+const pendingOAuthTransports = new Map<string, TransportWithAuth>()
+
+// Prompt cache types
+type PromptInfo = Awaited<ReturnType<MCPClient["listPrompts"]>>["prompts"][number]
+type ResourceInfo = Awaited<ReturnType<MCPClient["listResources"]>>["resources"][number]
+type McpEntry = NonNullable<Config.Info["mcp"]>[string]
+
+function isMcpConfigured(entry: McpEntry): entry is Config.Mcp {
+  return typeof entry === "object" && entry !== null && "type" in entry
+}
+
+const sanitize = (s: string) => s.replace(/[^a-zA-Z0-9_-]/g, "_")
+
+// Convert MCP tool definition to AI SDK Tool type
+function convertMcpTool(mcpTool: MCPToolDef, client: MCPClient, timeout?: number): Tool {
+  const inputSchema = mcpTool.inputSchema
+
+  // Spread first, then override type to ensure it's always "object"
+  const schema: JSONSchema7 = {
+    ...(inputSchema as JSONSchema7),
+    type: "object",
+    properties: (inputSchema.properties ?? {}) as JSONSchema7["properties"],
+    additionalProperties: false,
+  }
+
+  return dynamicTool({
+    description: mcpTool.description ?? "",
+    inputSchema: jsonSchema(schema),
+    execute: async (args: unknown) => {
+      return client.callTool(
+        {
+          name: mcpTool.name,
+          arguments: (args || {}) as Record<string, unknown>,
+        },
+        CallToolResultSchema,
+        {
+          resetTimeoutOnProgress: true,
+          timeout,
+        },
+      )
+    },
+  })
+}
+
+function defs(key: string, client: MCPClient, timeout?: number) {
+  return Effect.tryPromise({
+    try: () => withTimeout(client.listTools(), timeout ?? DEFAULT_TIMEOUT),
+    catch: (err) => (err instanceof Error ? err : new Error(String(err))),
+  }).pipe(
+    Effect.map((result) => result.tools),
+    Effect.catch((err) => {
+      log.error("failed to get tools from client", { key, error: err })
+      return Effect.succeed(undefined)
+    }),
+  )
+}
+
+function fetchFromClient<T extends { name: string }>(
+  clientName: string,
+  client: Client,
+  listFn: (c: Client) => Promise<T[]>,
+  label: string,
+) {
+  return Effect.tryPromise({
+    try: () => listFn(client),
+    catch: (e: any) => {
+      log.error(`failed to get ${label}`, { clientName, error: e.message })
+      return e
+    },
+  }).pipe(
+    Effect.map((items) => {
+      const out: Record<string, T & { client: string }> = {}
+      const sanitizedClient = sanitize(clientName)
+      for (const item of items) {
+        out[sanitizedClient + ":" + sanitize(item.name)] = { ...item, client: clientName }
+      }
+      return out
+    }),
+    Effect.orElseSucceed(() => undefined),
+  )
+}
+
+interface CreateResult {
+  mcpClient?: MCPClient
+  status: Status
+  defs?: MCPToolDef[]
+}
+
+interface AuthResult {
+  authorizationUrl: string
+  oauthState: string
+  client?: MCPClient
+}
+
+// --- Effect Service ---
+
+interface State {
+  status: Record<string, Status>
+  clients: Record<string, MCPClient>
+  defs: Record<string, MCPToolDef[]>
+}
+
+export interface Interface {
+  readonly status: () => Effect.Effect<Record<string, Status>>
+  readonly clients: () => Effect.Effect<Record<string, MCPClient>>
+  readonly tools: () => Effect.Effect<Record<string, Tool>>
+  readonly prompts: () => Effect.Effect<Record<string, PromptInfo & { client: string }>>
+  readonly resources: () => Effect.Effect<Record<string, ResourceInfo & { client: string }>>
+  readonly add: (name: string, mcp: Config.Mcp) => Effect.Effect<{ status: Record<string, Status> | Status }>
+  readonly connect: (name: string) => Effect.Effect<void>
+  readonly disconnect: (name: string) => Effect.Effect<void>
+  readonly getPrompt: (
+    clientName: string,
+    name: string,
+    args?: Record<string, string>,
+  ) => Effect.Effect<Awaited<ReturnType<MCPClient["getPrompt"]>> | undefined>
+  readonly readResource: (
+    clientName: string,
+    resourceUri: string,
+  ) => Effect.Effect<Awaited<ReturnType<MCPClient["readResource"]>> | undefined>
+  readonly startAuth: (mcpName: string) => Effect.Effect<{ authorizationUrl: string; oauthState: string }>
+  readonly authenticate: (mcpName: string) => Effect.Effect<Status>
+  readonly finishAuth: (mcpName: string, authorizationCode: string) => Effect.Effect<Status>
+  readonly removeAuth: (mcpName: string) => Effect.Effect<void>
+  readonly supportsOAuth: (mcpName: string) => Effect.Effect<boolean>
+  readonly hasStoredTokens: (mcpName: string) => Effect.Effect<boolean>
+  readonly getAuthStatus: (mcpName: string) => Effect.Effect<AuthStatus>
+}
+
+export class Service extends Context.Service<Service, Interface>()("@opencode/MCP") {}
+
+export const layer = Layer.effect(
+  Service,
+  Effect.gen(function* () {
+    const spawner = yield* ChildProcessSpawner.ChildProcessSpawner
+    const auth = yield* McpAuth.Service
+    const bus = yield* Bus.Service
+
+    type Transport = StdioClientTransport | StreamableHTTPClientTransport | SSEClientTransport
+
+    /**
+     * Connect a client via the given transport with resource safety:
+     * on failure the transport is closed; on success the caller owns it.
+     */
+    const connectTransport = (transport: Transport, timeout: number) =>
+      Effect.acquireUseRelease(
+        Effect.succeed(transport),
+        (t) =>
+          Effect.tryPromise({
+            try: () => {
+              const client = new Client({ name: "opencode", version: Installation.VERSION })
+              return withTimeout(client.connect(t), timeout).then(() => client)
+            },
+            catch: (e) => (e instanceof Error ? e : new Error(String(e))),
+          }),
+        (t, exit) => (Exit.isFailure(exit) ? Effect.tryPromise(() => t.close()).pipe(Effect.ignore) : Effect.void),
+      )
+
+    const DISABLED_RESULT: CreateResult = { status: { status: "disabled" } }
+
+    const connectRemote = Effect.fn("MCP.connectRemote")(function* (key: string, mcp: Config.Mcp & { type: "remote" }) {
+      const oauthDisabled = mcp.oauth === false
+      const oauthConfig = typeof mcp.oauth === "object" ? mcp.oauth : undefined
+      let authProvider: McpOAuthProvider | undefined
+
+      if (!oauthDisabled) {
+        authProvider = new McpOAuthProvider(
+          key,
+          mcp.url,
+          {
+            clientId: oauthConfig?.clientId,
+            clientSecret: oauthConfig?.clientSecret,
+            scope: oauthConfig?.scope,
+            redirectUri: oauthConfig?.redirectUri,
+          },
+          {
+            onRedirect: async (url) => {
+              log.info("oauth redirect requested", { key, url: url.toString() })
+            },
+          },
+          auth,
+        )
+      }
+
+      const transports: Array<{ name: string; transport: TransportWithAuth }> = [
+        {
+          name: "StreamableHTTP",
+          transport: new StreamableHTTPClientTransport(new URL(mcp.url), {
+            authProvider,
+            requestInit: mcp.headers ? { headers: mcp.headers } : undefined,
+          }),
+        },
+        {
+          name: "SSE",
+          transport: new SSEClientTransport(new URL(mcp.url), {
+            authProvider,
+            requestInit: mcp.headers ? { headers: mcp.headers } : undefined,
+          }),
+        },
+      ]
+
+      const connectTimeout = mcp.timeout ?? DEFAULT_TIMEOUT
+      let lastStatus: Status | undefined
+
+      for (const { name, transport } of transports) {
+        const result = yield* connectTransport(transport, connectTimeout).pipe(
+          Effect.map((client) => ({ client, transportName: name })),
+          Effect.catch((error) => {
+            const lastError = error instanceof Error ? error : new Error(String(error))
+            const isAuthError =
+              error instanceof UnauthorizedError || (authProvider && lastError.message.includes("OAuth"))
+
+            if (isAuthError) {
+              log.info("mcp server requires authentication", { key, transport: name })
+
+              if (lastError.message.includes("registration") || lastError.message.includes("client_id")) {
+                lastStatus = {
+                  status: "needs_client_registration" as const,
+                  error: "Server does not support dynamic client registration. Please provide clientId in config.",
+                }
+                return bus
+                  .publish(TuiEvent.ToastShow, {
+                    title: "MCP Authentication Required",
+                    message: `Server "${key}" requires a pre-registered client ID. Add clientId to your config.`,
+                    variant: "warning",
+                    duration: 8000,
+                  })
+                  .pipe(Effect.ignore, Effect.as(undefined))
+              } else {
+                pendingOAuthTransports.set(key, transport)
+                lastStatus = { status: "needs_auth" as const }
+                return bus
+                  .publish(TuiEvent.ToastShow, {
+                    title: "MCP Authentication Required",
+                    message: `Server "${key}" requires authentication. Run: opencode mcp auth ${key}`,
+                    variant: "warning",
+                    duration: 8000,
+                  })
+                  .pipe(Effect.ignore, Effect.as(undefined))
+              }
+            }
+
+            log.debug("transport connection failed", {
+              key,
+              transport: name,
+              url: mcp.url,
+              error: lastError.message,
+            })
+            lastStatus = { status: "failed" as const, error: lastError.message }
+            return Effect.succeed(undefined)
+          }),
+        )
+        if (result) {
+          log.info("connected", { key, transport: result.transportName })
+          return { client: result.client as MCPClient | undefined, status: { status: "connected" } as Status }
+        }
+        // If this was an auth error, stop trying other transports
+        if (lastStatus?.status === "needs_auth" || lastStatus?.status === "needs_client_registration") break
+      }
+
+      return {
+        client: undefined as MCPClient | undefined,
+        status: (lastStatus ?? { status: "failed", error: "Unknown error" }) as Status,
+      }
+    })
+
+    const connectLocal = Effect.fn("MCP.connectLocal")(function* (key: string, mcp: Config.Mcp & { type: "local" }) {
+      const [cmd, ...args] = mcp.command
+      const cwd = Instance.directory
+      const transport = new StdioClientTransport({
+        stderr: "pipe",
+        command: cmd,
+        args,
+        cwd,
+        env: {
+          ...process.env,
+          ...(cmd === "opencode" ? { BUN_BE_BUN: "1" } : {}),
+          ...mcp.environment,
+        },
+      })
+      transport.stderr?.on("data", (chunk: Buffer) => {
+        log.info(`mcp stderr: ${chunk.toString()}`, { key })
+      })
+
+      const connectTimeout = mcp.timeout ?? DEFAULT_TIMEOUT
+      return yield* connectTransport(transport, connectTimeout).pipe(
+        Effect.map((client): { client: MCPClient | undefined; status: Status } => ({
+          client,
+          status: { status: "connected" },
+        })),
+        Effect.catch((error): Effect.Effect<{ client: MCPClient | undefined; status: Status }> => {
+          const msg = error instanceof Error ? error.message : String(error)
+          log.error("local mcp startup failed", { key, command: mcp.command, cwd, error: msg })
+          return Effect.succeed({ client: undefined, status: { status: "failed", error: msg } })
+        }),
+      )
+    })
+
+    const create = Effect.fn("MCP.create")(function* (key: string, mcp: Config.Mcp) {
+      if (mcp.enabled === false) {
+        log.info("mcp server disabled", { key })
+        return DISABLED_RESULT
+      }
+
+      log.info("found", { key, type: mcp.type })
+
+      const { client: mcpClient, status } =
+        mcp.type === "remote"
+          ? yield* connectRemote(key, mcp as Config.Mcp & { type: "remote" })
+          : yield* connectLocal(key, mcp as Config.Mcp & { type: "local" })
+
+      if (!mcpClient) {
+        return { status } satisfies CreateResult
+      }
+
+      const listed = yield* defs(key, mcpClient, mcp.timeout)
+      if (!listed) {
+        yield* Effect.tryPromise(() => mcpClient.close()).pipe(Effect.ignore)
+        return { status: { status: "failed", error: "Failed to get tools" } } satisfies CreateResult
+      }
+
+      log.info("create() successfully created client", { key, toolCount: listed.length })
+      return { mcpClient, status, defs: listed } satisfies CreateResult
+    })
+    const cfgSvc = yield* Config.Service
+
+    const descendants = Effect.fnUntraced(
+      function* (pid: number) {
+        if (process.platform === "win32") return [] as number[]
+        const pids: number[] = []
+        const queue = [pid]
+        while (queue.length > 0) {
+          const current = queue.shift()!
+          const handle = yield* spawner.spawn(ChildProcess.make("pgrep", ["-P", String(current)], { stdin: "ignore" }))
+          const text = yield* Stream.mkString(Stream.decodeText(handle.stdout))
+          yield* handle.exitCode
+          for (const tok of text.split("\n")) {
+            const cpid = parseInt(tok, 10)
+            if (!isNaN(cpid) && !pids.includes(cpid)) {
+              pids.push(cpid)
+              queue.push(cpid)
+            }
+          }
+        }
+        return pids
+      },
+      Effect.scoped,
+      Effect.catch(() => Effect.succeed([] as number[])),
+    )
+
+    function watch(s: State, name: string, client: MCPClient, bridge: EffectBridge.Shape, timeout?: number) {
+      client.setNotificationHandler(ToolListChangedNotificationSchema, async () => {
+        log.info("tools list changed notification received", { server: name })
+        if (s.clients[name] !== client || s.status[name]?.status !== "connected") return
+
+        const listed = await bridge.promise(defs(name, client, timeout))
+        if (!listed) return
+        if (s.clients[name] !== client || s.status[name]?.status !== "connected") return
+
+        s.defs[name] = listed
+        await bridge.promise(bus.publish(ToolsChanged, { server: name }).pipe(Effect.ignore))
+      })
+    }
+
+    const state = yield* InstanceState.make<State>(
+      Effect.fn("MCP.state")(function* () {
+        const cfg = yield* cfgSvc.get()
+        const bridge = yield* EffectBridge.make()
+        const config = cfg.mcp ?? {}
+        const s: State = {
+          status: {},
+          clients: {},
+          defs: {},
+        }
+
+        yield* Effect.forEach(
+          Object.entries(config),
+          ([key, mcp]) =>
+            Effect.gen(function* () {
+              if (!isMcpConfigured(mcp)) {
+                log.error("Ignoring MCP config entry without type", { key })
+                return
+              }
+
+              if (mcp.enabled === false) {
+                s.status[key] = { status: "disabled" }
+                return
+              }
+
+              const result = yield* create(key, mcp).pipe(Effect.catch(() => Effect.void))
+              if (!result) return
+
+              s.status[key] = result.status
+              if (result.mcpClient) {
+                s.clients[key] = result.mcpClient
+                s.defs[key] = result.defs!
+                watch(s, key, result.mcpClient, bridge, mcp.timeout)
+              }
+            }),
+          { concurrency: "unbounded" },
+        )
+
+        yield* Effect.addFinalizer(() =>
+          Effect.gen(function* () {
+            yield* Effect.forEach(
+              Object.values(s.clients),
+              (client) =>
+                Effect.gen(function* () {
+                  const pid = (client.transport as any)?.pid
+                  if (typeof pid === "number") {
+                    const pids = yield* descendants(pid)
+                    for (const dpid of pids) {
+                      try {
+                        process.kill(dpid, "SIGTERM")
+                      } catch {}
+                    }
+                  }
+                  yield* Effect.tryPromise(() => client.close()).pipe(Effect.ignore)
+                }),
+              { concurrency: "unbounded" },
+            )
+            pendingOAuthTransports.clear()
+          }),
+        )
+
+        return s
+      }),
+    )
+
+    function closeClient(s: State, name: string) {
+      const client = s.clients[name]
+      delete s.defs[name]
+      if (!client) return Effect.void
+      return Effect.tryPromise(() => client.close()).pipe(Effect.ignore)
+    }
+
+    const storeClient = Effect.fnUntraced(function* (
+      s: State,
+      name: string,
+      client: MCPClient,
+      listed: MCPToolDef[],
+      timeout?: number,
+    ) {
+      const bridge = yield* EffectBridge.make()
+      yield* closeClient(s, name)
+      s.status[name] = { status: "connected" }
+      s.clients[name] = client
+      s.defs[name] = listed
+      watch(s, name, client, bridge, timeout)
+      return s.status[name]
+    })
+
+    const status = Effect.fn("MCP.status")(function* () {
+      const s = yield* InstanceState.get(state)
+
+      const cfg = yield* cfgSvc.get()
+      const config = cfg.mcp ?? {}
+      const result: Record<string, Status> = {}
+
+      for (const [key, mcp] of Object.entries(config)) {
+        if (!isMcpConfigured(mcp)) continue
+        result[key] = s.status[key] ?? { status: "disabled" }
+      }
+
+      return result
+    })
+
+    const clients = Effect.fn("MCP.clients")(function* () {
+      const s = yield* InstanceState.get(state)
+      return s.clients
+    })
+
+    const createAndStore = Effect.fn("MCP.createAndStore")(function* (name: string, mcp: Config.Mcp) {
+      const s = yield* InstanceState.get(state)
+      const result = yield* create(name, mcp)
+
+      s.status[name] = result.status
+      if (!result.mcpClient) {
+        yield* closeClient(s, name)
+        delete s.clients[name]
+        return result.status
+      }
+
+      return yield* storeClient(s, name, result.mcpClient, result.defs!, mcp.timeout)
+    })
+
+    const add = Effect.fn("MCP.add")(function* (name: string, mcp: Config.Mcp) {
+      yield* createAndStore(name, mcp)
+      const s = yield* InstanceState.get(state)
+      return { status: s.status }
+    })
+
+    const connect = Effect.fn("MCP.connect")(function* (name: string) {
+      const mcp = yield* getMcpConfig(name)
+      if (!mcp) {
+        log.error("MCP config not found or invalid", { name })
+        return
+      }
+      yield* createAndStore(name, { ...mcp, enabled: true })
+    })
+
+    const disconnect = Effect.fn("MCP.disconnect")(function* (name: string) {
+      const s = yield* InstanceState.get(state)
+      yield* closeClient(s, name)
+      delete s.clients[name]
+      s.status[name] = { status: "disabled" }
+    })
+
+    const tools = Effect.fn("MCP.tools")(function* () {
+      const result: Record<string, Tool> = {}
+      const s = yield* InstanceState.get(state)
+
+      const cfg = yield* cfgSvc.get()
+      const config = cfg.mcp ?? {}
+      const defaultTimeout = cfg.experimental?.mcp_timeout
+
+      const connectedClients = Object.entries(s.clients).filter(
+        ([clientName]) => s.status[clientName]?.status === "connected",
+      )
+
+      yield* Effect.forEach(
+        connectedClients,
+        ([clientName, client]) =>
+          Effect.gen(function* () {
+            const mcpConfig = config[clientName]
+            const entry = mcpConfig && isMcpConfigured(mcpConfig) ? mcpConfig : undefined
+
+            const listed = s.defs[clientName]
+            if (!listed) {
+              log.warn("missing cached tools for connected server", { clientName })
+              return
+            }
+
+            const timeout = entry?.timeout ?? defaultTimeout
+            for (const mcpTool of listed) {
+              result[sanitize(clientName) + "_" + sanitize(mcpTool.name)] = convertMcpTool(mcpTool, client, timeout)
+            }
+          }),
+        { concurrency: "unbounded" },
+      )
+      return result
+    })
+
+    function collectFromConnected<T extends { name: string }>(
+      s: State,
+      listFn: (c: Client) => Promise<T[]>,
+      label: string,
+    ) {
+      return Effect.forEach(
+        Object.entries(s.clients).filter(([name]) => s.status[name]?.status === "connected"),
+        ([clientName, client]) =>
+          fetchFromClient(clientName, client, listFn, label).pipe(Effect.map((items) => Object.entries(items ?? {}))),
+        { concurrency: "unbounded" },
+      ).pipe(Effect.map((results) => Object.fromEntries<T & { client: string }>(results.flat())))
+    }
+
+    const prompts = Effect.fn("MCP.prompts")(function* () {
+      const s = yield* InstanceState.get(state)
+      return yield* collectFromConnected(s, (c) => c.listPrompts().then((r) => r.prompts), "prompts")
+    })
+
+    const resources = Effect.fn("MCP.resources")(function* () {
+      const s = yield* InstanceState.get(state)
+      return yield* collectFromConnected(s, (c) => c.listResources().then((r) => r.resources), "resources")
+    })
+
+    const withClient = Effect.fnUntraced(function* <A>(
+      clientName: string,
+      fn: (client: MCPClient) => Promise<A>,
+      label: string,
+      meta?: Record<string, unknown>,
+    ) {
+      const s = yield* InstanceState.get(state)
+      const client = s.clients[clientName]
+      if (!client) {
+        log.warn(`client not found for ${label}`, { clientName })
+        return undefined
+      }
+      return yield* Effect.tryPromise({
+        try: () => fn(client),
+        catch: (e: any) => {
+          log.error(`failed to ${label}`, { clientName, ...meta, error: e?.message })
+          return e
+        },
+      }).pipe(Effect.orElseSucceed(() => undefined))
+    })
+
+    const getPrompt = Effect.fn("MCP.getPrompt")(function* (
+      clientName: string,
+      name: string,
+      args?: Record<string, string>,
+    ) {
+      return yield* withClient(clientName, (client) => client.getPrompt({ name, arguments: args }), "getPrompt", {
+        promptName: name,
+      })
+    })
+
+    const readResource = Effect.fn("MCP.readResource")(function* (clientName: string, resourceUri: string) {
+      return yield* withClient(clientName, (client) => client.readResource({ uri: resourceUri }), "readResource", {
+        resourceUri,
+      })
+    })
+
+    const getMcpConfig = Effect.fnUntraced(function* (mcpName: string) {
+      const cfg = yield* cfgSvc.get()
+      const mcpConfig = cfg.mcp?.[mcpName]
+      if (!mcpConfig || !isMcpConfigured(mcpConfig)) return undefined
+      return mcpConfig
+    })
+
+    const startAuth = Effect.fn("MCP.startAuth")(function* (mcpName: string) {
+      const mcpConfig = yield* getMcpConfig(mcpName)
+      if (!mcpConfig) throw new Error(`MCP server ${mcpName} not found or disabled`)
+      if (mcpConfig.type !== "remote") throw new Error(`MCP server ${mcpName} is not a remote server`)
+      if (mcpConfig.oauth === false) throw new Error(`MCP server ${mcpName} has OAuth explicitly disabled`)
+
+      // OAuth config is optional - if not provided, we'll use auto-discovery
+      const oauthConfig = typeof mcpConfig.oauth === "object" ? mcpConfig.oauth : undefined
+
+      // Start the callback server with custom redirectUri if configured
+      yield* Effect.promise(() => McpOAuthCallback.ensureRunning(oauthConfig?.redirectUri))
+
+      const oauthState = Array.from(crypto.getRandomValues(new Uint8Array(32)))
+        .map((b) => b.toString(16).padStart(2, "0"))
+        .join("")
+      yield* auth.updateOAuthState(mcpName, oauthState)
+      let capturedUrl: URL | undefined
+      const authProvider = new McpOAuthProvider(
+        mcpName,
+        mcpConfig.url,
+        {
+          clientId: oauthConfig?.clientId,
+          clientSecret: oauthConfig?.clientSecret,
+          scope: oauthConfig?.scope,
+          redirectUri: oauthConfig?.redirectUri,
+        },
+        {
+          onRedirect: async (url) => {
+            capturedUrl = url
+          },
+        },
+        auth,
+      )
+
+      const transport = new StreamableHTTPClientTransport(new URL(mcpConfig.url), { authProvider })
+
+      return yield* Effect.tryPromise({
+        try: () => {
+          const client = new Client({ name: "opencode", version: Installation.VERSION })
+          return client
+            .connect(transport)
+            .then(() => ({ authorizationUrl: "", oauthState, client }) satisfies AuthResult)
+        },
+        catch: (error) => error,
+      }).pipe(
+        Effect.catch((error) => {
+          if (error instanceof UnauthorizedError && capturedUrl) {
+            pendingOAuthTransports.set(mcpName, transport)
+            return Effect.succeed({ authorizationUrl: capturedUrl.toString(), oauthState } satisfies AuthResult)
+          }
+          return Effect.die(error)
+        }),
+      )
+    })
+
+    const authenticate = Effect.fn("MCP.authenticate")(function* (mcpName: string) {
+      const result = yield* startAuth(mcpName)
+      if (!result.authorizationUrl) {
+        const client = "client" in result ? result.client : undefined
+        const mcpConfig = yield* getMcpConfig(mcpName)
+        if (!mcpConfig) {
+          yield* Effect.tryPromise(() => client?.close() ?? Promise.resolve()).pipe(Effect.ignore)
+          return { status: "failed", error: "MCP config not found after auth" } as Status
+        }
+
+        const listed = client ? yield* defs(mcpName, client, mcpConfig.timeout) : undefined
+        if (!client || !listed) {
+          yield* Effect.tryPromise(() => client?.close() ?? Promise.resolve()).pipe(Effect.ignore)
+          return { status: "failed", error: "Failed to get tools" } as Status
+        }
+
+        const s = yield* InstanceState.get(state)
+        yield* auth.clearOAuthState(mcpName)
+        return yield* storeClient(s, mcpName, client, listed, mcpConfig.timeout)
+      }
+
+      log.info("opening browser for oauth", { mcpName, url: result.authorizationUrl, state: result.oauthState })
+
+      const callbackPromise = McpOAuthCallback.waitForCallback(result.oauthState, mcpName)
+
+      yield* Effect.tryPromise(() => open(result.authorizationUrl)).pipe(
+        Effect.flatMap((subprocess) =>
+          Effect.callback<void, Error>((resume) => {
+            const timer = setTimeout(() => resume(Effect.void), 500)
+            subprocess.on("error", (err) => {
+              clearTimeout(timer)
+              resume(Effect.fail(err))
+            })
+            subprocess.on("exit", (code) => {
+              if (code !== null && code !== 0) {
+                clearTimeout(timer)
+                resume(Effect.fail(new Error(`Browser open failed with exit code ${code}`)))
+              }
+            })
+          }),
+        ),
+        Effect.catch(() => {
+          log.warn("failed to open browser, user must open URL manually", { mcpName })
+          return bus.publish(BrowserOpenFailed, { mcpName, url: result.authorizationUrl }).pipe(Effect.ignore)
+        }),
+      )
+
+      const code = yield* Effect.promise(() => callbackPromise)
+
+      const storedState = yield* auth.getOAuthState(mcpName)
+      if (storedState !== result.oauthState) {
+        yield* auth.clearOAuthState(mcpName)
+        throw new Error("OAuth state mismatch - potential CSRF attack")
+      }
+      yield* auth.clearOAuthState(mcpName)
+      return yield* finishAuth(mcpName, code)
+    })
+
+    const finishAuth = Effect.fn("MCP.finishAuth")(function* (mcpName: string, authorizationCode: string) {
+      const transport = pendingOAuthTransports.get(mcpName)
+      if (!transport) throw new Error(`No pending OAuth flow for MCP server: ${mcpName}`)
+
+      const result = yield* Effect.tryPromise({
+        try: () => transport.finishAuth(authorizationCode).then(() => true as const),
+        catch: (error) => {
+          log.error("failed to finish oauth", { mcpName, error })
+          return error
+        },
+      }).pipe(Effect.option)
+
+      if (Option.isNone(result)) {
+        return { status: "failed", error: "OAuth completion failed" } as Status
+      }
+
+      yield* auth.clearCodeVerifier(mcpName)
+      pendingOAuthTransports.delete(mcpName)
+
+      const mcpConfig = yield* getMcpConfig(mcpName)
+      if (!mcpConfig) return { status: "failed", error: "MCP config not found after auth" } as Status
+
+      return yield* createAndStore(mcpName, mcpConfig)
+    })
+
+    const removeAuth = Effect.fn("MCP.removeAuth")(function* (mcpName: string) {
+      yield* auth.remove(mcpName)
+      McpOAuthCallback.cancelPending(mcpName)
+      pendingOAuthTransports.delete(mcpName)
+      log.info("removed oauth credentials", { mcpName })
+    })
+
+    const supportsOAuth = Effect.fn("MCP.supportsOAuth")(function* (mcpName: string) {
+      const mcpConfig = yield* getMcpConfig(mcpName)
+      if (!mcpConfig) return false
+      return mcpConfig.type === "remote" && mcpConfig.oauth !== false
+    })
+
+    const hasStoredTokens = Effect.fn("MCP.hasStoredTokens")(function* (mcpName: string) {
+      const entry = yield* auth.get(mcpName)
+      return !!entry?.tokens
+    })
+
+    const getAuthStatus = Effect.fn("MCP.getAuthStatus")(function* (mcpName: string) {
+      const entry = yield* auth.get(mcpName)
+      if (!entry?.tokens) return "not_authenticated" as AuthStatus
+      const expired = yield* auth.isTokenExpired(mcpName)
+      return (expired ? "expired" : "authenticated") as AuthStatus
+    })
+
+    return Service.of({
+      status,
+      clients,
+      tools,
+      prompts,
+      resources,
+      add,
+      connect,
+      disconnect,
+      getPrompt,
+      readResource,
+      startAuth,
+      authenticate,
+      finishAuth,
+      removeAuth,
+      supportsOAuth,
+      hasStoredTokens,
+      getAuthStatus,
+    })
+  }),
+)
+
+export type AuthStatus = "authenticated" | "expired" | "not_authenticated"
+
+// --- Per-service runtime ---
+
+export const defaultLayer = layer.pipe(
+  Layer.provide(McpAuth.layer),
+  Layer.provide(Bus.layer),
+  Layer.provide(Config.defaultLayer),
+  Layer.provide(CrossSpawnSpawner.defaultLayer),
+  Layer.provide(AppFileSystem.defaultLayer),
+)

packages/opencode/src/mcp/oauth-callback.ts

@@ -218,7 +218,7 @@ export namespace McpOAuthCallback {
       log.info("oauth callback server stopped")
     }
 
-    for (const [name, pending] of pendingAuths) {
+    for (const [_name, pending] of pendingAuths) {
       clearTimeout(pending.timeout)
       pending.reject(new Error("OAuth callback server stopped"))
     }

packages/opencode/src/npm/index.ts

@@ -1,188 +1 @@
-import semver from "semver"
-import z from "zod"
-import { NamedError } from "@opencode-ai/shared/util/error"
-import { Global } from "../global"
-import { Log } from "../util/log"
-import path from "path"
-import { readdir, rm } from "fs/promises"
-import { Filesystem } from "@/util/filesystem"
-import { Flock } from "@opencode-ai/shared/util/flock"
-import { Arborist } from "@npmcli/arborist"
-
-export namespace Npm {
-  const log = Log.create({ service: "npm" })
-  const illegal = process.platform === "win32" ? new Set(["<", ">", ":", '"', "|", "?", "*"]) : undefined
-
-  export const InstallFailedError = NamedError.create(
-    "NpmInstallFailedError",
-    z.object({
-      pkg: z.string(),
-    }),
-  )
-
-  export function sanitize(pkg: string) {
-    if (!illegal) return pkg
-    return Array.from(pkg, (char) => (illegal.has(char) || char.charCodeAt(0) < 32 ? "_" : char)).join("")
-  }
-
-  function directory(pkg: string) {
-    return path.join(Global.Path.cache, "packages", sanitize(pkg))
-  }
-
-  function resolveEntryPoint(name: string, dir: string) {
-    let entrypoint: string | undefined
-    try {
-      entrypoint = typeof Bun !== "undefined" ? import.meta.resolve(name, dir) : import.meta.resolve(dir)
-    } catch {}
-    const result = {
-      directory: dir,
-      entrypoint,
-    }
-    return result
-  }
-
-  export async function outdated(pkg: string, cachedVersion: string): Promise<boolean> {
-    const response = await fetch(`https://registry.npmjs.org/${pkg}`)
-    if (!response.ok) {
-      log.warn("Failed to resolve latest version, using cached", { pkg, cachedVersion })
-      return false
-    }
-
-    const data = (await response.json()) as { "dist-tags"?: { latest?: string } }
-    const latestVersion = data?.["dist-tags"]?.latest
-    if (!latestVersion) {
-      log.warn("No latest version found, using cached", { pkg, cachedVersion })
-      return false
-    }
-
-    const range = /[\s^~*xX<>|=]/.test(cachedVersion)
-    if (range) return !semver.satisfies(latestVersion, cachedVersion)
-
-    return semver.lt(cachedVersion, latestVersion)
-  }
-
-  export async function add(pkg: string) {
-    const dir = directory(pkg)
-    await using _ = await Flock.acquire(`npm-install:${Filesystem.resolve(dir)}`)
-    log.info("installing package", {
-      pkg,
-    })
-
-    const arborist = new Arborist({
-      path: dir,
-      binLinks: true,
-      progress: false,
-      savePrefix: "",
-      ignoreScripts: true,
-    })
-    const tree = await arborist.loadVirtual().catch(() => {})
-    if (tree) {
-      const first = tree.edgesOut.values().next().value?.to
-      if (first) {
-        return resolveEntryPoint(first.name, first.path)
-      }
-    }
-
-    const result = await arborist
-      .reify({
-        add: [pkg],
-        save: true,
-        saveType: "prod",
-      })
-      .catch((cause) => {
-        throw new InstallFailedError(
-          { pkg },
-          {
-            cause,
-          },
-        )
-      })
-
-    const first = result.edgesOut.values().next().value?.to
-    if (!first) throw new InstallFailedError({ pkg })
-    return resolveEntryPoint(first.name, first.path)
-  }
-
-  export async function install(dir: string) {
-    await using _ = await Flock.acquire(`npm-install:${dir}`)
-    log.info("checking dependencies", { dir })
-
-    const reify = async () => {
-      const arb = new Arborist({
-        path: dir,
-        binLinks: true,
-        progress: false,
-        savePrefix: "",
-        ignoreScripts: true,
-      })
-      await arb.reify().catch(() => {})
-    }
-
-    if (!(await Filesystem.exists(path.join(dir, "node_modules")))) {
-      log.info("node_modules missing, reifying")
-      await reify()
-      return
-    }
-
-    const pkg = await Filesystem.readJson(path.join(dir, "package.json")).catch(() => ({}))
-    const lock = await Filesystem.readJson(path.join(dir, "package-lock.json")).catch(() => ({}))
-
-    const declared = new Set([
-      ...Object.keys(pkg.dependencies || {}),
-      ...Object.keys(pkg.devDependencies || {}),
-      ...Object.keys(pkg.peerDependencies || {}),
-      ...Object.keys(pkg.optionalDependencies || {}),
-    ])
-
-    const root = lock.packages?.[""] || {}
-    const locked = new Set([
-      ...Object.keys(root.dependencies || {}),
-      ...Object.keys(root.devDependencies || {}),
-      ...Object.keys(root.peerDependencies || {}),
-      ...Object.keys(root.optionalDependencies || {}),
-    ])
-
-    for (const name of declared) {
-      if (!locked.has(name)) {
-        log.info("dependency not in lock file, reifying", { name })
-        await reify()
-        return
-      }
-    }
-
-    log.info("dependencies in sync")
-  }
-
-  export async function which(pkg: string) {
-    const dir = directory(pkg)
-    const binDir = path.join(dir, "node_modules", ".bin")
-
-    const pick = async () => {
-      const files = await readdir(binDir).catch(() => [])
-      if (files.length === 0) return undefined
-      if (files.length === 1) return files[0]
-      // Multiple binaries — resolve from package.json bin field like npx does
-      const pkgJson = await Filesystem.readJson<{ bin?: string | Record<string, string> }>(
-        path.join(dir, "node_modules", pkg, "package.json"),
-      ).catch(() => undefined)
-      if (pkgJson?.bin) {
-        const unscoped = pkg.startsWith("@") ? pkg.split("/")[1] : pkg
-        const bin = pkgJson.bin
-        if (typeof bin === "string") return unscoped
-        const keys = Object.keys(bin)
-        if (keys.length === 1) return keys[0]
-        return bin[unscoped] ? unscoped : keys[0]
-      }
-      return files[0]
-    }
-
-    const bin = await pick()
-    if (bin) return path.join(binDir, bin)
-
-    await rm(path.join(dir, "package-lock.json"), { force: true })
-    await add(pkg)
-    const resolved = await pick()
-    if (!resolved) return
-    return path.join(binDir, resolved)
-  }
-}
+export * as Npm from "./npm"

packages/opencode/src/npm/npm.ts

@@ -0,0 +1,186 @@
+import semver from "semver"
+import z from "zod"
+import { NamedError } from "@opencode-ai/shared/util/error"
+import { Global } from "../global"
+import { Log } from "../util/log"
+import path from "path"
+import { readdir, rm } from "fs/promises"
+import { Filesystem } from "@/util/filesystem"
+import { Flock } from "@opencode-ai/shared/util/flock"
+import { Arborist } from "@npmcli/arborist"
+
+const log = Log.create({ service: "npm" })
+const illegal = process.platform === "win32" ? new Set(["<", ">", ":", '"', "|", "?", "*"]) : undefined
+
+export const InstallFailedError = NamedError.create(
+  "NpmInstallFailedError",
+  z.object({
+    pkg: z.string(),
+  }),
+)
+
+export function sanitize(pkg: string) {
+  if (!illegal) return pkg
+  return Array.from(pkg, (char) => (illegal.has(char) || char.charCodeAt(0) < 32 ? "_" : char)).join("")
+}
+
+function directory(pkg: string) {
+  return path.join(Global.Path.cache, "packages", sanitize(pkg))
+}
+
+function resolveEntryPoint(name: string, dir: string) {
+  let entrypoint: string | undefined
+  try {
+    entrypoint = typeof Bun !== "undefined" ? import.meta.resolve(name, dir) : import.meta.resolve(dir)
+  } catch {}
+  const result = {
+    directory: dir,
+    entrypoint,
+  }
+  return result
+}
+
+export async function outdated(pkg: string, cachedVersion: string): Promise<boolean> {
+  const response = await fetch(`https://registry.npmjs.org/${pkg}`)
+  if (!response.ok) {
+    log.warn("Failed to resolve latest version, using cached", { pkg, cachedVersion })
+    return false
+  }
+
+  const data = (await response.json()) as { "dist-tags"?: { latest?: string } }
+  const latestVersion = data?.["dist-tags"]?.latest
+  if (!latestVersion) {
+    log.warn("No latest version found, using cached", { pkg, cachedVersion })
+    return false
+  }
+
+  const range = /[\s^~*xX<>|=]/.test(cachedVersion)
+  if (range) return !semver.satisfies(latestVersion, cachedVersion)
+
+  return semver.lt(cachedVersion, latestVersion)
+}
+
+export async function add(pkg: string) {
+  const dir = directory(pkg)
+  await using _ = await Flock.acquire(`npm-install:${Filesystem.resolve(dir)}`)
+  log.info("installing package", {
+    pkg,
+  })
+
+  const arborist = new Arborist({
+    path: dir,
+    binLinks: true,
+    progress: false,
+    savePrefix: "",
+    ignoreScripts: true,
+  })
+  const tree = await arborist.loadVirtual().catch(() => {})
+  if (tree) {
+    const first = tree.edgesOut.values().next().value?.to
+    if (first) {
+      return resolveEntryPoint(first.name, first.path)
+    }
+  }
+
+  const result = await arborist
+    .reify({
+      add: [pkg],
+      save: true,
+      saveType: "prod",
+    })
+    .catch((cause) => {
+      throw new InstallFailedError(
+        { pkg },
+        {
+          cause,
+        },
+      )
+    })
+
+  const first = result.edgesOut.values().next().value?.to
+  if (!first) throw new InstallFailedError({ pkg })
+  return resolveEntryPoint(first.name, first.path)
+}
+
+export async function install(dir: string) {
+  await using _ = await Flock.acquire(`npm-install:${dir}`)
+  log.info("checking dependencies", { dir })
+
+  const reify = async () => {
+    const arb = new Arborist({
+      path: dir,
+      binLinks: true,
+      progress: false,
+      savePrefix: "",
+      ignoreScripts: true,
+    })
+    await arb.reify().catch(() => {})
+  }
+
+  if (!(await Filesystem.exists(path.join(dir, "node_modules")))) {
+    log.info("node_modules missing, reifying")
+    await reify()
+    return
+  }
+
+  const pkg = await Filesystem.readJson(path.join(dir, "package.json")).catch(() => ({}))
+  const lock = await Filesystem.readJson(path.join(dir, "package-lock.json")).catch(() => ({}))
+
+  const declared = new Set([
+    ...Object.keys(pkg.dependencies || {}),
+    ...Object.keys(pkg.devDependencies || {}),
+    ...Object.keys(pkg.peerDependencies || {}),
+    ...Object.keys(pkg.optionalDependencies || {}),
+  ])
+
+  const root = lock.packages?.[""] || {}
+  const locked = new Set([
+    ...Object.keys(root.dependencies || {}),
+    ...Object.keys(root.devDependencies || {}),
+    ...Object.keys(root.peerDependencies || {}),
+    ...Object.keys(root.optionalDependencies || {}),
+  ])
+
+  for (const name of declared) {
+    if (!locked.has(name)) {
+      log.info("dependency not in lock file, reifying", { name })
+      await reify()
+      return
+    }
+  }
+
+  log.info("dependencies in sync")
+}
+
+export async function which(pkg: string) {
+  const dir = directory(pkg)
+  const binDir = path.join(dir, "node_modules", ".bin")
+
+  const pick = async () => {
+    const files = await readdir(binDir).catch(() => [])
+    if (files.length === 0) return undefined
+    if (files.length === 1) return files[0]
+    // Multiple binaries — resolve from package.json bin field like npx does
+    const pkgJson = await Filesystem.readJson<{ bin?: string | Record<string, string> }>(
+      path.join(dir, "node_modules", pkg, "package.json"),
+    ).catch(() => undefined)
+    if (pkgJson?.bin) {
+      const unscoped = pkg.startsWith("@") ? pkg.split("/")[1] : pkg
+      const bin = pkgJson.bin
+      if (typeof bin === "string") return unscoped
+      const keys = Object.keys(bin)
+      if (keys.length === 1) return keys[0]
+      return bin[unscoped] ? unscoped : keys[0]
+    }
+    return files[0]
+  }
+
+  const bin = await pick()
+  if (bin) return path.join(binDir, bin)
+
+  await rm(path.join(dir, "package-lock.json"), { force: true })
+  await add(pkg)
+  const resolved = await pick()
+  if (!resolved) return
+  return path.join(binDir, resolved)
+}

packages/opencode/src/patch/index.ts

@@ -1,680 +1 @@
-import z from "zod"
-import * as path from "path"
-import * as fs from "fs/promises"
-import { readFileSync } from "fs"
-import { Log } from "../util/log"
-
-export namespace Patch {
-  const log = Log.create({ service: "patch" })
-
-  // Schema definitions
-  export const PatchSchema = z.object({
-    patchText: z.string().describe("The full patch text that describes all changes to be made"),
-  })
-
-  export type PatchParams = z.infer<typeof PatchSchema>
-
-  // Core types matching the Rust implementation
-  export interface ApplyPatchArgs {
-    patch: string
-    hunks: Hunk[]
-    workdir?: string
-  }
-
-  export type Hunk =
-    | { type: "add"; path: string; contents: string }
-    | { type: "delete"; path: string }
-    | { type: "update"; path: string; move_path?: string; chunks: UpdateFileChunk[] }
-
-  export interface UpdateFileChunk {
-    old_lines: string[]
-    new_lines: string[]
-    change_context?: string
-    is_end_of_file?: boolean
-  }
-
-  export interface ApplyPatchAction {
-    changes: Map<string, ApplyPatchFileChange>
-    patch: string
-    cwd: string
-  }
-
-  export type ApplyPatchFileChange =
-    | { type: "add"; content: string }
-    | { type: "delete"; content: string }
-    | { type: "update"; unified_diff: string; move_path?: string; new_content: string }
-
-  export interface AffectedPaths {
-    added: string[]
-    modified: string[]
-    deleted: string[]
-  }
-
-  export enum ApplyPatchError {
-    ParseError = "ParseError",
-    IoError = "IoError",
-    ComputeReplacements = "ComputeReplacements",
-    ImplicitInvocation = "ImplicitInvocation",
-  }
-
-  export enum MaybeApplyPatch {
-    Body = "Body",
-    ShellParseError = "ShellParseError",
-    PatchParseError = "PatchParseError",
-    NotApplyPatch = "NotApplyPatch",
-  }
-
-  export enum MaybeApplyPatchVerified {
-    Body = "Body",
-    ShellParseError = "ShellParseError",
-    CorrectnessError = "CorrectnessError",
-    NotApplyPatch = "NotApplyPatch",
-  }
-
-  // Parser implementation
-  function parsePatchHeader(
-    lines: string[],
-    startIdx: number,
-  ): { filePath: string; movePath?: string; nextIdx: number } | null {
-    const line = lines[startIdx]
-
-    if (line.startsWith("*** Add File:")) {
-      const filePath = line.slice("*** Add File:".length).trim()
-      return filePath ? { filePath, nextIdx: startIdx + 1 } : null
-    }
-
-    if (line.startsWith("*** Delete File:")) {
-      const filePath = line.slice("*** Delete File:".length).trim()
-      return filePath ? { filePath, nextIdx: startIdx + 1 } : null
-    }
-
-    if (line.startsWith("*** Update File:")) {
-      const filePath = line.slice("*** Update File:".length).trim()
-      let movePath: string | undefined
-      let nextIdx = startIdx + 1
-
-      // Check for move directive
-      if (nextIdx < lines.length && lines[nextIdx].startsWith("*** Move to:")) {
-        movePath = lines[nextIdx].slice("*** Move to:".length).trim()
-        nextIdx++
-      }
-
-      return filePath ? { filePath, movePath, nextIdx } : null
-    }
-
-    return null
-  }
-
-  function parseUpdateFileChunks(lines: string[], startIdx: number): { chunks: UpdateFileChunk[]; nextIdx: number } {
-    const chunks: UpdateFileChunk[] = []
-    let i = startIdx
-
-    while (i < lines.length && !lines[i].startsWith("***")) {
-      if (lines[i].startsWith("@@")) {
-        // Parse context line
-        const contextLine = lines[i].substring(2).trim()
-        i++
-
-        const oldLines: string[] = []
-        const newLines: string[] = []
-        let isEndOfFile = false
-
-        // Parse change lines
-        while (i < lines.length && !lines[i].startsWith("@@") && !lines[i].startsWith("***")) {
-          const changeLine = lines[i]
-
-          if (changeLine === "*** End of File") {
-            isEndOfFile = true
-            i++
-            break
-          }
-
-          if (changeLine.startsWith(" ")) {
-            // Keep line - appears in both old and new
-            const content = changeLine.substring(1)
-            oldLines.push(content)
-            newLines.push(content)
-          } else if (changeLine.startsWith("-")) {
-            // Remove line - only in old
-            oldLines.push(changeLine.substring(1))
-          } else if (changeLine.startsWith("+")) {
-            // Add line - only in new
-            newLines.push(changeLine.substring(1))
-          }
-
-          i++
-        }
-
-        chunks.push({
-          old_lines: oldLines,
-          new_lines: newLines,
-          change_context: contextLine || undefined,
-          is_end_of_file: isEndOfFile || undefined,
-        })
-      } else {
-        i++
-      }
-    }
-
-    return { chunks, nextIdx: i }
-  }
-
-  function parseAddFileContent(lines: string[], startIdx: number): { content: string; nextIdx: number } {
-    let content = ""
-    let i = startIdx
-
-    while (i < lines.length && !lines[i].startsWith("***")) {
-      if (lines[i].startsWith("+")) {
-        content += lines[i].substring(1) + "\n"
-      }
-      i++
-    }
-
-    // Remove trailing newline
-    if (content.endsWith("\n")) {
-      content = content.slice(0, -1)
-    }
-
-    return { content, nextIdx: i }
-  }
-
-  function stripHeredoc(input: string): string {
-    // Match heredoc patterns like: cat <<'EOF'\n...\nEOF or <<EOF\n...\nEOF
-    const heredocMatch = input.match(/^(?:cat\s+)?<<['"]?(\w+)['"]?\s*\n([\s\S]*?)\n\1\s*$/)
-    if (heredocMatch) {
-      return heredocMatch[2]
-    }
-    return input
-  }
-
-  export function parsePatch(patchText: string): { hunks: Hunk[] } {
-    const cleaned = stripHeredoc(patchText.trim())
-    const lines = cleaned.split("\n")
-    const hunks: Hunk[] = []
-    let i = 0
-
-    // Look for Begin/End patch markers
-    const beginMarker = "*** Begin Patch"
-    const endMarker = "*** End Patch"
-
-    const beginIdx = lines.findIndex((line) => line.trim() === beginMarker)
-    const endIdx = lines.findIndex((line) => line.trim() === endMarker)
-
-    if (beginIdx === -1 || endIdx === -1 || beginIdx >= endIdx) {
-      throw new Error("Invalid patch format: missing Begin/End markers")
-    }
-
-    // Parse content between markers
-    i = beginIdx + 1
-
-    while (i < endIdx) {
-      const header = parsePatchHeader(lines, i)
-      if (!header) {
-        i++
-        continue
-      }
-
-      if (lines[i].startsWith("*** Add File:")) {
-        const { content, nextIdx } = parseAddFileContent(lines, header.nextIdx)
-        hunks.push({
-          type: "add",
-          path: header.filePath,
-          contents: content,
-        })
-        i = nextIdx
-      } else if (lines[i].startsWith("*** Delete File:")) {
-        hunks.push({
-          type: "delete",
-          path: header.filePath,
-        })
-        i = header.nextIdx
-      } else if (lines[i].startsWith("*** Update File:")) {
-        const { chunks, nextIdx } = parseUpdateFileChunks(lines, header.nextIdx)
-        hunks.push({
-          type: "update",
-          path: header.filePath,
-          move_path: header.movePath,
-          chunks,
-        })
-        i = nextIdx
-      } else {
-        i++
-      }
-    }
-
-    return { hunks }
-  }
-
-  // Apply patch functionality
-  export function maybeParseApplyPatch(
-    argv: string[],
-  ):
-    | { type: MaybeApplyPatch.Body; args: ApplyPatchArgs }
-    | { type: MaybeApplyPatch.PatchParseError; error: Error }
-    | { type: MaybeApplyPatch.NotApplyPatch } {
-    const APPLY_PATCH_COMMANDS = ["apply_patch", "applypatch"]
-
-    // Direct invocation: apply_patch <patch>
-    if (argv.length === 2 && APPLY_PATCH_COMMANDS.includes(argv[0])) {
-      try {
-        const { hunks } = parsePatch(argv[1])
-        return {
-          type: MaybeApplyPatch.Body,
-          args: {
-            patch: argv[1],
-            hunks,
-          },
-        }
-      } catch (error) {
-        return {
-          type: MaybeApplyPatch.PatchParseError,
-          error: error as Error,
-        }
-      }
-    }
-
-    // Bash heredoc form: bash -lc 'apply_patch <<"EOF" ...'
-    if (argv.length === 3 && argv[0] === "bash" && argv[1] === "-lc") {
-      // Simple extraction - in real implementation would need proper bash parsing
-      const script = argv[2]
-      const heredocMatch = script.match(/apply_patch\s*<<['"](\w+)['"]\s*\n([\s\S]*?)\n\1/)
-
-      if (heredocMatch) {
-        const patchContent = heredocMatch[2]
-        try {
-          const { hunks } = parsePatch(patchContent)
-          return {
-            type: MaybeApplyPatch.Body,
-            args: {
-              patch: patchContent,
-              hunks,
-            },
-          }
-        } catch (error) {
-          return {
-            type: MaybeApplyPatch.PatchParseError,
-            error: error as Error,
-          }
-        }
-      }
-    }
-
-    return { type: MaybeApplyPatch.NotApplyPatch }
-  }
-
-  // File content manipulation
-  interface ApplyPatchFileUpdate {
-    unified_diff: string
-    content: string
-  }
-
-  export function deriveNewContentsFromChunks(filePath: string, chunks: UpdateFileChunk[]): ApplyPatchFileUpdate {
-    // Read original file content
-    let originalContent: string
-    try {
-      originalContent = readFileSync(filePath, "utf-8")
-    } catch (error) {
-      throw new Error(`Failed to read file ${filePath}: ${error}`)
-    }
-
-    let originalLines = originalContent.split("\n")
-
-    // Drop trailing empty element for consistent line counting
-    if (originalLines.length > 0 && originalLines[originalLines.length - 1] === "") {
-      originalLines.pop()
-    }
-
-    const replacements = computeReplacements(originalLines, filePath, chunks)
-    let newLines = applyReplacements(originalLines, replacements)
-
-    // Ensure trailing newline
-    if (newLines.length === 0 || newLines[newLines.length - 1] !== "") {
-      newLines.push("")
-    }
-
-    const newContent = newLines.join("\n")
-
-    // Generate unified diff
-    const unifiedDiff = generateUnifiedDiff(originalContent, newContent)
-
-    return {
-      unified_diff: unifiedDiff,
-      content: newContent,
-    }
-  }
-
-  function computeReplacements(
-    originalLines: string[],
-    filePath: string,
-    chunks: UpdateFileChunk[],
-  ): Array<[number, number, string[]]> {
-    const replacements: Array<[number, number, string[]]> = []
-    let lineIndex = 0
-
-    for (const chunk of chunks) {
-      // Handle context-based seeking
-      if (chunk.change_context) {
-        const contextIdx = seekSequence(originalLines, [chunk.change_context], lineIndex)
-        if (contextIdx === -1) {
-          throw new Error(`Failed to find context '${chunk.change_context}' in ${filePath}`)
-        }
-        lineIndex = contextIdx + 1
-      }
-
-      // Handle pure addition (no old lines)
-      if (chunk.old_lines.length === 0) {
-        const insertionIdx =
-          originalLines.length > 0 && originalLines[originalLines.length - 1] === ""
-            ? originalLines.length - 1
-            : originalLines.length
-        replacements.push([insertionIdx, 0, chunk.new_lines])
-        continue
-      }
-
-      // Try to match old lines in the file
-      let pattern = chunk.old_lines
-      let newSlice = chunk.new_lines
-      let found = seekSequence(originalLines, pattern, lineIndex, chunk.is_end_of_file)
-
-      // Retry without trailing empty line if not found
-      if (found === -1 && pattern.length > 0 && pattern[pattern.length - 1] === "") {
-        pattern = pattern.slice(0, -1)
-        if (newSlice.length > 0 && newSlice[newSlice.length - 1] === "") {
-          newSlice = newSlice.slice(0, -1)
-        }
-        found = seekSequence(originalLines, pattern, lineIndex, chunk.is_end_of_file)
-      }
-
-      if (found !== -1) {
-        replacements.push([found, pattern.length, newSlice])
-        lineIndex = found + pattern.length
-      } else {
-        throw new Error(`Failed to find expected lines in ${filePath}:\n${chunk.old_lines.join("\n")}`)
-      }
-    }
-
-    // Sort replacements by index to apply in order
-    replacements.sort((a, b) => a[0] - b[0])
-
-    return replacements
-  }
-
-  function applyReplacements(lines: string[], replacements: Array<[number, number, string[]]>): string[] {
-    // Apply replacements in reverse order to avoid index shifting
-    const result = [...lines]
-
-    for (let i = replacements.length - 1; i >= 0; i--) {
-      const [startIdx, oldLen, newSegment] = replacements[i]
-
-      // Remove old lines
-      result.splice(startIdx, oldLen)
-
-      // Insert new lines
-      for (let j = 0; j < newSegment.length; j++) {
-        result.splice(startIdx + j, 0, newSegment[j])
-      }
-    }
-
-    return result
-  }
-
-  // Normalize Unicode punctuation to ASCII equivalents (like Rust's normalize_unicode)
-  function normalizeUnicode(str: string): string {
-    return str
-      .replace(/[\u2018\u2019\u201A\u201B]/g, "'") // single quotes
-      .replace(/[\u201C\u201D\u201E\u201F]/g, '"') // double quotes
-      .replace(/[\u2010\u2011\u2012\u2013\u2014\u2015]/g, "-") // dashes
-      .replace(/\u2026/g, "...") // ellipsis
-      .replace(/\u00A0/g, " ") // non-breaking space
-  }
-
-  type Comparator = (a: string, b: string) => boolean
-
-  function tryMatch(lines: string[], pattern: string[], startIndex: number, compare: Comparator, eof: boolean): number {
-    // If EOF anchor, try matching from end of file first
-    if (eof) {
-      const fromEnd = lines.length - pattern.length
-      if (fromEnd >= startIndex) {
-        let matches = true
-        for (let j = 0; j < pattern.length; j++) {
-          if (!compare(lines[fromEnd + j], pattern[j])) {
-            matches = false
-            break
-          }
-        }
-        if (matches) return fromEnd
-      }
-    }
-
-    // Forward search from startIndex
-    for (let i = startIndex; i <= lines.length - pattern.length; i++) {
-      let matches = true
-      for (let j = 0; j < pattern.length; j++) {
-        if (!compare(lines[i + j], pattern[j])) {
-          matches = false
-          break
-        }
-      }
-      if (matches) return i
-    }
-
-    return -1
-  }
-
-  function seekSequence(lines: string[], pattern: string[], startIndex: number, eof = false): number {
-    if (pattern.length === 0) return -1
-
-    // Pass 1: exact match
-    const exact = tryMatch(lines, pattern, startIndex, (a, b) => a === b, eof)
-    if (exact !== -1) return exact
-
-    // Pass 2: rstrip (trim trailing whitespace)
-    const rstrip = tryMatch(lines, pattern, startIndex, (a, b) => a.trimEnd() === b.trimEnd(), eof)
-    if (rstrip !== -1) return rstrip
-
-    // Pass 3: trim (both ends)
-    const trim = tryMatch(lines, pattern, startIndex, (a, b) => a.trim() === b.trim(), eof)
-    if (trim !== -1) return trim
-
-    // Pass 4: normalized (Unicode punctuation to ASCII)
-    const normalized = tryMatch(
-      lines,
-      pattern,
-      startIndex,
-      (a, b) => normalizeUnicode(a.trim()) === normalizeUnicode(b.trim()),
-      eof,
-    )
-    return normalized
-  }
-
-  function generateUnifiedDiff(oldContent: string, newContent: string): string {
-    const oldLines = oldContent.split("\n")
-    const newLines = newContent.split("\n")
-
-    // Simple diff generation - in a real implementation you'd use a proper diff algorithm
-    let diff = "@@ -1 +1 @@\n"
-
-    // Find changes (simplified approach)
-    const maxLen = Math.max(oldLines.length, newLines.length)
-    let hasChanges = false
-
-    for (let i = 0; i < maxLen; i++) {
-      const oldLine = oldLines[i] || ""
-      const newLine = newLines[i] || ""
-
-      if (oldLine !== newLine) {
-        if (oldLine) diff += `-${oldLine}\n`
-        if (newLine) diff += `+${newLine}\n`
-        hasChanges = true
-      } else if (oldLine) {
-        diff += ` ${oldLine}\n`
-      }
-    }
-
-    return hasChanges ? diff : ""
-  }
-
-  // Apply hunks to filesystem
-  export async function applyHunksToFiles(hunks: Hunk[]): Promise<AffectedPaths> {
-    if (hunks.length === 0) {
-      throw new Error("No files were modified.")
-    }
-
-    const added: string[] = []
-    const modified: string[] = []
-    const deleted: string[] = []
-
-    for (const hunk of hunks) {
-      switch (hunk.type) {
-        case "add":
-          // Create parent directories
-          const addDir = path.dirname(hunk.path)
-          if (addDir !== "." && addDir !== "/") {
-            await fs.mkdir(addDir, { recursive: true })
-          }
-
-          await fs.writeFile(hunk.path, hunk.contents, "utf-8")
-          added.push(hunk.path)
-          log.info(`Added file: ${hunk.path}`)
-          break
-
-        case "delete":
-          await fs.unlink(hunk.path)
-          deleted.push(hunk.path)
-          log.info(`Deleted file: ${hunk.path}`)
-          break
-
-        case "update":
-          const fileUpdate = deriveNewContentsFromChunks(hunk.path, hunk.chunks)
-
-          if (hunk.move_path) {
-            // Handle file move
-            const moveDir = path.dirname(hunk.move_path)
-            if (moveDir !== "." && moveDir !== "/") {
-              await fs.mkdir(moveDir, { recursive: true })
-            }
-
-            await fs.writeFile(hunk.move_path, fileUpdate.content, "utf-8")
-            await fs.unlink(hunk.path)
-            modified.push(hunk.move_path)
-            log.info(`Moved file: ${hunk.path} -> ${hunk.move_path}`)
-          } else {
-            // Regular update
-            await fs.writeFile(hunk.path, fileUpdate.content, "utf-8")
-            modified.push(hunk.path)
-            log.info(`Updated file: ${hunk.path}`)
-          }
-          break
-      }
-    }
-
-    return { added, modified, deleted }
-  }
-
-  // Main patch application function
-  export async function applyPatch(patchText: string): Promise<AffectedPaths> {
-    const { hunks } = parsePatch(patchText)
-    return applyHunksToFiles(hunks)
-  }
-
-  // Async version of maybeParseApplyPatchVerified
-  export async function maybeParseApplyPatchVerified(
-    argv: string[],
-    cwd: string,
-  ): Promise<
-    | { type: MaybeApplyPatchVerified.Body; action: ApplyPatchAction }
-    | { type: MaybeApplyPatchVerified.CorrectnessError; error: Error }
-    | { type: MaybeApplyPatchVerified.NotApplyPatch }
-  > {
-    // Detect implicit patch invocation (raw patch without apply_patch command)
-    if (argv.length === 1) {
-      try {
-        parsePatch(argv[0])
-        return {
-          type: MaybeApplyPatchVerified.CorrectnessError,
-          error: new Error(ApplyPatchError.ImplicitInvocation),
-        }
-      } catch {
-        // Not a patch, continue
-      }
-    }
-
-    const result = maybeParseApplyPatch(argv)
-
-    switch (result.type) {
-      case MaybeApplyPatch.Body:
-        const { args } = result
-        const effectiveCwd = args.workdir ? path.resolve(cwd, args.workdir) : cwd
-        const changes = new Map<string, ApplyPatchFileChange>()
-
-        for (const hunk of args.hunks) {
-          const resolvedPath = path.resolve(
-            effectiveCwd,
-            hunk.type === "update" && hunk.move_path ? hunk.move_path : hunk.path,
-          )
-
-          switch (hunk.type) {
-            case "add":
-              changes.set(resolvedPath, {
-                type: "add",
-                content: hunk.contents,
-              })
-              break
-
-            case "delete":
-              // For delete, we need to read the current content
-              const deletePath = path.resolve(effectiveCwd, hunk.path)
-              try {
-                const content = await fs.readFile(deletePath, "utf-8")
-                changes.set(resolvedPath, {
-                  type: "delete",
-                  content,
-                })
-              } catch {
-                return {
-                  type: MaybeApplyPatchVerified.CorrectnessError,
-                  error: new Error(`Failed to read file for deletion: ${deletePath}`),
-                }
-              }
-              break
-
-            case "update":
-              const updatePath = path.resolve(effectiveCwd, hunk.path)
-              try {
-                const fileUpdate = deriveNewContentsFromChunks(updatePath, hunk.chunks)
-                changes.set(resolvedPath, {
-                  type: "update",
-                  unified_diff: fileUpdate.unified_diff,
-                  move_path: hunk.move_path ? path.resolve(effectiveCwd, hunk.move_path) : undefined,
-                  new_content: fileUpdate.content,
-                })
-              } catch (error) {
-                return {
-                  type: MaybeApplyPatchVerified.CorrectnessError,
-                  error: error as Error,
-                }
-              }
-              break
-          }
-        }
-
-        return {
-          type: MaybeApplyPatchVerified.Body,
-          action: {
-            changes,
-            patch: args.patch,
-            cwd: effectiveCwd,
-          },
-        }
-
-      case MaybeApplyPatch.PatchParseError:
-        return {
-          type: MaybeApplyPatchVerified.CorrectnessError,
-          error: result.error,
-        }
-
-      case MaybeApplyPatch.NotApplyPatch:
-        return { type: MaybeApplyPatchVerified.NotApplyPatch }
-    }
-  }
-}
+export * as Patch from "./patch"

packages/opencode/src/patch/patch.ts

@@ -0,0 +1,678 @@
+import z from "zod"
+import * as path from "path"
+import * as fs from "fs/promises"
+import { readFileSync } from "fs"
+import { Log } from "../util/log"
+
+const log = Log.create({ service: "patch" })
+
+// Schema definitions
+export const PatchSchema = z.object({
+  patchText: z.string().describe("The full patch text that describes all changes to be made"),
+})
+
+export type PatchParams = z.infer<typeof PatchSchema>
+
+// Core types matching the Rust implementation
+export interface ApplyPatchArgs {
+  patch: string
+  hunks: Hunk[]
+  workdir?: string
+}
+
+export type Hunk =
+  | { type: "add"; path: string; contents: string }
+  | { type: "delete"; path: string }
+  | { type: "update"; path: string; move_path?: string; chunks: UpdateFileChunk[] }
+
+export interface UpdateFileChunk {
+  old_lines: string[]
+  new_lines: string[]
+  change_context?: string
+  is_end_of_file?: boolean
+}
+
+export interface ApplyPatchAction {
+  changes: Map<string, ApplyPatchFileChange>
+  patch: string
+  cwd: string
+}
+
+export type ApplyPatchFileChange =
+  | { type: "add"; content: string }
+  | { type: "delete"; content: string }
+  | { type: "update"; unified_diff: string; move_path?: string; new_content: string }
+
+export interface AffectedPaths {
+  added: string[]
+  modified: string[]
+  deleted: string[]
+}
+
+export enum ApplyPatchError {
+  ParseError = "ParseError",
+  IoError = "IoError",
+  ComputeReplacements = "ComputeReplacements",
+  ImplicitInvocation = "ImplicitInvocation",
+}
+
+export enum MaybeApplyPatch {
+  Body = "Body",
+  ShellParseError = "ShellParseError",
+  PatchParseError = "PatchParseError",
+  NotApplyPatch = "NotApplyPatch",
+}
+
+export enum MaybeApplyPatchVerified {
+  Body = "Body",
+  ShellParseError = "ShellParseError",
+  CorrectnessError = "CorrectnessError",
+  NotApplyPatch = "NotApplyPatch",
+}
+
+// Parser implementation
+function parsePatchHeader(
+  lines: string[],
+  startIdx: number,
+): { filePath: string; movePath?: string; nextIdx: number } | null {
+  const line = lines[startIdx]
+
+  if (line.startsWith("*** Add File:")) {
+    const filePath = line.slice("*** Add File:".length).trim()
+    return filePath ? { filePath, nextIdx: startIdx + 1 } : null
+  }
+
+  if (line.startsWith("*** Delete File:")) {
+    const filePath = line.slice("*** Delete File:".length).trim()
+    return filePath ? { filePath, nextIdx: startIdx + 1 } : null
+  }
+
+  if (line.startsWith("*** Update File:")) {
+    const filePath = line.slice("*** Update File:".length).trim()
+    let movePath: string | undefined
+    let nextIdx = startIdx + 1
+
+    // Check for move directive
+    if (nextIdx < lines.length && lines[nextIdx].startsWith("*** Move to:")) {
+      movePath = lines[nextIdx].slice("*** Move to:".length).trim()
+      nextIdx++
+    }
+
+    return filePath ? { filePath, movePath, nextIdx } : null
+  }
+
+  return null
+}
+
+function parseUpdateFileChunks(lines: string[], startIdx: number): { chunks: UpdateFileChunk[]; nextIdx: number } {
+  const chunks: UpdateFileChunk[] = []
+  let i = startIdx
+
+  while (i < lines.length && !lines[i].startsWith("***")) {
+    if (lines[i].startsWith("@@")) {
+      // Parse context line
+      const contextLine = lines[i].substring(2).trim()
+      i++
+
+      const oldLines: string[] = []
+      const newLines: string[] = []
+      let isEndOfFile = false
+
+      // Parse change lines
+      while (i < lines.length && !lines[i].startsWith("@@") && !lines[i].startsWith("***")) {
+        const changeLine = lines[i]
+
+        if (changeLine === "*** End of File") {
+          isEndOfFile = true
+          i++
+          break
+        }
+
+        if (changeLine.startsWith(" ")) {
+          // Keep line - appears in both old and new
+          const content = changeLine.substring(1)
+          oldLines.push(content)
+          newLines.push(content)
+        } else if (changeLine.startsWith("-")) {
+          // Remove line - only in old
+          oldLines.push(changeLine.substring(1))
+        } else if (changeLine.startsWith("+")) {
+          // Add line - only in new
+          newLines.push(changeLine.substring(1))
+        }
+
+        i++
+      }
+
+      chunks.push({
+        old_lines: oldLines,
+        new_lines: newLines,
+        change_context: contextLine || undefined,
+        is_end_of_file: isEndOfFile || undefined,
+      })
+    } else {
+      i++
+    }
+  }
+
+  return { chunks, nextIdx: i }
+}
+
+function parseAddFileContent(lines: string[], startIdx: number): { content: string; nextIdx: number } {
+  let content = ""
+  let i = startIdx
+
+  while (i < lines.length && !lines[i].startsWith("***")) {
+    if (lines[i].startsWith("+")) {
+      content += lines[i].substring(1) + "\n"
+    }
+    i++
+  }
+
+  // Remove trailing newline
+  if (content.endsWith("\n")) {
+    content = content.slice(0, -1)
+  }
+
+  return { content, nextIdx: i }
+}
+
+function stripHeredoc(input: string): string {
+  // Match heredoc patterns like: cat <<'EOF'\n...\nEOF or <<EOF\n...\nEOF
+  const heredocMatch = input.match(/^(?:cat\s+)?<<['"]?(\w+)['"]?\s*\n([\s\S]*?)\n\1\s*$/)
+  if (heredocMatch) {
+    return heredocMatch[2]
+  }
+  return input
+}
+
+export function parsePatch(patchText: string): { hunks: Hunk[] } {
+  const cleaned = stripHeredoc(patchText.trim())
+  const lines = cleaned.split("\n")
+  const hunks: Hunk[] = []
+  let i = 0
+
+  // Look for Begin/End patch markers
+  const beginMarker = "*** Begin Patch"
+  const endMarker = "*** End Patch"
+
+  const beginIdx = lines.findIndex((line) => line.trim() === beginMarker)
+  const endIdx = lines.findIndex((line) => line.trim() === endMarker)
+
+  if (beginIdx === -1 || endIdx === -1 || beginIdx >= endIdx) {
+    throw new Error("Invalid patch format: missing Begin/End markers")
+  }
+
+  // Parse content between markers
+  i = beginIdx + 1
+
+  while (i < endIdx) {
+    const header = parsePatchHeader(lines, i)
+    if (!header) {
+      i++
+      continue
+    }
+
+    if (lines[i].startsWith("*** Add File:")) {
+      const { content, nextIdx } = parseAddFileContent(lines, header.nextIdx)
+      hunks.push({
+        type: "add",
+        path: header.filePath,
+        contents: content,
+      })
+      i = nextIdx
+    } else if (lines[i].startsWith("*** Delete File:")) {
+      hunks.push({
+        type: "delete",
+        path: header.filePath,
+      })
+      i = header.nextIdx
+    } else if (lines[i].startsWith("*** Update File:")) {
+      const { chunks, nextIdx } = parseUpdateFileChunks(lines, header.nextIdx)
+      hunks.push({
+        type: "update",
+        path: header.filePath,
+        move_path: header.movePath,
+        chunks,
+      })
+      i = nextIdx
+    } else {
+      i++
+    }
+  }
+
+  return { hunks }
+}
+
+// Apply patch functionality
+export function maybeParseApplyPatch(
+  argv: string[],
+):
+  | { type: MaybeApplyPatch.Body; args: ApplyPatchArgs }
+  | { type: MaybeApplyPatch.PatchParseError; error: Error }
+  | { type: MaybeApplyPatch.NotApplyPatch } {
+  const APPLY_PATCH_COMMANDS = ["apply_patch", "applypatch"]
+
+  // Direct invocation: apply_patch <patch>
+  if (argv.length === 2 && APPLY_PATCH_COMMANDS.includes(argv[0])) {
+    try {
+      const { hunks } = parsePatch(argv[1])
+      return {
+        type: MaybeApplyPatch.Body,
+        args: {
+          patch: argv[1],
+          hunks,
+        },
+      }
+    } catch (error) {
+      return {
+        type: MaybeApplyPatch.PatchParseError,
+        error: error as Error,
+      }
+    }
+  }
+
+  // Bash heredoc form: bash -lc 'apply_patch <<"EOF" ...'
+  if (argv.length === 3 && argv[0] === "bash" && argv[1] === "-lc") {
+    // Simple extraction - in real implementation would need proper bash parsing
+    const script = argv[2]
+    const heredocMatch = script.match(/apply_patch\s*<<['"](\w+)['"]\s*\n([\s\S]*?)\n\1/)
+
+    if (heredocMatch) {
+      const patchContent = heredocMatch[2]
+      try {
+        const { hunks } = parsePatch(patchContent)
+        return {
+          type: MaybeApplyPatch.Body,
+          args: {
+            patch: patchContent,
+            hunks,
+          },
+        }
+      } catch (error) {
+        return {
+          type: MaybeApplyPatch.PatchParseError,
+          error: error as Error,
+        }
+      }
+    }
+  }
+
+  return { type: MaybeApplyPatch.NotApplyPatch }
+}
+
+// File content manipulation
+interface ApplyPatchFileUpdate {
+  unified_diff: string
+  content: string
+}
+
+export function deriveNewContentsFromChunks(filePath: string, chunks: UpdateFileChunk[]): ApplyPatchFileUpdate {
+  // Read original file content
+  let originalContent: string
+  try {
+    originalContent = readFileSync(filePath, "utf-8")
+  } catch (error) {
+    throw new Error(`Failed to read file ${filePath}: ${error}`)
+  }
+
+  let originalLines = originalContent.split("\n")
+
+  // Drop trailing empty element for consistent line counting
+  if (originalLines.length > 0 && originalLines[originalLines.length - 1] === "") {
+    originalLines.pop()
+  }
+
+  const replacements = computeReplacements(originalLines, filePath, chunks)
+  let newLines = applyReplacements(originalLines, replacements)
+
+  // Ensure trailing newline
+  if (newLines.length === 0 || newLines[newLines.length - 1] !== "") {
+    newLines.push("")
+  }
+
+  const newContent = newLines.join("\n")
+
+  // Generate unified diff
+  const unifiedDiff = generateUnifiedDiff(originalContent, newContent)
+
+  return {
+    unified_diff: unifiedDiff,
+    content: newContent,
+  }
+}
+
+function computeReplacements(
+  originalLines: string[],
+  filePath: string,
+  chunks: UpdateFileChunk[],
+): Array<[number, number, string[]]> {
+  const replacements: Array<[number, number, string[]]> = []
+  let lineIndex = 0
+
+  for (const chunk of chunks) {
+    // Handle context-based seeking
+    if (chunk.change_context) {
+      const contextIdx = seekSequence(originalLines, [chunk.change_context], lineIndex)
+      if (contextIdx === -1) {
+        throw new Error(`Failed to find context '${chunk.change_context}' in ${filePath}`)
+      }
+      lineIndex = contextIdx + 1
+    }
+
+    // Handle pure addition (no old lines)
+    if (chunk.old_lines.length === 0) {
+      const insertionIdx =
+        originalLines.length > 0 && originalLines[originalLines.length - 1] === ""
+          ? originalLines.length - 1
+          : originalLines.length
+      replacements.push([insertionIdx, 0, chunk.new_lines])
+      continue
+    }
+
+    // Try to match old lines in the file
+    let pattern = chunk.old_lines
+    let newSlice = chunk.new_lines
+    let found = seekSequence(originalLines, pattern, lineIndex, chunk.is_end_of_file)
+
+    // Retry without trailing empty line if not found
+    if (found === -1 && pattern.length > 0 && pattern[pattern.length - 1] === "") {
+      pattern = pattern.slice(0, -1)
+      if (newSlice.length > 0 && newSlice[newSlice.length - 1] === "") {
+        newSlice = newSlice.slice(0, -1)
+      }
+      found = seekSequence(originalLines, pattern, lineIndex, chunk.is_end_of_file)
+    }
+
+    if (found !== -1) {
+      replacements.push([found, pattern.length, newSlice])
+      lineIndex = found + pattern.length
+    } else {
+      throw new Error(`Failed to find expected lines in ${filePath}:\n${chunk.old_lines.join("\n")}`)
+    }
+  }
+
+  // Sort replacements by index to apply in order
+  replacements.sort((a, b) => a[0] - b[0])
+
+  return replacements
+}
+
+function applyReplacements(lines: string[], replacements: Array<[number, number, string[]]>): string[] {
+  // Apply replacements in reverse order to avoid index shifting
+  const result = [...lines]
+
+  for (let i = replacements.length - 1; i >= 0; i--) {
+    const [startIdx, oldLen, newSegment] = replacements[i]
+
+    // Remove old lines
+    result.splice(startIdx, oldLen)
+
+    // Insert new lines
+    for (let j = 0; j < newSegment.length; j++) {
+      result.splice(startIdx + j, 0, newSegment[j])
+    }
+  }
+
+  return result
+}
+
+// Normalize Unicode punctuation to ASCII equivalents (like Rust's normalize_unicode)
+function normalizeUnicode(str: string): string {
+  return str
+    .replace(/[\u2018\u2019\u201A\u201B]/g, "'") // single quotes
+    .replace(/[\u201C\u201D\u201E\u201F]/g, '"') // double quotes
+    .replace(/[\u2010\u2011\u2012\u2013\u2014\u2015]/g, "-") // dashes
+    .replace(/\u2026/g, "...") // ellipsis
+    .replace(/\u00A0/g, " ") // non-breaking space
+}
+
+type Comparator = (a: string, b: string) => boolean
+
+function tryMatch(lines: string[], pattern: string[], startIndex: number, compare: Comparator, eof: boolean): number {
+  // If EOF anchor, try matching from end of file first
+  if (eof) {
+    const fromEnd = lines.length - pattern.length
+    if (fromEnd >= startIndex) {
+      let matches = true
+      for (let j = 0; j < pattern.length; j++) {
+        if (!compare(lines[fromEnd + j], pattern[j])) {
+          matches = false
+          break
+        }
+      }
+      if (matches) return fromEnd
+    }
+  }
+
+  // Forward search from startIndex
+  for (let i = startIndex; i <= lines.length - pattern.length; i++) {
+    let matches = true
+    for (let j = 0; j < pattern.length; j++) {
+      if (!compare(lines[i + j], pattern[j])) {
+        matches = false
+        break
+      }
+    }
+    if (matches) return i
+  }
+
+  return -1
+}
+
+function seekSequence(lines: string[], pattern: string[], startIndex: number, eof = false): number {
+  if (pattern.length === 0) return -1
+
+  // Pass 1: exact match
+  const exact = tryMatch(lines, pattern, startIndex, (a, b) => a === b, eof)
+  if (exact !== -1) return exact
+
+  // Pass 2: rstrip (trim trailing whitespace)
+  const rstrip = tryMatch(lines, pattern, startIndex, (a, b) => a.trimEnd() === b.trimEnd(), eof)
+  if (rstrip !== -1) return rstrip
+
+  // Pass 3: trim (both ends)
+  const trim = tryMatch(lines, pattern, startIndex, (a, b) => a.trim() === b.trim(), eof)
+  if (trim !== -1) return trim
+
+  // Pass 4: normalized (Unicode punctuation to ASCII)
+  const normalized = tryMatch(
+    lines,
+    pattern,
+    startIndex,
+    (a, b) => normalizeUnicode(a.trim()) === normalizeUnicode(b.trim()),
+    eof,
+  )
+  return normalized
+}
+
+function generateUnifiedDiff(oldContent: string, newContent: string): string {
+  const oldLines = oldContent.split("\n")
+  const newLines = newContent.split("\n")
+
+  // Simple diff generation - in a real implementation you'd use a proper diff algorithm
+  let diff = "@@ -1 +1 @@\n"
+
+  // Find changes (simplified approach)
+  const maxLen = Math.max(oldLines.length, newLines.length)
+  let hasChanges = false
+
+  for (let i = 0; i < maxLen; i++) {
+    const oldLine = oldLines[i] || ""
+    const newLine = newLines[i] || ""
+
+    if (oldLine !== newLine) {
+      if (oldLine) diff += `-${oldLine}\n`
+      if (newLine) diff += `+${newLine}\n`
+      hasChanges = true
+    } else if (oldLine) {
+      diff += ` ${oldLine}\n`
+    }
+  }
+
+  return hasChanges ? diff : ""
+}
+
+// Apply hunks to filesystem
+export async function applyHunksToFiles(hunks: Hunk[]): Promise<AffectedPaths> {
+  if (hunks.length === 0) {
+    throw new Error("No files were modified.")
+  }
+
+  const added: string[] = []
+  const modified: string[] = []
+  const deleted: string[] = []
+
+  for (const hunk of hunks) {
+    switch (hunk.type) {
+      case "add":
+        // Create parent directories
+        const addDir = path.dirname(hunk.path)
+        if (addDir !== "." && addDir !== "/") {
+          await fs.mkdir(addDir, { recursive: true })
+        }
+
+        await fs.writeFile(hunk.path, hunk.contents, "utf-8")
+        added.push(hunk.path)
+        log.info(`Added file: ${hunk.path}`)
+        break
+
+      case "delete":
+        await fs.unlink(hunk.path)
+        deleted.push(hunk.path)
+        log.info(`Deleted file: ${hunk.path}`)
+        break
+
+      case "update":
+        const fileUpdate = deriveNewContentsFromChunks(hunk.path, hunk.chunks)
+
+        if (hunk.move_path) {
+          // Handle file move
+          const moveDir = path.dirname(hunk.move_path)
+          if (moveDir !== "." && moveDir !== "/") {
+            await fs.mkdir(moveDir, { recursive: true })
+          }
+
+          await fs.writeFile(hunk.move_path, fileUpdate.content, "utf-8")
+          await fs.unlink(hunk.path)
+          modified.push(hunk.move_path)
+          log.info(`Moved file: ${hunk.path} -> ${hunk.move_path}`)
+        } else {
+          // Regular update
+          await fs.writeFile(hunk.path, fileUpdate.content, "utf-8")
+          modified.push(hunk.path)
+          log.info(`Updated file: ${hunk.path}`)
+        }
+        break
+    }
+  }
+
+  return { added, modified, deleted }
+}
+
+// Main patch application function
+export async function applyPatch(patchText: string): Promise<AffectedPaths> {
+  const { hunks } = parsePatch(patchText)
+  return applyHunksToFiles(hunks)
+}
+
+// Async version of maybeParseApplyPatchVerified
+export async function maybeParseApplyPatchVerified(
+  argv: string[],
+  cwd: string,
+): Promise<
+  | { type: MaybeApplyPatchVerified.Body; action: ApplyPatchAction }
+  | { type: MaybeApplyPatchVerified.CorrectnessError; error: Error }
+  | { type: MaybeApplyPatchVerified.NotApplyPatch }
+> {
+  // Detect implicit patch invocation (raw patch without apply_patch command)
+  if (argv.length === 1) {
+    try {
+      parsePatch(argv[0])
+      return {
+        type: MaybeApplyPatchVerified.CorrectnessError,
+        error: new Error(ApplyPatchError.ImplicitInvocation),
+      }
+    } catch {
+      // Not a patch, continue
+    }
+  }
+
+  const result = maybeParseApplyPatch(argv)
+
+  switch (result.type) {
+    case MaybeApplyPatch.Body:
+      const { args } = result
+      const effectiveCwd = args.workdir ? path.resolve(cwd, args.workdir) : cwd
+      const changes = new Map<string, ApplyPatchFileChange>()
+
+      for (const hunk of args.hunks) {
+        const resolvedPath = path.resolve(
+          effectiveCwd,
+          hunk.type === "update" && hunk.move_path ? hunk.move_path : hunk.path,
+        )
+
+        switch (hunk.type) {
+          case "add":
+            changes.set(resolvedPath, {
+              type: "add",
+              content: hunk.contents,
+            })
+            break
+
+          case "delete":
+            // For delete, we need to read the current content
+            const deletePath = path.resolve(effectiveCwd, hunk.path)
+            try {
+              const content = await fs.readFile(deletePath, "utf-8")
+              changes.set(resolvedPath, {
+                type: "delete",
+                content,
+              })
+            } catch {
+              return {
+                type: MaybeApplyPatchVerified.CorrectnessError,
+                error: new Error(`Failed to read file for deletion: ${deletePath}`),
+              }
+            }
+            break
+
+          case "update":
+            const updatePath = path.resolve(effectiveCwd, hunk.path)
+            try {
+              const fileUpdate = deriveNewContentsFromChunks(updatePath, hunk.chunks)
+              changes.set(resolvedPath, {
+                type: "update",
+                unified_diff: fileUpdate.unified_diff,
+                move_path: hunk.move_path ? path.resolve(effectiveCwd, hunk.move_path) : undefined,
+                new_content: fileUpdate.content,
+              })
+            } catch (error) {
+              return {
+                type: MaybeApplyPatchVerified.CorrectnessError,
+                error: error as Error,
+              }
+            }
+            break
+        }
+      }
+
+      return {
+        type: MaybeApplyPatchVerified.Body,
+        action: {
+          changes,
+          patch: args.patch,
+          cwd: effectiveCwd,
+        },
+      }
+
+    case MaybeApplyPatch.PatchParseError:
+      return {
+        type: MaybeApplyPatchVerified.CorrectnessError,
+        error: result.error,
+      }
+
+    case MaybeApplyPatch.NotApplyPatch:
+      return { type: MaybeApplyPatchVerified.NotApplyPatch }
+  }
+}

packages/opencode/src/permission/index.ts

@@ -1,325 +1 @@
-import { Bus } from "@/bus"
-import { BusEvent } from "@/bus/bus-event"
-import { Config } from "@/config"
-import { InstanceState } from "@/effect/instance-state"
-import { ProjectID } from "@/project/schema"
-import { MessageID, SessionID } from "@/session/schema"
-import { PermissionTable } from "@/session/session.sql"
-import { Database, eq } from "@/storage/db"
-import { zod } from "@/util/effect-zod"
-import { Log } from "@/util/log"
-import { withStatics } from "@/util/schema"
-import { Wildcard } from "@/util/wildcard"
-import { Deferred, Effect, Layer, Schema, Context } from "effect"
-import os from "os"
-import { evaluate as evalRule } from "./evaluate"
-import { PermissionID } from "./schema"
-
-export namespace Permission {
-  const log = Log.create({ service: "permission" })
-
-  export const Action = Schema.Literals(["allow", "deny", "ask"])
-    .annotate({ identifier: "PermissionAction" })
-    .pipe(withStatics((s) => ({ zod: zod(s) })))
-  export type Action = Schema.Schema.Type<typeof Action>
-
-  export class Rule extends Schema.Class<Rule>("PermissionRule")({
-    permission: Schema.String,
-    pattern: Schema.String,
-    action: Action,
-  }) {
-    static readonly zod = zod(this)
-  }
-
-  export const Ruleset = Schema.mutable(Schema.Array(Rule))
-    .annotate({ identifier: "PermissionRuleset" })
-    .pipe(withStatics((s) => ({ zod: zod(s) })))
-  export type Ruleset = Schema.Schema.Type<typeof Ruleset>
-
-  export class Request extends Schema.Class<Request>("PermissionRequest")({
-    id: PermissionID,
-    sessionID: SessionID,
-    permission: Schema.String,
-    patterns: Schema.Array(Schema.String),
-    metadata: Schema.Record(Schema.String, Schema.Unknown),
-    always: Schema.Array(Schema.String),
-    tool: Schema.optional(
-      Schema.Struct({
-        messageID: MessageID,
-        callID: Schema.String,
-      }),
-    ),
-  }) {
-    static readonly zod = zod(this)
-  }
-
-  export const Reply = Schema.Literals(["once", "always", "reject"]).pipe(withStatics((s) => ({ zod: zod(s) })))
-  export type Reply = Schema.Schema.Type<typeof Reply>
-
-  const reply = {
-    reply: Reply,
-    message: Schema.optional(Schema.String),
-  }
-
-  export const ReplyBody = Schema.Struct(reply)
-    .annotate({ identifier: "PermissionReplyBody" })
-    .pipe(withStatics((s) => ({ zod: zod(s) })))
-  export type ReplyBody = Schema.Schema.Type<typeof ReplyBody>
-
-  export class Approval extends Schema.Class<Approval>("PermissionApproval")({
-    projectID: ProjectID,
-    patterns: Schema.Array(Schema.String),
-  }) {
-    static readonly zod = zod(this)
-  }
-
-  export const Event = {
-    Asked: BusEvent.define("permission.asked", Request.zod),
-    Replied: BusEvent.define(
-      "permission.replied",
-      zod(
-        Schema.Struct({
-          sessionID: SessionID,
-          requestID: PermissionID,
-          reply: Reply,
-        }),
-      ),
-    ),
-  }
-
-  export class RejectedError extends Schema.TaggedErrorClass<RejectedError>()("PermissionRejectedError", {}) {
-    override get message() {
-      return "The user rejected permission to use this specific tool call."
-    }
-  }
-
-  export class CorrectedError extends Schema.TaggedErrorClass<CorrectedError>()("PermissionCorrectedError", {
-    feedback: Schema.String,
-  }) {
-    override get message() {
-      return `The user rejected permission to use this specific tool call with the following feedback: ${this.feedback}`
-    }
-  }
-
-  export class DeniedError extends Schema.TaggedErrorClass<DeniedError>()("PermissionDeniedError", {
-    ruleset: Schema.Any,
-  }) {
-    override get message() {
-      return `The user has specified a rule which prevents you from using this specific tool call. Here are some of the relevant rules ${JSON.stringify(this.ruleset)}`
-    }
-  }
-
-  export type Error = DeniedError | RejectedError | CorrectedError
-
-  export const AskInput = Schema.Struct({
-    ...Request.fields,
-    id: Schema.optional(PermissionID),
-    ruleset: Ruleset,
-  })
-    .annotate({ identifier: "PermissionAskInput" })
-    .pipe(withStatics((s) => ({ zod: zod(s) })))
-  export type AskInput = Schema.Schema.Type<typeof AskInput>
-
-  export const ReplyInput = Schema.Struct({
-    requestID: PermissionID,
-    ...reply,
-  })
-    .annotate({ identifier: "PermissionReplyInput" })
-    .pipe(withStatics((s) => ({ zod: zod(s) })))
-  export type ReplyInput = Schema.Schema.Type<typeof ReplyInput>
-
-  export interface Interface {
-    readonly ask: (input: AskInput) => Effect.Effect<void, Error>
-    readonly reply: (input: ReplyInput) => Effect.Effect<void>
-    readonly list: () => Effect.Effect<ReadonlyArray<Request>>
-  }
-
-  interface PendingEntry {
-    info: Request
-    deferred: Deferred.Deferred<void, RejectedError | CorrectedError>
-  }
-
-  interface State {
-    pending: Map<PermissionID, PendingEntry>
-    approved: Ruleset
-  }
-
-  export function evaluate(permission: string, pattern: string, ...rulesets: Ruleset[]): Rule {
-    log.info("evaluate", { permission, pattern, ruleset: rulesets.flat() })
-    return evalRule(permission, pattern, ...rulesets)
-  }
-
-  export class Service extends Context.Service<Service, Interface>()("@opencode/Permission") {}
-
-  export const layer = Layer.effect(
-    Service,
-    Effect.gen(function* () {
-      const bus = yield* Bus.Service
-      const state = yield* InstanceState.make<State>(
-        Effect.fn("Permission.state")(function* (ctx) {
-          const row = Database.use((db) =>
-            db.select().from(PermissionTable).where(eq(PermissionTable.project_id, ctx.project.id)).get(),
-          )
-          const state = {
-            pending: new Map<PermissionID, PendingEntry>(),
-            approved: row?.data ?? [],
-          }
-
-          yield* Effect.addFinalizer(() =>
-            Effect.gen(function* () {
-              for (const item of state.pending.values()) {
-                yield* Deferred.fail(item.deferred, new RejectedError())
-              }
-              state.pending.clear()
-            }),
-          )
-
-          return state
-        }),
-      )
-
-      const ask = Effect.fn("Permission.ask")(function* (input: AskInput) {
-        const { approved, pending } = yield* InstanceState.get(state)
-        const { ruleset, ...request } = input
-        let needsAsk = false
-
-        for (const pattern of request.patterns) {
-          const rule = evaluate(request.permission, pattern, ruleset, approved)
-          log.info("evaluated", { permission: request.permission, pattern, action: rule })
-          if (rule.action === "deny") {
-            return yield* new DeniedError({
-              ruleset: ruleset.filter((rule) => Wildcard.match(request.permission, rule.permission)),
-            })
-          }
-          if (rule.action === "allow") continue
-          needsAsk = true
-        }
-
-        if (!needsAsk) return
-
-        const id = request.id ?? PermissionID.ascending()
-        const info = Schema.decodeUnknownSync(Request)({
-          id,
-          ...request,
-        })
-        log.info("asking", { id, permission: info.permission, patterns: info.patterns })
-
-        const deferred = yield* Deferred.make<void, RejectedError | CorrectedError>()
-        pending.set(id, { info, deferred })
-        yield* bus.publish(Event.Asked, info)
-        return yield* Effect.ensuring(
-          Deferred.await(deferred),
-          Effect.sync(() => {
-            pending.delete(id)
-          }),
-        )
-      })
-
-      const reply = Effect.fn("Permission.reply")(function* (input: ReplyInput) {
-        const { approved, pending } = yield* InstanceState.get(state)
-        const existing = pending.get(input.requestID)
-        if (!existing) return
-
-        pending.delete(input.requestID)
-        yield* bus.publish(Event.Replied, {
-          sessionID: existing.info.sessionID,
-          requestID: existing.info.id,
-          reply: input.reply,
-        })
-
-        if (input.reply === "reject") {
-          yield* Deferred.fail(
-            existing.deferred,
-            input.message ? new CorrectedError({ feedback: input.message }) : new RejectedError(),
-          )
-
-          for (const [id, item] of pending.entries()) {
-            if (item.info.sessionID !== existing.info.sessionID) continue
-            pending.delete(id)
-            yield* bus.publish(Event.Replied, {
-              sessionID: item.info.sessionID,
-              requestID: item.info.id,
-              reply: "reject",
-            })
-            yield* Deferred.fail(item.deferred, new RejectedError())
-          }
-          return
-        }
-
-        yield* Deferred.succeed(existing.deferred, undefined)
-        if (input.reply === "once") return
-
-        for (const pattern of existing.info.always) {
-          approved.push({
-            permission: existing.info.permission,
-            pattern,
-            action: "allow",
-          })
-        }
-
-        for (const [id, item] of pending.entries()) {
-          if (item.info.sessionID !== existing.info.sessionID) continue
-          const ok = item.info.patterns.every(
-            (pattern) => evaluate(item.info.permission, pattern, approved).action === "allow",
-          )
-          if (!ok) continue
-          pending.delete(id)
-          yield* bus.publish(Event.Replied, {
-            sessionID: item.info.sessionID,
-            requestID: item.info.id,
-            reply: "always",
-          })
-          yield* Deferred.succeed(item.deferred, undefined)
-        }
-      })
-
-      const list = Effect.fn("Permission.list")(function* () {
-        const pending = (yield* InstanceState.get(state)).pending
-        return Array.from(pending.values(), (item) => item.info)
-      })
-
-      return Service.of({ ask, reply, list })
-    }),
-  )
-
-  function expand(pattern: string): string {
-    if (pattern.startsWith("~/")) return os.homedir() + pattern.slice(1)
-    if (pattern === "~") return os.homedir()
-    if (pattern.startsWith("$HOME/")) return os.homedir() + pattern.slice(5)
-    if (pattern.startsWith("$HOME")) return os.homedir() + pattern.slice(5)
-    return pattern
-  }
-
-  export function fromConfig(permission: Config.Permission) {
-    const ruleset: Ruleset = []
-    for (const [key, value] of Object.entries(permission)) {
-      if (typeof value === "string") {
-        ruleset.push({ permission: key, action: value, pattern: "*" })
-        continue
-      }
-      ruleset.push(
-        ...Object.entries(value).map(([pattern, action]) => ({ permission: key, pattern: expand(pattern), action })),
-      )
-    }
-    return ruleset
-  }
-
-  export function merge(...rulesets: Ruleset[]): Ruleset {
-    return rulesets.flat()
-  }
-
-  const EDIT_TOOLS = ["edit", "write", "apply_patch", "multiedit"]
-
-  export function disabled(tools: string[], ruleset: Ruleset): Set<string> {
-    const result = new Set<string>()
-    for (const tool of tools) {
-      const permission = EDIT_TOOLS.includes(tool) ? "edit" : tool
-      const rule = ruleset.findLast((rule) => Wildcard.match(permission, rule.permission))
-      if (!rule) continue
-      if (rule.pattern === "*" && rule.action === "deny") result.add(tool)
-    }
-    return result
-  }
-
-  export const defaultLayer = layer.pipe(Layer.provide(Bus.layer))
-}
+export * as Permission from "./permission"

packages/opencode/src/permission/permission.ts

@@ -0,0 +1,323 @@
+import { Bus } from "@/bus"
+import { BusEvent } from "@/bus/bus-event"
+import { Config } from "@/config"
+import { InstanceState } from "@/effect/instance-state"
+import { ProjectID } from "@/project/schema"
+import { MessageID, SessionID } from "@/session/schema"
+import { PermissionTable } from "@/session/session.sql"
+import { Database, eq } from "@/storage/db"
+import { zod } from "@/util/effect-zod"
+import { Log } from "@/util/log"
+import { withStatics } from "@/util/schema"
+import { Wildcard } from "@/util/wildcard"
+import { Deferred, Effect, Layer, Schema, Context } from "effect"
+import os from "os"
+import { evaluate as evalRule } from "./evaluate"
+import { PermissionID } from "./schema"
+
+const log = Log.create({ service: "permission" })
+
+export const Action = Schema.Literals(["allow", "deny", "ask"])
+  .annotate({ identifier: "PermissionAction" })
+  .pipe(withStatics((s) => ({ zod: zod(s) })))
+export type Action = Schema.Schema.Type<typeof Action>
+
+export class Rule extends Schema.Class<Rule>("PermissionRule")({
+  permission: Schema.String,
+  pattern: Schema.String,
+  action: Action,
+}) {
+  static readonly zod = zod(this)
+}
+
+export const Ruleset = Schema.mutable(Schema.Array(Rule))
+  .annotate({ identifier: "PermissionRuleset" })
+  .pipe(withStatics((s) => ({ zod: zod(s) })))
+export type Ruleset = Schema.Schema.Type<typeof Ruleset>
+
+export class Request extends Schema.Class<Request>("PermissionRequest")({
+  id: PermissionID,
+  sessionID: SessionID,
+  permission: Schema.String,
+  patterns: Schema.Array(Schema.String),
+  metadata: Schema.Record(Schema.String, Schema.Unknown),
+  always: Schema.Array(Schema.String),
+  tool: Schema.optional(
+    Schema.Struct({
+      messageID: MessageID,
+      callID: Schema.String,
+    }),
+  ),
+}) {
+  static readonly zod = zod(this)
+}
+
+export const Reply = Schema.Literals(["once", "always", "reject"]).pipe(withStatics((s) => ({ zod: zod(s) })))
+export type Reply = Schema.Schema.Type<typeof Reply>
+
+const reply = {
+  reply: Reply,
+  message: Schema.optional(Schema.String),
+}
+
+export const ReplyBody = Schema.Struct(reply)
+  .annotate({ identifier: "PermissionReplyBody" })
+  .pipe(withStatics((s) => ({ zod: zod(s) })))
+export type ReplyBody = Schema.Schema.Type<typeof ReplyBody>
+
+export class Approval extends Schema.Class<Approval>("PermissionApproval")({
+  projectID: ProjectID,
+  patterns: Schema.Array(Schema.String),
+}) {
+  static readonly zod = zod(this)
+}
+
+export const Event = {
+  Asked: BusEvent.define("permission.asked", Request.zod),
+  Replied: BusEvent.define(
+    "permission.replied",
+    zod(
+      Schema.Struct({
+        sessionID: SessionID,
+        requestID: PermissionID,
+        reply: Reply,
+      }),
+    ),
+  ),
+}
+
+export class RejectedError extends Schema.TaggedErrorClass<RejectedError>()("PermissionRejectedError", {}) {
+  override get message() {
+    return "The user rejected permission to use this specific tool call."
+  }
+}
+
+export class CorrectedError extends Schema.TaggedErrorClass<CorrectedError>()("PermissionCorrectedError", {
+  feedback: Schema.String,
+}) {
+  override get message() {
+    return `The user rejected permission to use this specific tool call with the following feedback: ${this.feedback}`
+  }
+}
+
+export class DeniedError extends Schema.TaggedErrorClass<DeniedError>()("PermissionDeniedError", {
+  ruleset: Schema.Any,
+}) {
+  override get message() {
+    return `The user has specified a rule which prevents you from using this specific tool call. Here are some of the relevant rules ${JSON.stringify(this.ruleset)}`
+  }
+}
+
+export type Error = DeniedError | RejectedError | CorrectedError
+
+export const AskInput = Schema.Struct({
+  ...Request.fields,
+  id: Schema.optional(PermissionID),
+  ruleset: Ruleset,
+})
+  .annotate({ identifier: "PermissionAskInput" })
+  .pipe(withStatics((s) => ({ zod: zod(s) })))
+export type AskInput = Schema.Schema.Type<typeof AskInput>
+
+export const ReplyInput = Schema.Struct({
+  requestID: PermissionID,
+  ...reply,
+})
+  .annotate({ identifier: "PermissionReplyInput" })
+  .pipe(withStatics((s) => ({ zod: zod(s) })))
+export type ReplyInput = Schema.Schema.Type<typeof ReplyInput>
+
+export interface Interface {
+  readonly ask: (input: AskInput) => Effect.Effect<void, Error>
+  readonly reply: (input: ReplyInput) => Effect.Effect<void>
+  readonly list: () => Effect.Effect<ReadonlyArray<Request>>
+}
+
+interface PendingEntry {
+  info: Request
+  deferred: Deferred.Deferred<void, RejectedError | CorrectedError>
+}
+
+interface State {
+  pending: Map<PermissionID, PendingEntry>
+  approved: Ruleset
+}
+
+export function evaluate(permission: string, pattern: string, ...rulesets: Ruleset[]): Rule {
+  log.info("evaluate", { permission, pattern, ruleset: rulesets.flat() })
+  return evalRule(permission, pattern, ...rulesets)
+}
+
+export class Service extends Context.Service<Service, Interface>()("@opencode/Permission") {}
+
+export const layer = Layer.effect(
+  Service,
+  Effect.gen(function* () {
+    const bus = yield* Bus.Service
+    const state = yield* InstanceState.make<State>(
+      Effect.fn("Permission.state")(function* (ctx) {
+        const row = Database.use((db) =>
+          db.select().from(PermissionTable).where(eq(PermissionTable.project_id, ctx.project.id)).get(),
+        )
+        const state = {
+          pending: new Map<PermissionID, PendingEntry>(),
+          approved: row?.data ?? [],
+        }
+
+        yield* Effect.addFinalizer(() =>
+          Effect.gen(function* () {
+            for (const item of state.pending.values()) {
+              yield* Deferred.fail(item.deferred, new RejectedError())
+            }
+            state.pending.clear()
+          }),
+        )
+
+        return state
+      }),
+    )
+
+    const ask = Effect.fn("Permission.ask")(function* (input: AskInput) {
+      const { approved, pending } = yield* InstanceState.get(state)
+      const { ruleset, ...request } = input
+      let needsAsk = false
+
+      for (const pattern of request.patterns) {
+        const rule = evaluate(request.permission, pattern, ruleset, approved)
+        log.info("evaluated", { permission: request.permission, pattern, action: rule })
+        if (rule.action === "deny") {
+          return yield* new DeniedError({
+            ruleset: ruleset.filter((rule) => Wildcard.match(request.permission, rule.permission)),
+          })
+        }
+        if (rule.action === "allow") continue
+        needsAsk = true
+      }
+
+      if (!needsAsk) return
+
+      const id = request.id ?? PermissionID.ascending()
+      const info = Schema.decodeUnknownSync(Request)({
+        id,
+        ...request,
+      })
+      log.info("asking", { id, permission: info.permission, patterns: info.patterns })
+
+      const deferred = yield* Deferred.make<void, RejectedError | CorrectedError>()
+      pending.set(id, { info, deferred })
+      yield* bus.publish(Event.Asked, info)
+      return yield* Effect.ensuring(
+        Deferred.await(deferred),
+        Effect.sync(() => {
+          pending.delete(id)
+        }),
+      )
+    })
+
+    const reply = Effect.fn("Permission.reply")(function* (input: ReplyInput) {
+      const { approved, pending } = yield* InstanceState.get(state)
+      const existing = pending.get(input.requestID)
+      if (!existing) return
+
+      pending.delete(input.requestID)
+      yield* bus.publish(Event.Replied, {
+        sessionID: existing.info.sessionID,
+        requestID: existing.info.id,
+        reply: input.reply,
+      })
+
+      if (input.reply === "reject") {
+        yield* Deferred.fail(
+          existing.deferred,
+          input.message ? new CorrectedError({ feedback: input.message }) : new RejectedError(),
+        )
+
+        for (const [id, item] of pending.entries()) {
+          if (item.info.sessionID !== existing.info.sessionID) continue
+          pending.delete(id)
+          yield* bus.publish(Event.Replied, {
+            sessionID: item.info.sessionID,
+            requestID: item.info.id,
+            reply: "reject",
+          })
+          yield* Deferred.fail(item.deferred, new RejectedError())
+        }
+        return
+      }
+
+      yield* Deferred.succeed(existing.deferred, undefined)
+      if (input.reply === "once") return
+
+      for (const pattern of existing.info.always) {
+        approved.push({
+          permission: existing.info.permission,
+          pattern,
+          action: "allow",
+        })
+      }
+
+      for (const [id, item] of pending.entries()) {
+        if (item.info.sessionID !== existing.info.sessionID) continue
+        const ok = item.info.patterns.every(
+          (pattern) => evaluate(item.info.permission, pattern, approved).action === "allow",
+        )
+        if (!ok) continue
+        pending.delete(id)
+        yield* bus.publish(Event.Replied, {
+          sessionID: item.info.sessionID,
+          requestID: item.info.id,
+          reply: "always",
+        })
+        yield* Deferred.succeed(item.deferred, undefined)
+      }
+    })
+
+    const list = Effect.fn("Permission.list")(function* () {
+      const pending = (yield* InstanceState.get(state)).pending
+      return Array.from(pending.values(), (item) => item.info)
+    })
+
+    return Service.of({ ask, reply, list })
+  }),
+)
+
+function expand(pattern: string): string {
+  if (pattern.startsWith("~/")) return os.homedir() + pattern.slice(1)
+  if (pattern === "~") return os.homedir()
+  if (pattern.startsWith("$HOME/")) return os.homedir() + pattern.slice(5)
+  if (pattern.startsWith("$HOME")) return os.homedir() + pattern.slice(5)
+  return pattern
+}
+
+export function fromConfig(permission: Config.Permission) {
+  const ruleset: Ruleset = []
+  for (const [key, value] of Object.entries(permission)) {
+    if (typeof value === "string") {
+      ruleset.push({ permission: key, action: value, pattern: "*" })
+      continue
+    }
+    ruleset.push(
+      ...Object.entries(value).map(([pattern, action]) => ({ permission: key, pattern: expand(pattern), action })),
+    )
+  }
+  return ruleset
+}
+
+export function merge(...rulesets: Ruleset[]): Ruleset {
+  return rulesets.flat()
+}
+
+const EDIT_TOOLS = ["edit", "write", "apply_patch", "multiedit"]
+
+export function disabled(tools: string[], ruleset: Ruleset): Set<string> {
+  const result = new Set<string>()
+  for (const tool of tools) {
+    const permission = EDIT_TOOLS.includes(tool) ? "edit" : tool
+    const rule = ruleset.findLast((rule) => Wildcard.match(permission, rule.permission))
+    if (!rule) continue
+    if (rule.pattern === "*" && rule.action === "deny") result.add(tool)
+  }
+  return result
+}
+
+export const defaultLayer = layer.pipe(Layer.provide(Bus.layer))

packages/opencode/src/plugin/index.ts

@@ -1,289 +1 @@
-import type {
-  Hooks,
-  PluginInput,
-  Plugin as PluginInstance,
-  PluginModule,
-  WorkspaceAdaptor as PluginWorkspaceAdaptor,
-} from "@opencode-ai/plugin"
-import { Config } from "../config"
-import { Bus } from "../bus"
-import { Log } from "../util/log"
-import { createOpencodeClient } from "@opencode-ai/sdk"
-import { Flag } from "../flag/flag"
-import { CodexAuthPlugin } from "./codex"
-import { Session } from "../session"
-import { NamedError } from "@opencode-ai/shared/util/error"
-import { CopilotAuthPlugin } from "./github-copilot/copilot"
-import { gitlabAuthPlugin as GitlabAuthPlugin } from "opencode-gitlab-auth"
-import { PoeAuthPlugin } from "opencode-poe-auth"
-import { CloudflareAIGatewayAuthPlugin, CloudflareWorkersAuthPlugin } from "./cloudflare"
-import { Effect, Layer, Context, Stream } from "effect"
-import { EffectBridge } from "@/effect/bridge"
-import { InstanceState } from "@/effect/instance-state"
-import { errorMessage } from "@/util/error"
-import { PluginLoader } from "./loader"
-import { parsePluginSpecifier, readPluginId, readV1Plugin, resolvePluginId } from "./shared"
-import { registerAdaptor } from "@/control-plane/adaptors"
-import type { WorkspaceAdaptor } from "@/control-plane/types"
-
-export namespace Plugin {
-  const log = Log.create({ service: "plugin" })
-
-  type State = {
-    hooks: Hooks[]
-  }
-
-  // Hook names that follow the (input, output) => Promise<void> trigger pattern
-  type TriggerName = {
-    [K in keyof Hooks]-?: NonNullable<Hooks[K]> extends (input: any, output: any) => Promise<void> ? K : never
-  }[keyof Hooks]
-
-  export interface Interface {
-    readonly trigger: <
-      Name extends TriggerName,
-      Input = Parameters<Required<Hooks>[Name]>[0],
-      Output = Parameters<Required<Hooks>[Name]>[1],
-    >(
-      name: Name,
-      input: Input,
-      output: Output,
-    ) => Effect.Effect<Output>
-    readonly list: () => Effect.Effect<Hooks[]>
-    readonly init: () => Effect.Effect<void>
-  }
-
-  export class Service extends Context.Service<Service, Interface>()("@opencode/Plugin") {}
-
-  // Built-in plugins that are directly imported (not installed from npm)
-  const INTERNAL_PLUGINS: PluginInstance[] = [
-    CodexAuthPlugin,
-    CopilotAuthPlugin,
-    GitlabAuthPlugin,
-    PoeAuthPlugin,
-    CloudflareWorkersAuthPlugin,
-    CloudflareAIGatewayAuthPlugin,
-  ]
-
-  function isServerPlugin(value: unknown): value is PluginInstance {
-    return typeof value === "function"
-  }
-
-  function getServerPlugin(value: unknown) {
-    if (isServerPlugin(value)) return value
-    if (!value || typeof value !== "object" || !("server" in value)) return
-    if (!isServerPlugin(value.server)) return
-    return value.server
-  }
-
-  function getLegacyPlugins(mod: Record<string, unknown>) {
-    const seen = new Set<unknown>()
-    const result: PluginInstance[] = []
-
-    for (const entry of Object.values(mod)) {
-      if (seen.has(entry)) continue
-      seen.add(entry)
-      const plugin = getServerPlugin(entry)
-      if (!plugin) throw new TypeError("Plugin export is not a function")
-      result.push(plugin)
-    }
-
-    return result
-  }
-
-  async function applyPlugin(load: PluginLoader.Loaded, input: PluginInput, hooks: Hooks[]) {
-    const plugin = readV1Plugin(load.mod, load.spec, "server", "detect")
-    if (plugin) {
-      await resolvePluginId(load.source, load.spec, load.target, readPluginId(plugin.id, load.spec), load.pkg)
-      hooks.push(await (plugin as PluginModule).server(input, load.options))
-      return
-    }
-
-    for (const server of getLegacyPlugins(load.mod)) {
-      hooks.push(await server(input, load.options))
-    }
-  }
-
-  export const layer = Layer.effect(
-    Service,
-    Effect.gen(function* () {
-      const bus = yield* Bus.Service
-      const config = yield* Config.Service
-
-      const state = yield* InstanceState.make<State>(
-        Effect.fn("Plugin.state")(function* (ctx) {
-          const hooks: Hooks[] = []
-          const bridge = yield* EffectBridge.make()
-
-          function publishPluginError(message: string) {
-            bridge.fork(bus.publish(Session.Event.Error, { error: new NamedError.Unknown({ message }).toObject() }))
-          }
-
-          const { Server } = yield* Effect.promise(() => import("../server/server"))
-
-          const client = createOpencodeClient({
-            baseUrl: "http://localhost:4096",
-            directory: ctx.directory,
-            headers: Flag.OPENCODE_SERVER_PASSWORD
-              ? {
-                  Authorization: `Basic ${Buffer.from(`${Flag.OPENCODE_SERVER_USERNAME ?? "opencode"}:${Flag.OPENCODE_SERVER_PASSWORD}`).toString("base64")}`,
-                }
-              : undefined,
-            fetch: async (...args) => (await Server.Default()).app.fetch(...args),
-          })
-          const cfg = yield* config.get()
-          const input: PluginInput = {
-            client,
-            project: ctx.project,
-            worktree: ctx.worktree,
-            directory: ctx.directory,
-            experimental_workspace: {
-              register(type: string, adaptor: PluginWorkspaceAdaptor) {
-                registerAdaptor(ctx.project.id, type, adaptor as WorkspaceAdaptor)
-              },
-            },
-            get serverUrl(): URL {
-              return Server.url ?? new URL("http://localhost:4096")
-            },
-            // @ts-expect-error
-            $: typeof Bun === "undefined" ? undefined : Bun.$,
-          }
-
-          for (const plugin of INTERNAL_PLUGINS) {
-            log.info("loading internal plugin", { name: plugin.name })
-            const init = yield* Effect.tryPromise({
-              try: () => plugin(input),
-              catch: (err) => {
-                log.error("failed to load internal plugin", { name: plugin.name, error: err })
-              },
-            }).pipe(Effect.option)
-            if (init._tag === "Some") hooks.push(init.value)
-          }
-
-          const plugins = Flag.OPENCODE_PURE ? [] : (cfg.plugin_origins ?? [])
-          if (Flag.OPENCODE_PURE && cfg.plugin_origins?.length) {
-            log.info("skipping external plugins in pure mode", { count: cfg.plugin_origins.length })
-          }
-          if (plugins.length) yield* config.waitForDependencies()
-
-          const loaded = yield* Effect.promise(() =>
-            PluginLoader.loadExternal({
-              items: plugins,
-              kind: "server",
-              report: {
-                start(candidate) {
-                  log.info("loading plugin", { path: candidate.plan.spec })
-                },
-                missing(candidate, _retry, message) {
-                  log.warn("plugin has no server entrypoint", { path: candidate.plan.spec, message })
-                },
-                error(candidate, _retry, stage, error, resolved) {
-                  const spec = candidate.plan.spec
-                  const cause = error instanceof Error ? (error.cause ?? error) : error
-                  const message = stage === "load" ? errorMessage(error) : errorMessage(cause)
-
-                  if (stage === "install") {
-                    const parsed = parsePluginSpecifier(spec)
-                    log.error("failed to install plugin", { pkg: parsed.pkg, version: parsed.version, error: message })
-                    publishPluginError(`Failed to install plugin ${parsed.pkg}@${parsed.version}: ${message}`)
-                    return
-                  }
-
-                  if (stage === "compatibility") {
-                    log.warn("plugin incompatible", { path: spec, error: message })
-                    publishPluginError(`Plugin ${spec} skipped: ${message}`)
-                    return
-                  }
-
-                  if (stage === "entry") {
-                    log.error("failed to resolve plugin server entry", { path: spec, error: message })
-                    publishPluginError(`Failed to load plugin ${spec}: ${message}`)
-                    return
-                  }
-
-                  log.error("failed to load plugin", { path: spec, target: resolved?.entry, error: message })
-                  publishPluginError(`Failed to load plugin ${spec}: ${message}`)
-                },
-              },
-            }),
-          )
-          for (const load of loaded) {
-            if (!load) continue
-
-            // Keep plugin execution sequential so hook registration and execution
-            // order remains deterministic across plugin runs.
-            yield* Effect.tryPromise({
-              try: () => applyPlugin(load, input, hooks),
-              catch: (err) => {
-                const message = errorMessage(err)
-                log.error("failed to load plugin", { path: load.spec, error: message })
-                return message
-              },
-            }).pipe(
-              Effect.catch(() => {
-                // TODO: make proper events for this
-                // bus.publish(Session.Event.Error, {
-                //   error: new NamedError.Unknown({
-                //     message: `Failed to load plugin ${load.spec}: ${message}`,
-                //   }).toObject(),
-                // })
-                return Effect.void
-              }),
-            )
-          }
-
-          // Notify plugins of current config
-          for (const hook of hooks) {
-            yield* Effect.tryPromise({
-              try: () => Promise.resolve((hook as any).config?.(cfg)),
-              catch: (err) => {
-                log.error("plugin config hook failed", { error: err })
-              },
-            }).pipe(Effect.ignore)
-          }
-
-          // Subscribe to bus events, fiber interrupted when scope closes
-          yield* bus.subscribeAll().pipe(
-            Stream.runForEach((input) =>
-              Effect.sync(() => {
-                for (const hook of hooks) {
-                  hook["event"]?.({ event: input as any })
-                }
-              }),
-            ),
-            Effect.forkScoped,
-          )
-
-          return { hooks }
-        }),
-      )
-
-      const trigger = Effect.fn("Plugin.trigger")(function* <
-        Name extends TriggerName,
-        Input = Parameters<Required<Hooks>[Name]>[0],
-        Output = Parameters<Required<Hooks>[Name]>[1],
-      >(name: Name, input: Input, output: Output) {
-        if (!name) return output
-        const s = yield* InstanceState.get(state)
-        for (const hook of s.hooks) {
-          const fn = hook[name] as any
-          if (!fn) continue
-          yield* Effect.promise(async () => fn(input, output))
-        }
-        return output
-      })
-
-      const list = Effect.fn("Plugin.list")(function* () {
-        const s = yield* InstanceState.get(state)
-        return s.hooks
-      })
-
-      const init = Effect.fn("Plugin.init")(function* () {
-        yield* InstanceState.get(state)
-      })
-
-      return Service.of({ trigger, list, init })
-    }),
-  )
-
-  export const defaultLayer = layer.pipe(Layer.provide(Bus.layer), Layer.provide(Config.defaultLayer))
-}
+export * as Plugin from "./plugin"

packages/opencode/src/plugin/plugin.ts

@@ -0,0 +1,287 @@
+import type {
+  Hooks,
+  PluginInput,
+  Plugin as PluginInstance,
+  PluginModule,
+  WorkspaceAdaptor as PluginWorkspaceAdaptor,
+} from "@opencode-ai/plugin"
+import { Config } from "../config"
+import { Bus } from "../bus"
+import { Log } from "../util/log"
+import { createOpencodeClient } from "@opencode-ai/sdk"
+import { Flag } from "../flag/flag"
+import { CodexAuthPlugin } from "./codex"
+import { Session } from "../session"
+import { NamedError } from "@opencode-ai/shared/util/error"
+import { CopilotAuthPlugin } from "./github-copilot/copilot"
+import { gitlabAuthPlugin as GitlabAuthPlugin } from "opencode-gitlab-auth"
+import { PoeAuthPlugin } from "opencode-poe-auth"
+import { CloudflareAIGatewayAuthPlugin, CloudflareWorkersAuthPlugin } from "./cloudflare"
+import { Effect, Layer, Context, Stream } from "effect"
+import { EffectBridge } from "@/effect/bridge"
+import { InstanceState } from "@/effect/instance-state"
+import { errorMessage } from "@/util/error"
+import { PluginLoader } from "./loader"
+import { parsePluginSpecifier, readPluginId, readV1Plugin, resolvePluginId } from "./shared"
+import { registerAdaptor } from "@/control-plane/adaptors"
+import type { WorkspaceAdaptor } from "@/control-plane/types"
+
+const log = Log.create({ service: "plugin" })
+
+type State = {
+  hooks: Hooks[]
+}
+
+// Hook names that follow the (input, output) => Promise<void> trigger pattern
+type TriggerName = {
+  [K in keyof Hooks]-?: NonNullable<Hooks[K]> extends (input: any, output: any) => Promise<void> ? K : never
+}[keyof Hooks]
+
+export interface Interface {
+  readonly trigger: <
+    Name extends TriggerName,
+    Input = Parameters<Required<Hooks>[Name]>[0],
+    Output = Parameters<Required<Hooks>[Name]>[1],
+  >(
+    name: Name,
+    input: Input,
+    output: Output,
+  ) => Effect.Effect<Output>
+  readonly list: () => Effect.Effect<Hooks[]>
+  readonly init: () => Effect.Effect<void>
+}
+
+export class Service extends Context.Service<Service, Interface>()("@opencode/Plugin") {}
+
+// Built-in plugins that are directly imported (not installed from npm)
+const INTERNAL_PLUGINS: PluginInstance[] = [
+  CodexAuthPlugin,
+  CopilotAuthPlugin,
+  GitlabAuthPlugin,
+  PoeAuthPlugin,
+  CloudflareWorkersAuthPlugin,
+  CloudflareAIGatewayAuthPlugin,
+]
+
+function isServerPlugin(value: unknown): value is PluginInstance {
+  return typeof value === "function"
+}
+
+function getServerPlugin(value: unknown) {
+  if (isServerPlugin(value)) return value
+  if (!value || typeof value !== "object" || !("server" in value)) return
+  if (!isServerPlugin(value.server)) return
+  return value.server
+}
+
+function getLegacyPlugins(mod: Record<string, unknown>) {
+  const seen = new Set<unknown>()
+  const result: PluginInstance[] = []
+
+  for (const entry of Object.values(mod)) {
+    if (seen.has(entry)) continue
+    seen.add(entry)
+    const plugin = getServerPlugin(entry)
+    if (!plugin) throw new TypeError("Plugin export is not a function")
+    result.push(plugin)
+  }
+
+  return result
+}
+
+async function applyPlugin(load: PluginLoader.Loaded, input: PluginInput, hooks: Hooks[]) {
+  const plugin = readV1Plugin(load.mod, load.spec, "server", "detect")
+  if (plugin) {
+    await resolvePluginId(load.source, load.spec, load.target, readPluginId(plugin.id, load.spec), load.pkg)
+    hooks.push(await (plugin as PluginModule).server(input, load.options))
+    return
+  }
+
+  for (const server of getLegacyPlugins(load.mod)) {
+    hooks.push(await server(input, load.options))
+  }
+}
+
+export const layer = Layer.effect(
+  Service,
+  Effect.gen(function* () {
+    const bus = yield* Bus.Service
+    const config = yield* Config.Service
+
+    const state = yield* InstanceState.make<State>(
+      Effect.fn("Plugin.state")(function* (ctx) {
+        const hooks: Hooks[] = []
+        const bridge = yield* EffectBridge.make()
+
+        function publishPluginError(message: string) {
+          bridge.fork(bus.publish(Session.Event.Error, { error: new NamedError.Unknown({ message }).toObject() }))
+        }
+
+        const { Server } = yield* Effect.promise(() => import("../server/server"))
+
+        const client = createOpencodeClient({
+          baseUrl: "http://localhost:4096",
+          directory: ctx.directory,
+          headers: Flag.OPENCODE_SERVER_PASSWORD
+            ? {
+                Authorization: `Basic ${Buffer.from(`${Flag.OPENCODE_SERVER_USERNAME ?? "opencode"}:${Flag.OPENCODE_SERVER_PASSWORD}`).toString("base64")}`,
+              }
+            : undefined,
+          fetch: async (...args) => (await Server.Default()).app.fetch(...args),
+        })
+        const cfg = yield* config.get()
+        const input: PluginInput = {
+          client,
+          project: ctx.project,
+          worktree: ctx.worktree,
+          directory: ctx.directory,
+          experimental_workspace: {
+            register(type: string, adaptor: PluginWorkspaceAdaptor) {
+              registerAdaptor(ctx.project.id, type, adaptor as WorkspaceAdaptor)
+            },
+          },
+          get serverUrl(): URL {
+            return Server.url ?? new URL("http://localhost:4096")
+          },
+          // @ts-expect-error
+          $: typeof Bun === "undefined" ? undefined : Bun.$,
+        }
+
+        for (const plugin of INTERNAL_PLUGINS) {
+          log.info("loading internal plugin", { name: plugin.name })
+          const init = yield* Effect.tryPromise({
+            try: () => plugin(input),
+            catch: (err) => {
+              log.error("failed to load internal plugin", { name: plugin.name, error: err })
+            },
+          }).pipe(Effect.option)
+          if (init._tag === "Some") hooks.push(init.value)
+        }
+
+        const plugins = Flag.OPENCODE_PURE ? [] : (cfg.plugin_origins ?? [])
+        if (Flag.OPENCODE_PURE && cfg.plugin_origins?.length) {
+          log.info("skipping external plugins in pure mode", { count: cfg.plugin_origins.length })
+        }
+        if (plugins.length) yield* config.waitForDependencies()
+
+        const loaded = yield* Effect.promise(() =>
+          PluginLoader.loadExternal({
+            items: plugins,
+            kind: "server",
+            report: {
+              start(candidate) {
+                log.info("loading plugin", { path: candidate.plan.spec })
+              },
+              missing(candidate, _retry, message) {
+                log.warn("plugin has no server entrypoint", { path: candidate.plan.spec, message })
+              },
+              error(candidate, _retry, stage, error, resolved) {
+                const spec = candidate.plan.spec
+                const cause = error instanceof Error ? (error.cause ?? error) : error
+                const message = stage === "load" ? errorMessage(error) : errorMessage(cause)
+
+                if (stage === "install") {
+                  const parsed = parsePluginSpecifier(spec)
+                  log.error("failed to install plugin", { pkg: parsed.pkg, version: parsed.version, error: message })
+                  publishPluginError(`Failed to install plugin ${parsed.pkg}@${parsed.version}: ${message}`)
+                  return
+                }
+
+                if (stage === "compatibility") {
+                  log.warn("plugin incompatible", { path: spec, error: message })
+                  publishPluginError(`Plugin ${spec} skipped: ${message}`)
+                  return
+                }
+
+                if (stage === "entry") {
+                  log.error("failed to resolve plugin server entry", { path: spec, error: message })
+                  publishPluginError(`Failed to load plugin ${spec}: ${message}`)
+                  return
+                }
+
+                log.error("failed to load plugin", { path: spec, target: resolved?.entry, error: message })
+                publishPluginError(`Failed to load plugin ${spec}: ${message}`)
+              },
+            },
+          }),
+        )
+        for (const load of loaded) {
+          if (!load) continue
+
+          // Keep plugin execution sequential so hook registration and execution
+          // order remains deterministic across plugin runs.
+          yield* Effect.tryPromise({
+            try: () => applyPlugin(load, input, hooks),
+            catch: (err) => {
+              const message = errorMessage(err)
+              log.error("failed to load plugin", { path: load.spec, error: message })
+              return message
+            },
+          }).pipe(
+            Effect.catch(() => {
+              // TODO: make proper events for this
+              // bus.publish(Session.Event.Error, {
+              //   error: new NamedError.Unknown({
+              //     message: `Failed to load plugin ${load.spec}: ${message}`,
+              //   }).toObject(),
+              // })
+              return Effect.void
+            }),
+          )
+        }
+
+        // Notify plugins of current config
+        for (const hook of hooks) {
+          yield* Effect.tryPromise({
+            try: () => Promise.resolve((hook as any).config?.(cfg)),
+            catch: (err) => {
+              log.error("plugin config hook failed", { error: err })
+            },
+          }).pipe(Effect.ignore)
+        }
+
+        // Subscribe to bus events, fiber interrupted when scope closes
+        yield* bus.subscribeAll().pipe(
+          Stream.runForEach((input) =>
+            Effect.sync(() => {
+              for (const hook of hooks) {
+                hook["event"]?.({ event: input as any })
+              }
+            }),
+          ),
+          Effect.forkScoped,
+        )
+
+        return { hooks }
+      }),
+    )
+
+    const trigger = Effect.fn("Plugin.trigger")(function* <
+      Name extends TriggerName,
+      Input = Parameters<Required<Hooks>[Name]>[0],
+      Output = Parameters<Required<Hooks>[Name]>[1],
+    >(name: Name, input: Input, output: Output) {
+      if (!name) return output
+      const s = yield* InstanceState.get(state)
+      for (const hook of s.hooks) {
+        const fn = hook[name] as any
+        if (!fn) continue
+        yield* Effect.promise(async () => fn(input, output))
+      }
+      return output
+    })
+
+    const list = Effect.fn("Plugin.list")(function* () {
+      const s = yield* InstanceState.get(state)
+      return s.hooks
+    })
+
+    const init = Effect.fn("Plugin.init")(function* () {
+      yield* InstanceState.get(state)
+    })
+
+    return Service.of({ trigger, list, init })
+  }),
+)
+
+export const defaultLayer = layer.pipe(Layer.provide(Bus.layer), Layer.provide(Config.defaultLayer))

packages/opencode/src/provider/auth.ts

@@ -2,70 +2,62 @@ import type { AuthOAuthResult, Hooks } from "@opencode-ai/plugin"
 import { NamedError } from "@opencode-ai/shared/util/error"
 import { Auth } from "@/auth"
 import { InstanceState } from "@/effect/instance-state"
+import { zod } from "@/util/effect-zod"
+import { withStatics } from "@/util/schema"
 import { Plugin } from "../plugin"
 import { ProviderID } from "./schema"
-import { Array as Arr, Effect, Layer, Record, Result, Context } from "effect"
+import { Array as Arr, Effect, Layer, Record, Result, Context, Schema } from "effect"
 import z from "zod"
 
 export namespace ProviderAuth {
-  export const Method = z
-    .object({
-      type: z.union([z.literal("oauth"), z.literal("api")]),
-      label: z.string(),
-      prompts: z
-        .array(
-          z.union([
-            z.object({
-              type: z.literal("text"),
-              key: z.string(),
-              message: z.string(),
-              placeholder: z.string().optional(),
-              when: z
-                .object({
-                  key: z.string(),
-                  op: z.union([z.literal("eq"), z.literal("neq")]),
-                  value: z.string(),
-                })
-                .optional(),
-            }),
-            z.object({
-              type: z.literal("select"),
-              key: z.string(),
-              message: z.string(),
-              options: z.array(
-                z.object({
-                  label: z.string(),
-                  value: z.string(),
-                  hint: z.string().optional(),
-                }),
-              ),
-              when: z
-                .object({
-                  key: z.string(),
-                  op: z.union([z.literal("eq"), z.literal("neq")]),
-                  value: z.string(),
-                })
-                .optional(),
-            }),
-          ]),
-        )
-        .optional(),
-    })
-    .meta({
-      ref: "ProviderAuthMethod",
-    })
-  export type Method = z.infer<typeof Method>
+  const When = Schema.Struct({
+    key: Schema.String,
+    op: Schema.Literals(["eq", "neq"]),
+    value: Schema.String,
+  })
 
-  export const Authorization = z
-    .object({
-      url: z.string(),
-      method: z.union([z.literal("auto"), z.literal("code")]),
-      instructions: z.string(),
-    })
-    .meta({
-      ref: "ProviderAuthAuthorization",
-    })
-  export type Authorization = z.infer<typeof Authorization>
+  const TextPrompt = Schema.Struct({
+    type: Schema.Literal("text"),
+    key: Schema.String,
+    message: Schema.String,
+    placeholder: Schema.optional(Schema.String),
+    when: Schema.optional(When),
+  })
+
+  const SelectOption = Schema.Struct({
+    label: Schema.String,
+    value: Schema.String,
+    hint: Schema.optional(Schema.String),
+  })
+
+  const SelectPrompt = Schema.Struct({
+    type: Schema.Literal("select"),
+    key: Schema.String,
+    message: Schema.String,
+    options: Schema.Array(SelectOption),
+    when: Schema.optional(When),
+  })
+
+  const Prompt = Schema.Union([TextPrompt, SelectPrompt])
+
+  export class Method extends Schema.Class<Method>("ProviderAuthMethod")({
+    type: Schema.Literals(["oauth", "api"]),
+    label: Schema.String,
+    prompts: Schema.optional(Schema.Array(Prompt)),
+  }) {
+    static readonly zod = zod(this)
+  }
+
+  export const Methods = Schema.Record(Schema.String, Schema.Array(Method)).pipe(withStatics((s) => ({ zod: zod(s) })))
+  export type Methods = typeof Methods.Type
+
+  export class Authorization extends Schema.Class<Authorization>("ProviderAuthAuthorization")({
+    url: Schema.String,
+    method: Schema.Literals(["auto", "code"]),
+    instructions: Schema.String,
+  }) {
+    static readonly zod = zod(this)
+  }
 
   export const OauthMissing = NamedError.create("ProviderAuthOauthMissing", z.object({ providerID: ProviderID.zod }))
 
@@ -94,7 +86,7 @@ export namespace ProviderAuth {
   type Hook = NonNullable<Hooks["auth"]>
 
   export interface Interface {
-    readonly methods: () => Effect.Effect<Record<ProviderID, Method[]>>
+    readonly methods: () => Effect.Effect<Methods>
     readonly authorize: (input: {
       providerID: ProviderID
       method: number
@@ -131,11 +123,12 @@ export namespace ProviderAuth {
         }),
       )
 
+      const decode = Schema.decodeUnknownSync(Methods)
       const methods = Effect.fn("ProviderAuth.methods")(function* () {
         const hooks = (yield* InstanceState.get(state)).hooks
-        return Record.map(hooks, (item) =>
-          item.methods.map(
-            (method): Method => ({
+        return decode(
+          Record.map(hooks, (item) =>
+            item.methods.map((method) => ({
               type: method.type,
               label: method.label,
               prompts: method.prompts?.map((prompt) => {
@@ -156,7 +149,7 @@ export namespace ProviderAuth {
                   when: prompt.when,
                 }
               }),
-            }),
+            })),
           ),
         )
       })

packages/opencode/src/provider/index.ts

@@ -0,0 +1 @@
+export * as Provider from "./provider"

packages/opencode/src/provider/schema.ts

@@ -30,7 +30,7 @@ const modelIdSchema = Schema.String.pipe(Schema.brand("ModelID"))
 export type ModelID = typeof modelIdSchema.Type
 
 export const ModelID = modelIdSchema.pipe(
-  withStatics((schema: typeof modelIdSchema) => ({
+  withStatics((_schema: typeof modelIdSchema) => ({
     zod: z.string().pipe(z.custom<ModelID>()),
   })),
 )

packages/opencode/src/provider/transform.ts

@@ -2,7 +2,7 @@ import type { ModelMessage } from "ai"
 import { mergeDeep, unique } from "remeda"
 import type { JSONSchema7 } from "@ai-sdk/provider"
 import type { JSONSchema } from "zod/v4/core"
-import type { Provider } from "./provider"
+import type { Provider } from "."
 import type { ModelsDev } from "./models"
 import { iife } from "@/util/iife"
 import { Flag } from "@/flag/flag"
@@ -49,7 +49,7 @@ export namespace ProviderTransform {
   function normalizeMessages(
     msgs: ModelMessage[],
     model: Provider.Model,
-    options: Record<string, unknown>,
+    _options: Record<string, unknown>,
   ): ModelMessage[] {
     // Anthropic rejects messages with empty content - filter out empty string messages
     // and remove empty text/reasoning parts from array content

packages/opencode/src/pty/index.ts

@@ -1,364 +1 @@
-import { BusEvent } from "@/bus/bus-event"
-import { Bus } from "@/bus"
-import { InstanceState } from "@/effect/instance-state"
-import { Instance } from "@/project/instance"
-import type { Proc } from "#pty"
-import z from "zod"
-import { Log } from "../util/log"
-import { lazy } from "@opencode-ai/shared/util/lazy"
-import { Shell } from "@/shell/shell"
-import { Plugin } from "@/plugin"
-import { PtyID } from "./schema"
-import { Effect, Layer, Context } from "effect"
-import { EffectBridge } from "@/effect/bridge"
-
-export namespace Pty {
-  const log = Log.create({ service: "pty" })
-
-  const BUFFER_LIMIT = 1024 * 1024 * 2
-  const BUFFER_CHUNK = 64 * 1024
-  const encoder = new TextEncoder()
-
-  type Socket = {
-    readyState: number
-    data?: unknown
-    send: (data: string | Uint8Array | ArrayBuffer) => void
-    close: (code?: number, reason?: string) => void
-  }
-
-  const sock = (ws: Socket) => (ws.data && typeof ws.data === "object" ? ws.data : ws)
-
-  type Active = {
-    info: Info
-    process: Proc
-    buffer: string
-    bufferCursor: number
-    cursor: number
-    subscribers: Map<unknown, Socket>
-  }
-
-  type State = {
-    dir: string
-    sessions: Map<PtyID, Active>
-  }
-
-  // WebSocket control frame: 0x00 + UTF-8 JSON.
-  const meta = (cursor: number) => {
-    const json = JSON.stringify({ cursor })
-    const bytes = encoder.encode(json)
-    const out = new Uint8Array(bytes.length + 1)
-    out[0] = 0
-    out.set(bytes, 1)
-    return out
-  }
-
-  const pty = lazy(() => import("#pty"))
-
-  export const Info = z
-    .object({
-      id: PtyID.zod,
-      title: z.string(),
-      command: z.string(),
-      args: z.array(z.string()),
-      cwd: z.string(),
-      status: z.enum(["running", "exited"]),
-      pid: z.number(),
-    })
-    .meta({ ref: "Pty" })
-
-  export type Info = z.infer<typeof Info>
-
-  export const CreateInput = z.object({
-    command: z.string().optional(),
-    args: z.array(z.string()).optional(),
-    cwd: z.string().optional(),
-    title: z.string().optional(),
-    env: z.record(z.string(), z.string()).optional(),
-  })
-
-  export type CreateInput = z.infer<typeof CreateInput>
-
-  export const UpdateInput = z.object({
-    title: z.string().optional(),
-    size: z
-      .object({
-        rows: z.number(),
-        cols: z.number(),
-      })
-      .optional(),
-  })
-
-  export type UpdateInput = z.infer<typeof UpdateInput>
-
-  export const Event = {
-    Created: BusEvent.define("pty.created", z.object({ info: Info })),
-    Updated: BusEvent.define("pty.updated", z.object({ info: Info })),
-    Exited: BusEvent.define("pty.exited", z.object({ id: PtyID.zod, exitCode: z.number() })),
-    Deleted: BusEvent.define("pty.deleted", z.object({ id: PtyID.zod })),
-  }
-
-  export interface Interface {
-    readonly list: () => Effect.Effect<Info[]>
-    readonly get: (id: PtyID) => Effect.Effect<Info | undefined>
-    readonly create: (input: CreateInput) => Effect.Effect<Info>
-    readonly update: (id: PtyID, input: UpdateInput) => Effect.Effect<Info | undefined>
-    readonly remove: (id: PtyID) => Effect.Effect<void>
-    readonly resize: (id: PtyID, cols: number, rows: number) => Effect.Effect<void>
-    readonly write: (id: PtyID, data: string) => Effect.Effect<void>
-    readonly connect: (
-      id: PtyID,
-      ws: Socket,
-      cursor?: number,
-    ) => Effect.Effect<{ onMessage: (message: string | ArrayBuffer) => void; onClose: () => void } | undefined>
-  }
-
-  export class Service extends Context.Service<Service, Interface>()("@opencode/Pty") {}
-
-  export const layer = Layer.effect(
-    Service,
-    Effect.gen(function* () {
-      const bus = yield* Bus.Service
-      const plugin = yield* Plugin.Service
-      function teardown(session: Active) {
-        try {
-          session.process.kill()
-        } catch {}
-        for (const [sub, ws] of session.subscribers.entries()) {
-          try {
-            if (sock(ws) === sub) ws.close()
-          } catch {}
-        }
-        session.subscribers.clear()
-      }
-
-      const state = yield* InstanceState.make<State>(
-        Effect.fn("Pty.state")(function* (ctx) {
-          const state = {
-            dir: ctx.directory,
-            sessions: new Map<PtyID, Active>(),
-          }
-
-          yield* Effect.addFinalizer(() =>
-            Effect.sync(() => {
-              for (const session of state.sessions.values()) {
-                teardown(session)
-              }
-              state.sessions.clear()
-            }),
-          )
-
-          return state
-        }),
-      )
-
-      const remove = Effect.fn("Pty.remove")(function* (id: PtyID) {
-        const s = yield* InstanceState.get(state)
-        const session = s.sessions.get(id)
-        if (!session) return
-        s.sessions.delete(id)
-        log.info("removing session", { id })
-        teardown(session)
-        yield* bus.publish(Event.Deleted, { id: session.info.id })
-      })
-
-      const list = Effect.fn("Pty.list")(function* () {
-        const s = yield* InstanceState.get(state)
-        return Array.from(s.sessions.values()).map((session) => session.info)
-      })
-
-      const get = Effect.fn("Pty.get")(function* (id: PtyID) {
-        const s = yield* InstanceState.get(state)
-        return s.sessions.get(id)?.info
-      })
-
-      const create = Effect.fn("Pty.create")(function* (input: CreateInput) {
-        const s = yield* InstanceState.get(state)
-        const bridge = yield* EffectBridge.make()
-        const id = PtyID.ascending()
-        const command = input.command || Shell.preferred()
-        const args = input.args || []
-        if (Shell.login(command)) {
-          args.push("-l")
-        }
-
-        const cwd = input.cwd || s.dir
-        const shell = yield* plugin.trigger("shell.env", { cwd }, { env: {} })
-        const env = {
-          ...process.env,
-          ...input.env,
-          ...shell.env,
-          TERM: "xterm-256color",
-          OPENCODE_TERMINAL: "1",
-        } as Record<string, string>
-
-        if (process.platform === "win32") {
-          env.LC_ALL = "C.UTF-8"
-          env.LC_CTYPE = "C.UTF-8"
-          env.LANG = "C.UTF-8"
-        }
-        log.info("creating session", { id, cmd: command, args, cwd })
-
-        const { spawn } = yield* Effect.promise(() => pty())
-        const proc = yield* Effect.sync(() =>
-          spawn(command, args, {
-            name: "xterm-256color",
-            cwd,
-            env,
-          }),
-        )
-
-        const info = {
-          id,
-          title: input.title || `Terminal ${id.slice(-4)}`,
-          command,
-          args,
-          cwd,
-          status: "running",
-          pid: proc.pid,
-        } as const
-        const session: Active = {
-          info,
-          process: proc,
-          buffer: "",
-          bufferCursor: 0,
-          cursor: 0,
-          subscribers: new Map(),
-        }
-        s.sessions.set(id, session)
-        proc.onData(
-          Instance.bind((chunk) => {
-            session.cursor += chunk.length
-
-            for (const [key, ws] of session.subscribers.entries()) {
-              if (ws.readyState !== 1) {
-                session.subscribers.delete(key)
-                continue
-              }
-              if (sock(ws) !== key) {
-                session.subscribers.delete(key)
-                continue
-              }
-              try {
-                ws.send(chunk)
-              } catch {
-                session.subscribers.delete(key)
-              }
-            }
-
-            session.buffer += chunk
-            if (session.buffer.length <= BUFFER_LIMIT) return
-            const excess = session.buffer.length - BUFFER_LIMIT
-            session.buffer = session.buffer.slice(excess)
-            session.bufferCursor += excess
-          }),
-        )
-        proc.onExit(
-          Instance.bind(({ exitCode }) => {
-            if (session.info.status === "exited") return
-            log.info("session exited", { id, exitCode })
-            session.info.status = "exited"
-            bridge.fork(bus.publish(Event.Exited, { id, exitCode }))
-            bridge.fork(remove(id))
-          }),
-        )
-        yield* bus.publish(Event.Created, { info })
-        return info
-      })
-
-      const update = Effect.fn("Pty.update")(function* (id: PtyID, input: UpdateInput) {
-        const s = yield* InstanceState.get(state)
-        const session = s.sessions.get(id)
-        if (!session) return
-        if (input.title) {
-          session.info.title = input.title
-        }
-        if (input.size) {
-          session.process.resize(input.size.cols, input.size.rows)
-        }
-        yield* bus.publish(Event.Updated, { info: session.info })
-        return session.info
-      })
-
-      const resize = Effect.fn("Pty.resize")(function* (id: PtyID, cols: number, rows: number) {
-        const s = yield* InstanceState.get(state)
-        const session = s.sessions.get(id)
-        if (session && session.info.status === "running") {
-          session.process.resize(cols, rows)
-        }
-      })
-
-      const write = Effect.fn("Pty.write")(function* (id: PtyID, data: string) {
-        const s = yield* InstanceState.get(state)
-        const session = s.sessions.get(id)
-        if (session && session.info.status === "running") {
-          session.process.write(data)
-        }
-      })
-
-      const connect = Effect.fn("Pty.connect")(function* (id: PtyID, ws: Socket, cursor?: number) {
-        const s = yield* InstanceState.get(state)
-        const session = s.sessions.get(id)
-        if (!session) {
-          ws.close()
-          return
-        }
-        log.info("client connected to session", { id })
-
-        const sub = sock(ws)
-        session.subscribers.delete(sub)
-        session.subscribers.set(sub, ws)
-
-        const cleanup = () => {
-          session.subscribers.delete(sub)
-        }
-
-        const start = session.bufferCursor
-        const end = session.cursor
-        const from =
-          cursor === -1 ? end : typeof cursor === "number" && Number.isSafeInteger(cursor) ? Math.max(0, cursor) : 0
-
-        const data = (() => {
-          if (!session.buffer) return ""
-          if (from >= end) return ""
-          const offset = Math.max(0, from - start)
-          if (offset >= session.buffer.length) return ""
-          return session.buffer.slice(offset)
-        })()
-
-        if (data) {
-          try {
-            for (let i = 0; i < data.length; i += BUFFER_CHUNK) {
-              ws.send(data.slice(i, i + BUFFER_CHUNK))
-            }
-          } catch {
-            cleanup()
-            ws.close()
-            return
-          }
-        }
-
-        try {
-          ws.send(meta(end))
-        } catch {
-          cleanup()
-          ws.close()
-          return
-        }
-
-        return {
-          onMessage: (message: string | ArrayBuffer) => {
-            session.process.write(String(message))
-          },
-          onClose: () => {
-            log.info("client disconnected from session", { id })
-            cleanup()
-          },
-        }
-      })
-
-      return Service.of({ list, get, create, update, remove, resize, write, connect })
-    }),
-  )
-
-  export const defaultLayer = layer.pipe(Layer.provide(Bus.layer), Layer.provide(Plugin.defaultLayer))
-}
+export * as Pty from "./service"

packages/opencode/src/pty/service.ts

@@ -0,0 +1,362 @@
+import { BusEvent } from "@/bus/bus-event"
+import { Bus } from "@/bus"
+import { InstanceState } from "@/effect/instance-state"
+import { Instance } from "@/project/instance"
+import type { Proc } from "#pty"
+import z from "zod"
+import { Log } from "../util/log"
+import { lazy } from "@opencode-ai/shared/util/lazy"
+import { Shell } from "@/shell/shell"
+import { Plugin } from "@/plugin"
+import { PtyID } from "./schema"
+import { Effect, Layer, Context } from "effect"
+import { EffectBridge } from "@/effect/bridge"
+
+const log = Log.create({ service: "pty" })
+
+const BUFFER_LIMIT = 1024 * 1024 * 2
+const BUFFER_CHUNK = 64 * 1024
+const encoder = new TextEncoder()
+
+type Socket = {
+  readyState: number
+  data?: unknown
+  send: (data: string | Uint8Array | ArrayBuffer) => void
+  close: (code?: number, reason?: string) => void
+}
+
+const sock = (ws: Socket) => (ws.data && typeof ws.data === "object" ? ws.data : ws)
+
+type Active = {
+  info: Info
+  process: Proc
+  buffer: string
+  bufferCursor: number
+  cursor: number
+  subscribers: Map<unknown, Socket>
+}
+
+type State = {
+  dir: string
+  sessions: Map<PtyID, Active>
+}
+
+// WebSocket control frame: 0x00 + UTF-8 JSON.
+const meta = (cursor: number) => {
+  const json = JSON.stringify({ cursor })
+  const bytes = encoder.encode(json)
+  const out = new Uint8Array(bytes.length + 1)
+  out[0] = 0
+  out.set(bytes, 1)
+  return out
+}
+
+const pty = lazy(() => import("#pty"))
+
+export const Info = z
+  .object({
+    id: PtyID.zod,
+    title: z.string(),
+    command: z.string(),
+    args: z.array(z.string()),
+    cwd: z.string(),
+    status: z.enum(["running", "exited"]),
+    pid: z.number(),
+  })
+  .meta({ ref: "Pty" })
+
+export type Info = z.infer<typeof Info>
+
+export const CreateInput = z.object({
+  command: z.string().optional(),
+  args: z.array(z.string()).optional(),
+  cwd: z.string().optional(),
+  title: z.string().optional(),
+  env: z.record(z.string(), z.string()).optional(),
+})
+
+export type CreateInput = z.infer<typeof CreateInput>
+
+export const UpdateInput = z.object({
+  title: z.string().optional(),
+  size: z
+    .object({
+      rows: z.number(),
+      cols: z.number(),
+    })
+    .optional(),
+})
+
+export type UpdateInput = z.infer<typeof UpdateInput>
+
+export const Event = {
+  Created: BusEvent.define("pty.created", z.object({ info: Info })),
+  Updated: BusEvent.define("pty.updated", z.object({ info: Info })),
+  Exited: BusEvent.define("pty.exited", z.object({ id: PtyID.zod, exitCode: z.number() })),
+  Deleted: BusEvent.define("pty.deleted", z.object({ id: PtyID.zod })),
+}
+
+export interface Interface {
+  readonly list: () => Effect.Effect<Info[]>
+  readonly get: (id: PtyID) => Effect.Effect<Info | undefined>
+  readonly create: (input: CreateInput) => Effect.Effect<Info>
+  readonly update: (id: PtyID, input: UpdateInput) => Effect.Effect<Info | undefined>
+  readonly remove: (id: PtyID) => Effect.Effect<void>
+  readonly resize: (id: PtyID, cols: number, rows: number) => Effect.Effect<void>
+  readonly write: (id: PtyID, data: string) => Effect.Effect<void>
+  readonly connect: (
+    id: PtyID,
+    ws: Socket,
+    cursor?: number,
+  ) => Effect.Effect<{ onMessage: (message: string | ArrayBuffer) => void; onClose: () => void } | undefined>
+}
+
+export class Service extends Context.Service<Service, Interface>()("@opencode/Pty") {}
+
+export const layer = Layer.effect(
+  Service,
+  Effect.gen(function* () {
+    const bus = yield* Bus.Service
+    const plugin = yield* Plugin.Service
+    function teardown(session: Active) {
+      try {
+        session.process.kill()
+      } catch {}
+      for (const [sub, ws] of session.subscribers.entries()) {
+        try {
+          if (sock(ws) === sub) ws.close()
+        } catch {}
+      }
+      session.subscribers.clear()
+    }
+
+    const state = yield* InstanceState.make<State>(
+      Effect.fn("Pty.state")(function* (ctx) {
+        const state = {
+          dir: ctx.directory,
+          sessions: new Map<PtyID, Active>(),
+        }
+
+        yield* Effect.addFinalizer(() =>
+          Effect.sync(() => {
+            for (const session of state.sessions.values()) {
+              teardown(session)
+            }
+            state.sessions.clear()
+          }),
+        )
+
+        return state
+      }),
+    )
+
+    const remove = Effect.fn("Pty.remove")(function* (id: PtyID) {
+      const s = yield* InstanceState.get(state)
+      const session = s.sessions.get(id)
+      if (!session) return
+      s.sessions.delete(id)
+      log.info("removing session", { id })
+      teardown(session)
+      yield* bus.publish(Event.Deleted, { id: session.info.id })
+    })
+
+    const list = Effect.fn("Pty.list")(function* () {
+      const s = yield* InstanceState.get(state)
+      return Array.from(s.sessions.values()).map((session) => session.info)
+    })
+
+    const get = Effect.fn("Pty.get")(function* (id: PtyID) {
+      const s = yield* InstanceState.get(state)
+      return s.sessions.get(id)?.info
+    })
+
+    const create = Effect.fn("Pty.create")(function* (input: CreateInput) {
+      const s = yield* InstanceState.get(state)
+      const bridge = yield* EffectBridge.make()
+      const id = PtyID.ascending()
+      const command = input.command || Shell.preferred()
+      const args = input.args || []
+      if (Shell.login(command)) {
+        args.push("-l")
+      }
+
+      const cwd = input.cwd || s.dir
+      const shell = yield* plugin.trigger("shell.env", { cwd }, { env: {} })
+      const env = {
+        ...process.env,
+        ...input.env,
+        ...shell.env,
+        TERM: "xterm-256color",
+        OPENCODE_TERMINAL: "1",
+      } as Record<string, string>
+
+      if (process.platform === "win32") {
+        env.LC_ALL = "C.UTF-8"
+        env.LC_CTYPE = "C.UTF-8"
+        env.LANG = "C.UTF-8"
+      }
+      log.info("creating session", { id, cmd: command, args, cwd })
+
+      const { spawn } = yield* Effect.promise(() => pty())
+      const proc = yield* Effect.sync(() =>
+        spawn(command, args, {
+          name: "xterm-256color",
+          cwd,
+          env,
+        }),
+      )
+
+      const info = {
+        id,
+        title: input.title || `Terminal ${id.slice(-4)}`,
+        command,
+        args,
+        cwd,
+        status: "running",
+        pid: proc.pid,
+      } as const
+      const session: Active = {
+        info,
+        process: proc,
+        buffer: "",
+        bufferCursor: 0,
+        cursor: 0,
+        subscribers: new Map(),
+      }
+      s.sessions.set(id, session)
+      proc.onData(
+        Instance.bind((chunk) => {
+          session.cursor += chunk.length
+
+          for (const [key, ws] of session.subscribers.entries()) {
+            if (ws.readyState !== 1) {
+              session.subscribers.delete(key)
+              continue
+            }
+            if (sock(ws) !== key) {
+              session.subscribers.delete(key)
+              continue
+            }
+            try {
+              ws.send(chunk)
+            } catch {
+              session.subscribers.delete(key)
+            }
+          }
+
+          session.buffer += chunk
+          if (session.buffer.length <= BUFFER_LIMIT) return
+          const excess = session.buffer.length - BUFFER_LIMIT
+          session.buffer = session.buffer.slice(excess)
+          session.bufferCursor += excess
+        }),
+      )
+      proc.onExit(
+        Instance.bind(({ exitCode }) => {
+          if (session.info.status === "exited") return
+          log.info("session exited", { id, exitCode })
+          session.info.status = "exited"
+          bridge.fork(bus.publish(Event.Exited, { id, exitCode }))
+          bridge.fork(remove(id))
+        }),
+      )
+      yield* bus.publish(Event.Created, { info })
+      return info
+    })
+
+    const update = Effect.fn("Pty.update")(function* (id: PtyID, input: UpdateInput) {
+      const s = yield* InstanceState.get(state)
+      const session = s.sessions.get(id)
+      if (!session) return
+      if (input.title) {
+        session.info.title = input.title
+      }
+      if (input.size) {
+        session.process.resize(input.size.cols, input.size.rows)
+      }
+      yield* bus.publish(Event.Updated, { info: session.info })
+      return session.info
+    })
+
+    const resize = Effect.fn("Pty.resize")(function* (id: PtyID, cols: number, rows: number) {
+      const s = yield* InstanceState.get(state)
+      const session = s.sessions.get(id)
+      if (session && session.info.status === "running") {
+        session.process.resize(cols, rows)
+      }
+    })
+
+    const write = Effect.fn("Pty.write")(function* (id: PtyID, data: string) {
+      const s = yield* InstanceState.get(state)
+      const session = s.sessions.get(id)
+      if (session && session.info.status === "running") {
+        session.process.write(data)
+      }
+    })
+
+    const connect = Effect.fn("Pty.connect")(function* (id: PtyID, ws: Socket, cursor?: number) {
+      const s = yield* InstanceState.get(state)
+      const session = s.sessions.get(id)
+      if (!session) {
+        ws.close()
+        return
+      }
+      log.info("client connected to session", { id })
+
+      const sub = sock(ws)
+      session.subscribers.delete(sub)
+      session.subscribers.set(sub, ws)
+
+      const cleanup = () => {
+        session.subscribers.delete(sub)
+      }
+
+      const start = session.bufferCursor
+      const end = session.cursor
+      const from =
+        cursor === -1 ? end : typeof cursor === "number" && Number.isSafeInteger(cursor) ? Math.max(0, cursor) : 0
+
+      const data = (() => {
+        if (!session.buffer) return ""
+        if (from >= end) return ""
+        const offset = Math.max(0, from - start)
+        if (offset >= session.buffer.length) return ""
+        return session.buffer.slice(offset)
+      })()
+
+      if (data) {
+        try {
+          for (let i = 0; i < data.length; i += BUFFER_CHUNK) {
+            ws.send(data.slice(i, i + BUFFER_CHUNK))
+          }
+        } catch {
+          cleanup()
+          ws.close()
+          return
+        }
+      }
+
+      try {
+        ws.send(meta(end))
+      } catch {
+        cleanup()
+        ws.close()
+        return
+      }
+
+      return {
+        onMessage: (message: string | ArrayBuffer) => {
+          session.process.write(String(message))
+        },
+        onClose: () => {
+          log.info("client disconnected from session", { id })
+          cleanup()
+        },
+      }
+    })
+
+    return Service.of({ list, get, create, update, remove, resize, write, connect })
+  }),
+)
+
+export const defaultLayer = layer.pipe(Layer.provide(Bus.layer), Layer.provide(Plugin.defaultLayer))

packages/opencode/src/server/fence.ts

@@ -40,7 +40,7 @@ export function parse(headers: Headers) {
 
   try {
     data = JSON.parse(raw)
-  } catch (err) {
+  } catch {
     return
   }
 

packages/opencode/src/server/instance/config.ts

@@ -2,7 +2,7 @@ import { Hono } from "hono"
 import { describeRoute, validator, resolver } from "hono-openapi"
 import z from "zod"
 import { Config } from "../../config"
-import { Provider } from "../../provider/provider"
+import { Provider } from "../../provider"
 import { mapValues } from "remeda"
 import { errors } from "../error"
 import { lazy } from "../../util/lazy"

packages/opencode/src/server/instance/httpapi/provider.ts

@@ -0,0 +1,46 @@
+import { ProviderAuth } from "@/provider/auth"
+import { Effect, Layer } from "effect"
+import { HttpApi, HttpApiBuilder, HttpApiEndpoint, HttpApiGroup, OpenApi } from "effect/unstable/httpapi"
+
+const root = "/experimental/httpapi/provider"
+
+export const ProviderApi = HttpApi.make("provider")
+  .add(
+    HttpApiGroup.make("provider")
+      .add(
+        HttpApiEndpoint.get("auth", `${root}/auth`, {
+          success: ProviderAuth.Methods,
+        }).annotateMerge(
+          OpenApi.annotations({
+            identifier: "provider.auth",
+            summary: "Get provider auth methods",
+            description: "Retrieve available authentication methods for all AI providers.",
+          }),
+        ),
+      )
+      .annotateMerge(
+        OpenApi.annotations({
+          title: "provider",
+          description: "Experimental HttpApi provider routes.",
+        }),
+      ),
+  )
+  .annotateMerge(
+    OpenApi.annotations({
+      title: "opencode experimental HttpApi",
+      version: "0.0.1",
+      description: "Experimental HttpApi surface for selected instance routes.",
+    }),
+  )
+
+export const ProviderLive = Layer.unwrap(
+  Effect.gen(function* () {
+    const svc = yield* ProviderAuth.Service
+
+    const auth = Effect.fn("ProviderHttpApi.auth")(function* () {
+      return yield* svc.methods()
+    })
+
+    return HttpApiBuilder.group(ProviderApi, "provider", (handlers) => handlers.handle("auth", auth))
+  }),
+).pipe(Layer.provide(ProviderAuth.defaultLayer))

packages/opencode/src/server/instance/httpapi/server.ts

@@ -10,8 +10,10 @@ import { InstanceBootstrap } from "@/project/bootstrap"
 import { Instance } from "@/project/instance"
 import { Filesystem } from "@/util/filesystem"
 import { Permission } from "@/permission"
+import { ProviderAuth } from "@/provider/auth"
 import { Question } from "@/question"
 import { PermissionApi, PermissionLive } from "./permission"
+import { ProviderApi, ProviderLive } from "./provider"
 import { QuestionApi, QuestionLive } from "./question"
 
 const Query = Schema.Struct({
@@ -26,10 +28,6 @@ const Headers = Schema.Struct({
 })
 
 export namespace ExperimentalHttpApiServer {
-  function text(input: string, status: number, headers?: Record<string, string>) {
-    return HttpServerResponse.text(input, { status, headers })
-  }
-
   function decode(input: string) {
     try {
       return decodeURIComponent(input)
@@ -112,6 +110,7 @@ export namespace ExperimentalHttpApiServer {
 
   const QuestionSecured = QuestionApi.middleware(Authorization)
   const PermissionSecured = PermissionApi.middleware(Authorization)
+  const ProviderSecured = ProviderApi.middleware(Authorization)
 
   export const routes = Layer.mergeAll(
     HttpApiBuilder.layer(QuestionSecured, { openapiPath: "/experimental/httpapi/question/doc" }).pipe(
@@ -120,6 +119,9 @@ export namespace ExperimentalHttpApiServer {
     HttpApiBuilder.layer(PermissionSecured, { openapiPath: "/experimental/httpapi/permission/doc" }).pipe(
       Layer.provide(PermissionLive),
     ),
+    HttpApiBuilder.layer(ProviderSecured, { openapiPath: "/experimental/httpapi/provider/doc" }).pipe(
+      Layer.provide(ProviderLive),
+    ),
   ).pipe(Layer.provide(auth), Layer.provide(normalize), Layer.provide(instance))
 
   export const layer = (opts: { hostname: string; port: number }) =>
@@ -131,5 +133,6 @@ export namespace ExperimentalHttpApiServer {
     Layer.provideMerge(NodeHttpServer.layerTest),
     Layer.provideMerge(Question.defaultLayer),
     Layer.provideMerge(Permission.defaultLayer),
+    Layer.provideMerge(ProviderAuth.defaultLayer),
   )
 }

packages/opencode/src/server/instance/middleware.ts

@@ -16,8 +16,6 @@ import { AppFileSystem } from "@opencode-ai/shared/filesystem"
 
 type Rule = { method?: string; path: string; exact?: boolean; action: "local" | "forward" }
 
-const OPENCODE_WORKSPACE = process.env.OPENCODE_WORKSPACE
-
 const RULES: Array<Rule> = [
   { path: "/session/status", action: "forward" },
   { method: "GET", path: "/session", action: "local" },

packages/opencode/src/server/instance/provider.ts

@@ -2,7 +2,7 @@ import { Hono } from "hono"
 import { describeRoute, validator, resolver } from "hono-openapi"
 import z from "zod"
 import { Config } from "../../config"
-import { Provider } from "../../provider/provider"
+import { Provider } from "../../provider"
 import { ModelsDev } from "../../provider/models"
 import { ProviderAuth } from "../../provider/auth"
 import { ProviderID } from "../../provider/schema"
@@ -10,11 +10,8 @@ import { AppRuntime } from "../../effect/app-runtime"
 import { mapValues } from "remeda"
 import { errors } from "../error"
 import { lazy } from "../../util/lazy"
-import { Log } from "../../util/log"
 import { Effect } from "effect"
 
-const log = Log.create({ service: "server" })
-
 export const ProviderRoutes = lazy(() =>
   new Hono()
     .get(
@@ -85,7 +82,7 @@ export const ProviderRoutes = lazy(() =>
             description: "Provider auth methods",
             content: {
               "application/json": {
-                schema: resolver(z.record(z.string(), z.array(ProviderAuth.Method))),
+                schema: resolver(ProviderAuth.Methods.zod),
               },
             },
           },
@@ -106,7 +103,7 @@ export const ProviderRoutes = lazy(() =>
             description: "Authorization URL and method",
             content: {
               "application/json": {
-                schema: resolver(ProviderAuth.Authorization.optional()),
+                schema: resolver(ProviderAuth.Authorization.zod.optional()),
               },
             },
           },

packages/opencode/src/server/middleware.ts

@@ -1,4 +1,4 @@
-import { Provider } from "../provider/provider"
+import { Provider } from "../provider"
 import { NamedError } from "@opencode-ai/shared/util/error"
 import { NotFoundError } from "../storage/db"
 import { Session } from "../session"

packages/opencode/src/session/compaction.ts

@@ -2,7 +2,7 @@ import { BusEvent } from "@/bus/bus-event"
 import { Bus } from "@/bus"
 import { Session } from "."
 import { SessionID, MessageID, PartID } from "./schema"
-import { Provider } from "../provider/provider"
+import { Provider } from "../provider"
 import { MessageV2 } from "./message-v2"
 import z from "zod"
 import { Token } from "../util/token"

packages/opencode/src/session/index.ts

@@ -1,818 +1 @@
-import { Slug } from "@opencode-ai/shared/util/slug"
-import path from "path"
-import { BusEvent } from "@/bus/bus-event"
-import { Bus } from "@/bus"
-import { Decimal } from "decimal.js"
-import z from "zod"
-import { type ProviderMetadata, type LanguageModelUsage } from "ai"
-import { Flag } from "../flag/flag"
-import { Installation } from "../installation"
-
-import { Database, NotFoundError, eq, and, gte, isNull, desc, like, inArray, lt } from "../storage/db"
-import { SyncEvent } from "../sync"
-import type { SQL } from "../storage/db"
-import { PartTable, SessionTable } from "./session.sql"
-import { ProjectTable } from "../project/project.sql"
-import { Storage } from "@/storage/storage"
-import { Log } from "../util/log"
-import { updateSchema } from "../util/update-schema"
-import { MessageV2 } from "./message-v2"
-import { Instance } from "../project/instance"
-import { InstanceState } from "@/effect/instance-state"
-import { Snapshot } from "@/snapshot"
-import { ProjectID } from "../project/schema"
-import { WorkspaceID } from "../control-plane/schema"
-import { SessionID, MessageID, PartID } from "./schema"
-
-import type { Provider } from "@/provider/provider"
-import { Permission } from "@/permission"
-import { Global } from "@/global"
-import { Effect, Layer, Option, Context } from "effect"
-
-export namespace Session {
-  const log = Log.create({ service: "session" })
-
-  const parentTitlePrefix = "New session - "
-  const childTitlePrefix = "Child session - "
-
-  function createDefaultTitle(isChild = false) {
-    return (isChild ? childTitlePrefix : parentTitlePrefix) + new Date().toISOString()
-  }
-
-  export function isDefaultTitle(title: string) {
-    return new RegExp(
-      `^(${parentTitlePrefix}|${childTitlePrefix})\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}\\.\\d{3}Z$`,
-    ).test(title)
-  }
-
-  type SessionRow = typeof SessionTable.$inferSelect
-
-  export function fromRow(row: SessionRow): Info {
-    const summary =
-      row.summary_additions !== null || row.summary_deletions !== null || row.summary_files !== null
-        ? {
-            additions: row.summary_additions ?? 0,
-            deletions: row.summary_deletions ?? 0,
-            files: row.summary_files ?? 0,
-            diffs: row.summary_diffs ?? undefined,
-          }
-        : undefined
-    const share = row.share_url ? { url: row.share_url } : undefined
-    const revert = row.revert ?? undefined
-    return {
-      id: row.id,
-      slug: row.slug,
-      projectID: row.project_id,
-      workspaceID: row.workspace_id ?? undefined,
-      directory: row.directory,
-      parentID: row.parent_id ?? undefined,
-      title: row.title,
-      version: row.version,
-      summary,
-      share,
-      revert,
-      permission: row.permission ?? undefined,
-      time: {
-        created: row.time_created,
-        updated: row.time_updated,
-        compacting: row.time_compacting ?? undefined,
-        archived: row.time_archived ?? undefined,
-      },
-    }
-  }
-
-  export function toRow(info: Info) {
-    return {
-      id: info.id,
-      project_id: info.projectID,
-      workspace_id: info.workspaceID,
-      parent_id: info.parentID,
-      slug: info.slug,
-      directory: info.directory,
-      title: info.title,
-      version: info.version,
-      share_url: info.share?.url,
-      summary_additions: info.summary?.additions,
-      summary_deletions: info.summary?.deletions,
-      summary_files: info.summary?.files,
-      summary_diffs: info.summary?.diffs,
-      revert: info.revert ?? null,
-      permission: info.permission,
-      time_created: info.time.created,
-      time_updated: info.time.updated,
-      time_compacting: info.time.compacting,
-      time_archived: info.time.archived,
-    }
-  }
-
-  function getForkedTitle(title: string): string {
-    const match = title.match(/^(.+) \(fork #(\d+)\)$/)
-    if (match) {
-      const base = match[1]
-      const num = parseInt(match[2], 10)
-      return `${base} (fork #${num + 1})`
-    }
-    return `${title} (fork #1)`
-  }
-
-  export const Info = z
-    .object({
-      id: SessionID.zod,
-      slug: z.string(),
-      projectID: ProjectID.zod,
-      workspaceID: WorkspaceID.zod.optional(),
-      directory: z.string(),
-      parentID: SessionID.zod.optional(),
-      summary: z
-        .object({
-          additions: z.number(),
-          deletions: z.number(),
-          files: z.number(),
-          diffs: Snapshot.FileDiff.array().optional(),
-        })
-        .optional(),
-      share: z
-        .object({
-          url: z.string(),
-        })
-        .optional(),
-      title: z.string(),
-      version: z.string(),
-      time: z.object({
-        created: z.number(),
-        updated: z.number(),
-        compacting: z.number().optional(),
-        archived: z.number().optional(),
-      }),
-      permission: Permission.Ruleset.zod.optional(),
-      revert: z
-        .object({
-          messageID: MessageID.zod,
-          partID: PartID.zod.optional(),
-          snapshot: z.string().optional(),
-          diff: z.string().optional(),
-        })
-        .optional(),
-    })
-    .meta({
-      ref: "Session",
-    })
-  export type Info = z.output<typeof Info>
-
-  export const ProjectInfo = z
-    .object({
-      id: ProjectID.zod,
-      name: z.string().optional(),
-      worktree: z.string(),
-    })
-    .meta({
-      ref: "ProjectSummary",
-    })
-  export type ProjectInfo = z.output<typeof ProjectInfo>
-
-  export const GlobalInfo = Info.extend({
-    project: ProjectInfo.nullable(),
-  }).meta({
-    ref: "GlobalSession",
-  })
-  export type GlobalInfo = z.output<typeof GlobalInfo>
-
-  export const CreateInput = z
-    .object({
-      parentID: SessionID.zod.optional(),
-      title: z.string().optional(),
-      permission: Info.shape.permission,
-      workspaceID: WorkspaceID.zod.optional(),
-    })
-    .optional()
-  export type CreateInput = z.output<typeof CreateInput>
-
-  export const ForkInput = z.object({ sessionID: SessionID.zod, messageID: MessageID.zod.optional() })
-  export const GetInput = SessionID.zod
-  export const ChildrenInput = SessionID.zod
-  export const RemoveInput = SessionID.zod
-  export const SetTitleInput = z.object({ sessionID: SessionID.zod, title: z.string() })
-  export const SetArchivedInput = z.object({ sessionID: SessionID.zod, time: z.number().optional() })
-  export const SetPermissionInput = z.object({ sessionID: SessionID.zod, permission: Permission.Ruleset.zod })
-  export const SetRevertInput = z.object({
-    sessionID: SessionID.zod,
-    revert: Info.shape.revert,
-    summary: Info.shape.summary,
-  })
-  export const MessagesInput = z.object({ sessionID: SessionID.zod, limit: z.number().optional() })
-
-  export const Event = {
-    Created: SyncEvent.define({
-      type: "session.created",
-      version: 1,
-      aggregate: "sessionID",
-      schema: z.object({
-        sessionID: SessionID.zod,
-        info: Info,
-      }),
-    }),
-    Updated: SyncEvent.define({
-      type: "session.updated",
-      version: 1,
-      aggregate: "sessionID",
-      schema: z.object({
-        sessionID: SessionID.zod,
-        info: updateSchema(Info).extend({
-          share: updateSchema(Info.shape.share.unwrap()).optional(),
-          time: updateSchema(Info.shape.time).optional(),
-        }),
-      }),
-      busSchema: z.object({
-        sessionID: SessionID.zod,
-        info: Info,
-      }),
-    }),
-    Deleted: SyncEvent.define({
-      type: "session.deleted",
-      version: 1,
-      aggregate: "sessionID",
-      schema: z.object({
-        sessionID: SessionID.zod,
-        info: Info,
-      }),
-    }),
-    Diff: BusEvent.define(
-      "session.diff",
-      z.object({
-        sessionID: SessionID.zod,
-        diff: Snapshot.FileDiff.array(),
-      }),
-    ),
-    Error: BusEvent.define(
-      "session.error",
-      z.object({
-        sessionID: SessionID.zod.optional(),
-        error: MessageV2.Assistant.shape.error,
-      }),
-    ),
-  }
-
-  export function plan(input: { slug: string; time: { created: number } }) {
-    const base = Instance.project.vcs
-      ? path.join(Instance.worktree, ".opencode", "plans")
-      : path.join(Global.Path.data, "plans")
-    return path.join(base, [input.time.created, input.slug].join("-") + ".md")
-  }
-
-  export const getUsage = (input: {
-    model: Provider.Model
-    usage: LanguageModelUsage
-    metadata?: ProviderMetadata
-  }) => {
-    const safe = (value: number) => {
-      if (!Number.isFinite(value)) return 0
-      return value
-    }
-    const inputTokens = safe(input.usage.inputTokens ?? 0)
-    const outputTokens = safe(input.usage.outputTokens ?? 0)
-    const reasoningTokens = safe(input.usage.outputTokenDetails?.reasoningTokens ?? input.usage.reasoningTokens ?? 0)
-
-    const cacheReadInputTokens = safe(
-      input.usage.inputTokenDetails?.cacheReadTokens ?? input.usage.cachedInputTokens ?? 0,
-    )
-    const cacheWriteInputTokens = safe(
-      (input.usage.inputTokenDetails?.cacheWriteTokens ??
-        input.metadata?.["anthropic"]?.["cacheCreationInputTokens"] ??
-        // google-vertex-anthropic returns metadata under "vertex" key
-        // (AnthropicMessagesLanguageModel custom provider key from 'vertex.anthropic.messages')
-        input.metadata?.["vertex"]?.["cacheCreationInputTokens"] ??
-        // @ts-expect-error
-        input.metadata?.["bedrock"]?.["usage"]?.["cacheWriteInputTokens"] ??
-        // @ts-expect-error
-        input.metadata?.["venice"]?.["usage"]?.["cacheCreationInputTokens"] ??
-        0) as number,
-    )
-
-    // AI SDK v6 normalized inputTokens to include cached tokens across all providers
-    // (including Anthropic/Bedrock which previously excluded them). Always subtract cache
-    // tokens to get the non-cached input count for separate cost calculation.
-    const adjustedInputTokens = safe(inputTokens - cacheReadInputTokens - cacheWriteInputTokens)
-
-    const total = input.usage.totalTokens
-
-    const tokens = {
-      total,
-      input: adjustedInputTokens,
-      output: safe(outputTokens - reasoningTokens),
-      reasoning: reasoningTokens,
-      cache: {
-        write: cacheWriteInputTokens,
-        read: cacheReadInputTokens,
-      },
-    }
-
-    const costInfo =
-      input.model.cost?.experimentalOver200K && tokens.input + tokens.cache.read > 200_000
-        ? input.model.cost.experimentalOver200K
-        : input.model.cost
-    return {
-      cost: safe(
-        new Decimal(0)
-          .add(new Decimal(tokens.input).mul(costInfo?.input ?? 0).div(1_000_000))
-          .add(new Decimal(tokens.output).mul(costInfo?.output ?? 0).div(1_000_000))
-          .add(new Decimal(tokens.cache.read).mul(costInfo?.cache?.read ?? 0).div(1_000_000))
-          .add(new Decimal(tokens.cache.write).mul(costInfo?.cache?.write ?? 0).div(1_000_000))
-          // TODO: update models.dev to have better pricing model, for now:
-          // charge reasoning tokens at the same rate as output tokens
-          .add(new Decimal(tokens.reasoning).mul(costInfo?.output ?? 0).div(1_000_000))
-          .toNumber(),
-      ),
-      tokens,
-    }
-  }
-
-  export class BusyError extends Error {
-    constructor(public readonly sessionID: string) {
-      super(`Session ${sessionID} is busy`)
-    }
-  }
-
-  export interface Interface {
-    readonly create: (input?: {
-      parentID?: SessionID
-      title?: string
-      permission?: Permission.Ruleset
-      workspaceID?: WorkspaceID
-    }) => Effect.Effect<Info>
-    readonly fork: (input: { sessionID: SessionID; messageID?: MessageID }) => Effect.Effect<Info>
-    readonly touch: (sessionID: SessionID) => Effect.Effect<void>
-    readonly get: (id: SessionID) => Effect.Effect<Info>
-    readonly setTitle: (input: { sessionID: SessionID; title: string }) => Effect.Effect<void>
-    readonly setArchived: (input: { sessionID: SessionID; time?: number }) => Effect.Effect<void>
-    readonly setPermission: (input: { sessionID: SessionID; permission: Permission.Ruleset }) => Effect.Effect<void>
-    readonly setRevert: (input: {
-      sessionID: SessionID
-      revert: Info["revert"]
-      summary: Info["summary"]
-    }) => Effect.Effect<void>
-    readonly clearRevert: (sessionID: SessionID) => Effect.Effect<void>
-    readonly setSummary: (input: { sessionID: SessionID; summary: Info["summary"] }) => Effect.Effect<void>
-    readonly diff: (sessionID: SessionID) => Effect.Effect<Snapshot.FileDiff[]>
-    readonly messages: (input: { sessionID: SessionID; limit?: number }) => Effect.Effect<MessageV2.WithParts[]>
-    readonly children: (parentID: SessionID) => Effect.Effect<Info[]>
-    readonly remove: (sessionID: SessionID) => Effect.Effect<void>
-    readonly updateMessage: <T extends MessageV2.Info>(msg: T) => Effect.Effect<T>
-    readonly removeMessage: (input: { sessionID: SessionID; messageID: MessageID }) => Effect.Effect<MessageID>
-    readonly removePart: (input: {
-      sessionID: SessionID
-      messageID: MessageID
-      partID: PartID
-    }) => Effect.Effect<PartID>
-    readonly getPart: (input: {
-      sessionID: SessionID
-      messageID: MessageID
-      partID: PartID
-    }) => Effect.Effect<MessageV2.Part | undefined>
-    readonly updatePart: <T extends MessageV2.Part>(part: T) => Effect.Effect<T>
-    readonly updatePartDelta: (input: {
-      sessionID: SessionID
-      messageID: MessageID
-      partID: PartID
-      field: string
-      delta: string
-    }) => Effect.Effect<void>
-    /** Finds the first message matching the predicate, searching newest-first. */
-    readonly findMessage: (
-      sessionID: SessionID,
-      predicate: (msg: MessageV2.WithParts) => boolean,
-    ) => Effect.Effect<Option.Option<MessageV2.WithParts>>
-  }
-
-  export class Service extends Context.Service<Service, Interface>()("@opencode/Session") {}
-
-  type Patch = z.infer<typeof Event.Updated.schema>["info"]
-
-  const db = <T>(fn: (d: Parameters<typeof Database.use>[0] extends (trx: infer D) => any ? D : never) => T) =>
-    Effect.sync(() => Database.use(fn))
-
-  export const layer: Layer.Layer<Service, never, Bus.Service | Storage.Service> = Layer.effect(
-    Service,
-    Effect.gen(function* () {
-      const bus = yield* Bus.Service
-      const storage = yield* Storage.Service
-
-      const createNext = Effect.fn("Session.createNext")(function* (input: {
-        id?: SessionID
-        title?: string
-        parentID?: SessionID
-        workspaceID?: WorkspaceID
-        directory: string
-        permission?: Permission.Ruleset
-      }) {
-        const ctx = yield* InstanceState.context
-        const result: Info = {
-          id: SessionID.descending(input.id),
-          slug: Slug.create(),
-          version: Installation.VERSION,
-          projectID: ctx.project.id,
-          directory: input.directory,
-          workspaceID: input.workspaceID,
-          parentID: input.parentID,
-          title: input.title ?? createDefaultTitle(!!input.parentID),
-          permission: input.permission,
-          time: {
-            created: Date.now(),
-            updated: Date.now(),
-          },
-        }
-        log.info("created", result)
-
-        yield* Effect.sync(() => SyncEvent.run(Event.Created, { sessionID: result.id, info: result }))
-
-        if (!Flag.OPENCODE_EXPERIMENTAL_WORKSPACES) {
-          // This only exist for backwards compatibility. We should not be
-          // manually publishing this event; it is a sync event now
-          yield* bus.publish(Event.Updated, {
-            sessionID: result.id,
-            info: result,
-          })
-        }
-
-        return result
-      })
-
-      const get = Effect.fn("Session.get")(function* (id: SessionID) {
-        const row = yield* db((d) => d.select().from(SessionTable).where(eq(SessionTable.id, id)).get())
-        if (!row) throw new NotFoundError({ message: `Session not found: ${id}` })
-        return fromRow(row)
-      })
-
-      const children = Effect.fn("Session.children")(function* (parentID: SessionID) {
-        const rows = yield* db((d) =>
-          d
-            .select()
-            .from(SessionTable)
-            .where(and(eq(SessionTable.parent_id, parentID)))
-            .all(),
-        )
-        return rows.map(fromRow)
-      })
-
-      const remove: Interface["remove"] = Effect.fnUntraced(function* (sessionID: SessionID) {
-        try {
-          const session = yield* get(sessionID)
-          const kids = yield* children(sessionID)
-          for (const child of kids) {
-            yield* remove(child.id)
-          }
-
-          // `remove` needs to work in all cases, such as a broken
-          // sessions that run cleanup. In certain cases these will
-          // run without any instance state, so we need to turn off
-          // publishing of events in that case
-          const hasInstance = yield* InstanceState.directory.pipe(
-            Effect.as(true),
-            Effect.catchCause(() => Effect.succeed(false)),
-          )
-
-          yield* Effect.sync(() => {
-            SyncEvent.run(Event.Deleted, { sessionID, info: session }, { publish: hasInstance })
-            SyncEvent.remove(sessionID)
-          })
-        } catch (e) {
-          log.error(e)
-        }
-      })
-
-      const updateMessage = <T extends MessageV2.Info>(msg: T): Effect.Effect<T> =>
-        Effect.gen(function* () {
-          yield* Effect.sync(() => SyncEvent.run(MessageV2.Event.Updated, { sessionID: msg.sessionID, info: msg }))
-          return msg
-        }).pipe(Effect.withSpan("Session.updateMessage"))
-
-      const updatePart = <T extends MessageV2.Part>(part: T): Effect.Effect<T> =>
-        Effect.gen(function* () {
-          yield* Effect.sync(() =>
-            SyncEvent.run(MessageV2.Event.PartUpdated, {
-              sessionID: part.sessionID,
-              part: structuredClone(part),
-              time: Date.now(),
-            }),
-          )
-          return part
-        }).pipe(Effect.withSpan("Session.updatePart"))
-
-      const getPart: Interface["getPart"] = Effect.fn("Session.getPart")(function* (input) {
-        const row = Database.use((db) =>
-          db
-            .select()
-            .from(PartTable)
-            .where(
-              and(
-                eq(PartTable.session_id, input.sessionID),
-                eq(PartTable.message_id, input.messageID),
-                eq(PartTable.id, input.partID),
-              ),
-            )
-            .get(),
-        )
-        if (!row) return
-        return {
-          ...row.data,
-          id: row.id,
-          sessionID: row.session_id,
-          messageID: row.message_id,
-        } as MessageV2.Part
-      })
-
-      const create = Effect.fn("Session.create")(function* (input?: {
-        parentID?: SessionID
-        title?: string
-        permission?: Permission.Ruleset
-        workspaceID?: WorkspaceID
-      }) {
-        const directory = yield* InstanceState.directory
-        return yield* createNext({
-          parentID: input?.parentID,
-          directory,
-          title: input?.title,
-          permission: input?.permission,
-          workspaceID: input?.workspaceID,
-        })
-      })
-
-      const fork = Effect.fn("Session.fork")(function* (input: { sessionID: SessionID; messageID?: MessageID }) {
-        const directory = yield* InstanceState.directory
-        const original = yield* get(input.sessionID)
-        const title = getForkedTitle(original.title)
-        const session = yield* createNext({
-          directory,
-          workspaceID: original.workspaceID,
-          title,
-        })
-        const msgs = yield* messages({ sessionID: input.sessionID })
-        const idMap = new Map<string, MessageID>()
-
-        for (const msg of msgs) {
-          if (input.messageID && msg.info.id >= input.messageID) break
-          const newID = MessageID.ascending()
-          idMap.set(msg.info.id, newID)
-
-          const parentID = msg.info.role === "assistant" && msg.info.parentID ? idMap.get(msg.info.parentID) : undefined
-          const cloned = yield* updateMessage({
-            ...msg.info,
-            sessionID: session.id,
-            id: newID,
-            ...(parentID && { parentID }),
-          })
-
-          for (const part of msg.parts) {
-            yield* updatePart({
-              ...part,
-              id: PartID.ascending(),
-              messageID: cloned.id,
-              sessionID: session.id,
-            })
-          }
-        }
-        return session
-      })
-
-      const patch = (sessionID: SessionID, info: Patch) =>
-        Effect.sync(() => SyncEvent.run(Event.Updated, { sessionID, info }))
-
-      const touch = Effect.fn("Session.touch")(function* (sessionID: SessionID) {
-        yield* patch(sessionID, { time: { updated: Date.now() } })
-      })
-
-      const setTitle = Effect.fn("Session.setTitle")(function* (input: { sessionID: SessionID; title: string }) {
-        yield* patch(input.sessionID, { title: input.title })
-      })
-
-      const setArchived = Effect.fn("Session.setArchived")(function* (input: { sessionID: SessionID; time?: number }) {
-        yield* patch(input.sessionID, { time: { archived: input.time } })
-      })
-
-      const setPermission = Effect.fn("Session.setPermission")(function* (input: {
-        sessionID: SessionID
-        permission: Permission.Ruleset
-      }) {
-        yield* patch(input.sessionID, { permission: input.permission, time: { updated: Date.now() } })
-      })
-
-      const setRevert = Effect.fn("Session.setRevert")(function* (input: {
-        sessionID: SessionID
-        revert: Info["revert"]
-        summary: Info["summary"]
-      }) {
-        yield* patch(input.sessionID, { summary: input.summary, time: { updated: Date.now() }, revert: input.revert })
-      })
-
-      const clearRevert = Effect.fn("Session.clearRevert")(function* (sessionID: SessionID) {
-        yield* patch(sessionID, { time: { updated: Date.now() }, revert: null })
-      })
-
-      const setSummary = Effect.fn("Session.setSummary")(function* (input: {
-        sessionID: SessionID
-        summary: Info["summary"]
-      }) {
-        yield* patch(input.sessionID, { time: { updated: Date.now() }, summary: input.summary })
-      })
-
-      const diff = Effect.fn("Session.diff")(function* (sessionID: SessionID) {
-        return yield* storage
-          .read<Snapshot.FileDiff[]>(["session_diff", sessionID])
-          .pipe(Effect.orElseSucceed((): Snapshot.FileDiff[] => []))
-      })
-
-      const messages = Effect.fn("Session.messages")(function* (input: { sessionID: SessionID; limit?: number }) {
-        if (input.limit) {
-          return MessageV2.page({ sessionID: input.sessionID, limit: input.limit }).items
-        }
-        return Array.from(MessageV2.stream(input.sessionID)).reverse()
-      })
-
-      const removeMessage = Effect.fn("Session.removeMessage")(function* (input: {
-        sessionID: SessionID
-        messageID: MessageID
-      }) {
-        yield* Effect.sync(() =>
-          SyncEvent.run(MessageV2.Event.Removed, {
-            sessionID: input.sessionID,
-            messageID: input.messageID,
-          }),
-        )
-        return input.messageID
-      })
-
-      const removePart = Effect.fn("Session.removePart")(function* (input: {
-        sessionID: SessionID
-        messageID: MessageID
-        partID: PartID
-      }) {
-        yield* Effect.sync(() =>
-          SyncEvent.run(MessageV2.Event.PartRemoved, {
-            sessionID: input.sessionID,
-            messageID: input.messageID,
-            partID: input.partID,
-          }),
-        )
-        return input.partID
-      })
-
-      const updatePartDelta = Effect.fn("Session.updatePartDelta")(function* (input: {
-        sessionID: SessionID
-        messageID: MessageID
-        partID: PartID
-        field: string
-        delta: string
-      }) {
-        yield* bus.publish(MessageV2.Event.PartDelta, input)
-      })
-
-      /** Finds the first message matching the predicate, searching newest-first. */
-      const findMessage = Effect.fn("Session.findMessage")(function* (
-        sessionID: SessionID,
-        predicate: (msg: MessageV2.WithParts) => boolean,
-      ) {
-        for (const item of MessageV2.stream(sessionID)) {
-          if (predicate(item)) return Option.some(item)
-        }
-        return Option.none<MessageV2.WithParts>()
-      })
-
-      return Service.of({
-        create,
-        fork,
-        touch,
-        get,
-        setTitle,
-        setArchived,
-        setPermission,
-        setRevert,
-        clearRevert,
-        setSummary,
-        diff,
-        messages,
-        children,
-        remove,
-        updateMessage,
-        removeMessage,
-        removePart,
-        updatePart,
-        getPart,
-        updatePartDelta,
-        findMessage,
-      })
-    }),
-  )
-
-  export const defaultLayer = layer.pipe(Layer.provide(Bus.layer), Layer.provide(Storage.defaultLayer))
-
-  export function* list(input?: {
-    directory?: string
-    workspaceID?: WorkspaceID
-    roots?: boolean
-    start?: number
-    search?: string
-    limit?: number
-  }) {
-    const project = Instance.project
-    const conditions = [eq(SessionTable.project_id, project.id)]
-
-    if (input?.workspaceID) {
-      conditions.push(eq(SessionTable.workspace_id, input.workspaceID))
-    }
-    if (input?.directory) {
-      conditions.push(eq(SessionTable.directory, input.directory))
-    }
-    if (input?.roots) {
-      conditions.push(isNull(SessionTable.parent_id))
-    }
-    if (input?.start) {
-      conditions.push(gte(SessionTable.time_updated, input.start))
-    }
-    if (input?.search) {
-      conditions.push(like(SessionTable.title, `%${input.search}%`))
-    }
-
-    const limit = input?.limit ?? 100
-
-    const rows = Database.use((db) =>
-      db
-        .select()
-        .from(SessionTable)
-        .where(and(...conditions))
-        .orderBy(desc(SessionTable.time_updated))
-        .limit(limit)
-        .all(),
-    )
-    for (const row of rows) {
-      yield fromRow(row)
-    }
-  }
-
-  export function* listGlobal(input?: {
-    directory?: string
-    roots?: boolean
-    start?: number
-    cursor?: number
-    search?: string
-    limit?: number
-    archived?: boolean
-  }) {
-    const conditions: SQL[] = []
-
-    if (input?.directory) {
-      conditions.push(eq(SessionTable.directory, input.directory))
-    }
-    if (input?.roots) {
-      conditions.push(isNull(SessionTable.parent_id))
-    }
-    if (input?.start) {
-      conditions.push(gte(SessionTable.time_updated, input.start))
-    }
-    if (input?.cursor) {
-      conditions.push(lt(SessionTable.time_updated, input.cursor))
-    }
-    if (input?.search) {
-      conditions.push(like(SessionTable.title, `%${input.search}%`))
-    }
-    if (!input?.archived) {
-      conditions.push(isNull(SessionTable.time_archived))
-    }
-
-    const limit = input?.limit ?? 100
-
-    const rows = Database.use((db) => {
-      const query =
-        conditions.length > 0
-          ? db
-              .select()
-              .from(SessionTable)
-              .where(and(...conditions))
-          : db.select().from(SessionTable)
-      return query.orderBy(desc(SessionTable.time_updated), desc(SessionTable.id)).limit(limit).all()
-    })
-
-    const ids = [...new Set(rows.map((row) => row.project_id))]
-    const projects = new Map<string, ProjectInfo>()
-
-    if (ids.length > 0) {
-      const items = Database.use((db) =>
-        db
-          .select({ id: ProjectTable.id, name: ProjectTable.name, worktree: ProjectTable.worktree })
-          .from(ProjectTable)
-          .where(inArray(ProjectTable.id, ids))
-          .all(),
-      )
-      for (const item of items) {
-        projects.set(item.id, {
-          id: item.id,
-          name: item.name ?? undefined,
-          worktree: item.worktree,
-        })
-      }
-    }
-
-    for (const row of rows) {
-      const project = projects.get(row.project_id) ?? null
-      yield { ...fromRow(row), project }
-    }
-  }
-}
+export * as Session from "./session"

packages/opencode/src/session/llm.ts

@@ -1,4 +1,4 @@
-import { Provider } from "@/provider/provider"
+import { Provider } from "@/provider"
 import { Log } from "@/util/log"
 import { Context, Effect, Layer, Record } from "effect"
 import * as Stream from "effect/Stream"

packages/opencode/src/session/message-v2.ts

@@ -12,7 +12,7 @@ import { ProviderError } from "@/provider/error"
 import { iife } from "@/util/iife"
 import { errorMessage } from "@/util/error"
 import type { SystemError } from "bun"
-import type { Provider } from "@/provider/provider"
+import type { Provider } from "@/provider"
 import { ModelID, ProviderID } from "@/provider/schema"
 import { Effect } from "effect"
 import { EffectLogger } from "@/effect/logger"

packages/opencode/src/session/overflow.ts

@@ -1,5 +1,5 @@
 import type { Config } from "@/config"
-import type { Provider } from "@/provider/provider"
+import type { Provider } from "@/provider"
 import { ProviderTransform } from "@/provider/transform"
 import type { MessageV2 } from "./message-v2"
 

packages/opencode/src/session/processor.ts

@@ -15,7 +15,7 @@ import type { SessionID } from "./schema"
 import { SessionRetry } from "./retry"
 import { SessionStatus } from "./status"
 import { SessionSummary } from "./summary"
-import type { Provider } from "@/provider/provider"
+import type { Provider } from "@/provider"
 import { Question } from "@/question"
 import { errorMessage } from "@/util/error"
 import { Log } from "@/util/log"