test(httpapi): cover session json parity

Add defaultOptions to QueryClient to disable automatic refetching:
- refetchOnReconnect: false
- refetchOnMount: false
- refetchOnWindowFocus: false

.github/ISSUE_TEMPLATE/bug-report.yml

@@ -1,5 +1,6 @@
 name: Bug report
 description: Report an issue that should be fixed
+labels: ["bug"]
 body:
   - type: textarea
     id: description

.github/ISSUE_TEMPLATE/feature-request.yml

@@ -1,5 +1,6 @@
 name: 🚀 Feature Request
 description: Suggest an idea, feature, or enhancement
+labels: [discussion]
 title: "[FEATURE]:"
 
 body:

.github/ISSUE_TEMPLATE/question.yml

@@ -1,5 +1,6 @@
 name: Question
 description: Ask a question
+labels: ["question"]
 body:
   - type: textarea
     id: question

.github/TEAM_MEMBERS

@@ -11,5 +11,6 @@ MrMushrooooom
 nexxeln
 R44VC0RP
 rekram1-node
+RhysSullivan
 thdxr
 simonklee

.github/VOUCHED.td

@@ -0,0 +1,37 @@
+# Vouched contributors for this project.
+#
+# See https://github.com/mitchellh/vouch for details.
+#
+# Syntax:
+#   - One handle per line (without @), sorted alphabetically.
+#   - Optional platform prefix: platform:username (e.g., github:user).
+#   - Denounce with minus prefix: -username or -platform:username.
+#   - Optional details after a space following the handle.
+adamdotdevin
+-agusbasari29 AI PR slop
+ariane-emory
+-atharvau AI review spamming literally every PR
+-borealbytes
+-carycooper777
+-danieljoshuanazareth
+-danieljoshuanazareth
+-davidbernat looks to be a clawdbot that spams team and sends super weird emails, doesnt appear to be a real person
+edemaine
+-florianleibert
+fwang
+iamdavidhill
+jayair
+kitlangton
+kommander
+-opencode2026
+-opencodeengineer bot that spams issues
+r44vc0rp
+rekram1-node
+-ricardo-m-l
+-robinmordasiewicz
+rubdos
+shantur
+simonklee
+-spider-yamet clawdbot/llm psychosis, spam pinging the team
+thdxr
+-toastythebot

.github/workflows/daily-issues-recap.yml

@@ -0,0 +1,170 @@
+name: daily-issues-recap
+
+on:
+  schedule:
+    # Run at 6 PM EST (23:00 UTC, or 22:00 UTC during daylight saving)
+    - cron: "0 23 * * *"
+  workflow_dispatch: # Allow manual trigger for testing
+
+jobs:
+  daily-recap:
+    runs-on: blacksmith-4vcpu-ubuntu-2404
+    permissions:
+      contents: read
+      issues: read
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 1
+
+      - uses: ./.github/actions/setup-bun
+
+      - name: Install opencode
+        run: curl -fsSL https://opencode.ai/install | bash
+
+      - name: Generate daily issues recap
+        id: recap
+        env:
+          OPENCODE_API_KEY: ${{ secrets.OPENCODE_API_KEY }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          OPENCODE_PERMISSION: |
+            {
+              "bash": {
+                "*": "deny",
+                "gh issue*": "allow",
+                "gh search*": "allow"
+              },
+              "webfetch": "deny",
+              "edit": "deny",
+              "write": "deny"
+            }
+        run: |
+          # Get today's date range
+          TODAY=$(date -u +%Y-%m-%d)
+
+          opencode run -m opencode/claude-sonnet-4-5 "Generate a daily issues recap for the OpenCode repository.
+
+          TODAY'S DATE: ${TODAY}
+
+          STEP 1: Gather today's issues
+          Search for all OPEN issues created today (${TODAY}) using:
+          gh issue list --repo ${{ github.repository }} --state open --search \"created:${TODAY}\" --json number,title,body,labels,state,comments,createdAt,author --limit 500
+
+          IMPORTANT: EXCLUDE all issues authored by Anomaly team members. Filter out issues where the author login matches ANY of these:
+          adamdotdevin, Brendonovich, fwang, Hona, iamdavidhill, jayair, kitlangton, kommander, MrMushrooooom, R44VC0RP, rekram1-node, thdxr
+          This recap is specifically for COMMUNITY (external) issues only.
+
+          STEP 2: Analyze and categorize
+          For each issue created today, categorize it:
+
+          **Severity Assessment:**
+          - CRITICAL: Crashes, data loss, security issues, blocks major functionality
+          - HIGH: Significant bugs affecting many users, important features broken
+          - MEDIUM: Bugs with workarounds, minor features broken
+          - LOW: Minor issues, cosmetic, nice-to-haves
+
+          **Activity Assessment:**
+          - Note issues with high comment counts or engagement
+          - Note issues from repeat reporters (check if author has filed before)
+
+          STEP 3: Cross-reference with existing issues
+          For issues that seem like feature requests or recurring bugs:
+          - Search for similar older issues to identify patterns
+          - Note if this is a frequently requested feature
+          - Identify any issues that are duplicates of long-standing requests
+
+          STEP 4: Generate the recap
+          Create a structured recap with these sections:
+
+          ===DISCORD_START===
+          **Daily Issues Recap - ${TODAY}**
+
+          **Summary Stats**
+          - Total issues opened today: [count]
+          - By category: [bugs/features/questions]
+
+          **Critical/High Priority Issues**
+          [List any CRITICAL or HIGH severity issues with brief descriptions and issue numbers]
+
+          **Most Active/Discussed**
+          [Issues with significant engagement or from active community members]
+
+          **Trending Topics**
+          [Patterns noticed - e.g., 'Multiple reports about X', 'Continued interest in Y feature']
+
+          **Duplicates & Related**
+          [Issues that relate to existing open issues]
+          ===DISCORD_END===
+
+          STEP 5: Format for Discord
+          Format the recap as a Discord-compatible message:
+          - Use Discord markdown (**, __, etc.)
+          - BE EXTREMELY CONCISE - this is an EOD summary, not a detailed report
+          - Use hyperlinked issue numbers with suppressed embeds: [#1234](<https://github.com/${{ github.repository }}/issues/1234>)
+          - Group related issues on single lines where possible
+          - Add emoji sparingly for critical items only
+          - HARD LIMIT: Keep under 1800 characters total
+          - Skip sections that have nothing notable (e.g., if no critical issues, omit that section)
+          - Prioritize signal over completeness - only surface what matters
+
+          OUTPUT: Output ONLY the content between ===DISCORD_START=== and ===DISCORD_END=== markers. Include the markers so I can extract it." > /tmp/recap_raw.txt
+
+          # Extract only the Discord message between markers
+          sed -n '/===DISCORD_START===/,/===DISCORD_END===/p' /tmp/recap_raw.txt | grep -v '===DISCORD' > /tmp/recap.txt
+
+          echo "recap_file=/tmp/recap.txt" >> $GITHUB_OUTPUT
+
+      - name: Post to Discord
+        env:
+          DISCORD_WEBHOOK_URL: ${{ secrets.DISCORD_ISSUES_WEBHOOK_URL }}
+        run: |
+          if [ -z "$DISCORD_WEBHOOK_URL" ]; then
+            echo "Warning: DISCORD_ISSUES_WEBHOOK_URL secret not set, skipping Discord post"
+            cat /tmp/recap.txt
+            exit 0
+          fi
+
+          # Read the recap
+          RECAP_RAW=$(cat /tmp/recap.txt)
+          RECAP_LENGTH=${#RECAP_RAW}
+
+          echo "Recap length: ${RECAP_LENGTH} chars"
+
+          # Function to post a message to Discord
+          post_to_discord() {
+            local msg="$1"
+            local content=$(echo "$msg" | jq -Rs '.')
+            curl -s -H "Content-Type: application/json" \
+                 -X POST \
+                 -d "{\"content\": ${content}}" \
+                 "$DISCORD_WEBHOOK_URL"
+            sleep 1
+          }
+
+          # If under limit, send as single message
+          if [ "$RECAP_LENGTH" -le 1950 ]; then
+            post_to_discord "$RECAP_RAW"
+          else
+            echo "Splitting into multiple messages..."
+            remaining="$RECAP_RAW"
+            while [ ${#remaining} -gt 0 ]; do
+              if [ ${#remaining} -le 1950 ]; then
+                post_to_discord "$remaining"
+                break
+              else
+                chunk="${remaining:0:1900}"
+                last_newline=$(echo "$chunk" | grep -bo $'\n' | tail -1 | cut -d: -f1)
+                if [ -n "$last_newline" ] && [ "$last_newline" -gt 500 ]; then
+                  chunk="${remaining:0:$last_newline}"
+                  remaining="${remaining:$((last_newline+1))}"
+                else
+                  chunk="${remaining:0:1900}"
+                  remaining="${remaining:1900}"
+                fi
+                post_to_discord "$chunk"
+              fi
+            done
+          fi
+
+          echo "Posted daily recap to Discord"

.github/workflows/daily-pr-recap.yml

@@ -0,0 +1,173 @@
+name: daily-pr-recap
+
+on:
+  schedule:
+    # Run at 5pm EST (22:00 UTC, or 21:00 UTC during daylight saving)
+    - cron: "0 22 * * *"
+  workflow_dispatch: # Allow manual trigger for testing
+
+jobs:
+  pr-recap:
+    runs-on: blacksmith-4vcpu-ubuntu-2404
+    permissions:
+      contents: read
+      pull-requests: read
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 1
+
+      - uses: ./.github/actions/setup-bun
+
+      - name: Install opencode
+        run: curl -fsSL https://opencode.ai/install | bash
+
+      - name: Generate daily PR recap
+        id: recap
+        env:
+          OPENCODE_API_KEY: ${{ secrets.OPENCODE_API_KEY }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          OPENCODE_PERMISSION: |
+            {
+              "bash": {
+                "*": "deny",
+                "gh pr*": "allow",
+                "gh search*": "allow"
+              },
+              "webfetch": "deny",
+              "edit": "deny",
+              "write": "deny"
+            }
+        run: |
+          TODAY=$(date -u +%Y-%m-%d)
+
+          opencode run -m opencode/claude-sonnet-4-5 "Generate a daily PR activity recap for the OpenCode repository.
+
+          TODAY'S DATE: ${TODAY}
+
+          STEP 1: Gather PR data
+          Run these commands to gather PR information. ONLY include OPEN PRs created or updated TODAY (${TODAY}):
+
+          # Open PRs created today
+          gh pr list --repo ${{ github.repository }} --state open --search \"created:${TODAY}\" --json number,title,author,labels,createdAt,updatedAt,reviewDecision,isDraft,additions,deletions --limit 100
+
+          # Open PRs with activity today (updated today)
+          gh pr list --repo ${{ github.repository }} --state open --search \"updated:${TODAY}\" --json number,title,author,labels,createdAt,updatedAt,reviewDecision,isDraft,additions,deletions --limit 100
+
+          IMPORTANT: EXCLUDE all PRs authored by Anomaly team members. Filter out PRs where the author login matches ANY of these:
+          adamdotdevin, Brendonovich, fwang, Hona, iamdavidhill, jayair, kitlangton, kommander, MrMushrooooom, R44VC0RP, rekram1-node, thdxr
+          This recap is specifically for COMMUNITY (external) contributions only.
+
+
+
+          STEP 2: For high-activity PRs, check comment counts
+          For promising PRs, run:
+          gh pr view [NUMBER] --repo ${{ github.repository }} --json comments --jq '[.comments[] | select(.author.login != \"copilot-pull-request-reviewer\" and .author.login != \"github-actions\")] | length'
+
+          IMPORTANT: When counting comments/activity, EXCLUDE these bot accounts:
+          - copilot-pull-request-reviewer
+          - github-actions
+
+          STEP 3: Identify what matters (ONLY from today's PRs)
+
+          **Bug Fixes From Today:**
+          - PRs with 'fix' or 'bug' in title created/updated today
+          - Small bug fixes (< 100 lines changed) that are easy to review
+          - Bug fixes from community contributors
+
+          **High Activity Today:**
+          - PRs with significant human comments today (excluding bots listed above)
+          - PRs with back-and-forth discussion today
+
+          **Quick Wins:**
+          - Small PRs (< 50 lines) that are approved or nearly approved
+          - PRs that just need a final review
+
+          STEP 4: Generate the recap
+          Create a structured recap:
+
+          ===DISCORD_START===
+          **Daily PR Recap - ${TODAY}**
+
+          **New PRs Today**
+          [PRs opened today - group by type: bug fixes, features, etc.]
+
+          **Active PRs Today**
+          [PRs with activity/updates today - significant discussion]
+
+          **Quick Wins**
+          [Small PRs ready to merge]
+          ===DISCORD_END===
+
+          STEP 5: Format for Discord
+          - Use Discord markdown (**, __, etc.)
+          - BE EXTREMELY CONCISE - surface what we might miss
+          - Use hyperlinked PR numbers with suppressed embeds: [#1234](<https://github.com/${{ github.repository }}/pull/1234>)
+          - Include PR author: [#1234](<url>) (@author)
+          - For bug fixes, add brief description of what it fixes
+          - Show line count for quick wins: \"(+15/-3 lines)\"
+          - HARD LIMIT: Keep under 1800 characters total
+          - Skip empty sections
+          - Focus on PRs that need human eyes
+
+          OUTPUT: Output ONLY the content between ===DISCORD_START=== and ===DISCORD_END=== markers. Include the markers so I can extract it." > /tmp/pr_recap_raw.txt
+
+          # Extract only the Discord message between markers
+          sed -n '/===DISCORD_START===/,/===DISCORD_END===/p' /tmp/pr_recap_raw.txt | grep -v '===DISCORD' > /tmp/pr_recap.txt
+
+          echo "recap_file=/tmp/pr_recap.txt" >> $GITHUB_OUTPUT
+
+      - name: Post to Discord
+        env:
+          DISCORD_WEBHOOK_URL: ${{ secrets.DISCORD_ISSUES_WEBHOOK_URL }}
+        run: |
+          if [ -z "$DISCORD_WEBHOOK_URL" ]; then
+            echo "Warning: DISCORD_ISSUES_WEBHOOK_URL secret not set, skipping Discord post"
+            cat /tmp/pr_recap.txt
+            exit 0
+          fi
+
+          # Read the recap
+          RECAP_RAW=$(cat /tmp/pr_recap.txt)
+          RECAP_LENGTH=${#RECAP_RAW}
+
+          echo "Recap length: ${RECAP_LENGTH} chars"
+
+          # Function to post a message to Discord
+          post_to_discord() {
+            local msg="$1"
+            local content=$(echo "$msg" | jq -Rs '.')
+            curl -s -H "Content-Type: application/json" \
+                 -X POST \
+                 -d "{\"content\": ${content}}" \
+                 "$DISCORD_WEBHOOK_URL"
+            sleep 1
+          }
+
+          # If under limit, send as single message
+          if [ "$RECAP_LENGTH" -le 1950 ]; then
+            post_to_discord "$RECAP_RAW"
+          else
+            echo "Splitting into multiple messages..."
+            remaining="$RECAP_RAW"
+            while [ ${#remaining} -gt 0 ]; do
+              if [ ${#remaining} -le 1950 ]; then
+                post_to_discord "$remaining"
+                break
+              else
+                chunk="${remaining:0:1900}"
+                last_newline=$(echo "$chunk" | grep -bo $'\n' | tail -1 | cut -d: -f1)
+                if [ -n "$last_newline" ] && [ "$last_newline" -gt 500 ]; then
+                  chunk="${remaining:0:$last_newline}"
+                  remaining="${remaining:$((last_newline+1))}"
+                else
+                  chunk="${remaining:0:1900}"
+                  remaining="${remaining:1900}"
+                fi
+                post_to_discord "$chunk"
+              fi
+            done
+          fi
+
+          echo "Posted daily PR recap to Discord"

.github/workflows/porter-app-5534-apn-relay.yml

@@ -0,0 +1,27 @@
+"on":
+    push:
+        branches:
+            - opencode-remote-voice
+name: Deploy to apn-relay
+jobs:
+    porter-deploy:
+        runs-on: ubuntu-latest
+        steps:
+            - name: Checkout code
+              uses: actions/checkout@v4
+            - name: Set Github tag
+              id: vars
+              run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
+            - name: Setup porter
+              uses: porter-dev/setup-porter@v0.1.0
+            - name: Deploy stack
+              timeout-minutes: 30
+              run: porter apply
+              env:
+                PORTER_APP_NAME: apn-relay
+                PORTER_CLUSTER: "5534"
+                PORTER_DEPLOYMENT_TARGET_ID: d60e67f5-b0a6-4275-8ed6-3cebaf092147
+                PORTER_HOST: https://dashboard.porter.run
+                PORTER_PROJECT: "18525"
+                PORTER_TAG: ${{ steps.vars.outputs.sha_short }}
+                PORTER_TOKEN: ${{ secrets.PORTER_APP_18525_975734319 }}

.github/workflows/publish.yml

@@ -88,7 +88,7 @@ jobs:
       - name: Build
         id: build
         run: |
-          ./packages/opencode/script/build.ts ${{ (github.ref_name == 'beta' && '--sourcemaps') || '' }}
+          ./packages/opencode/script/build.ts
         env:
           OPENCODE_VERSION: ${{ needs.version.outputs.version }}
           OPENCODE_RELEASE: ${{ needs.version.outputs.release }}
@@ -209,6 +209,182 @@ jobs:
             packages/opencode/dist/opencode-windows-x64
             packages/opencode/dist/opencode-windows-x64-baseline
 
+  build-tauri:
+    needs:
+      - build-cli
+      - version
+    continue-on-error: false
+    env:
+      AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
+      AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
+      AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+      AZURE_TRUSTED_SIGNING_ACCOUNT_NAME: ${{ secrets.AZURE_TRUSTED_SIGNING_ACCOUNT_NAME }}
+      AZURE_TRUSTED_SIGNING_CERTIFICATE_PROFILE: ${{ secrets.AZURE_TRUSTED_SIGNING_CERTIFICATE_PROFILE }}
+      AZURE_TRUSTED_SIGNING_ENDPOINT: ${{ secrets.AZURE_TRUSTED_SIGNING_ENDPOINT }}
+    strategy:
+      fail-fast: false
+      matrix:
+        settings:
+          - host: macos-latest
+            target: x86_64-apple-darwin
+          - host: macos-latest
+            target: aarch64-apple-darwin
+          # github-hosted: blacksmith lacks ARM64 MSVC cross-compilation toolchain
+          - host: windows-2025
+            target: aarch64-pc-windows-msvc
+          - host: blacksmith-4vcpu-windows-2025
+            target: x86_64-pc-windows-msvc
+          - host: blacksmith-4vcpu-ubuntu-2404
+            target: x86_64-unknown-linux-gnu
+          - host: blacksmith-8vcpu-ubuntu-2404-arm
+            target: aarch64-unknown-linux-gnu
+    runs-on: ${{ matrix.settings.host }}
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-tags: true
+
+      - uses: apple-actions/import-codesign-certs@v2
+        if: ${{ runner.os == 'macOS' }}
+        with:
+          keychain: build
+          p12-file-base64: ${{ secrets.APPLE_CERTIFICATE }}
+          p12-password: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
+
+      - name: Verify Certificate
+        if: ${{ runner.os == 'macOS' }}
+        run: |
+          CERT_INFO=$(security find-identity -v -p codesigning build.keychain | grep "Developer ID Application")
+          CERT_ID=$(echo "$CERT_INFO" | awk -F'"' '{print $2}')
+          echo "CERT_ID=$CERT_ID" >> $GITHUB_ENV
+          echo "Certificate imported."
+
+      - name: Setup Apple API Key
+        if: ${{ runner.os == 'macOS' }}
+        run: |
+          echo "${{ secrets.APPLE_API_KEY_PATH }}" > $RUNNER_TEMP/apple-api-key.p8
+
+      - uses: ./.github/actions/setup-bun
+
+      - name: Azure login
+        if: runner.os == 'Windows'
+        uses: azure/login@v2
+        with:
+          client-id: ${{ env.AZURE_CLIENT_ID }}
+          tenant-id: ${{ env.AZURE_TENANT_ID }}
+          subscription-id: ${{ env.AZURE_SUBSCRIPTION_ID }}
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "24"
+
+      - name: Cache apt packages
+        if: contains(matrix.settings.host, 'ubuntu')
+        uses: actions/cache@v4
+        with:
+          path: ~/apt-cache
+          key: ${{ runner.os }}-${{ matrix.settings.target }}-apt-${{ hashFiles('.github/workflows/publish.yml') }}
+          restore-keys: |
+            ${{ runner.os }}-${{ matrix.settings.target }}-apt-
+
+      - name: install dependencies (ubuntu only)
+        if: contains(matrix.settings.host, 'ubuntu')
+        run: |
+          mkdir -p ~/apt-cache && chmod -R a+rw ~/apt-cache
+          sudo apt-get update
+          sudo apt-get install -y --no-install-recommends -o dir::cache::archives="$HOME/apt-cache" libwebkit2gtk-4.1-dev libappindicator3-dev librsvg2-dev patchelf
+          sudo chmod -R a+rw ~/apt-cache
+
+      - name: install Rust stable
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          targets: ${{ matrix.settings.target }}
+
+      - uses: Swatinem/rust-cache@v2
+        with:
+          workspaces: packages/desktop/src-tauri
+          shared-key: ${{ matrix.settings.target }}
+
+      - name: Prepare
+        run: |
+          cd packages/desktop
+          bun ./scripts/prepare.ts
+        env:
+          OPENCODE_VERSION: ${{ needs.version.outputs.version }}
+          GITHUB_TOKEN: ${{ steps.committer.outputs.token }}
+          OPENCODE_CLI_ARTIFACT: ${{ (runner.os == 'Windows' && 'opencode-cli-windows') || 'opencode-cli' }}
+          RUST_TARGET: ${{ matrix.settings.target }}
+          GH_TOKEN: ${{ github.token }}
+          GITHUB_RUN_ID: ${{ github.run_id }}
+
+      - name: Resolve tauri portable SHA
+        if: contains(matrix.settings.host, 'ubuntu')
+        run: echo "TAURI_PORTABLE_SHA=$(git ls-remote https://github.com/tauri-apps/tauri.git refs/heads/feat/truly-portable-appimage | cut -f1)" >> "$GITHUB_ENV"
+
+      # Fixes AppImage build issues, can be removed when https://github.com/tauri-apps/tauri/pull/12491 is released
+      - name: Install tauri-cli from portable appimage branch
+        uses: taiki-e/cache-cargo-install-action@v3
+        if: contains(matrix.settings.host, 'ubuntu')
+        with:
+          tool: tauri-cli
+          git: https://github.com/tauri-apps/tauri
+          # branch: feat/truly-portable-appimage
+          rev: ${{ env.TAURI_PORTABLE_SHA }}
+
+      - name: Show tauri-cli version
+        if: contains(matrix.settings.host, 'ubuntu')
+        run: cargo tauri --version
+
+      - name: Setup git committer
+        id: committer
+        uses: ./.github/actions/setup-git-committer
+        with:
+          opencode-app-id: ${{ vars.OPENCODE_APP_ID }}
+          opencode-app-secret: ${{ secrets.OPENCODE_APP_SECRET }}
+
+      - name: Build and upload artifacts
+        uses: tauri-apps/tauri-action@390cbe447412ced1303d35abe75287949e43437a
+        timeout-minutes: 60
+        with:
+          projectPath: packages/desktop
+          uploadWorkflowArtifacts: true
+          tauriScript: ${{ (contains(matrix.settings.host, 'ubuntu') && 'cargo tauri') || '' }}
+          args: --target ${{ matrix.settings.target }} --config ${{ (github.ref_name == 'beta' && './src-tauri/tauri.beta.conf.json') || './src-tauri/tauri.prod.conf.json' }} --verbose
+          updaterJsonPreferNsis: true
+          releaseId: ${{ needs.version.outputs.release }}
+          tagName: ${{ needs.version.outputs.tag }}
+          releaseDraft: true
+          releaseAssetNamePattern: opencode-desktop-[platform]-[arch][ext]
+          repo: ${{ (github.ref_name == 'beta' && 'opencode-beta') || '' }}
+          releaseCommitish: ${{ github.sha }}
+        env:
+          GITHUB_TOKEN: ${{ steps.committer.outputs.token }}
+          TAURI_BUNDLER_NEW_APPIMAGE_FORMAT: true
+          TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
+          TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
+          APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
+          APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
+          APPLE_SIGNING_IDENTITY: ${{ env.CERT_ID }}
+          APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }}
+          APPLE_API_KEY: ${{ secrets.APPLE_API_KEY }}
+          APPLE_API_KEY_PATH: ${{ runner.temp }}/apple-api-key.p8
+
+      - name: Verify signed Windows desktop artifacts
+        if: runner.os == 'Windows'
+        shell: pwsh
+        run: |
+          $files = @(
+            "${{ github.workspace }}\packages\desktop\src-tauri\sidecars\opencode-cli-${{ matrix.settings.target }}.exe"
+          )
+          $files += Get-ChildItem "${{ github.workspace }}\packages\desktop\src-tauri\target\${{ matrix.settings.target }}\release\bundle\nsis\*.exe" | Select-Object -ExpandProperty FullName
+
+          foreach ($file in $files) {
+            $sig = Get-AuthenticodeSignature $file
+            if ($sig.Status -ne "Valid") {
+              throw "Invalid signature for ${file}: $($sig.Status)"
+            }
+          }
+
   build-electron:
     needs:
       - build-cli
@@ -348,30 +524,6 @@ jobs:
         env:
           OPENCODE_CHANNEL: ${{ (github.ref_name == 'beta' && 'beta') || 'prod' }}
 
-      - name: Create and upload macOS .app.tar.gz
-        if: runner.os == 'macOS' && needs.version.outputs.release
-        working-directory: packages/desktop-electron/dist
-        env:
-          GH_TOKEN: ${{ steps.committer.outputs.token }}
-        run: |
-          if [[ "${{ matrix.settings.target }}" == "x86_64-apple-darwin" ]]; then
-            APP_DIR="mac"
-            OUT_NAME="opencode-desktop-mac-x64.app.tar.gz"
-          elif [[ "${{ matrix.settings.target }}" == "aarch64-apple-darwin" ]]; then
-            APP_DIR="mac-arm64"
-            OUT_NAME="opencode-desktop-mac-arm64.app.tar.gz"
-          else
-            echo "Unknown macOS target: ${{ matrix.settings.target }}"
-            exit 1
-          fi
-          APP_PATH=$(find "$APP_DIR" -maxdepth 1 -name "*.app" -type d | head -1)
-          if [ -z "$APP_PATH" ]; then
-            echo "No .app bundle found in $APP_DIR"
-            exit 1
-          fi
-          tar -czf "$OUT_NAME" -C "$(dirname "$APP_PATH")" "$(basename "$APP_PATH")"
-          gh release upload "v${{ needs.version.outputs.version }}" "$OUT_NAME" --clobber --repo "${{ needs.version.outputs.repo }}"
-
       - name: Verify signed Windows Electron artifacts
         if: runner.os == 'Windows'
         shell: pwsh
@@ -390,7 +542,7 @@ jobs:
 
       - uses: actions/upload-artifact@v4
         with:
-          name: opencode-desktop-${{ matrix.settings.target }}
+          name: opencode-electron-${{ matrix.settings.target }}
           path: packages/desktop-electron/dist/*
 
       - uses: actions/upload-artifact@v4
@@ -404,6 +556,7 @@ jobs:
       - version
       - build-cli
       - sign-cli-windows
+      - build-tauri
       - build-electron
     if: always() && !failure() && !cancelled()
     runs-on: blacksmith-4vcpu-ubuntu-2404
@@ -430,6 +583,13 @@ jobs:
           node-version: "24"
           registry-url: "https://registry.npmjs.org"
 
+      - name: Setup git committer
+        id: committer
+        uses: ./.github/actions/setup-git-committer
+        with:
+          opencode-app-id: ${{ vars.OPENCODE_APP_ID }}
+          opencode-app-secret: ${{ secrets.OPENCODE_APP_SECRET }}
+
       - uses: actions/download-artifact@v4
         with:
           name: opencode-cli
@@ -451,13 +611,6 @@ jobs:
           pattern: latest-yml-*
           path: /tmp/latest-yml
 
-      - name: Setup git committer
-        id: committer
-        uses: ./.github/actions/setup-git-committer
-        with:
-          opencode-app-id: ${{ vars.OPENCODE_APP_ID }}
-          opencode-app-secret: ${{ secrets.OPENCODE_APP_SECRET }}
-
       - name: Cache apt packages (AUR)
         uses: actions/cache@v4
         with:
@@ -486,5 +639,3 @@ jobs:
           GH_REPO: ${{ needs.version.outputs.repo }}
           NPM_CONFIG_PROVENANCE: false
           LATEST_YML_DIR: /tmp/latest-yml
-          TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
-          TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}

.github/workflows/vouch-check-issue.yml

@@ -0,0 +1,116 @@
+name: vouch-check-issue
+
+on:
+  issues:
+    types: [opened]
+
+permissions:
+  contents: read
+  issues: write
+
+jobs:
+  check:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check if issue author is denounced
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const author = context.payload.issue.user.login;
+            const issueNumber = context.payload.issue.number;
+
+            // Skip bots
+            if (author.endsWith('[bot]')) {
+              core.info(`Skipping bot: ${author}`);
+              return;
+            }
+
+            // Read the VOUCHED.td file via API (no checkout needed)
+            let content;
+            try {
+              const response = await github.rest.repos.getContent({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                path: '.github/VOUCHED.td',
+              });
+              content = Buffer.from(response.data.content, 'base64').toString('utf-8');
+            } catch (error) {
+              if (error.status === 404) {
+                core.info('No .github/VOUCHED.td file found, skipping check.');
+                return;
+              }
+              throw error;
+            }
+
+            // Parse the .td file for vouched and denounced users
+            const vouched = new Set();
+            const denounced = new Map();
+            for (const line of content.split('\n')) {
+              const trimmed = line.trim();
+              if (!trimmed || trimmed.startsWith('#')) continue;
+
+              const isDenounced = trimmed.startsWith('-');
+              const rest = isDenounced ? trimmed.slice(1).trim() : trimmed;
+              if (!rest) continue;
+
+              const spaceIdx = rest.indexOf(' ');
+              const handle = spaceIdx === -1 ? rest : rest.slice(0, spaceIdx);
+              const reason = spaceIdx === -1 ? null : rest.slice(spaceIdx + 1).trim();
+
+              // Handle platform:username or bare username
+              // Only match bare usernames or github: prefix (skip other platforms)
+              const colonIdx = handle.indexOf(':');
+              if (colonIdx !== -1) {
+                const platform = handle.slice(0, colonIdx).toLowerCase();
+                if (platform !== 'github') continue;
+              }
+              const username = colonIdx === -1 ? handle : handle.slice(colonIdx + 1);
+              if (!username) continue;
+
+              if (isDenounced) {
+                denounced.set(username.toLowerCase(), reason);
+                continue;
+              }
+
+              vouched.add(username.toLowerCase());
+            }
+
+            // Check if the author is denounced
+            const reason = denounced.get(author.toLowerCase());
+            if (reason !== undefined) {
+              // Author is denounced — close the issue
+              const body = 'This issue has been automatically closed.';
+
+              await github.rest.issues.createComment({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                issue_number: issueNumber,
+                body,
+              });
+
+              await github.rest.issues.update({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                issue_number: issueNumber,
+                state: 'closed',
+                state_reason: 'not_planned',
+              });
+
+              core.info(`Closed issue #${issueNumber} from denounced user ${author}`);
+              return;
+            }
+
+            // Author is positively vouched — add label
+            if (!vouched.has(author.toLowerCase())) {
+              core.info(`User ${author} is not denounced or vouched. Allowing issue.`);
+              return;
+            }
+
+            await github.rest.issues.addLabels({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              issue_number: issueNumber,
+              labels: ['Vouched'],
+            });
+
+            core.info(`Added vouched label to issue #${issueNumber} from ${author}`);

.github/workflows/vouch-check-pr.yml

@@ -0,0 +1,114 @@
+name: vouch-check-pr
+
+on:
+  pull_request_target:
+    types: [opened]
+
+permissions:
+  contents: read
+  issues: write
+  pull-requests: write
+
+jobs:
+  check:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check if PR author is denounced
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const author = context.payload.pull_request.user.login;
+            const prNumber = context.payload.pull_request.number;
+
+            // Skip bots
+            if (author.endsWith('[bot]')) {
+              core.info(`Skipping bot: ${author}`);
+              return;
+            }
+
+            // Read the VOUCHED.td file via API (no checkout needed)
+            let content;
+            try {
+              const response = await github.rest.repos.getContent({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                path: '.github/VOUCHED.td',
+              });
+              content = Buffer.from(response.data.content, 'base64').toString('utf-8');
+            } catch (error) {
+              if (error.status === 404) {
+                core.info('No .github/VOUCHED.td file found, skipping check.');
+                return;
+              }
+              throw error;
+            }
+
+            // Parse the .td file for vouched and denounced users
+            const vouched = new Set();
+            const denounced = new Map();
+            for (const line of content.split('\n')) {
+              const trimmed = line.trim();
+              if (!trimmed || trimmed.startsWith('#')) continue;
+
+              const isDenounced = trimmed.startsWith('-');
+              const rest = isDenounced ? trimmed.slice(1).trim() : trimmed;
+              if (!rest) continue;
+
+              const spaceIdx = rest.indexOf(' ');
+              const handle = spaceIdx === -1 ? rest : rest.slice(0, spaceIdx);
+              const reason = spaceIdx === -1 ? null : rest.slice(spaceIdx + 1).trim();
+
+              // Handle platform:username or bare username
+              // Only match bare usernames or github: prefix (skip other platforms)
+              const colonIdx = handle.indexOf(':');
+              if (colonIdx !== -1) {
+                const platform = handle.slice(0, colonIdx).toLowerCase();
+                if (platform !== 'github') continue;
+              }
+              const username = colonIdx === -1 ? handle : handle.slice(colonIdx + 1);
+              if (!username) continue;
+
+              if (isDenounced) {
+                denounced.set(username.toLowerCase(), reason);
+                continue;
+              }
+
+              vouched.add(username.toLowerCase());
+            }
+
+            // Check if the author is denounced
+            const reason = denounced.get(author.toLowerCase());
+            if (reason !== undefined) {
+              // Author is denounced — close the PR
+              await github.rest.issues.createComment({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                issue_number: prNumber,
+                body: 'This pull request has been automatically closed.',
+              });
+
+              await github.rest.pulls.update({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                pull_number: prNumber,
+                state: 'closed',
+              });
+
+              core.info(`Closed PR #${prNumber} from denounced user ${author}`);
+              return;
+            }
+
+            // Author is positively vouched — add label
+            if (!vouched.has(author.toLowerCase())) {
+              core.info(`User ${author} is not denounced or vouched. Allowing PR.`);
+              return;
+            }
+
+            await github.rest.issues.addLabels({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              issue_number: prNumber,
+              labels: ['Vouched'],
+            });
+
+            core.info(`Added vouched label to PR #${prNumber} from ${author}`);

.github/workflows/vouch-manage-by-issue.yml

@@ -0,0 +1,38 @@
+name: vouch-manage-by-issue
+
+on:
+  issue_comment:
+    types: [created]
+
+concurrency:
+  group: vouch-manage
+  cancel-in-progress: false
+
+permissions:
+  contents: write
+  issues: write
+  pull-requests: read
+
+jobs:
+  manage:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          persist-credentials: false
+          fetch-depth: 0
+
+      - name: Setup git committer
+        id: committer
+        uses: ./.github/actions/setup-git-committer
+        with:
+          opencode-app-id: ${{ vars.OPENCODE_APP_ID }}
+          opencode-app-secret: ${{ secrets.OPENCODE_APP_SECRET }}
+
+      - uses: mitchellh/vouch/action/manage-by-issue@main
+        with:
+          issue-id: ${{ github.event.issue.number }}
+          comment-id: ${{ github.event.comment.id }}
+          roles: admin,maintain,write
+        env:
+          GITHUB_TOKEN: ${{ steps.committer.outputs.token }}

.opencode/agent/triage.md

@@ -1,7 +1,7 @@
 ---
 mode: primary
 hidden: true
-model: opencode/gpt-5.4-nano
+model: opencode/minimax-m2.5
 color: "#44BA81"
 tools:
   "*": false
@@ -14,30 +14,127 @@ Use your github-triage tool to triage issues.
 
 This file is the source of truth for ownership/routing rules.
 
-Assign issues by choosing the team with the strongest overlap. The github-triage tool will assign a random member from that team.
+## Labels
 
-Do not add labels to issues. Only assign an owner.
+### windows
 
-When calling github-triage, pass one of these team values: tui, desktop_web, core, inference, windows.
+Use for any issue that mentions Windows (the OS). Be sure they are saying that they are on Windows.
 
-## Teams
+- Use if they mention WSL too
 
-### TUI
+#### perf
 
-Terminal UI issues, including rendering, keybindings, scrolling, terminal compatibility, SSH behavior, crashes in the TUI, and low-level TUI performance.
+Performance-related issues:
 
-### Desktop / Web
+- Slow performance
+- High RAM usage
+- High CPU usage
 
-Desktop application and browser-based app issues, including `opencode web`, desktop-specific UI behavior, packaging, and web view problems.
+**Only** add if it's likely a RAM or CPU issue. **Do not** add for LLM slowness.
 
-### Core
+#### desktop
 
-Core opencode server and harness issues, including sqlite, snapshots, memory, API behavior, agent context construction, tool execution, provider integrations, model behavior, documentation, and larger architectural features.
+Desktop app issues:
 
-### Inference
+- `opencode web` command
+- The desktop app itself
 
-OpenCode Zen, OpenCode Go, and billing issues.
+**Only** add if it's specifically about the Desktop application or `opencode web` view. **Do not** add for terminal, TUI, or general opencode issues.
 
-### Windows
+#### nix
 
-Windows-specific issues, including native Windows behavior, WSL interactions, path handling, shell compatibility, and installation or runtime problems that only happen on Windows.
+**Only** add if the issue explicitly mentions nix.
+
+If the issue does not mention nix, do not add nix.
+
+If the issue mentions nix, assign to `rekram1-node`.
+
+#### zen
+
+**Only** add if the issue mentions "zen" or "opencode zen" or "opencode black".
+
+If the issue doesn't have "zen" or "opencode black" in it then don't add zen label
+
+#### core
+
+Use for core server issues in `packages/opencode/`, excluding `packages/opencode/src/cli/cmd/tui/`.
+
+Examples:
+
+- LSP server behavior
+- Harness behavior (agent + tools)
+- Feature requests for server behavior
+- Agent context construction
+- API endpoints
+- Provider integration issues
+- New, broken, or poor-quality models
+
+#### acp
+
+If the issue mentions acp support, assign acp label.
+
+#### docs
+
+Add if the issue requests better documentation or docs updates.
+
+#### opentui
+
+TUI issues potentially caused by our underlying TUI library:
+
+- Keybindings not working
+- Scroll speed issues (too fast/slow/laggy)
+- Screen flickering
+- Crashes with opentui in the log
+
+**Do not** add for general TUI bugs.
+
+When assigning to people here are the following rules:
+
+Desktop / Web:
+Use for desktop-labeled issues only.
+
+- adamdotdevin
+- iamdavidhill
+- Brendonovich
+- nexxeln
+
+Zen:
+ONLY assign if the issue will have the "zen" label.
+
+- fwang
+- MrMushrooooom
+
+TUI (`packages/opencode/src/cli/cmd/tui/...`):
+
+- thdxr for TUI UX/UI product decisions and interaction flow
+- kommander for OpenTUI engine issues: rendering artifacts, keybind handling, terminal compatibility, SSH behavior, and low-level perf bottlenecks
+- rekram1-node for TUI bugs that are not clearly OpenTUI engine issues
+
+Core (`packages/opencode/...`, excluding TUI subtree):
+
+- thdxr for sqlite/snapshot/memory bugs and larger architectural core features
+- jlongster for opencode server + API feature work (tool currently remaps jlongster -> thdxr until assignable)
+- rekram1-node for harness issues, provider issues, and other bug-squashing
+
+For core bugs that do not clearly map, either thdxr or rekram1-node is acceptable.
+
+Docs:
+
+- R44VC0RP
+
+Windows:
+
+- Hona (assign any issue that mentions Windows or is likely Windows-specific)
+
+Determinism rules:
+
+- If title + body does not contain "zen", do not add the "zen" label
+- If "nix" label is added but title + body does not mention nix/nixos, the tool will drop "nix"
+- If title + body mentions nix/nixos, assign to `rekram1-node`
+- If "desktop" label is added, the tool will override assignee and randomly pick one Desktop / Web owner
+
+In all other cases, choose the team/section with the most overlap with the issue and assign a member from that team at random.
+
+ACP:
+
+- rekram1-node (assign any acp issues to rekram1-node)

.opencode/command/changelog.md

@@ -18,12 +18,9 @@ Do not use `git log` or author metadata when deciding attribution.
 
 Rules:
 
-- Write the final file with release sections in this order:
+- Write the final file with sections in this order:
   `## Core`, `## TUI`, `## Desktop`, `## SDK`, `## Extensions`
 - Only include sections that have at least one notable entry
-- Within each release section, keep bug fixes grouped under `### Bugfixes`
-- Keep other notable entries under `### Improvements` when a section has bug fixes too
-- Omit empty subsections
 - Keep one bullet per commit you keep
 - Skip commits that are entirely internal, CI, tests, refactors, or otherwise not user-facing
 - Start each bullet with a capital letter

.opencode/skills/effect/SKILL.md

@@ -28,11 +28,3 @@ Use the current Effect v4 / effect-smol source, not memory or older Effect v2/v3
 - In tests, prefer the repo's existing Effect test helpers and live tests for filesystem, git, child process, locks, or timing behavior.
 - Do not introduce `any`, non-null assertions, unchecked casts, or older Effect APIs just to satisfy types.
 - Do not answer from memory. Verify against `.opencode/references/effect-smol` or nearby code first.
-
-## Testing Patterns
-
-- Use `testEffect(...)` from `packages/opencode/test/lib/effect.ts` for tests that exercise Effect services, layers, runtime context, scoped resources, or platform integrations.
-- Use `it.live(...)` for filesystem, git repositories, HTTP servers, sockets, child processes, locks, real time, and other live platform behavior.
-- Run tests from package directories such as `packages/opencode`; never run package tests from the repo root.
-- Prefer explicit test layers over ad hoc managed runtimes. Keep dependency provisioning visible in the test file.
-- Use scoped fixtures and finalizers for resources that must be cleaned up, including temporary directories, flags, databases, fibers, servers, and global state.

.opencode/tool/github-triage.ts

@@ -1,14 +1,16 @@
 /// <reference path="../env.d.ts" />
 import { tool } from "@opencode-ai/plugin"
-
 const TEAM = {
-  tui: ["kommander", "simonklee"],
-  desktop_web: ["Hona", "Brendonovich"],
-  core: ["jlongster", "rekram1-node", "nexxeln", "kitlangton"],
-  inference: ["fwang", "MrMushrooooom"],
+  desktop: ["adamdotdevin", "iamdavidhill", "Brendonovich", "nexxeln"],
+  zen: ["fwang", "MrMushrooooom"],
+  tui: ["kommander", "rekram1-node", "simonklee"],
+  core: ["kitlangton", "rekram1-node", "jlongster"],
+  docs: ["R44VC0RP"],
   windows: ["Hona"],
 } as const
 
+const ASSIGNEES = [...new Set(Object.values(TEAM).flat())]
+
 function pick<T>(items: readonly T[]) {
   return items[Math.floor(Math.random() * items.length)]!
 }
@@ -36,25 +38,79 @@ async function githubFetch(endpoint: string, options: RequestInit = {}) {
 }
 
 export default tool({
-  description: `Use this tool to assign a GitHub issue.
+  description: `Use this tool to assign and/or label a GitHub issue.
 
-Provide the team that should own the issue. This tool picks a random assignee from that team and does not apply labels.`,
+Choose labels and assignee using the current triage policy and ownership rules.
+Pick the most fitting labels for the issue and assign one owner.
+
+If unsure, choose the team/section with the most overlap with the issue and assign a member from that team at random.`,
   args: {
-    team: tool.schema
-      .enum(Object.keys(TEAM) as [keyof typeof TEAM, ...(keyof typeof TEAM)[]])
-      .describe("The owning team"),
+    assignee: tool.schema
+      .enum(ASSIGNEES as [string, ...string[]])
+      .describe("The username of the assignee")
+      .default("rekram1-node"),
+    labels: tool.schema
+      .array(tool.schema.enum(["nix", "opentui", "perf", "web", "desktop", "zen", "docs", "windows", "core"]))
+      .describe("The labels(s) to add to the issue")
+      .default([]),
   },
   async execute(args) {
     const issue = getIssueNumber()
     const owner = "anomalyco"
     const repo = "opencode"
-    const assignee = pick(TEAM[args.team])
+
+    const results: string[] = []
+    let labels = [...new Set(args.labels.map((x) => (x === "desktop" ? "web" : x)))]
+    const web = labels.includes("web")
+    const text = `${process.env.ISSUE_TITLE ?? ""}\n${process.env.ISSUE_BODY ?? ""}`.toLowerCase()
+    const zen = /\bzen\b/.test(text) || text.includes("opencode black")
+    const nix = /\bnix(os)?\b/.test(text)
+
+    if (labels.includes("nix") && !nix) {
+      labels = labels.filter((x) => x !== "nix")
+      results.push("Dropped label: nix (issue does not mention nix)")
+    }
+
+    const assignee = nix ? "rekram1-node" : web ? pick(TEAM.desktop) : args.assignee
+
+    if (labels.includes("zen") && !zen) {
+      throw new Error("Only add the zen label when issue title/body contains 'zen'")
+    }
+
+    if (web && !nix && !(TEAM.desktop as readonly string[]).includes(assignee)) {
+      throw new Error("Web issues must be assigned to adamdotdevin, iamdavidhill, Brendonovich, or nexxeln")
+    }
+
+    if ((TEAM.zen as readonly string[]).includes(assignee) && !labels.includes("zen")) {
+      throw new Error("Only zen issues should be assigned to fwang or MrMushrooooom")
+    }
+
+    if (assignee === "Hona" && !labels.includes("windows")) {
+      throw new Error("Only windows issues should be assigned to Hona")
+    }
+
+    if (assignee === "R44VC0RP" && !labels.includes("docs")) {
+      throw new Error("Only docs issues should be assigned to R44VC0RP")
+    }
+
+    if (assignee === "kommander" && !labels.includes("opentui")) {
+      throw new Error("Only opentui issues should be assigned to kommander")
+    }
 
     await githubFetch(`/repos/${owner}/${repo}/issues/${issue}/assignees`, {
       method: "POST",
       body: JSON.stringify({ assignees: [assignee] }),
     })
+    results.push(`Assigned @${assignee} to issue #${issue}`)
 
-    return `Assigned @${assignee} from ${args.team} to issue #${issue}`
+    if (labels.length > 0) {
+      await githubFetch(`/repos/${owner}/${repo}/issues/${issue}/labels`, {
+        method: "POST",
+        body: JSON.stringify({ labels }),
+      })
+      results.push(`Added labels: ${labels.join(", ")}`)
+    }
+
+    return results.join("\n")
   },
 })

AGENTS.md

@@ -1,12 +1,8 @@
-- To regenerate the JavaScript SDK, run `./packages/sdk/js/script/build.ts`.
-- ALWAYS USE PARALLEL TOOLS WHEN APPLICABLE.
-- The default branch in this repo is `dev`.
-- Local `main` ref may not exist; use `dev` or `origin/dev` for diffs.
-- Prefer automation: execute requested actions without confirmation unless blocked by missing info or safety/irreversibility.
+# OpenCode Monorepo Agent Guide
 
-## Style Guide
+This file is for coding agents working in `/Users/ryanvogel/dev/opencode`.
 
-### General Principles
+## Scope And Precedence
 
 - Keep things in one function unless composable or reusable
 - Avoid `try`/`catch` where possible
@@ -56,48 +52,48 @@ else foo = 2
 
 ### Control Flow
 
-Avoid `else` statements. Prefer early returns.
+- Prefer early returns over nested `else` blocks.
+- Keep functions focused; split only when it improves reuse or readability.
 
-```ts
-// Good
-function foo() {
-  if (condition) return 1
-  return 2
-}
+### Error Handling
 
-// Bad
-function foo() {
-  if (condition) return 1
-  else return 2
-}
-```
+- Fail with actionable messages.
+- Avoid swallowing errors silently.
+- Log enough context to debug production issues (IDs, env, status), but never secrets.
+- In UI code, degrade gracefully for missing capabilities.
 
-### Schema Definitions (Drizzle)
+### Data / DB
 
-Use snake_case for field names so column names don't need to be redefined as strings.
+- For Drizzle schema, use snake_case fields and columns.
+- Keep migration and schema changes minimal and explicit.
+- Follow package-specific DB guidance in `packages/opencode/AGENTS.md`.
 
-```ts
-// Good
-const table = sqliteTable("session", {
-  id: text().primaryKey(),
-  project_id: text().notNull(),
-  created_at: integer().notNull(),
-})
+### Testing Philosophy
 
-// Bad
-const table = sqliteTable("session", {
-  id: text("id").primaryKey(),
-  projectID: text("project_id").notNull(),
-  createdAt: integer("created_at").notNull(),
-})
-```
+- Prefer testing real behavior over mocks.
+- Add regression tests for bug fixes where practical.
+- Keep fixtures small and focused.
 
-## Testing
+## Agent Workflow Tips
 
-- Avoid mocks as much as possible
-- Test actual implementation, do not duplicate logic into tests
-- Tests cannot run from repo root (guard: `do-not-run-tests-from-root`); run from package dirs like `packages/opencode`.
+- Read existing code paths before introducing new abstractions.
+- Match local patterns first; do not impose a new style per file.
+- If a package has its own `AGENTS.md`, review it before editing.
+- For OpenCode Effect services, follow `packages/opencode/AGENTS.md` strictly.
 
-## Type Checking
+## Known Operational Notes
 
-- Always run `bun typecheck` from package directories (e.g., `packages/opencode`), never `tsc` directly.
+- `packages/app/AGENTS.md` says: never restart app/server processes during that package's debugging workflow.
+- `packages/app/AGENTS.md` also documents local backend+web split for UI work.
+- `packages/opencode/AGENTS.md` contains mandatory Effect and database conventions.
+
+## Regeneration / Special Scripts
+
+- Regenerate JS SDK with: `./packages/sdk/js/script/build.ts`
+
+## Quick Checklist Before Finishing
+
+- Ran relevant package checks.
+- Updated docs/config when behavior changed.
+- Avoided committing unrelated files.
+- Kept edits minimal and aligned with local conventions.

README.md

@@ -132,7 +132,7 @@ It's very similar to Claude Code in terms of capability. Here are the key differ
 
 - 100% open source
 - Not coupled to any provider. Although we recommend the models we provide through [OpenCode Zen](https://opencode.ai/zen), OpenCode can be used with Claude, OpenAI, Google, or even local models. As models evolve, the gaps between them will close and pricing will drop, so being provider-agnostic is important.
-- Built-in opt-in LSP support
+- Out-of-the-box LSP support
 - A focus on TUI. OpenCode is built by neovim users and the creators of [terminal.shop](https://terminal.shop); we are going to push the limits of what's possible in the terminal.
 - A client/server architecture. This, for example, can allow OpenCode to run on your computer while you drive it remotely from a mobile app, meaning that the TUI frontend is just one of the possible clients.
 

nix/hashes.json

@@ -1,8 +1,8 @@
 {
   "nodeModules": {
-    "x86_64-linux": "sha256-9wTDLZsuGjkWyVOb6AG2VRYPiaSj/lnXwVkSwNeDcns=",
-    "aarch64-linux": "sha256-gmKlL2fQxY8bo+//8m9e1TNYJK3RXa4i8xsgtd046bc=",
-    "aarch64-darwin": "sha256-ENSJK+7rZi3m342mjtGg9N0P6zWEypXMpI7QdFMydbc=",
-    "x86_64-darwin": "sha256-gkxCxGh5dlwj03vZdz20pbiAwFEDpAlu/5iU8cwZOGI="
+    "x86_64-linux": "sha256-TIRyRpY88HCUhpRfX4teoiXYC+p/XwsfPJokxmuHrqc=",
+    "aarch64-linux": "sha256-oXEMQVZQh93Z6sPkmfjtHrBhEROqC9qgfy2D4rGYsyA=",
+    "aarch64-darwin": "sha256-C6dqvmktIuxEtVRuObUHytkwoyKE0p3MX2tMatprxNk=",
+    "x86_64-darwin": "sha256-0MSfBTmr82jAJ5KA5ERngHMCUHR46dWNvfp1Y1a/jYg="
   }
 }

nix/node_modules.nix

@@ -55,6 +55,7 @@ stdenvNoCC.mkDerivation {
       --filter './packages/opencode' \
       --filter './packages/desktop' \
       --filter './packages/app' \
+      --filter './packages/shared' \
       --frozen-lockfile \
       --ignore-scripts \
       --no-progress

package.json

@@ -27,15 +27,15 @@
       "packages/slack"
     ],
     "catalog": {
-      "@effect/opentelemetry": "4.0.0-beta.57",
-      "@effect/platform-node": "4.0.0-beta.57",
+      "@effect/opentelemetry": "4.0.0-beta.48",
+      "@effect/platform-node": "4.0.0-beta.48",
       "@npmcli/arborist": "9.4.0",
       "@types/bun": "1.3.12",
       "@types/cross-spawn": "6.0.6",
       "@octokit/rest": "22.0.0",
       "@hono/zod-validator": "0.4.2",
-      "@opentui/core": "0.2.2",
-      "@opentui/solid": "0.2.2",
+      "@opentui/core": "0.1.105",
+      "@opentui/solid": "0.1.105",
       "ulid": "3.0.1",
       "@kobalte/core": "0.13.11",
       "@types/luxon": "3.7.1",
@@ -53,7 +53,7 @@
       "dompurify": "3.3.1",
       "drizzle-kit": "1.0.0-beta.19-d95b7a4",
       "drizzle-orm": "1.0.0-beta.19-d95b7a4",
-      "effect": "4.0.0-beta.59",
+      "effect": "4.0.0-beta.48",
       "ai": "6.0.168",
       "cross-spawn": "7.0.6",
       "hono": "4.10.7",

packages/apn-relay/.env.example

@@ -0,0 +1,11 @@
+PORT=8787
+
+DATABASE_HOST=
+DATABASE_USERNAME=
+DATABASE_PASSWORD=
+DATABASE_NAME=main
+
+APNS_TEAM_ID=
+APNS_KEY_ID=
+APNS_PRIVATE_KEY=
+APNS_DEFAULT_BUNDLE_ID=com.anomalyco.mobilevoice

packages/apn-relay/AGENTS.md

@@ -0,0 +1,106 @@
+# apn-relay Agent Guide
+
+This file defines package-specific guidance for agents working in `packages/apn-relay`.
+
+## Scope And Precedence
+
+- Follow root `AGENTS.md` first.
+- This file provides stricter package-level conventions for relay service work.
+- If future local guides are added, closest guide wins.
+
+## Project Overview
+
+- Minimal APNs relay service (Hono + Bun + PlanetScale via Drizzle).
+- Core routes:
+  - `GET /health`
+  - `GET /`
+  - `POST /v1/device/register`
+  - `POST /v1/device/unregister`
+  - `POST /v1/event`
+
+## Commands
+
+Run all commands from `packages/apn-relay`.
+
+- Install deps: `bun install`
+- Start relay locally: `bun run dev`
+- Typecheck: `bun run typecheck`
+- DB connectivity check: `bun run db:check`
+
+## Build / Test Expectations
+
+- There is no dedicated package test script currently.
+- Required validation for behavior changes:
+  - `bun run typecheck`
+  - `bun run db:check` when DB/env changes are involved
+  - manual endpoint verification against `/health`, `/v1/device/register`, `/v1/event`
+
+## Single-Test Guidance
+
+- No single-test command exists for this package today.
+- For focused checks, run endpoint-level manual tests against a local dev server.
+
+## Code Style Guidelines
+
+### Formatting / Structure
+
+- Keep handlers compact and explicit.
+- Prefer small local helpers for repeated route logic.
+- Avoid broad refactors when a targeted fix is enough.
+
+### Types / Validation
+
+- Validate request bodies with `zod` at route boundaries.
+- Keep payload and DB row shapes explicit and close to usage.
+- Avoid `any`; narrow unknown input immediately after parsing.
+
+### Naming
+
+- Follow existing concise naming in this package (`reg`, `unreg`, `evt`, `row`, `key`).
+- For DB columns, keep snake_case alignment with schema.
+
+### Error Handling
+
+- Return clear JSON errors for invalid input.
+- Keep handler failures observable via `app.onError` and structured logs.
+- Do not leak secrets in responses or logs.
+
+### Logging
+
+- Log delivery lifecycle at key checkpoints:
+  - registration/unregistration attempts
+  - event fanout start/end
+  - APNs send failures and retries
+- Mask sensitive values; prefer token suffixes and metadata.
+
+### APNs Environment Rules
+
+- Keep APNs env explicit per registration (`sandbox` / `production`).
+- For `BadEnvironmentKeyInToken`, retry once with flipped env and persist correction.
+- Avoid infinite retry loops; one retry max per delivery attempt.
+
+## Database Conventions
+
+- Schema is in `src/schema.sql.ts`.
+- Keep table/column names snake_case.
+- Maintain index naming consistency with existing schema.
+- For upserts, update only fields required by current behavior.
+
+## API Behavior Expectations
+
+- `register`/`unregister` must be idempotent.
+- `event` should return success envelope even when no devices are registered.
+- Delivery logs should capture per-attempt result and error payload.
+
+## Operational Notes
+
+- Ensure `APNS_PRIVATE_KEY` supports escaped newline format (`\n`) and raw multiline.
+- Validate that `APNS_DEFAULT_BUNDLE_ID` matches mobile app bundle identifier.
+- Avoid coupling route behavior to deployment platform specifics.
+
+## Before Finishing
+
+- Run `bun run typecheck`.
+- If DB/env behavior changed, run `bun run db:check`.
+- Manually exercise affected endpoints.
+- Confirm logs are useful and secret-safe.

packages/apn-relay/Dockerfile

@@ -0,0 +1,14 @@
+FROM oven/bun:1.3.11-alpine
+
+WORKDIR /app
+
+COPY package.json ./
+COPY tsconfig.json ./
+COPY drizzle.config.ts ./
+RUN bun install --production
+
+COPY src ./src
+
+EXPOSE 8787
+
+CMD ["bun", "run", "src/index.ts"]

packages/apn-relay/README.md

@@ -0,0 +1,46 @@
+# APN Relay
+
+Minimal APNs relay for OpenCode mobile background notifications.
+
+## What it does
+
+- Registers iOS device tokens for a shared secret.
+- Receives OpenCode event posts (`complete`, `permission`, `error`).
+- Sends APNs notifications to mapped devices.
+- Stores delivery rows in PlanetScale.
+
+## Routes
+
+- `GET /health`
+- `GET /` (simple dashboard)
+- `POST /v1/device/register`
+- `POST /v1/device/unregister`
+- `POST /v1/event`
+
+## Environment
+
+Use `.env.example` as a starting point.
+
+- `DATABASE_HOST`
+- `DATABASE_USERNAME`
+- `DATABASE_PASSWORD`
+- `APNS_TEAM_ID`
+- `APNS_KEY_ID`
+- `APNS_PRIVATE_KEY`
+- `APNS_DEFAULT_BUNDLE_ID`
+
+## Run locally
+
+```bash
+bun install
+bun run src/index.ts
+```
+
+## Docker
+
+Build from this directory:
+
+```bash
+docker build -t apn-relay .
+docker run --rm -p 8787:8787 --env-file .env apn-relay
+```

packages/apn-relay/drizzle.config.ts

@@ -0,0 +1,17 @@
+import { defineConfig } from "drizzle-kit"
+
+export default defineConfig({
+  out: "./migration",
+  strict: true,
+  schema: ["./src/**/*.sql.ts"],
+  dialect: "mysql",
+  dbCredentials: {
+    host: process.env.DATABASE_HOST ?? "",
+    user: process.env.DATABASE_USERNAME ?? "",
+    password: process.env.DATABASE_PASSWORD ?? "",
+    database: process.env.DATABASE_NAME ?? "main",
+    ssl: {
+      rejectUnauthorized: false,
+    },
+  },
+})

packages/apn-relay/package.json

@@ -0,0 +1,27 @@
+{
+  "$schema": "https://json.schemastore.org/package.json",
+  "name": "@opencode-ai/apn-relay",
+  "version": "0.0.0",
+  "private": true,
+  "type": "module",
+  "license": "MIT",
+  "scripts": {
+    "dev": "bun run src/index.ts",
+    "db:check": "bun run --env-file .env src/check.ts",
+    "typecheck": "tsgo --noEmit"
+  },
+  "dependencies": {
+    "@planetscale/database": "1.19.0",
+    "drizzle-orm": "1.0.0-beta.19-d95b7a4",
+    "hono": "4.10.7",
+    "jose": "6.0.11",
+    "zod": "4.1.8"
+  },
+  "devDependencies": {
+    "@tsconfig/bun": "1.0.9",
+    "@types/bun": "1.3.11",
+    "@typescript/native-preview": "7.0.0-dev.20251207.1",
+    "drizzle-kit": "1.0.0-beta.19-d95b7a4",
+    "typescript": "5.8.2"
+  }
+}

packages/apn-relay/src/apns.ts

@@ -0,0 +1,185 @@
+import { connect } from "node:http2"
+import { SignJWT, importPKCS8 } from "jose"
+import { env } from "./env"
+
+export type PushEnv = "sandbox" | "production"
+
+type PushInput = {
+  token: string
+  bundle: string
+  env: PushEnv
+  title: string
+  body: string
+  data: Record<string, unknown>
+}
+
+type PushResult = {
+  ok: boolean
+  code: number
+  error?: string
+}
+
+function tokenSuffix(input: string) {
+  return input.length > 8 ? input.slice(-8) : input
+}
+
+let jwt = ""
+let exp = 0
+let pk: Awaited<ReturnType<typeof importPKCS8>> | undefined
+
+function host(input: PushEnv) {
+  if (input === "sandbox") return "api.sandbox.push.apple.com"
+  return "api.push.apple.com"
+}
+
+function key() {
+  if (env.APNS_PRIVATE_KEY.includes("\\n")) return env.APNS_PRIVATE_KEY.replace(/\\n/g, "\n")
+  return env.APNS_PRIVATE_KEY
+}
+
+async function sign() {
+  if (!pk) pk = await importPKCS8(key(), "ES256")
+  const now = Math.floor(Date.now() / 1000)
+  if (jwt && now < exp) return jwt
+  jwt = await new SignJWT({})
+    .setProtectedHeader({ alg: "ES256", kid: env.APNS_KEY_ID })
+    .setIssuer(env.APNS_TEAM_ID)
+    .setIssuedAt(now)
+    .sign(pk)
+  exp = now + 50 * 60
+  return jwt
+}
+
+function post(input: {
+  host: string
+  token: string
+  auth: string
+  bundle: string
+  payload: string
+}): Promise<{ code: number; body: string }> {
+  return new Promise((resolve, reject) => {
+    const cli = connect(`https://${input.host}`)
+    let done = false
+    let code = 0
+    let body = ""
+
+    const stop = (fn: () => void) => {
+      if (done) return
+      done = true
+      fn()
+    }
+
+    cli.on("error", (err) => {
+      stop(() => reject(err))
+      cli.close()
+    })
+
+    const req = cli.request({
+      ":method": "POST",
+      ":path": `/3/device/${input.token}`,
+      authorization: `bearer ${input.auth}`,
+      "apns-topic": input.bundle,
+      "apns-push-type": "alert",
+      "apns-priority": "10",
+      "content-type": "application/json",
+    })
+
+    req.setEncoding("utf8")
+    req.on("response", (headers) => {
+      code = Number(headers[":status"] ?? 0)
+    })
+    req.on("data", (chunk) => {
+      body += chunk
+    })
+    req.on("end", () => {
+      stop(() => resolve({ code, body }))
+      cli.close()
+    })
+    req.on("error", (err) => {
+      stop(() => reject(err))
+      cli.close()
+    })
+    req.end(input.payload)
+  })
+}
+
+export async function send(input: PushInput): Promise<PushResult> {
+  const apnsHost = host(input.env)
+  const suffix = tokenSuffix(input.token)
+
+  console.log("[ APN RELAY ] push:start", {
+    env: input.env,
+    host: apnsHost,
+    bundle: input.bundle,
+    tokenSuffix: suffix,
+  })
+
+  const auth = await sign().catch((err) => {
+    return `error:${String(err)}`
+  })
+  if (auth.startsWith("error:")) {
+    console.log("[ APN RELAY ] push:auth-failed", {
+      env: input.env,
+      host: apnsHost,
+      bundle: input.bundle,
+      tokenSuffix: suffix,
+      error: auth,
+    })
+    return {
+      ok: false,
+      code: 0,
+      error: auth,
+    }
+  }
+
+  const payload = JSON.stringify({
+    aps: {
+      alert: {
+        title: input.title,
+        body: input.body,
+      },
+      sound: "alert.wav",
+    },
+    ...input.data,
+  })
+
+  const out = await post({
+    host: apnsHost,
+    token: input.token,
+    auth,
+    bundle: input.bundle,
+    payload,
+  }).catch((err) => ({
+    code: 0,
+    body: String(err),
+  }))
+
+  if (out.code === 200) {
+    console.log("[ APN RELAY ] push:sent", {
+      env: input.env,
+      host: apnsHost,
+      bundle: input.bundle,
+      tokenSuffix: suffix,
+      code: out.code,
+    })
+    return {
+      ok: true,
+      code: 200,
+    }
+  }
+
+  console.log("[ APN RELAY ] push:failed", {
+    env: input.env,
+    host: apnsHost,
+    bundle: input.bundle,
+    tokenSuffix: suffix,
+    code: out.code,
+    error: out.body,
+  })
+
+  return {
+    ok: false,
+    code: out.code,
+    error: out.body,
+  }
+}

packages/apn-relay/src/check.ts

@@ -0,0 +1,28 @@
+import { sql } from "drizzle-orm"
+import { db } from "./db"
+import { env } from "./env"
+import { delivery_log, device_registration } from "./schema.sql"
+import { setup } from "./setup"
+
+async function run() {
+  console.log(`[apn-relay] DB host: ${env.DATABASE_HOST}`)
+
+  await db.execute(sql`SELECT 1`)
+  console.log("[apn-relay] DB connection OK")
+
+  await setup()
+  console.log("[apn-relay] Setup migration OK")
+
+  const [a] = await db.select({ value: sql<number>`count(*)` }).from(device_registration)
+  const [b] = await db.select({ value: sql<number>`count(*)` }).from(delivery_log)
+
+  console.log(`[apn-relay] device_registration rows: ${Number(a?.value ?? 0)}`)
+  console.log(`[apn-relay] delivery_log rows: ${Number(b?.value ?? 0)}`)
+  console.log("[apn-relay] DB check passed")
+}
+
+run().catch((err) => {
+  console.error("[apn-relay] DB check failed")
+  console.error(err)
+  process.exit(1)
+})

packages/apn-relay/src/db.ts

@@ -0,0 +1,11 @@
+import { Client } from "@planetscale/database"
+import { drizzle } from "drizzle-orm/planetscale-serverless"
+import { env } from "./env"
+
+const client = new Client({
+  host: env.DATABASE_HOST,
+  username: env.DATABASE_USERNAME,
+  password: env.DATABASE_PASSWORD,
+})
+
+export const db = drizzle({ client })

packages/apn-relay/src/env.ts

@@ -0,0 +1,47 @@
+import { z } from "zod"
+
+const bad = new Set(["undefined", "null"])
+const txt = z
+  .string()
+  .transform((input) => input.trim())
+  .refine((input) => input.length > 0 && !bad.has(input.toLowerCase()))
+
+const schema = z.object({
+  PORT: z.coerce.number().int().positive().default(8787),
+  DATABASE_HOST: txt,
+  DATABASE_USERNAME: txt,
+  DATABASE_PASSWORD: txt,
+  APNS_TEAM_ID: txt,
+  APNS_KEY_ID: txt,
+  APNS_PRIVATE_KEY: txt,
+  APNS_DEFAULT_BUNDLE_ID: txt,
+})
+
+const req = [
+  "DATABASE_HOST",
+  "DATABASE_USERNAME",
+  "DATABASE_PASSWORD",
+  "APNS_TEAM_ID",
+  "APNS_KEY_ID",
+  "APNS_PRIVATE_KEY",
+  "APNS_DEFAULT_BUNDLE_ID",
+] as const
+
+const out = schema.safeParse(process.env)
+
+if (!out.success) {
+  const miss = req.filter((key) => !process.env[key]?.trim())
+  const bad = out.error.issues
+    .map((item) => item.path[0])
+    .filter((key): key is string => typeof key === "string")
+    .filter((key) => !miss.includes(key as (typeof req)[number]))
+
+  console.error("[apn-relay] Invalid startup configuration")
+  if (miss.length) console.error(`[apn-relay] Missing required env vars: ${miss.join(", ")}`)
+  if (bad.length) console.error(`[apn-relay] Invalid env vars: ${Array.from(new Set(bad)).join(", ")}`)
+  console.error("[apn-relay] Check .env.example and restart")
+
+  throw new Error("Startup configuration invalid")
+}
+
+export const env = out.data

packages/apn-relay/src/hash.ts

@@ -0,0 +1,5 @@
+import { createHash } from "node:crypto"
+
+export function hash(input: string) {
+  return createHash("sha256").update(input).digest("hex")
+}

packages/apn-relay/src/index.ts

@@ -0,0 +1,448 @@
+import { randomUUID } from "node:crypto"
+import { and, desc, eq, sql } from "drizzle-orm"
+import { Hono } from "hono"
+import { z } from "zod"
+import { send } from "./apns"
+import { db } from "./db"
+import { env } from "./env"
+import { hash } from "./hash"
+import { delivery_log, device_registration } from "./schema.sql"
+import { setup } from "./setup"
+
+function bad(input?: string) {
+  if (!input) return false
+  return input.includes("BadEnvironmentKeyInToken")
+}
+
+function flip(input: "sandbox" | "production") {
+  if (input === "sandbox") return "production"
+  return "sandbox"
+}
+
+function tail(input: string) {
+  return input.slice(-8)
+}
+
+function esc(input: unknown) {
+  return String(input ?? "")
+    .replaceAll("&", "&")
+    .replaceAll("<", "&lt;")
+    .replaceAll(">", "&gt;")
+    .replaceAll('"', "&quot;")
+    .replaceAll("'", "&#39;")
+}
+
+function fmt(input: number) {
+  return new Date(input).toISOString()
+}
+
+const reg = z.object({
+  secret: z.string().min(1),
+  deviceToken: z.string().min(1),
+  bundleId: z.string().min(1).optional(),
+  apnsEnv: z.enum(["sandbox", "production"]).default("production"),
+})
+
+const unreg = z.object({
+  secret: z.string().min(1),
+  deviceToken: z.string().min(1),
+})
+
+const evt = z.object({
+  secret: z.string().min(1),
+  serverID: z.string().min(1).optional(),
+  eventType: z.enum(["complete", "permission", "error"]),
+  sessionID: z.string().min(1),
+  title: z.string().min(1).optional(),
+  body: z.string().min(1).optional(),
+})
+
+function title(input: z.infer<typeof evt>["eventType"]) {
+  if (input === "complete") return "Session complete"
+  if (input === "permission") return "Action needed"
+  return "Session error"
+}
+
+function body(input: z.infer<typeof evt>["eventType"]) {
+  if (input === "complete") return "OpenCode finished your session."
+  if (input === "permission") return "OpenCode needs your permission decision."
+  return "OpenCode reported an error for your session."
+}
+
+const app = new Hono()
+
+app.onError((err, c) => {
+  return c.json(
+    {
+      ok: false,
+      error: err.message,
+    },
+    500,
+  )
+})
+
+app.notFound((c) => {
+  return c.json(
+    {
+      ok: false,
+      error: "Not found",
+    },
+    404,
+  )
+})
+
+app.get("/health", async (c) => {
+  const [a] = await db.select({ value: sql<number>`count(*)` }).from(device_registration)
+  const [b] = await db.select({ value: sql<number>`count(*)` }).from(delivery_log)
+  return c.json({
+    ok: true,
+    devices: Number(a?.value ?? 0),
+    deliveries: Number(b?.value ?? 0),
+  })
+})
+
+app.get("/", async (c) => {
+  const [a] = await db.select({ value: sql<number>`count(*)` }).from(device_registration)
+  const [b] = await db.select({ value: sql<number>`count(*)` }).from(delivery_log)
+  const devices = await db.select().from(device_registration).orderBy(desc(device_registration.updated_at)).limit(100)
+  const byBundle = await db
+    .select({
+      bundle: device_registration.bundle_id,
+      env: device_registration.apns_env,
+      value: sql<number>`count(*)`,
+    })
+    .from(device_registration)
+    .groupBy(device_registration.bundle_id, device_registration.apns_env)
+    .orderBy(desc(sql<number>`count(*)`))
+  const rows = await db.select().from(delivery_log).orderBy(desc(delivery_log.created_at)).limit(20)
+
+  const html = `<!doctype html>
+<html>
+  <head>
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1" />
+    <title>APN Relay</title>
+    <style>
+      body { font-family: ui-sans-serif, system-ui, sans-serif; margin: 24px; color: #111827; }
+      h1 { margin: 0 0 12px 0; }
+      h2 { margin: 22px 0 10px 0; font-size: 16px; }
+      .stats { display: flex; gap: 16px; margin: 0 0 18px 0; }
+      .card { border: 1px solid #e5e7eb; border-radius: 8px; padding: 10px 12px; min-width: 160px; }
+      .muted { color: #6b7280; font-size: 12px; }
+      .small { font-size: 11px; color: #6b7280; }
+      table { border-collapse: collapse; width: 100%; }
+      th, td { border: 1px solid #e5e7eb; text-align: left; padding: 8px; font-size: 12px; }
+      th { background: #f9fafb; }
+    </style>
+  </head>
+  <body>
+    <h1>APN Relay</h1>
+    <p class="muted">MVP dashboard</p>
+    <div class="stats">
+      <div class="card">
+        <div class="muted">Registered devices</div>
+        <div>${Number(a?.value ?? 0)}</div>
+      </div>
+      <div class="card">
+        <div class="muted">Delivery log rows</div>
+        <div>${Number(b?.value ?? 0)}</div>
+      </div>
+    </div>
+    <h2>Registered devices</h2>
+    <p class="small">Most recent 100 registrations. Token values are masked to suffix only.</p>
+    <table>
+      <thead>
+        <tr>
+          <th>updated</th>
+          <th>created</th>
+          <th>token suffix</th>
+          <th>env</th>
+          <th>bundle</th>
+          <th>secret hash</th>
+        </tr>
+      </thead>
+      <tbody>
+        ${
+          devices.length
+            ? devices
+                .map(
+                  (row) => `<tr>
+          <td>${esc(fmt(row.updated_at))}</td>
+          <td>${esc(fmt(row.created_at))}</td>
+          <td>${esc(tail(row.device_token))}</td>
+          <td>${esc(row.apns_env)}</td>
+          <td>${esc(row.bundle_id)}</td>
+          <td>${esc(`${row.secret_hash.slice(0, 12)}…`)}</td>
+        </tr>`,
+                )
+                .join("")
+            : `<tr><td colspan="6" class="muted">No devices registered.</td></tr>`
+        }
+      </tbody>
+    </table>
+    <h2>Bundle breakdown</h2>
+    <table>
+      <thead>
+        <tr>
+          <th>bundle</th>
+          <th>env</th>
+          <th>count</th>
+        </tr>
+      </thead>
+      <tbody>
+        ${
+          byBundle.length
+            ? byBundle
+                .map(
+                  (row) => `<tr>
+          <td>${esc(row.bundle)}</td>
+          <td>${esc(row.env)}</td>
+          <td>${esc(Number(row.value ?? 0))}</td>
+        </tr>`,
+                )
+                .join("")
+            : `<tr><td colspan="3" class="muted">No device data.</td></tr>`
+        }
+      </tbody>
+    </table>
+    <h2>Recent deliveries</h2>
+    <table>
+      <thead>
+        <tr>
+          <th>time</th>
+          <th>event</th>
+          <th>session</th>
+          <th>status</th>
+          <th>error</th>
+        </tr>
+      </thead>
+      <tbody>
+        ${rows
+          .map(
+            (row) => `<tr>
+          <td>${esc(fmt(row.created_at))}</td>
+          <td>${esc(row.event_type)}</td>
+          <td>${esc(row.session_id)}</td>
+          <td>${esc(row.status)}</td>
+          <td>${esc(row.error ?? "")}</td>
+        </tr>`,
+          )
+          .join("")}
+      </tbody>
+    </table>
+  </body>
+</html>`
+
+  return c.html(html)
+})
+
+app.post("/v1/device/register", async (c) => {
+  const raw = await c.req.json().catch(() => undefined)
+  const check = reg.safeParse(raw)
+  if (!check.success) {
+    return c.json(
+      {
+        ok: false,
+        error: "Invalid request body",
+      },
+      400,
+    )
+  }
+
+  const now = Date.now()
+  const key = hash(check.data.secret)
+  const row = {
+    id: randomUUID(),
+    secret_hash: key,
+    device_token: check.data.deviceToken,
+    bundle_id: check.data.bundleId ?? env.APNS_DEFAULT_BUNDLE_ID,
+    apns_env: check.data.apnsEnv,
+    created_at: now,
+    updated_at: now,
+  }
+
+  console.log("[relay] register", {
+    token: tail(row.device_token),
+    env: row.apns_env,
+    bundle: row.bundle_id,
+    secretHash: `${key.slice(0, 12)}...`,
+  })
+
+  await db
+    .insert(device_registration)
+    .values(row)
+    .onDuplicateKeyUpdate({
+      set: {
+        bundle_id: row.bundle_id,
+        apns_env: row.apns_env,
+        updated_at: now,
+      },
+    })
+
+  return c.json({ ok: true })
+})
+
+app.post("/v1/device/unregister", async (c) => {
+  const raw = await c.req.json().catch(() => undefined)
+  const check = unreg.safeParse(raw)
+  if (!check.success) {
+    return c.json(
+      {
+        ok: false,
+        error: "Invalid request body",
+      },
+      400,
+    )
+  }
+
+  const key = hash(check.data.secret)
+
+  console.log("[relay] unregister", {
+    token: tail(check.data.deviceToken),
+    secretHash: `${key.slice(0, 12)}...`,
+  })
+
+  await db
+    .delete(device_registration)
+    .where(and(eq(device_registration.secret_hash, key), eq(device_registration.device_token, check.data.deviceToken)))
+
+  return c.json({ ok: true })
+})
+
+app.post("/v1/event", async (c) => {
+  const raw = await c.req.json().catch(() => undefined)
+  const check = evt.safeParse(raw)
+  if (!check.success) {
+    return c.json(
+      {
+        ok: false,
+        error: "Invalid request body",
+      },
+      400,
+    )
+  }
+
+  const key = hash(check.data.secret)
+  const list = await db.select().from(device_registration).where(eq(device_registration.secret_hash, key))
+  console.log("[relay] event", {
+    type: check.data.eventType,
+    serverID: check.data.serverID,
+    session: check.data.sessionID,
+    secretHash: `${key.slice(0, 12)}...`,
+    devices: list.length,
+  })
+  if (!list.length) {
+    const [total] = await db.select({ value: sql<number>`count(*)` }).from(device_registration)
+    console.log("[relay] event:no-matching-devices", {
+      type: check.data.eventType,
+      serverID: check.data.serverID,
+      session: check.data.sessionID,
+      secretHash: `${key.slice(0, 12)}...`,
+      totalDevices: Number(total?.value ?? 0),
+    })
+
+    return c.json({
+      ok: true,
+      sent: 0,
+      failed: 0,
+    })
+  }
+
+  const out = await Promise.all(
+    list.map(async (row) => {
+      const env = row.apns_env === "sandbox" ? "sandbox" : "production"
+      const payload = {
+        token: row.device_token,
+        bundle: row.bundle_id,
+        title: check.data.title ?? title(check.data.eventType),
+        body: check.data.body ?? body(check.data.eventType),
+        data: {
+          serverID: check.data.serverID,
+          eventType: check.data.eventType,
+          sessionID: check.data.sessionID,
+        },
+      }
+      const first = await send({ ...payload, env })
+      if (first.ok || !bad(first.error)) {
+        if (!first.ok) {
+          console.log("[relay] send:error", {
+            token: tail(row.device_token),
+            env,
+            error: first.error,
+          })
+        }
+        return first
+      }
+
+      const alt = flip(env)
+      console.log("[relay] send:retry-env", {
+        token: tail(row.device_token),
+        from: env,
+        to: alt,
+      })
+      const second = await send({ ...payload, env: alt })
+      if (!second.ok) {
+        console.log("[relay] send:error", {
+          token: tail(row.device_token),
+          env: alt,
+          error: second.error,
+        })
+        return second
+      }
+
+      await db
+        .update(device_registration)
+        .set({ apns_env: alt, updated_at: Date.now() })
+        .where(
+          and(
+            eq(device_registration.secret_hash, row.secret_hash),
+            eq(device_registration.device_token, row.device_token),
+          ),
+        )
+
+      console.log("[relay] send:env-updated", {
+        token: tail(row.device_token),
+        env: alt,
+      })
+      return second
+    }),
+  )
+
+  const now = Date.now()
+  await db.insert(delivery_log).values(
+    out.map((item) => ({
+      id: randomUUID(),
+      secret_hash: key,
+      event_type: check.data.eventType,
+      session_id: check.data.sessionID,
+      status: item.ok ? "sent" : "failed",
+      error: item.error,
+      created_at: now,
+    })),
+  )
+
+  const sent = out.filter((item) => item.ok).length
+  console.log("[relay] event:done", {
+    type: check.data.eventType,
+    session: check.data.sessionID,
+    sent,
+    failed: out.length - sent,
+  })
+  return c.json({
+    ok: true,
+    sent,
+    failed: out.length - sent,
+  })
+})
+
+await setup()
+
+if (import.meta.main) {
+  Bun.serve({
+    port: env.PORT,
+    fetch: app.fetch,
+  })
+  console.log(`apn-relay listening on http://0.0.0.0:${env.PORT}`)
+}
+
+export { app }

packages/apn-relay/src/schema.sql.ts

@@ -0,0 +1,35 @@
+import { bigint, index, mysqlTable, uniqueIndex, varchar } from "drizzle-orm/mysql-core"
+
+export const device_registration = mysqlTable(
+  "device_registration",
+  {
+    id: varchar("id", { length: 36 }).primaryKey(),
+    secret_hash: varchar("secret_hash", { length: 64 }).notNull(),
+    device_token: varchar("device_token", { length: 255 }).notNull(),
+    bundle_id: varchar("bundle_id", { length: 255 }).notNull(),
+    apns_env: varchar("apns_env", { length: 16 }).notNull().default("production"),
+    created_at: bigint("created_at", { mode: "number" }).notNull(),
+    updated_at: bigint("updated_at", { mode: "number" }).notNull(),
+  },
+  (table) => [
+    uniqueIndex("device_registration_secret_token_idx").on(table.secret_hash, table.device_token),
+    index("device_registration_secret_hash_idx").on(table.secret_hash),
+  ],
+)
+
+export const delivery_log = mysqlTable(
+  "delivery_log",
+  {
+    id: varchar("id", { length: 36 }).primaryKey(),
+    secret_hash: varchar("secret_hash", { length: 64 }).notNull(),
+    event_type: varchar("event_type", { length: 32 }).notNull(),
+    session_id: varchar("session_id", { length: 255 }).notNull(),
+    status: varchar("status", { length: 16 }).notNull(),
+    error: varchar("error", { length: 1024 }),
+    created_at: bigint("created_at", { mode: "number" }).notNull(),
+  },
+  (table) => [
+    index("delivery_log_secret_hash_idx").on(table.secret_hash),
+    index("delivery_log_created_at_idx").on(table.created_at),
+  ],
+)

packages/apn-relay/src/setup.ts

@@ -0,0 +1,34 @@
+import { sql } from "drizzle-orm"
+import { db } from "./db"
+
+export async function setup() {
+  await db.execute(sql`
+    CREATE TABLE IF NOT EXISTS device_registration (
+      id varchar(36) NOT NULL,
+      secret_hash varchar(64) NOT NULL,
+      device_token varchar(255) NOT NULL,
+      bundle_id varchar(255) NOT NULL,
+      apns_env varchar(16) NOT NULL DEFAULT 'production',
+      created_at bigint NOT NULL,
+      updated_at bigint NOT NULL,
+      PRIMARY KEY (id),
+      UNIQUE KEY device_registration_secret_token_idx (secret_hash, device_token),
+      KEY device_registration_secret_hash_idx (secret_hash)
+    ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
+  `)
+
+  await db.execute(sql`
+    CREATE TABLE IF NOT EXISTS delivery_log (
+      id varchar(36) NOT NULL,
+      secret_hash varchar(64) NOT NULL,
+      event_type varchar(32) NOT NULL,
+      session_id varchar(255) NOT NULL,
+      status varchar(16) NOT NULL,
+      error varchar(1024) NULL,
+      created_at bigint NOT NULL,
+      PRIMARY KEY (id),
+      KEY delivery_log_secret_hash_idx (secret_hash),
+      KEY delivery_log_created_at_idx (created_at)
+    ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
+  `)
+}

packages/apn-relay/tsconfig.json

@@ -0,0 +1,8 @@
+{
+  "$schema": "https://json.schemastore.org/tsconfig",
+  "extends": "@tsconfig/bun/tsconfig.json",
+  "compilerOptions": {
+    "lib": ["ESNext", "DOM", "DOM.Iterable"],
+    "noUncheckedIndexedAccess": false
+  }
+}

packages/app/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@opencode-ai/app",
-  "version": "1.14.33",
+  "version": "1.14.28",
   "description": "",
   "type": "module",
   "exports": {

packages/app/src/app.tsx

@@ -155,13 +155,11 @@ export function AppBaseProviders(props: ParentProps<{ locale?: Locale }>) {
                 return <ErrorPage error={error} />
               }}
             >
-              <QueryProvider>
-                <DialogProvider>
-                  <MarkedProvider>
-                    <FileComponentProvider component={File}>{props.children}</FileComponentProvider>
-                  </MarkedProvider>
-                </DialogProvider>
-              </QueryProvider>
+              <DialogProvider>
+                <MarkedProvider>
+                  <FileComponentProvider component={File}>{props.children}</FileComponentProvider>
+                </MarkedProvider>
+              </DialogProvider>
             </ErrorBoundary>
           </UiI18nBridge>
         </LanguageProvider>

packages/app/src/components/dialog-settings.tsx

@@ -8,14 +8,20 @@ import { SettingsGeneral } from "./settings-general"
 import { SettingsKeybinds } from "./settings-keybinds"
 import { SettingsProviders } from "./settings-providers"
 import { SettingsModels } from "./settings-models"
+import { SettingsPair } from "./settings-pair"
 
-export const DialogSettings: Component = () => {
+export const DialogSettings: Component<{ defaultTab?: string }> = (props) => {
   const language = useLanguage()
   const platform = usePlatform()
 
   return (
     <Dialog size="x-large" transition>
-      <Tabs orientation="vertical" variant="settings" defaultValue="general" class="h-full settings-dialog">
+      <Tabs
+        orientation="vertical"
+        variant="settings"
+        defaultValue={props.defaultTab ?? "general"}
+        class="h-full settings-dialog"
+      >
         <Tabs.List>
           <div class="flex flex-col justify-between h-full w-full">
             <div class="flex flex-col gap-3 w-full pt-3">
@@ -45,6 +51,10 @@ export const DialogSettings: Component = () => {
                       <Icon name="models" />
                       {language.t("settings.models.title")}
                     </Tabs.Trigger>
+                    <Tabs.Trigger value="pair">
+                      <Icon name="link" />
+                      {language.t("settings.pair.title")}
+                    </Tabs.Trigger>
                   </div>
                 </div>
               </div>
@@ -67,6 +77,9 @@ export const DialogSettings: Component = () => {
         <Tabs.Content value="models" class="no-scrollbar">
           <SettingsModels />
         </Tabs.Content>
+        <Tabs.Content value="pair" class="no-scrollbar">
+          <SettingsPair />
+        </Tabs.Content>
       </Tabs>
     </Dialog>
   )

packages/app/src/components/settings-general.tsx

@@ -329,7 +329,6 @@ export const SettingsGeneral: Component = () => {
             label={(o) => o.label}
             onSelect={(option) => {
               if (!option) return
-              if (option.value === currentShell()) return
               globalSync.updateConfig({ shell: option.value })
             }}
             variant="secondary"

packages/app/src/components/settings-pair.tsx

@@ -0,0 +1,166 @@
+import { type Component, createResource, Show } from "solid-js"
+import { Icon } from "@opencode-ai/ui/icon"
+import { useLanguage } from "@/context/language"
+import { useGlobalSDK } from "@/context/global-sdk"
+import { useServer } from "@/context/server"
+import { usePlatform } from "@/context/platform"
+import { SettingsList } from "./settings-list"
+
+type PairResult =
+  | { enabled: false }
+  | {
+      enabled: true
+      hosts: string[]
+      relayURL?: string
+      serverID?: string
+      relaySecretHash?: string
+      link: string
+      qr: string
+    }
+
+export const SettingsPair: Component = () => {
+  const language = useLanguage()
+  const globalSDK = useGlobalSDK()
+  const server = useServer()
+  const platform = usePlatform()
+
+  const [data] = createResource(async () => {
+    const url = `${globalSDK.url}/experimental/push/pair`
+    console.debug("[settings-pair] fetching pair data", {
+      serverUrl: globalSDK.url,
+      serverName: server.name,
+      serverKey: server.key,
+    })
+    const f = platform.fetch ?? fetch
+    const res = await f(url)
+    if (!res.ok) {
+      console.debug("[settings-pair] pair endpoint returned non-ok", {
+        status: res.status,
+        serverUrl: globalSDK.url,
+      })
+      return { enabled: false as const }
+    }
+    const result = (await res.json()) as PairResult
+    console.debug("[settings-pair] pair data received", {
+      enabled: result.enabled,
+      serverUrl: globalSDK.url,
+      serverName: server.name,
+      ...(result.enabled
+        ? {
+            relayURL: result.relayURL,
+            serverID: result.serverID,
+            relaySecretHash: result.relaySecretHash,
+            hostCount: result.hosts.length,
+            hosts: result.hosts,
+          }
+        : {}),
+    })
+    return result
+  })
+
+  return (
+    <div class="flex flex-col gap-6 py-4 px-5">
+      <div class="flex flex-col gap-1">
+        <h2 class="text-16-semibold text-text-strong">{language.t("settings.pair.title")}</h2>
+        <p class="text-13-regular text-text-weak">{language.t("settings.pair.description")}</p>
+      </div>
+
+      <Show when={data.loading}>
+        <SettingsList>
+          <div class="flex items-center justify-center py-12">
+            <span class="text-14-regular text-text-weak">{language.t("settings.pair.loading")}</span>
+          </div>
+        </SettingsList>
+      </Show>
+
+      <Show when={data.error}>
+        <SettingsList>
+          <div class="flex flex-col items-center justify-center py-12 gap-3 text-center">
+            <Icon name="warning" size="large" />
+            <div class="flex flex-col gap-1">
+              <span class="text-14-medium text-text-strong">{language.t("settings.pair.error.title")}</span>
+              <span class="text-13-regular text-text-weak max-w-md">
+                {language.t("settings.pair.error.description")}
+              </span>
+            </div>
+          </div>
+        </SettingsList>
+      </Show>
+
+      <Show when={!data.loading && !data.error && data()}>
+        {(result) => (
+          <Show
+            when={result().enabled && result()}
+            fallback={
+              <SettingsList>
+                <div class="flex flex-col items-center justify-center py-12 gap-3 text-center">
+                  <Icon name="link" size="large" />
+                  <div class="flex flex-col gap-1">
+                    <span class="text-14-medium text-text-strong">{language.t("settings.pair.disabled.title")}</span>
+                    <span class="text-13-regular text-text-weak max-w-md">
+                      {language.t("settings.pair.disabled.description")}
+                    </span>
+                  </div>
+                  <code class="text-12-regular text-text-weak bg-surface-inset px-3 py-1.5 rounded mt-1">
+                    opencode serve --relay-url &lt;url&gt; --relay-secret &lt;secret&gt;
+                  </code>
+                </div>
+              </SettingsList>
+            }
+          >
+            {(pair) => {
+              const p = pair() as PairResult & { enabled: true }
+              return (
+                <SettingsList>
+                  <div class="flex flex-col items-center py-8 gap-4">
+                    <Show when={server.list.length > 1 || p.relayURL}>
+                      <div class="flex flex-col gap-1.5 w-full max-w-sm text-left">
+                        <div class="flex items-center gap-2">
+                          <span class="text-12-medium text-text-weak shrink-0">
+                            {language.t("settings.pair.server.label")}
+                          </span>
+                          <code class="text-12-regular text-text-default bg-surface-inset px-2 py-0.5 rounded truncate">
+                            {server.name}
+                          </code>
+                        </div>
+                        <Show when={p.relayURL}>
+                          <div class="flex items-center gap-2">
+                            <span class="text-12-medium text-text-weak shrink-0">
+                              {language.t("settings.pair.relay.label")}
+                            </span>
+                            <code class="text-12-regular text-text-default bg-surface-inset px-2 py-0.5 rounded truncate">
+                              {p.relayURL}
+                            </code>
+                          </div>
+                        </Show>
+                        <Show when={p.relaySecretHash}>
+                          <div class="flex items-center gap-2">
+                            <span class="text-12-medium text-text-weak shrink-0">
+                              {language.t("settings.pair.secret.label")}
+                            </span>
+                            <code class="text-12-regular text-text-default bg-surface-inset px-2 py-0.5 rounded truncate">
+                              {p.relaySecretHash}
+                            </code>
+                          </div>
+                        </Show>
+                      </div>
+                    </Show>
+                    <img src={p.qr} alt="Pairing QR code" class="w-64 h-64" />
+                    <div class="flex flex-col gap-1 text-center max-w-sm">
+                      <span class="text-14-medium text-text-strong">
+                        {language.t("settings.pair.instructions.title")}
+                      </span>
+                      <span class="text-13-regular text-text-weak">
+                        {language.t("settings.pair.instructions.description")}
+                      </span>
+                    </div>
+                  </div>
+                </SettingsList>
+              )
+            }}
+          </Show>
+        )}
+      </Show>
+    </div>
+  )
+}

packages/app/src/components/terminal.tsx

@@ -15,7 +15,6 @@ import { terminalFontFamily, useSettings } from "@/context/settings"
 import type { LocalPTY } from "@/context/terminal"
 import { disposeIfDisposable, getHoveredLinkText, setOptionIfSupported } from "@/utils/runtime-adapters"
 import { terminalWriter } from "@/utils/terminal-writer"
-import { terminalWebSocketURL } from "@/utils/terminal-websocket-url"
 
 const TOGGLE_TERMINAL_ID = "terminal.toggle"
 const DEFAULT_TOGGLE_TERMINAL_KEYBIND = "ctrl+`"
@@ -68,6 +67,13 @@ const debugTerminal = (...values: unknown[]) => {
   console.debug("[terminal]", ...values)
 }
 
+const errorName = (err: unknown) => {
+  if (!err || typeof err !== "object") return
+  if (!("name" in err)) return
+  const errorName = err.name
+  return typeof errorName === "string" ? errorName : undefined
+}
+
 const useTerminalUiBindings = (input: {
   container: HTMLDivElement
   term: Term
@@ -472,34 +478,14 @@ export const Terminal = (props: TerminalProps) => {
 
       const gone = () =>
         client.pty
-          .get({ ptyID: id }, { throwOnError: false })
-          .then((result) => result.response.status === 404)
+          .get({ ptyID: id })
+          .then(() => false)
           .catch((err) => {
+            if (errorName(err) === "NotFoundError") return true
             debugTerminal("failed to inspect terminal session", err)
             return false
           })
 
-      const connectToken = async () => {
-        const result = await client.pty
-          .connectToken(
-            { ptyID: id, directory },
-            {
-              throwOnError: false,
-              headers: { "x-opencode-ticket": "1" },
-            },
-          )
-          .catch((err: unknown) => {
-            if (err instanceof Error && err.message.includes("Request is not supported")) return
-            throw err
-          })
-        if (!result) return
-        if (result.response.status === 200 && result.data?.ticket) return result.data.ticket
-        if (result.response.status === 404 || result.response.status === 405) return
-        if (result.response.status === 403)
-          throw new Error("PTY connect ticket rejected by origin or CSRF checks. Check the server CORS config.")
-        throw new Error(`PTY connect ticket failed with ${result.response.status}`)
-      }
-
       const retry = (err: unknown) => {
         if (disposed) return
         if (reconn !== undefined) return
@@ -519,30 +505,22 @@ export const Terminal = (props: TerminalProps) => {
         }, ms)
       }
 
-      const open = async () => {
+      const open = () => {
         if (disposed) return
         drop?.()
 
-        const ticket = await connectToken().catch((err) => {
-          fail(err)
-          return undefined
-        })
-        if (once.value) return
-        if (disposed) return
+        const next = new URL(url + `/pty/${id}/connect`)
+        next.searchParams.set("directory", directory)
+        next.searchParams.set("cursor", String(seek))
+        next.protocol = next.protocol === "https:" ? "wss:" : "ws:"
+        if (!sameOrigin && password) {
+          next.searchParams.set("auth_token", btoa(`${username}:${password}`))
+          // For same-origin requests, let the browser reuse the page's existing auth.
+          next.username = username
+          next.password = password
+        }
 
-        const socket = new WebSocket(
-          terminalWebSocketURL({
-            url,
-            id,
-            directory,
-            cursor: seek,
-            ticket,
-            sameOrigin,
-            username,
-            password,
-            authToken: server.current?.type === "http" ? server.current.authToken : false,
-          }),
-        )
+        const socket = new WebSocket(next)
         socket.binaryType = "arraybuffer"
         ws = socket
 

packages/app/src/context/global-sync.tsx

@@ -33,7 +33,6 @@ import { SESSION_RECENT_LIMIT } from "./global-sync/types"
 import { formatServerError } from "@/utils/server-errors"
 import { queryOptions, skipToken, useMutation, useQueries, useQuery, useQueryClient } from "@tanstack/solid-query"
 import { createRefreshQueue } from "./global-sync/queue"
-import { directoryKey } from "./global-sync/utils"
 
 type GlobalStore = {
   ready: boolean
@@ -170,20 +169,18 @@ function createGlobalSync() {
 
   const queue = createRefreshQueue({
     paused,
-    key: directoryKey,
     bootstrap: () => queryClient.fetchQuery({ queryKey: ["bootstrap"] }),
     bootstrapInstance,
   })
 
   const sdkFor = (directory: string) => {
-    const key = directoryKey(directory)
-    const cached = sdkCache.get(key)
+    const cached = sdkCache.get(directory)
     if (cached) return cached
     const sdk = globalSDK.createClient({
       directory,
       throwOnError: true,
     })
-    sdkCache.set(key, sdk)
+    sdkCache.set(directory, sdk)
     return sdk
   }
 
@@ -195,28 +192,23 @@ function createGlobalSync() {
       void bootstrapInstance(directory)
     },
     onDispose: (directory) => {
-      const key = directoryKey(directory)
-      queue.clear(key)
-      sessionMeta.delete(key)
-      sdkCache.delete(key)
-      clearProviderRev(key)
-      clearSessionPrefetchDirectory(key)
+      queue.clear(directory)
+      sessionMeta.delete(directory)
+      sdkCache.delete(directory)
+      clearProviderRev(directory)
+      clearSessionPrefetchDirectory(directory)
     },
     translate: language.t,
     getSdk: sdkFor,
-    global: {
-      provider: globalStore.provider,
-    },
   })
 
   async function loadSessions(directory: string) {
-    const key = directoryKey(directory)
-    const pending = sessionLoads.get(key)
+    const pending = sessionLoads.get(directory)
     if (pending) return pending
 
-    children.pin(key)
+    children.pin(directory)
     const [store, setStore] = children.child(directory, { bootstrap: false })
-    const meta = sessionMeta.get(key)
+    const meta = sessionMeta.get(directory)
     if (meta && meta.limit >= store.limit) {
       const next = trimSessions(store.session, {
         limit: store.limit,
@@ -226,14 +218,14 @@ function createGlobalSync() {
         setStore("session", reconcile(next, { key: "id" }))
         cleanupDroppedSessionCaches(store, setStore, next, setSessionTodo)
       }
-      children.unpin(key)
+      children.unpin(directory)
       return
     }
 
     const limit = Math.max(store.limit + SESSION_RECENT_LIMIT, SESSION_RECENT_LIMIT)
     const promise = queryClient
       .fetchQuery({
-        ...loadSessionsQuery(key),
+        ...loadSessionsQuery(directory),
         queryFn: () =>
           loadRootSessionsWithFallback({
             directory,
@@ -263,7 +255,7 @@ function createGlobalSync() {
                 setStore("session", reconcile(sessions, { key: "id" }))
                 cleanupDroppedSessionCaches(store, setStore, sessions, setSessionTodo)
               })
-              sessionMeta.set(key, { limit })
+              sessionMeta.set(directory, { limit })
             })
             .catch((err) => {
               console.error("Failed to load sessions", err)
@@ -278,24 +270,23 @@ function createGlobalSync() {
       })
       .then(() => {})
 
-    sessionLoads.set(key, promise)
+    sessionLoads.set(directory, promise)
     void promise.finally(() => {
-      sessionLoads.delete(key)
-      children.unpin(key)
+      sessionLoads.delete(directory)
+      children.unpin(directory)
     })
     return promise
   }
 
   async function bootstrapInstance(directory: string) {
-    const key = directoryKey(directory)
-    if (!key) return
-    const pending = booting.get(key)
+    if (!directory) return
+    const pending = booting.get(directory)
     if (pending) return pending
 
-    children.pin(key)
+    children.pin(directory)
     const promise = Promise.resolve().then(async () => {
       const child = children.ensureChild(directory)
-      const cache = children.vcsCache.get(key)
+      const cache = children.vcsCache.get(directory)
       if (!cache) return
       const sdk = sdkFor(directory)
       await bootstrapDirectory({
@@ -316,17 +307,16 @@ function createGlobalSync() {
       })
     })
 
-    booting.set(key, promise)
+    booting.set(directory, promise)
     void promise.finally(() => {
-      booting.delete(key)
-      children.unpin(key)
+      booting.delete(directory)
+      children.unpin(directory)
     })
     return promise
   }
 
   const unsub = globalSDK.event.listen((e) => {
     const directory = e.name
-    const key = directoryKey(directory)
     const event = e.details
     const recent = bootingRoot || Date.now() - bootedAt < 1500
 
@@ -349,9 +339,9 @@ function createGlobalSync() {
       return
     }
 
-    const existing = children.children[key]
+    const existing = children.children[directory]
     if (!existing) return
-    children.mark(key)
+    children.mark(directory)
     const [store, setStore] = existing
     applyDirectoryEvent({
       event,
@@ -360,9 +350,9 @@ function createGlobalSync() {
       setStore,
       push: queue.push,
       setSessionTodo,
-      vcsCache: children.vcsCache.get(key),
+      vcsCache: children.vcsCache.get(directory),
       loadLsp: () => {
-        void queryClient.fetchQuery(loadLspQuery(key, sdkFor(directory)))
+        void queryClient.fetchQuery(loadLspQuery(directory, sdkFor(directory)))
       },
     })
   })
@@ -373,7 +363,7 @@ function createGlobalSync() {
   })
   onCleanup(() => {
     for (const directory of Object.keys(children.children)) {
-      children.disposeDirectory(directoryKey(directory))
+      children.disposeDirectory(directory)
     }
   })
 

packages/app/src/context/global-sync/bootstrap.ts

@@ -140,13 +140,12 @@ export async function bootstrapGlobal(input: {
         loadProjectsQuery(input.globalSDK, (data) => input.setGlobalStore("project", data ?? [])),
       ),
   ]
-  await runAll(slow)
-  // showErrors({
-  //   errors: errors(),
-  //   title: input.requestFailedTitle,
-  //   translate: input.translate,
-  //   formatMoreCount: input.formatMoreCount,
-  // })
+  showErrors({
+    errors: errors(await runAll(slow)),
+    title: input.requestFailedTitle,
+    translate: input.translate,
+    formatMoreCount: input.formatMoreCount,
+  })
 }
 
 function groupBySession<T extends { id: string; sessionID: string }>(input: T[]) {
@@ -260,6 +259,9 @@ export async function bootstrapDirectory(input: {
   const seededPath = input.global.path.directory === input.directory ? input.global.path : undefined
   if (seededProject) input.setStore("project", seededProject)
   if (seededPath) input.setStore("path", seededPath)
+  if (input.store.provider.all.length === 0 && input.global.provider.all.length > 0) {
+    input.setStore("provider", input.global.provider)
+  }
   if (Object.keys(input.store.config).length === 0 && Object.keys(input.global.config).length > 0) {
     input.setStore("config", reconcile(input.global.config, { merge: false }))
   }

packages/app/src/context/global-sync/child-store.test.ts

@@ -23,7 +23,6 @@ describe("createChildStoreManager", () => {
       onDispose() {},
       translate: (key) => key,
       getSdk: () => null!,
-      global: { provider: null! },
     })
 
     Array.from({ length: 30 }, (_, index) => `/pinned-${index}`).forEach((directory) => {

packages/app/src/context/global-sync/child-store.ts

@@ -1,7 +1,7 @@
 import { createRoot, getOwner, onCleanup, runWithOwner, type Owner } from "solid-js"
 import { createStore, type SetStoreFunction, type Store } from "solid-js/store"
 import { Persist, persisted } from "@/utils/persist"
-import type { OpencodeClient, ProviderListResponse, VcsInfo } from "@opencode-ai/sdk/v2/client"
+import type { OpencodeClient, VcsInfo } from "@opencode-ai/sdk/v2/client"
 import {
   DIR_IDLE_TTL_MS,
   MAX_DIR_STORES,
@@ -17,7 +17,6 @@ import { canDisposeDirectory, pickDirectoriesToEvict } from "./eviction"
 import { useQueries } from "@tanstack/solid-query"
 import { loadPathQuery, loadProvidersQuery } from "./bootstrap"
 import { loadLspQuery, loadMcpQuery } from "../global-sync"
-import { directoryKey, type DirectoryKey } from "./utils"
 
 export function createChildStoreManager(input: {
   owner: Owner
@@ -27,9 +26,6 @@ export function createChildStoreManager(input: {
   onDispose: (directory: string) => void
   translate: (key: string, vars?: Record<string, string | number>) => string
   getSdk: (directory: string) => OpencodeClient
-  global: {
-    provider: ProviderListResponse
-  }
 }) {
   const children: Record<string, [Store<State>, SetStoreFunction<State>]> = {}
   const vcsCache = new Map<string, VcsCache>()
@@ -40,37 +36,30 @@ export function createChildStoreManager(input: {
   const ownerPins = new WeakMap<object, Set<string>>()
   const disposers = new Map<string, () => void>()
 
-  const markKey = (key: DirectoryKey) => {
-    if (!key) return
-    lifecycle.set(key, { lastAccessAt: Date.now() })
-    runEviction(key)
-  }
-
   const mark = (directory: string) => {
-    const key = directoryKey(directory)
-    markKey(key)
+    if (!directory) return
+    lifecycle.set(directory, { lastAccessAt: Date.now() })
+    runEviction(directory)
   }
 
   const pin = (directory: string) => {
-    const key = directoryKey(directory)
-    if (!key) return
-    pins.set(key, (pins.get(key) ?? 0) + 1)
-    markKey(key)
+    if (!directory) return
+    pins.set(directory, (pins.get(directory) ?? 0) + 1)
+    mark(directory)
   }
 
   const unpin = (directory: string) => {
-    const key = directoryKey(directory)
-    if (!key) return
-    const next = (pins.get(key) ?? 0) - 1
+    if (!directory) return
+    const next = (pins.get(directory) ?? 0) - 1
     if (next > 0) {
-      pins.set(key, next)
+      pins.set(directory, next)
       return
     }
-    pins.delete(key)
+    pins.delete(directory)
     runEviction()
   }
 
-  const pinned = (directory: string) => (pins.get(directoryKey(directory)) ?? 0) > 0
+  const pinned = (directory: string) => (pins.get(directory) ?? 0) > 0
 
   const pinForOwner = (directory: string) => {
     const current = getOwner()
@@ -92,31 +81,30 @@ export function createChildStoreManager(input: {
     })
   }
 
-  function disposeDirectory(directory: DirectoryKey) {
-    const key = directory
+  function disposeDirectory(directory: string) {
     if (
       !canDisposeDirectory({
-        directory: key,
-        hasStore: !!children[key],
-        pinned: pinned(key),
-        booting: input.isBooting(key),
-        loadingSessions: input.isLoadingSessions(key),
+        directory,
+        hasStore: !!children[directory],
+        pinned: pinned(directory),
+        booting: input.isBooting(directory),
+        loadingSessions: input.isLoadingSessions(directory),
       })
     ) {
       return false
     }
 
-    vcsCache.delete(key)
-    metaCache.delete(key)
-    iconCache.delete(key)
-    lifecycle.delete(key)
-    const dispose = disposers.get(key)
+    vcsCache.delete(directory)
+    metaCache.delete(directory)
+    iconCache.delete(directory)
+    lifecycle.delete(directory)
+    const dispose = disposers.get(directory)
     if (dispose) {
       dispose()
-      disposers.delete(key)
+      disposers.delete(directory)
     }
-    delete children[key]
-    input.onDispose(key)
+    delete children[directory]
+    input.onDispose(directory)
     return true
   }
 
@@ -133,14 +121,13 @@ export function createChildStoreManager(input: {
     }).filter((directory) => directory !== skip)
     if (list.length === 0) return
     for (const directory of list) {
-      if (!disposeDirectory(directoryKey(directory))) continue
+      if (!disposeDirectory(directory)) continue
     }
   }
 
   function ensureChild(directory: string) {
-    const key = directoryKey(directory)
-    if (!key) console.error("No directory provided")
-    if (!children[key]) {
+    if (!directory) console.error("No directory provided")
+    if (!children[directory]) {
       const vcs = runWithOwner(input.owner, () =>
         persisted(
           Persist.workspace(directory, "vcs", ["vcs.v1"]),
@@ -149,7 +136,7 @@ export function createChildStoreManager(input: {
       )
       if (!vcs) throw new Error(input.translate("error.childStore.persistedCacheCreateFailed"))
       const vcsStore = vcs[0]
-      vcsCache.set(key, { store: vcsStore, setStore: vcs[1], ready: vcs[3] })
+      vcsCache.set(directory, { store: vcsStore, setStore: vcs[1], ready: vcs[3] })
 
       const meta = runWithOwner(input.owner, () =>
         persisted(
@@ -158,7 +145,7 @@ export function createChildStoreManager(input: {
         ),
       )
       if (!meta) throw new Error(input.translate("error.childStore.persistedProjectMetadataCreateFailed"))
-      metaCache.set(key, { store: meta[0], setStore: meta[1], ready: meta[3] })
+      metaCache.set(directory, { store: meta[0], setStore: meta[1], ready: meta[3] })
 
       const icon = runWithOwner(input.owner, () =>
         persisted(
@@ -167,7 +154,7 @@ export function createChildStoreManager(input: {
         ),
       )
       if (!icon) throw new Error(input.translate("error.childStore.persistedProjectIconCreateFailed"))
-      iconCache.set(key, { store: icon[0], setStore: icon[1], ready: icon[3] })
+      iconCache.set(directory, { store: icon[0], setStore: icon[1], ready: icon[3] })
 
       const init = () =>
         createRoot((dispose) => {
@@ -178,10 +165,10 @@ export function createChildStoreManager(input: {
 
           const [pathQuery, mcpQuery, lspQuery, providerQuery] = useQueries(() => ({
             queries: [
-              loadPathQuery(key, sdk),
-              loadMcpQuery(key, sdk),
-              loadLspQuery(key, sdk),
-              loadProvidersQuery(key, sdk),
+              loadPathQuery(directory, sdk),
+              loadMcpQuery(directory, sdk),
+              loadLspQuery(directory, sdk),
+              loadProvidersQuery(directory, sdk),
             ],
           }))
 
@@ -190,15 +177,9 @@ export function createChildStoreManager(input: {
             projectMeta: initialMeta,
             icon: initialIcon,
             get provider_ready() {
-              return !providerQuery.isLoading
-            },
-            get provider() {
-              const EMPTY = { all: [], connected: [], default: {} }
-              if (providerQuery.isLoading) return EMPTY
-              if (providerQuery.data?.all.length === 0 && input.global.provider.all.length > 0)
-                return input.global.provider
-              return providerQuery.data ?? EMPTY
+              return providerQuery.isLoading
             },
+            provider: { all: [], connected: [], default: {} },
             config: {},
             get path() {
               if (pathQuery.isLoading || !pathQuery.data)
@@ -216,13 +197,13 @@ export function createChildStoreManager(input: {
             permission: {},
             question: {},
             get mcp_ready() {
-              return !mcpQuery.isLoading
+              return mcpQuery.isLoading
             },
             get mcp() {
               return mcpQuery.isLoading ? {} : (mcpQuery.data ?? {})
             },
             get lsp_ready() {
-              return !lspQuery.isLoading
+              return lspQuery.isLoading
             },
             get lsp() {
               return lspQuery.isLoading ? [] : (lspQuery.data ?? [])
@@ -232,13 +213,13 @@ export function createChildStoreManager(input: {
             message: {},
             part: {},
           })
-          children[key] = child
-          disposers.set(key, dispose)
+          children[directory] = child
+          disposers.set(directory, dispose)
 
           const onPersistedInit = (init: Promise<string> | string | null, run: () => void) => {
             if (!(init instanceof Promise)) return
             void init.then(() => {
-              if (children[key] !== child) return
+              if (children[directory] !== child) return
               run()
             })
           }
@@ -262,16 +243,15 @@ export function createChildStoreManager(input: {
 
       runWithOwner(input.owner, init)
     }
-    markKey(key)
-    const childStore = children[key]
+    mark(directory)
+    const childStore = children[directory]
     if (!childStore) throw new Error(input.translate("error.childStore.storeCreateFailed"))
     return childStore
   }
 
   function child(directory: string, options: ChildOptions = {}) {
-    const key = directoryKey(directory)
     const childStore = ensureChild(directory)
-    pinForOwner(key)
+    pinForOwner(directory)
     const shouldBootstrap = options.bootstrap ?? true
     if (shouldBootstrap && childStore[0].status === "loading") {
       input.onBootstrap(directory)
@@ -280,7 +260,6 @@ export function createChildStoreManager(input: {
   }
 
   function peek(directory: string, options: ChildOptions = {}) {
-    const key = directoryKey(directory)
     const childStore = ensureChild(directory)
     const shouldBootstrap = options.bootstrap ?? true
     if (shouldBootstrap && childStore[0].status === "loading") {
@@ -290,9 +269,8 @@ export function createChildStoreManager(input: {
   }
 
   function projectMeta(directory: string, patch: ProjectMeta) {
-    const key = directoryKey(directory)
     const [store, setStore] = ensureChild(directory)
-    const cached = metaCache.get(key)
+    const cached = metaCache.get(directory)
     if (!cached) return
     const previous = store.projectMeta ?? {}
     const icon = patch.icon ? { ...previous.icon, ...patch.icon } : previous.icon
@@ -308,9 +286,8 @@ export function createChildStoreManager(input: {
   }
 
   function projectIcon(directory: string, value: string | undefined) {
-    const key = directoryKey(directory)
     const [store, setStore] = ensureChild(directory)
-    const cached = iconCache.get(key)
+    const cached = iconCache.get(directory)
     if (!cached) return
     if (store.icon === value) return
     cached.setStore("value", value)

packages/app/src/context/global-sync/queue.test.ts

@@ -1,46 +0,0 @@
-import { describe, expect, test } from "bun:test"
-import { createRefreshQueue } from "./queue"
-import { directoryKey } from "./utils"
-
-const tick = () => new Promise((resolve) => setTimeout(resolve, 10))
-
-describe("createRefreshQueue", () => {
-  test("clears queued directories by normalized key", async () => {
-    const calls: string[] = []
-    const queue = createRefreshQueue({
-      paused: () => false,
-      key: directoryKey,
-      bootstrap: async () => {},
-      bootstrapInstance: (directory) => {
-        calls.push(directory)
-      },
-    })
-
-    queue.push("C:\\tmp\\demo")
-    queue.clear("C:/tmp/demo")
-
-    await tick()
-
-    expect(calls).toEqual([])
-    queue.dispose()
-  })
-
-  test("passes the original directory to bootstrapInstance", async () => {
-    const calls: string[] = []
-    const queue = createRefreshQueue({
-      paused: () => false,
-      key: directoryKey,
-      bootstrap: async () => {},
-      bootstrapInstance: (directory) => {
-        calls.push(directory)
-      },
-    })
-
-    queue.push("C:\\tmp\\demo")
-
-    await tick()
-
-    expect(calls).toEqual(["C:\\tmp\\demo"])
-    queue.dispose()
-  })
-})

packages/app/src/context/global-sync/queue.ts

@@ -2,25 +2,22 @@ type QueueInput = {
   paused: () => boolean
   bootstrap: () => Promise<void>
   bootstrapInstance: (directory: string) => Promise<void> | void
-  key?: (directory: string) => string
 }
 
 export function createRefreshQueue(input: QueueInput) {
-  const queued = new Map<string, string>()
+  const queued = new Set<string>()
   let root = false
   let running = false
   let timer: ReturnType<typeof setTimeout> | undefined
 
-  const key = input.key ?? ((directory: string) => directory)
-
   const tick = () => new Promise<void>((resolve) => setTimeout(resolve, 0))
 
   const take = (count: number) => {
     if (queued.size === 0) return [] as string[]
     const items: string[] = []
-    for (const [id, directory] of queued) {
-      queued.delete(id)
-      items.push(directory)
+    for (const item of queued) {
+      queued.delete(item)
+      items.push(item)
       if (items.length >= count) break
     }
     return items
@@ -36,7 +33,7 @@ export function createRefreshQueue(input: QueueInput) {
 
   const push = (directory: string) => {
     if (!directory) return
-    queued.set(key(directory), directory)
+    queued.add(directory)
     if (input.paused()) return
     schedule()
   }
@@ -76,7 +73,7 @@ export function createRefreshQueue(input: QueueInput) {
     push,
     refresh,
     clear(directory: string) {
-      queued.delete(key(directory))
+      queued.delete(directory)
     },
     dispose() {
       if (!timer) return

packages/app/src/context/global-sync/utils.test.ts

@@ -1,6 +1,6 @@
 import { describe, expect, test } from "bun:test"
 import type { Agent } from "@opencode-ai/sdk/v2/client"
-import { directoryKey, normalizeAgentList } from "./utils"
+import { normalizeAgentList } from "./utils"
 
 const agent = (name = "build") =>
   ({
@@ -33,20 +33,3 @@ describe("normalizeAgentList", () => {
     expect(normalizeAgentList([{ name: "build" }, agent("docs")])).toEqual([agent("docs")])
   })
 })
-
-describe("directoryKey", () => {
-  test("normalizes slashes", () => {
-    expect(String(directoryKey("C:\\Repos\\sst\\opencode"))).toBe("C:/Repos/sst/opencode")
-    expect(String(directoryKey("C:/Repos/sst/opencode"))).toBe("C:/Repos/sst/opencode")
-  })
-
-  test("preserves backslashes in posix paths", () => {
-    expect(String(directoryKey("/tmp/foo\\bar"))).toBe("/tmp/foo\\bar")
-  })
-
-  test("trims trailing slashes without breaking roots", () => {
-    expect(String(directoryKey("C:/Repos/sst/opencode/"))).toBe("C:/Repos/sst/opencode")
-    expect(String(directoryKey("C:/"))).toBe("C:/")
-    expect(String(directoryKey("/"))).toBe("/")
-  })
-})

packages/app/src/context/global-sync/utils.ts

@@ -1,5 +1,4 @@
 import type { Agent, Project, ProviderListResponse } from "@opencode-ai/sdk/v2/client"
-export { pathKey as directoryKey, type PathKey as DirectoryKey } from "@/utils/path-key"
 
 export const cmp = (a: string, b: string) => (a < b ? -1 : a > b ? 1 : 0)
 

packages/app/src/context/layout.tsx

@@ -391,14 +391,7 @@ export const { use: useLayout, provider: LayoutProvider } = createSimpleContext(
         ? globalSync.data.project.find((x) => x.id === projectID)
         : globalSync.data.project.find((x) => x.worktree === project.worktree)
 
-      // Preserve local icon override from per-workspace localStorage cache (childStore.icon).
-      // Without this, different subdirectories of the same git repo would share the same
-      // icon from the database instead of using their individual overrides.
-      const base = { ...metadata, ...project }
-      if (childStore.icon) {
-        return { ...base, icon: { ...base.icon, override: childStore.icon } }
-      }
-      return base
+      return { ...metadata, ...project }
     }
 
     const roots = createMemo(() => {

packages/app/src/context/local.tsx

@@ -382,7 +382,7 @@ export const { use: useLocal, provider: LocalProvider } = createSimpleContext({
           setSaved("session", session, {
             agent: msg.agent,
             model: msg.model,
-            variant: msg.model?.variant ?? null,
+            variant: msg.model.variant ?? null,
           })
         },
       },

packages/app/src/context/server.test.ts

@@ -1,53 +0,0 @@
-import { describe, expect, test } from "bun:test"
-import { resolveServerList, ServerConnection } from "./server"
-
-describe("resolveServerList", () => {
-  test("lets startup auth_token credentials override a persisted same-url server", () => {
-    const list = resolveServerList({
-      stored: [{ url: "https://server.example.test" }],
-      props: [
-        {
-          type: "http",
-          authToken: true,
-          http: {
-            url: "https://server.example.test",
-            username: "opencode",
-            password: "secret",
-          },
-        },
-      ],
-    })
-
-    expect(list).toHaveLength(1)
-    expect(list[0]?.type).toBe("http")
-    expect(list[0]?.http).toEqual({
-      url: "https://server.example.test",
-      username: "opencode",
-      password: "secret",
-    })
-    expect(list[0]?.type === "http" ? list[0].authToken : false).toBe(true)
-    expect(ServerConnection.key(list[0]!) as string).toBe("https://server.example.test")
-  })
-
-  test("keeps persisted credentials when startup has no auth_token", () => {
-    const list = resolveServerList({
-      stored: [
-        {
-          url: "https://server.example.test",
-          username: "opencode",
-          password: "saved",
-        },
-      ],
-      props: [{ type: "http", http: { url: "https://server.example.test" } }],
-    })
-
-    expect(list).toHaveLength(1)
-    expect(list[0]?.type).toBe("http")
-    expect(list[0]?.http).toEqual({
-      url: "https://server.example.test",
-      username: "opencode",
-      password: "saved",
-    })
-    expect(list[0]?.type === "http" ? list[0].authToken : true).toBeUndefined()
-  })
-})

packages/app/src/context/server.tsx

@@ -33,33 +33,6 @@ function isLocalHost(url: string) {
   if (host === "localhost" || host === "127.0.0.1") return "local"
 }
 
-export function resolveServerList(input: {
-  props?: Array<ServerConnection.Any>
-  stored: StoredServer[]
-}): Array<ServerConnection.Any> {
-  const servers = [
-    ...input.stored.map((value) =>
-      typeof value === "string"
-        ? {
-            type: "http" as const,
-            http: { url: value },
-          }
-        : value,
-    ),
-    ...(input.props ?? []),
-  ]
-
-  const deduped = new Map<ServerConnection.Key, ServerConnection.Any>()
-  for (const value of servers) {
-    const conn: ServerConnection.Any = "type" in value ? value : { type: "http", http: value }
-    const key = ServerConnection.key(conn)
-    if (deduped.has(key) && conn.type === "http" && !conn.authToken) continue
-    deduped.set(key, conn)
-  }
-
-  return [...deduped.values()]
-}
-
 export namespace ServerConnection {
   type Base = { displayName?: string }
 
@@ -73,7 +46,6 @@ export namespace ServerConnection {
   export type Http = {
     type: "http"
     http: HttpBase
-    authToken?: boolean
   } & Base
 
   export type Sidecar = {
@@ -141,7 +113,26 @@ export const { use: useServer, provider: ServerProvider } = createSimpleContext(
     const url = (x: StoredServer) => (typeof x === "string" ? x : "type" in x ? x.http.url : x.url)
 
     const allServers = createMemo((): Array<ServerConnection.Any> => {
-      return resolveServerList({ stored: store.list, props: props.servers })
+      const servers = [
+        ...(props.servers ?? []),
+        ...store.list.map((value) =>
+          typeof value === "string"
+            ? {
+                type: "http" as const,
+                http: { url: value },
+              }
+            : value,
+        ),
+      ]
+
+      const deduped = new Map(
+        servers.map((value) => {
+          const conn: ServerConnection.Any = "type" in value ? value : { type: "http", http: value }
+          return [ServerConnection.key(conn), conn]
+        }),
+      )
+
+      return [...deduped.values()]
     })
 
     const [state, setState] = createStore({
@@ -183,7 +174,7 @@ export const { use: useServer, provider: ServerProvider } = createSimpleContext(
     function add(input: ServerConnection.Http) {
       const url_ = normalizeServerUrl(input.http.url)
       if (!url_) return
-      const conn: ServerConnection.Http = { ...input, authToken: undefined, http: { ...input.http, url: url_ } }
+      const conn = { ...input, http: { ...input.http, url: url_ } }
       return batch(() => {
         const existing = store.list.findIndex((x) => url(x) === url_)
         if (existing !== -1) {

packages/app/src/context/terminal.test.ts

@@ -1,9 +1,6 @@
 import { beforeAll, describe, expect, mock, test } from "bun:test"
 
-type ServerKey = Parameters<typeof import("./terminal").getTerminalServerScope>[1]
-
-let getWorkspaceTerminalCacheKey: (dir: string, scope?: string) => string
-let getTerminalServerScope: typeof import("./terminal").getTerminalServerScope
+let getWorkspaceTerminalCacheKey: (dir: string) => string
 let getLegacyTerminalStorageKeys: (dir: string, legacySessionID?: string) => string[]
 let migrateTerminalState: (value: unknown) => unknown
 
@@ -20,7 +17,6 @@ beforeAll(async () => {
   }))
   const mod = await import("./terminal")
   getWorkspaceTerminalCacheKey = mod.getWorkspaceTerminalCacheKey
-  getTerminalServerScope = mod.getTerminalServerScope
   getLegacyTerminalStorageKeys = mod.getLegacyTerminalStorageKeys
   migrateTerminalState = mod.migrateTerminalState
 })
@@ -29,45 +25,6 @@ describe("getWorkspaceTerminalCacheKey", () => {
   test("uses workspace-only directory cache key", () => {
     expect(getWorkspaceTerminalCacheKey("/repo")).toBe("/repo:__workspace__")
   })
-
-  test("can include a server scope", () => {
-    expect(getWorkspaceTerminalCacheKey("/repo", "wsl:Debian")).toBe("wsl:Debian:/repo:__workspace__")
-  })
-})
-
-describe("getTerminalServerScope", () => {
-  test("preserves local server keys", () => {
-    expect(
-      getTerminalServerScope(
-        { type: "sidecar", variant: "base", http: { url: "http://127.0.0.1:4096" } },
-        "sidecar" as ServerKey,
-      ),
-    ).toBeUndefined()
-    expect(
-      getTerminalServerScope(
-        { type: "http", http: { url: "http://localhost:4096" } },
-        "http://localhost:4096" as ServerKey,
-      ),
-    ).toBeUndefined()
-    expect(
-      getTerminalServerScope({ type: "http", http: { url: "http://[::1]:4096" } }, "http://[::1]:4096" as ServerKey),
-    ).toBeUndefined()
-  })
-
-  test("scopes non-local server keys", () => {
-    expect(
-      getTerminalServerScope(
-        { type: "sidecar", variant: "wsl", distro: "Debian", http: { url: "http://127.0.0.1:4096" } },
-        "wsl:Debian" as ServerKey,
-      ),
-    ).toBe("wsl:Debian" as ServerKey)
-    expect(
-      getTerminalServerScope(
-        { type: "http", http: { url: "https://example.com" } },
-        "https://example.com" as ServerKey,
-      ),
-    ).toBe("https://example.com" as ServerKey)
-  })
 })
 
 describe("getLegacyTerminalStorageKeys", () => {

packages/app/src/context/terminal.tsx

@@ -4,7 +4,6 @@ import { batch, createEffect, createMemo, createRoot, on, onCleanup } from "soli
 import { useParams } from "@solidjs/router"
 import { useSDK } from "./sdk"
 import type { Platform } from "./platform"
-import { ServerConnection, useServer } from "./server"
 import { defaultTitle, titleNumber } from "./terminal-title"
 import { Persist, persisted, removePersisted } from "@/utils/persist"
 
@@ -83,31 +82,10 @@ export function migrateTerminalState(value: unknown) {
   }
 }
 
-export function getWorkspaceTerminalCacheKey(dir: string, scope?: string) {
-  if (scope) return `${scope}:${dir}:${WORKSPACE_KEY}`
+export function getWorkspaceTerminalCacheKey(dir: string) {
   return `${dir}:${WORKSPACE_KEY}`
 }
 
-export function getTerminalServerScope(conn: ServerConnection.Any | undefined, key: ServerConnection.Key) {
-  if (!conn) return
-  if (conn.type === "sidecar" && conn.variant === "base") return
-  if (conn.type === "http") {
-    try {
-      const url = new URL(conn.http.url)
-      if (
-        url.hostname === "localhost" ||
-        url.hostname === "127.0.0.1" ||
-        url.hostname === "::1" ||
-        url.hostname === "[::1]"
-      )
-        return
-    } catch {
-      return key
-    }
-  }
-  return key
-}
-
 export function getLegacyTerminalStorageKeys(dir: string, legacySessionID?: string) {
   if (!legacySessionID) return [`${dir}/terminal.v1`]
   return [`${dir}/terminal/${legacySessionID}.v1`, `${dir}/terminal.v1`]
@@ -132,16 +110,15 @@ const trimTerminal = (pty: LocalPTY) => {
   }
 }
 
-export function clearWorkspaceTerminals(dir: string, sessionIDs?: string[], platform?: Platform, scope?: string) {
-  const key = getWorkspaceTerminalCacheKey(dir, scope)
+export function clearWorkspaceTerminals(dir: string, sessionIDs?: string[], platform?: Platform) {
+  const key = getWorkspaceTerminalCacheKey(dir)
   for (const cache of caches) {
     const entry = cache.get(key)
     entry?.value.clear()
   }
 
-  void removePersisted(Persist.workspace(dir, scope ? `terminal:${scope}` : "terminal"), platform)
+  void removePersisted(Persist.workspace(dir, "terminal"), platform)
 
-  if (scope) return
   const legacy = new Set(getLegacyTerminalStorageKeys(dir))
   for (const id of sessionIDs ?? []) {
     for (const key of getLegacyTerminalStorageKeys(dir, id)) {
@@ -153,17 +130,12 @@ export function clearWorkspaceTerminals(dir: string, sessionIDs?: string[], plat
   }
 }
 
-function createWorkspaceTerminalSession(
-  sdk: ReturnType<typeof useSDK>,
-  dir: string,
-  legacySessionID?: string,
-  scope?: string,
-) {
-  const legacy = scope ? [] : getLegacyTerminalStorageKeys(dir, legacySessionID)
+function createWorkspaceTerminalSession(sdk: ReturnType<typeof useSDK>, dir: string, legacySessionID?: string) {
+  const legacy = getLegacyTerminalStorageKeys(dir, legacySessionID)
 
   const [store, setStore, _, ready] = persisted(
     {
-      ...Persist.workspace(dir, scope ? `terminal:${scope}` : "terminal", legacy),
+      ...Persist.workspace(dir, "terminal", legacy),
       migrate: migrateTerminalState,
     },
     createStore<{
@@ -385,12 +357,8 @@ export const { use: useTerminal, provider: TerminalProvider } = createSimpleCont
   gate: false,
   init: () => {
     const sdk = useSDK()
-    const server = useServer()
     const params = useParams()
     const cache = new Map<string, TerminalCacheEntry>()
-    const scope = createMemo(() => {
-      return getTerminalServerScope(server.current, server.key)
-    })
 
     caches.add(cache)
     onCleanup(() => caches.delete(cache))
@@ -414,9 +382,9 @@ export const { use: useTerminal, provider: TerminalProvider } = createSimpleCont
       }
     }
 
-    const loadWorkspace = (dir: string, legacySessionID: string | undefined, serverScope: string | undefined) => {
+    const loadWorkspace = (dir: string, legacySessionID?: string) => {
       // Terminals are workspace-scoped so tabs persist while switching sessions in the same directory.
-      const key = getWorkspaceTerminalCacheKey(dir, serverScope)
+      const key = getWorkspaceTerminalCacheKey(dir)
       const existing = cache.get(key)
       if (existing) {
         cache.delete(key)
@@ -425,7 +393,7 @@ export const { use: useTerminal, provider: TerminalProvider } = createSimpleCont
       }
 
       const entry = createRoot((dispose) => ({
-        value: createWorkspaceTerminalSession(sdk, dir, legacySessionID, serverScope),
+        value: createWorkspaceTerminalSession(sdk, dir, legacySessionID),
         dispose,
       }))
 
@@ -434,16 +402,16 @@ export const { use: useTerminal, provider: TerminalProvider } = createSimpleCont
       return entry.value
     }
 
-    const workspace = createMemo(() => loadWorkspace(params.dir!, params.id, scope()))
+    const workspace = createMemo(() => loadWorkspace(params.dir!, params.id))
 
     createEffect(
       on(
-        () => ({ dir: params.dir, id: params.id, scope: scope() }),
+        () => ({ dir: params.dir, id: params.id }),
         (next, prev) => {
           if (!prev?.dir) return
-          if (next.dir === prev.dir && next.id === prev.id && next.scope === prev.scope) return
-          if (next.dir === prev.dir && next.id && next.scope === prev.scope) return
-          loadWorkspace(prev.dir, prev.id, prev.scope).trimAll()
+          if (next.dir === prev.dir && next.id === prev.id) return
+          if (next.dir === prev.dir && next.id) return
+          loadWorkspace(prev.dir, prev.id).trimAll()
         },
         { defer: true },
       ),

packages/app/src/entry.tsx

@@ -7,7 +7,6 @@ import { type Platform, PlatformProvider } from "@/context/platform"
 import { dict as en } from "@/i18n/en"
 import { dict as zh } from "@/i18n/zh"
 import { handleNotificationClick } from "@/utils/notification-click"
-import { authFromToken } from "@/utils/server"
 import pkg from "../package.json"
 import { ServerConnection } from "./context/server"
 
@@ -112,13 +111,6 @@ const getDefaultUrl = () => {
   return getCurrentUrl()
 }
 
-const clearAuthToken = () => {
-  const params = new URLSearchParams(location.search)
-  if (!params.has("auth_token")) return
-  params.delete("auth_token")
-  history.replaceState(null, "", location.pathname + (params.size ? `?${params}` : "") + location.hash)
-}
-
 const platform: Platform = {
   platform: "web",
   version: pkg.version,
@@ -154,16 +146,7 @@ if (import.meta.env.VITE_SENTRY_DSN) {
 }
 
 if (root instanceof HTMLElement) {
-  const auth = authFromToken(new URLSearchParams(location.search).get("auth_token"))
-  clearAuthToken()
-  const server: ServerConnection.Http = {
-    type: "http",
-    authToken: !!auth,
-    http: {
-      url: getCurrentUrl(),
-      ...auth,
-    },
-  }
+  const server: ServerConnection.Http = { type: "http", http: { url: getCurrentUrl() } }
   render(
     () => (
       <PlatformProvider value={platform}>

packages/app/src/env.d.ts

@@ -2,6 +2,7 @@ interface ImportMetaEnv {
   readonly VITE_OPENCODE_SERVER_HOST: string
   readonly VITE_OPENCODE_SERVER_PORT: string
   readonly VITE_OPENCODE_CHANNEL?: "dev" | "beta" | "prod"
+  readonly OPENCODE_CHANNEL?: "dev" | "beta" | "prod"
 
   readonly VITE_SENTRY_DSN?: string
   readonly VITE_SENTRY_ENVIRONMENT?: string

packages/app/src/i18n/ar.ts

@@ -402,8 +402,6 @@ export const dict = {
   "error.page.description": "حدث خطأ أثناء تحميل التطبيق.",
   "error.page.details.label": "تفاصيل الخطأ",
   "error.page.action.restart": "إعادة تشغيل",
-  "error.page.action.report": "الإبلاغ عن الخطأ",
-  "error.page.action.reported": "تم الإبلاغ عن الخطأ",
   "error.page.action.checking": "جارٍ التحقق...",
   "error.page.action.checkUpdates": "التحقق من وجود تحديثات",
   "error.page.action.updateTo": "تحديث إلى {{version}}",
@@ -723,6 +721,8 @@ export const dict = {
   "settings.permissions.tool.webfetch.description": "جلب محتوى من عنوان URL",
   "settings.permissions.tool.websearch.title": "بحث الويب",
   "settings.permissions.tool.websearch.description": "البحث في الويب",
+  "settings.permissions.tool.codesearch.title": "بحث الكود",
+  "settings.permissions.tool.codesearch.description": "البحث عن كود على الويب",
   "settings.permissions.tool.external_directory.title": "دليل خارجي",
   "settings.permissions.tool.external_directory.description": "الوصول إلى الملفات خارج دليل المشروع",
   "settings.permissions.tool.doom_loop.title": "حلقة الموت",

packages/app/src/i18n/br.ts

@@ -403,8 +403,6 @@ export const dict = {
   "error.page.description": "Ocorreu um erro ao carregar a aplicação.",
   "error.page.details.label": "Detalhes do Erro",
   "error.page.action.restart": "Reiniciar",
-  "error.page.action.report": "Reportar erro",
-  "error.page.action.reported": "Erro reportado",
   "error.page.action.checking": "Verificando...",
   "error.page.action.checkUpdates": "Verificar atualizações",
   "error.page.action.updateTo": "Atualizar para {{version}}",
@@ -734,6 +732,8 @@ export const dict = {
   "settings.permissions.tool.webfetch.description": "Buscar conteúdo de uma URL",
   "settings.permissions.tool.websearch.title": "Pesquisa Web",
   "settings.permissions.tool.websearch.description": "Pesquisar na web",
+  "settings.permissions.tool.codesearch.title": "Pesquisa de Código",
+  "settings.permissions.tool.codesearch.description": "Pesquisar código na web",
   "settings.permissions.tool.external_directory.title": "Diretório Externo",
   "settings.permissions.tool.external_directory.description": "Acessar arquivos fora do diretório do projeto",
   "settings.permissions.tool.doom_loop.title": "Loop Infinito",

packages/app/src/i18n/bs.ts

@@ -449,8 +449,6 @@ export const dict = {
   "error.page.description": "Došlo je do greške prilikom učitavanja aplikacije.",
   "error.page.details.label": "Detalji greške",
   "error.page.action.restart": "Restartuj",
-  "error.page.action.report": "Prijavi grešku",
-  "error.page.action.reported": "Greška prijavljena",
   "error.page.action.checking": "Provjera...",
   "error.page.action.checkUpdates": "Provjeri ažuriranja",
   "error.page.action.updateTo": "Ažuriraj na {{version}}",
@@ -808,6 +806,8 @@ export const dict = {
   "settings.permissions.tool.webfetch.description": "Preuzmi sadržaj sa URL-a",
   "settings.permissions.tool.websearch.title": "Web pretraga",
   "settings.permissions.tool.websearch.description": "Pretražuj web",
+  "settings.permissions.tool.codesearch.title": "Pretraga koda",
+  "settings.permissions.tool.codesearch.description": "Pretraži kod na webu",
   "settings.permissions.tool.external_directory.title": "Vanjski direktorij",
   "settings.permissions.tool.external_directory.description": "Pristup datotekama izvan direktorija projekta",
   "settings.permissions.tool.doom_loop.title": "Beskonačna petlja",

packages/app/src/i18n/da.ts

@@ -446,8 +446,6 @@ export const dict = {
   "error.page.description": "Der opstod en fejl under indlæsning af applikationen.",
   "error.page.details.label": "Fejldetaljer",
   "error.page.action.restart": "Genstart",
-  "error.page.action.report": "Rapportér fejl",
-  "error.page.action.reported": "Fejl rapporteret",
   "error.page.action.checking": "Tjekker...",
   "error.page.action.checkUpdates": "Tjek for opdateringer",
   "error.page.action.updateTo": "Opdater til {{version}}",
@@ -802,6 +800,8 @@ export const dict = {
   "settings.permissions.tool.webfetch.description": "Hent indhold fra en URL",
   "settings.permissions.tool.websearch.title": "Websøgning",
   "settings.permissions.tool.websearch.description": "Søg på nettet",
+  "settings.permissions.tool.codesearch.title": "Kodesøgning",
+  "settings.permissions.tool.codesearch.description": "Søg kode på nettet",
   "settings.permissions.tool.external_directory.title": "Ekstern mappe",
   "settings.permissions.tool.external_directory.description": "Få adgang til filer uden for projektmappen",
   "settings.permissions.tool.doom_loop.title": "Doom Loop",

packages/app/src/i18n/de.ts

@@ -410,8 +410,6 @@ export const dict = {
   "error.page.description": "Beim Laden der Anwendung ist ein Fehler aufgetreten.",
   "error.page.details.label": "Fehlerdetails",
   "error.page.action.restart": "Neustart",
-  "error.page.action.report": "Fehler melden",
-  "error.page.action.reported": "Fehler gemeldet",
   "error.page.action.checking": "Prüfen...",
   "error.page.action.checkUpdates": "Nach Updates suchen",
   "error.page.action.updateTo": "Auf {{version}} aktualisieren",
@@ -745,6 +743,8 @@ export const dict = {
   "settings.permissions.tool.webfetch.description": "Inhalt von einer URL abrufen",
   "settings.permissions.tool.websearch.title": "Web-Suche",
   "settings.permissions.tool.websearch.description": "Das Web durchsuchen",
+  "settings.permissions.tool.codesearch.title": "Code-Suche",
+  "settings.permissions.tool.codesearch.description": "Code im Web durchsuchen",
   "settings.permissions.tool.external_directory.title": "Externes Verzeichnis",
   "settings.permissions.tool.external_directory.description": "Zugriff auf Dateien außerhalb des Projektverzeichnisses",
   "settings.permissions.tool.doom_loop.title": "Doom Loop",

packages/app/src/i18n/en.ts

@@ -28,6 +28,7 @@ export const dict = {
   "command.provider.connect": "Connect provider",
   "command.server.switch": "Switch server",
   "command.settings.open": "Open settings",
+  "command.pair.show": "Pair mobile device",
   "command.session.previous": "Previous session",
   "command.session.next": "Next session",
   "command.session.previous.unseen": "Previous unread session",
@@ -465,8 +466,6 @@ export const dict = {
   "error.page.description": "An error occurred while loading the application.",
   "error.page.details.label": "Error Details",
   "error.page.action.restart": "Restart",
-  "error.page.action.report": "Report Error",
-  "error.page.action.reported": "Error Reported",
   "error.page.action.checking": "Checking...",
   "error.page.action.checkUpdates": "Check for updates",
   "error.page.action.updateTo": "Update to {{version}}",
@@ -880,6 +879,20 @@ export const dict = {
   "settings.providers.tag.config": "Config",
   "settings.providers.tag.custom": "Custom",
   "settings.providers.tag.other": "Other",
+  "settings.pair.title": "Pair",
+  "settings.pair.description": "Pair a mobile device for push notifications.",
+  "settings.pair.loading": "Loading pairing info...",
+  "settings.pair.error.title": "Could not load pairing info",
+  "settings.pair.error.description": "Check that the server is reachable and try again.",
+  "settings.pair.disabled.title": "Push relay is not enabled",
+  "settings.pair.disabled.description": "Start the server with push relay options to enable mobile pairing.",
+  "settings.pair.server.label": "Server",
+  "settings.pair.relay.label": "Relay",
+  "settings.pair.secret.label": "Secret",
+  "settings.pair.instructions.title": "Scan with the OpenCode Control app",
+  "settings.pair.instructions.description":
+    "Open the OpenCode Control app and scan this QR code to pair your device for push notifications.",
+
   "settings.models.title": "Models",
   "settings.models.description": "Model settings will be configurable here.",
   "settings.agents.title": "Agents",
@@ -922,6 +935,8 @@ export const dict = {
   "settings.permissions.tool.webfetch.description": "Fetch content from a URL",
   "settings.permissions.tool.websearch.title": "Web Search",
   "settings.permissions.tool.websearch.description": "Search the web",
+  "settings.permissions.tool.codesearch.title": "Code Search",
+  "settings.permissions.tool.codesearch.description": "Search code on the web",
   "settings.permissions.tool.external_directory.title": "External Directory",
   "settings.permissions.tool.external_directory.description": "Access files outside the project directory",
   "settings.permissions.tool.doom_loop.title": "Doom Loop",

packages/app/src/i18n/es.ts

@@ -449,8 +449,6 @@ export const dict = {
   "error.page.description": "Ocurrió un error al cargar la aplicación.",
   "error.page.details.label": "Detalles del error",
   "error.page.action.restart": "Reiniciar",
-  "error.page.action.report": "Informar error",
-  "error.page.action.reported": "Error informado",
   "error.page.action.checking": "Comprobando...",
   "error.page.action.checkUpdates": "Buscar actualizaciones",
   "error.page.action.updateTo": "Actualizar a {{version}}",
@@ -815,6 +813,8 @@ export const dict = {
   "settings.permissions.tool.webfetch.description": "Obtener contenido de una URL",
   "settings.permissions.tool.websearch.title": "Búsqueda Web",
   "settings.permissions.tool.websearch.description": "Buscar en la web",
+  "settings.permissions.tool.codesearch.title": "Búsqueda de Código",
+  "settings.permissions.tool.codesearch.description": "Buscar código en la web",
   "settings.permissions.tool.external_directory.title": "Directorio Externo",
   "settings.permissions.tool.external_directory.description": "Acceder a archivos fuera del directorio del proyecto",
   "settings.permissions.tool.doom_loop.title": "Bucle Infinito",

packages/app/src/i18n/fr.ts

@@ -406,8 +406,6 @@ export const dict = {
   "error.page.description": "Une erreur s'est produite lors du chargement de l'application.",
   "error.page.details.label": "Détails de l'erreur",
   "error.page.action.restart": "Redémarrer",
-  "error.page.action.report": "Signaler l'erreur",
-  "error.page.action.reported": "Erreur signalée",
   "error.page.action.checking": "Vérification...",
   "error.page.action.checkUpdates": "Vérifier les mises à jour",
   "error.page.action.updateTo": "Mettre à jour vers {{version}}",
@@ -743,6 +741,8 @@ export const dict = {
   "settings.permissions.tool.webfetch.description": "Récupérer le contenu d'une URL",
   "settings.permissions.tool.websearch.title": "Recherche Web",
   "settings.permissions.tool.websearch.description": "Rechercher sur le web",
+  "settings.permissions.tool.codesearch.title": "Recherche de code",
+  "settings.permissions.tool.codesearch.description": "Rechercher du code sur le web",
   "settings.permissions.tool.external_directory.title": "Répertoire externe",
   "settings.permissions.tool.external_directory.description": "Accéder aux fichiers en dehors du répertoire du projet",
   "settings.permissions.tool.doom_loop.title": "Boucle infernale",

packages/app/src/i18n/ja.ts

@@ -402,8 +402,6 @@ export const dict = {
   "error.page.description": "アプリケーションの読み込み中にエラーが発生しました。",
   "error.page.details.label": "エラー詳細",
   "error.page.action.restart": "再起動",
-  "error.page.action.report": "エラーを報告",
-  "error.page.action.reported": "エラーを報告しました",
   "error.page.action.checking": "確認中...",
   "error.page.action.checkUpdates": "アップデートを確認",
   "error.page.action.updateTo": "{{version}}にアップデート",
@@ -729,6 +727,8 @@ export const dict = {
   "settings.permissions.tool.webfetch.description": "URLからコンテンツを取得",
   "settings.permissions.tool.websearch.title": "Web検索",
   "settings.permissions.tool.websearch.description": "ウェブを検索",
+  "settings.permissions.tool.codesearch.title": "コード検索",
+  "settings.permissions.tool.codesearch.description": "ウェブ上のコードを検索",
   "settings.permissions.tool.external_directory.title": "外部ディレクトリ",
   "settings.permissions.tool.external_directory.description": "プロジェクトディレクトリ外のファイルへのアクセス",
   "settings.permissions.tool.doom_loop.title": "無限ループ",

packages/app/src/i18n/ko.ts

@@ -401,8 +401,6 @@ export const dict = {
   "error.page.description": "애플리케이션을 로드하는 동안 오류가 발생했습니다.",
   "error.page.details.label": "오류 세부 정보",
   "error.page.action.restart": "다시 시작",
-  "error.page.action.report": "오류 신고",
-  "error.page.action.reported": "오류가 신고됨",
   "error.page.action.checking": "확인 중...",
   "error.page.action.checkUpdates": "업데이트 확인",
   "error.page.action.updateTo": "{{version}} 버전으로 업데이트",
@@ -724,6 +722,8 @@ export const dict = {
   "settings.permissions.tool.webfetch.description": "URL에서 콘텐츠 가져오기",
   "settings.permissions.tool.websearch.title": "웹 검색",
   "settings.permissions.tool.websearch.description": "웹 검색",
+  "settings.permissions.tool.codesearch.title": "코드 검색",
+  "settings.permissions.tool.codesearch.description": "웹에서 코드 검색",
   "settings.permissions.tool.external_directory.title": "외부 디렉터리",
   "settings.permissions.tool.external_directory.description": "프로젝트 디렉터리 외부의 파일에 액세스",
   "settings.permissions.tool.doom_loop.title": "무한 반복",

packages/app/src/i18n/no.ts

@@ -450,8 +450,6 @@ export const dict = {
   "error.page.description": "Det oppstod en feil under lasting av applikasjonen.",
   "error.page.details.label": "Feildetaljer",
   "error.page.action.restart": "Start på nytt",
-  "error.page.action.report": "Rapporter feil",
-  "error.page.action.reported": "Feil rapportert",
   "error.page.action.checking": "Sjekker...",
   "error.page.action.checkUpdates": "Se etter oppdateringer",
   "error.page.action.updateTo": "Oppdater til {{version}}",
@@ -809,6 +807,8 @@ export const dict = {
   "settings.permissions.tool.webfetch.description": "Hent innhold fra en URL",
   "settings.permissions.tool.websearch.title": "Websøk",
   "settings.permissions.tool.websearch.description": "Søk på nettet",
+  "settings.permissions.tool.codesearch.title": "Kodesøk",
+  "settings.permissions.tool.codesearch.description": "Søk etter kode på nettet",
   "settings.permissions.tool.external_directory.title": "Ekstern mappe",
   "settings.permissions.tool.external_directory.description": "Få tilgang til filer utenfor prosjektmappen",
   "settings.permissions.tool.doom_loop.title": "Doom Loop",

packages/app/src/i18n/pl.ts

@@ -403,8 +403,6 @@ export const dict = {
   "error.page.description": "Wystąpił błąd podczas ładowania aplikacji.",
   "error.page.details.label": "Szczegóły błędu",
   "error.page.action.restart": "Restartuj",
-  "error.page.action.report": "Zgłoś błąd",
-  "error.page.action.reported": "Błąd zgłoszony",
   "error.page.action.checking": "Sprawdzanie...",
   "error.page.action.checkUpdates": "Sprawdź aktualizacje",
   "error.page.action.updateTo": "Zaktualizuj do {{version}}",
@@ -731,6 +729,8 @@ export const dict = {
   "settings.permissions.tool.webfetch.description": "Pobieranie zawartości z adresu URL",
   "settings.permissions.tool.websearch.title": "Wyszukiwanie w sieci",
   "settings.permissions.tool.websearch.description": "Przeszukiwanie sieci",
+  "settings.permissions.tool.codesearch.title": "Wyszukiwanie kodu",
+  "settings.permissions.tool.codesearch.description": "Przeszukiwanie kodu w sieci",
   "settings.permissions.tool.external_directory.title": "Katalog zewnętrzny",
   "settings.permissions.tool.external_directory.description": "Dostęp do plików poza katalogiem projektu",
   "settings.permissions.tool.doom_loop.title": "Zapętlenie",

packages/app/src/i18n/ru.ts

@@ -448,8 +448,6 @@ export const dict = {
   "error.page.description": "Произошла ошибка при загрузке приложения.",
   "error.page.details.label": "Детали ошибки",
   "error.page.action.restart": "Перезапустить",
-  "error.page.action.report": "Сообщить об ошибке",
-  "error.page.action.reported": "Об ошибке сообщено",
   "error.page.action.checking": "Проверка...",
   "error.page.action.checkUpdates": "Проверить обновления",
   "error.page.action.updateTo": "Обновить до {{version}}",
@@ -810,6 +808,8 @@ export const dict = {
   "settings.permissions.tool.webfetch.description": "Получение контента по URL",
   "settings.permissions.tool.websearch.title": "Web Search",
   "settings.permissions.tool.websearch.description": "Поиск в интернете",
+  "settings.permissions.tool.codesearch.title": "Code Search",
+  "settings.permissions.tool.codesearch.description": "Поиск кода в интернете",
   "settings.permissions.tool.external_directory.title": "Внешняя директория",
   "settings.permissions.tool.external_directory.description": "Доступ к файлам вне директории проекта",
   "settings.permissions.tool.doom_loop.title": "Doom Loop",

packages/app/src/i18n/th.ts

@@ -447,8 +447,6 @@ export const dict = {
   "error.page.description": "เกิดข้อผิดพลาดระหว่างการโหลดแอปพลิเคชัน",
   "error.page.details.label": "รายละเอียดข้อผิดพลาด",
   "error.page.action.restart": "รีสตาร์ท",
-  "error.page.action.report": "รายงานข้อผิดพลาด",
-  "error.page.action.reported": "รายงานข้อผิดพลาดแล้ว",
   "error.page.action.checking": "กำลังตรวจสอบ...",
   "error.page.action.checkUpdates": "ตรวจสอบการอัปเดต",
   "error.page.action.updateTo": "อัปเดตเป็น {{version}}",
@@ -798,6 +796,8 @@ export const dict = {
   "settings.permissions.tool.webfetch.description": "ดึงเนื้อหาจาก URL",
   "settings.permissions.tool.websearch.title": "ค้นหาเว็บ",
   "settings.permissions.tool.websearch.description": "ค้นหาบนเว็บ",
+  "settings.permissions.tool.codesearch.title": "ค้นหาโค้ด",
+  "settings.permissions.tool.codesearch.description": "ค้นหาโค้ดบนเว็บ",
   "settings.permissions.tool.external_directory.title": "ไดเรกทอรีภายนอก",
   "settings.permissions.tool.external_directory.description": "เข้าถึงไฟล์นอกไดเรกทอรีโปรเจกต์",
   "settings.permissions.tool.doom_loop.title": "Doom Loop",

packages/app/src/i18n/tr.ts

@@ -452,8 +452,6 @@ export const dict = {
   "error.page.description": "Uygulama yüklenirken bir hata oluştu.",
   "error.page.details.label": "Hata Detayları",
   "error.page.action.restart": "Yeniden Başlat",
-  "error.page.action.report": "Hatayı Bildir",
-  "error.page.action.reported": "Hata Bildirildi",
   "error.page.action.checking": "Kontrol ediliyor...",
   "error.page.action.checkUpdates": "Güncellemeleri kontrol et",
   "error.page.action.updateTo": "{{version}} sürümüne güncelle",
@@ -818,6 +816,8 @@ export const dict = {
   "settings.permissions.tool.webfetch.description": "Bir URL'den içerik getir",
   "settings.permissions.tool.websearch.title": "Web Ara",
   "settings.permissions.tool.websearch.description": "Web'de ara",
+  "settings.permissions.tool.codesearch.title": "Kod Ara",
+  "settings.permissions.tool.codesearch.description": "Web'de kod ara",
   "settings.permissions.tool.external_directory.title": "Harici Dizin",
   "settings.permissions.tool.external_directory.description": "Proje dizini dışındaki dosyalara eriş",
   "settings.permissions.tool.doom_loop.title": "Sonsuz Döngü",

packages/app/src/i18n/zh.ts

@@ -452,8 +452,6 @@ export const dict = {
   "error.page.description": "加载应用程序时发生错误。",
   "error.page.details.label": "错误详情",
   "error.page.action.restart": "重启",
-  "error.page.action.report": "上报错误",
-  "error.page.action.reported": "错误已上报",
   "error.page.action.checking": "检查中...",
   "error.page.action.checkUpdates": "检查更新",
   "error.page.action.updateTo": "更新到 {{version}}",
@@ -795,6 +793,8 @@ export const dict = {
   "settings.permissions.tool.webfetch.description": "从 URL 获取内容",
   "settings.permissions.tool.websearch.title": "网页搜索",
   "settings.permissions.tool.websearch.description": "搜索网页",
+  "settings.permissions.tool.codesearch.title": "代码搜索",
+  "settings.permissions.tool.codesearch.description": "在网上搜索代码",
   "settings.permissions.tool.external_directory.title": "外部目录",
   "settings.permissions.tool.external_directory.description": "访问项目目录之外的文件",
   "settings.permissions.tool.doom_loop.title": "死循环",

packages/app/src/i18n/zht.ts

@@ -445,8 +445,6 @@ export const dict = {
   "error.page.description": "載入應用程式時發生錯誤。",
   "error.page.details.label": "錯誤詳情",
   "error.page.action.restart": "重新啟動",
-  "error.page.action.report": "回報錯誤",
-  "error.page.action.reported": "已回報錯誤",
   "error.page.action.checking": "檢查中...",
   "error.page.action.checkUpdates": "檢查更新",
   "error.page.action.updateTo": "更新到 {{version}}",
@@ -791,6 +789,8 @@ export const dict = {
   "settings.permissions.tool.webfetch.description": "從 URL 取得內容",
   "settings.permissions.tool.websearch.title": "Web Search",
   "settings.permissions.tool.websearch.description": "搜尋網頁",
+  "settings.permissions.tool.codesearch.title": "Code Search",
+  "settings.permissions.tool.codesearch.description": "在網路上搜尋程式碼",
   "settings.permissions.tool.external_directory.title": "外部目錄",
   "settings.permissions.tool.external_directory.description": "存取專案目錄之外的檔案",
   "settings.permissions.tool.doom_loop.title": "Doom Loop",

packages/app/src/pages/error.tsx

@@ -1,8 +1,7 @@
 import { TextField } from "@opencode-ai/ui/text-field"
-import * as Sentry from "@sentry/solid"
 import { Logo } from "@opencode-ai/ui/logo"
 import { Button } from "@opencode-ai/ui/button"
-import { Component, createSignal, Show } from "solid-js"
+import { Component, Show } from "solid-js"
 import { createStore } from "solid-js/store"
 import { usePlatform } from "@/context/platform"
 import { useLanguage } from "@/context/language"
@@ -271,27 +270,10 @@ export const ErrorPage: Component<ErrorPageProps> = (props) => {
           label={language.t("error.page.details.label")}
           hideLabel
         />
-        <div class="flex flex-row items-center justify-center gap-3 flex-wrap max-w-64">
+        <div class="flex items-center gap-3">
           <Button size="large" onClick={platform.restart}>
             {language.t("error.page.action.restart")}
           </Button>
-          <Show when={Sentry.isEnabled}>
-            {(_) => {
-              const [reported, setReported] = createSignal(false)
-              return (
-                <Button
-                  size="large"
-                  disabled={reported()}
-                  onClick={() => {
-                    Sentry.captureException(props.error)
-                    setReported(true)
-                  }}
-                >
-                  {language.t(reported() ? "error.page.action.reported" : "error.page.action.report")}
-                </Button>
-              )
-            }}
-          </Show>
           <Show when={platform.checkUpdate}>
             <Show
               when={store.version}

packages/app/src/pages/layout.tsx

@@ -35,7 +35,7 @@ import type { DragEvent } from "@thisbeyond/solid-dnd"
 import { useProviders } from "@/hooks/use-providers"
 import { showToast, Toast, toaster } from "@opencode-ai/ui/toast"
 import { useGlobalSDK } from "@/context/global-sdk"
-import { clearWorkspaceTerminals, getTerminalServerScope } from "@/context/terminal"
+import { clearWorkspaceTerminals } from "@/context/terminal"
 import { dropSessionCaches, pickSessionCacheEvictions } from "@/context/global-sync/session-cache"
 import {
   clearSessionPrefetchInflight,
@@ -64,13 +64,13 @@ import { DebugBar } from "@/components/debug-bar"
 import { Titlebar } from "@/components/titlebar"
 import { useServer } from "@/context/server"
 import { useLanguage, type Locale } from "@/context/language"
-import { pathKey } from "@/utils/path-key"
 import {
   displayName,
   effectiveWorkspaceOrder,
   errorMessage,
   latestRootSession,
   sortedRootSessions,
+  workspaceKey,
 } from "./layout/helpers"
 import {
   collectNewSessionDeepLinks,
@@ -164,7 +164,7 @@ export default function Layout(props: ParentProps) {
 
   const editor = createInlineEditorController()
   const setBusy = (directory: string, value: boolean) => {
-    const key = pathKey(directory)
+    const key = workspaceKey(directory)
     if (value) {
       setState("busyWorkspaces", key, true)
       return
@@ -176,7 +176,7 @@ export default function Layout(props: ParentProps) {
       }),
     )
   }
-  const isBusy = (directory: string) => !!state.busyWorkspaces[pathKey(directory)]
+  const isBusy = (directory: string) => !!state.busyWorkspaces[workspaceKey(directory)]
   const navLeave = { current: undefined as number | undefined }
   const sortNow = () => state.sortNow
   let sizet: number | undefined
@@ -497,8 +497,8 @@ export default function Layout(props: ParentProps) {
         }
 
         const currentSession = params.id
-        if (pathKey(directory) === pathKey(currentDir()) && props.sessionID === currentSession) return
-        if (pathKey(directory) === pathKey(currentDir()) && session?.parentID === currentSession) return
+        if (workspaceKey(directory) === workspaceKey(currentDir()) && props.sessionID === currentSession) return
+        if (workspaceKey(directory) === workspaceKey(currentDir()) && session?.parentID === currentSession) return
 
         dismissSessionAlert(sessionKey)
 
@@ -556,14 +556,14 @@ export default function Layout(props: ParentProps) {
   const currentProject = createMemo(() => {
     const directory = currentDir()
     if (!directory) return
-    const key = pathKey(directory)
+    const key = workspaceKey(directory)
 
     const projects = layout.projects.list()
 
-    const sandbox = projects.find((p) => p.sandboxes?.some((item) => pathKey(item) === key))
+    const sandbox = projects.find((p) => p.sandboxes?.some((item) => workspaceKey(item) === key))
     if (sandbox) return sandbox
 
-    const direct = projects.find((p) => pathKey(p.worktree) === key)
+    const direct = projects.find((p) => workspaceKey(p.worktree) === key)
     if (direct) return direct
 
     const [child] = globalSync.child(directory, { bootstrap: false })
@@ -596,7 +596,7 @@ export default function Layout(props: ParentProps) {
   })
 
   const workspaceName = (directory: string, projectId?: string, branch?: string) => {
-    const key = pathKey(directory)
+    const key = workspaceKey(directory)
     const direct = store.workspaceName[key] ?? store.workspaceName[directory]
     if (direct) return direct
     if (!projectId) return
@@ -605,7 +605,7 @@ export default function Layout(props: ParentProps) {
   }
 
   const setWorkspaceName = (directory: string, next: string, projectId?: string, branch?: string) => {
-    const key = pathKey(directory)
+    const key = workspaceKey(directory)
     setStore("workspaceName", key, next)
     if (!projectId) return
     if (!branch) return
@@ -633,7 +633,7 @@ export default function Layout(props: ParentProps) {
     const activeDir = currentDir()
     return workspaceIds(project).filter((directory) => {
       const expanded = store.workspaceExpanded[directory] ?? directory === project.worktree
-      const active = pathKey(directory) === pathKey(activeDir)
+      const active = workspaceKey(directory) === workspaceKey(activeDir)
       return expanded || active
     })
   })
@@ -644,9 +644,10 @@ export default function Layout(props: ParentProps) {
     const projects = layout.projects.list()
     for (const [directory, expanded] of Object.entries(store.workspaceExpanded)) {
       if (!expanded) continue
-      const key = pathKey(directory)
+      const key = workspaceKey(directory)
       const project = projects.find(
-        (item) => pathKey(item.worktree) === key || item.sandboxes?.some((sandbox) => pathKey(sandbox) === key),
+        (item) =>
+          workspaceKey(item.worktree) === key || item.sandboxes?.some((sandbox) => workspaceKey(sandbox) === key),
       )
       if (!project) continue
       if (project.vcs === "git" && layout.sidebar.workspaces(project.worktree)()) continue
@@ -699,7 +700,7 @@ export default function Layout(props: ParentProps) {
       seen: lru,
       keep: sessionID,
       limit: PREFETCH_MAX_SESSIONS_PER_DIR,
-      preserve: params.id && pathKey(directory) === pathKey(currentDir()) ? [params.id] : undefined,
+      preserve: params.id && workspaceKey(directory) === workspaceKey(currentDir()) ? [params.id] : undefined,
     })
   }
 
@@ -1059,6 +1060,13 @@ export default function Layout(props: ParentProps) {
         keybind: "mod+comma",
         onSelect: () => openSettings(),
       },
+      {
+        id: "pair.show",
+        title: language.t("command.pair.show"),
+        category: language.t("command.category.settings"),
+        slash: "pair",
+        onSelect: () => openSettings("pair"),
+      },
       {
         id: "session.previous",
         title: language.t("command.session.previous"),
@@ -1211,23 +1219,26 @@ export default function Layout(props: ParentProps) {
     })
   }
 
-  function openSettings() {
+  function openSettings(defaultTab?: string) {
     const run = ++dialogRun
     void import("@/components/dialog-settings").then((x) => {
       if (dialogDead || dialogRun !== run) return
-      dialog.show(() => <x.DialogSettings />)
+      dialog.show(() => <x.DialogSettings defaultTab={defaultTab} />)
     })
   }
 
   function projectRoot(directory: string) {
-    const key = pathKey(directory)
+    const key = workspaceKey(directory)
     const project = layout.projects
       .list()
-      .find((item) => pathKey(item.worktree) === key || item.sandboxes?.some((sandbox) => pathKey(sandbox) === key))
+      .find(
+        (item) =>
+          workspaceKey(item.worktree) === key || item.sandboxes?.some((sandbox) => workspaceKey(sandbox) === key),
+      )
     if (project) return project.worktree
 
     const known = Object.entries(store.workspaceOrder).find(
-      ([root, dirs]) => pathKey(root) === key || dirs.some((item) => pathKey(item) === key),
+      ([root, dirs]) => workspaceKey(root) === key || dirs.some((item) => workspaceKey(item) === key),
     )
     if (known) return known[0]
 
@@ -1279,7 +1290,7 @@ export default function Layout(props: ParentProps) {
       : [root]
     const canOpen = (value: string | undefined) => {
       if (!value) return false
-      return dirs.some((item) => pathKey(item) === pathKey(value))
+      return dirs.some((item) => workspaceKey(item) === workspaceKey(value))
     }
     const refreshDirs = async (target?: string) => {
       if (!target || target === root || canOpen(target)) return canOpen(target)
@@ -1405,9 +1416,9 @@ export default function Layout(props: ParentProps) {
 
   function closeProject(directory: string) {
     const list = layout.projects.list()
-    const key = pathKey(directory)
-    const index = list.findIndex((x) => pathKey(x.worktree) === key)
-    const active = pathKey(currentProject()?.worktree ?? "") === key
+    const key = workspaceKey(directory)
+    const index = list.findIndex((x) => workspaceKey(x.worktree) === key)
+    const active = workspaceKey(currentProject()?.worktree ?? "") === key
     if (index === -1) return
     const next = list[index + 1]
 
@@ -1481,8 +1492,8 @@ export default function Layout(props: ParentProps) {
     if (directory === root) return
 
     const current = currentDir()
-    const currentKey = pathKey(current)
-    const deletedKey = pathKey(directory)
+    const currentKey = workspaceKey(current)
+    const deletedKey = workspaceKey(directory)
     const shouldLeave = leaveDeletedWorkspace || (!!params.dir && currentKey === deletedKey)
     if (!leaveDeletedWorkspace && shouldLeave) {
       navigateWithSidebarReset(`/${base64Encode(root)}/session`)
@@ -1505,7 +1516,7 @@ export default function Layout(props: ParentProps) {
 
     if (!result) return
 
-    if (pathKey(store.lastProjectSession[root]?.directory ?? "") === pathKey(directory)) {
+    if (workspaceKey(store.lastProjectSession[root]?.directory ?? "") === workspaceKey(directory)) {
       clearLastProjectSession(root)
     }
 
@@ -1525,12 +1536,12 @@ export default function Layout(props: ParentProps) {
     if (shouldLeave) return
 
     const nextCurrent = currentDir()
-    const nextKey = pathKey(nextCurrent)
+    const nextKey = workspaceKey(nextCurrent)
     const project = layout.projects.list().find((item) => item.worktree === root)
     const dirs = project
       ? effectiveWorkspaceOrder(root, [root, ...(project.sandboxes ?? [])], store.workspaceOrder[root])
       : [root]
-    const valid = dirs.some((item) => pathKey(item) === nextKey)
+    const valid = dirs.some((item) => workspaceKey(item) === nextKey)
 
     if (params.dir && projectRoot(nextCurrent) === root && !valid) {
       navigateWithSidebarReset(`/${base64Encode(root)}/session`)
@@ -1557,7 +1568,6 @@ export default function Layout(props: ParentProps) {
       directory,
       sessions.map((s) => s.id),
       platform,
-      getTerminalServerScope(server.current, server.key),
     )
     await globalSDK.client.instance.dispose({ directory }).catch(() => undefined)
 
@@ -1637,7 +1647,7 @@ export default function Layout(props: ParentProps) {
     })
 
     const handleDelete = () => {
-      const leaveDeletedWorkspace = !!params.dir && pathKey(currentDir()) === pathKey(props.directory)
+      const leaveDeletedWorkspace = !!params.dir && workspaceKey(currentDir()) === workspaceKey(props.directory)
       if (leaveDeletedWorkspace) {
         navigateWithSidebarReset(`/${base64Encode(props.root)}/session`)
       }
@@ -1864,9 +1874,11 @@ export default function Layout(props: ParentProps) {
     const local = project.worktree
     const dirs = [local, ...(project.sandboxes ?? [])]
     const active = currentProject()
-    const directory = pathKey(active?.worktree ?? "") === pathKey(project.worktree) ? currentDir() : undefined
+    const directory = workspaceKey(active?.worktree ?? "") === workspaceKey(project.worktree) ? currentDir() : undefined
     const extra =
-      directory && pathKey(directory) !== pathKey(local) && !dirs.some((item) => pathKey(item) === pathKey(directory))
+      directory &&
+      workspaceKey(directory) !== workspaceKey(local) &&
+      !dirs.some((item) => workspaceKey(item) === workspaceKey(directory))
         ? directory
         : undefined
     const pending = extra ? WorktreeState.get(extra)?.status === "pending" : false
@@ -1911,7 +1923,7 @@ export default function Layout(props: ParentProps) {
     setStore(
       "workspaceOrder",
       project.worktree,
-      result.filter((directory) => pathKey(directory) !== pathKey(project.worktree)),
+      result.filter((directory) => workspaceKey(directory) !== workspaceKey(project.worktree)),
     )
   }
 
@@ -1937,8 +1949,8 @@ export default function Layout(props: ParentProps) {
     setWorkspaceName(created.directory, created.branch, project.id, created.branch)
 
     const local = project.worktree
-    const key = pathKey(created.directory)
-    const root = pathKey(local)
+    const key = workspaceKey(created.directory)
+    const root = workspaceKey(local)
 
     setBusy(created.directory, true)
     WorktreeState.pending(created.directory)
@@ -1949,7 +1961,7 @@ export default function Layout(props: ParentProps) {
     setStore("workspaceOrder", project.worktree, (prev) => {
       const existing = prev ?? []
       const next = existing.filter((item) => {
-        const id = pathKey(item)
+        const id = workspaceKey(item)
         return id !== root && id !== key
       })
       return [created.directory, ...next]

packages/app/src/pages/layout/helpers.test.ts

@@ -14,8 +14,8 @@ import {
   errorMessage,
   hasProjectPermissions,
   latestRootSession,
+  workspaceKey,
 } from "./helpers"
-import { pathKey } from "@/utils/path-key"
 
 const session = (input: Partial<Session> & Pick<Session, "id" | "directory">) =>
   ({
@@ -104,16 +104,16 @@ describe("layout deep links", () => {
 
 describe("layout workspace helpers", () => {
   test("normalizes trailing slash in workspace key", () => {
-    expect(String(pathKey("/tmp/demo///"))).toBe("/tmp/demo")
-    expect(String(pathKey("C:\\tmp\\demo\\\\"))).toBe("C:/tmp/demo")
+    expect(workspaceKey("/tmp/demo///")).toBe("/tmp/demo")
+    expect(workspaceKey("C:\\tmp\\demo\\\\")).toBe("C:/tmp/demo")
   })
 
   test("preserves posix and drive roots in workspace key", () => {
-    expect(String(pathKey("/"))).toBe("/")
-    expect(String(pathKey("///"))).toBe("/")
-    expect(String(pathKey("C:\\"))).toBe("C:/")
-    expect(String(pathKey("C://"))).toBe("C:/")
-    expect(String(pathKey("C:///"))).toBe("C:/")
+    expect(workspaceKey("/")).toBe("/")
+    expect(workspaceKey("///")).toBe("/")
+    expect(workspaceKey("C:\\")).toBe("C:/")
+    expect(workspaceKey("C://")).toBe("C:/")
+    expect(workspaceKey("C:///")).toBe("C:/")
   })
 
   test("keeps local first while preserving known order", () => {

packages/app/src/pages/layout/helpers.ts

@@ -1,12 +1,19 @@
 import { getFilename } from "@opencode-ai/core/util/path"
 import { type Session } from "@opencode-ai/sdk/v2/client"
-import { pathKey } from "@/utils/path-key"
 
 type SessionStore = {
   session?: Session[]
   path: { directory: string }
 }
 
+export const workspaceKey = (directory: string) => {
+  const value = directory.replaceAll("\\", "/")
+  const drive = value.match(/^([A-Za-z]:)\/+$/)
+  if (drive) return `${drive[1]}/`
+  if (/^\/+$/i.test(value)) return "/"
+  return value.replace(/\/+$/, "")
+}
+
 function sortSessions(now: number) {
   const oneMinuteAgo = now - 60 * 1000
   return (a: Session, b: Session) => {
@@ -22,7 +29,7 @@ function sortSessions(now: number) {
 }
 
 const isRootVisibleSession = (session: Session, directory: string) =>
-  pathKey(session.directory) === pathKey(directory) && !session.parentID && !session.time?.archived
+  workspaceKey(session.directory) === workspaceKey(directory) && !session.parentID && !session.time?.archived
 
 export const roots = (store: SessionStore) =>
   (store.session ?? []).filter((session) => isRootVisibleSession(session, store.path.directory))
@@ -65,11 +72,11 @@ export const errorMessage = (err: unknown, fallback: string) => {
 }
 
 export const effectiveWorkspaceOrder = (local: string, dirs: string[], persisted?: string[]) => {
-  const root = pathKey(local)
+  const root = workspaceKey(local)
   const live = new Map<string, string>()
 
   for (const dir of dirs) {
-    const key = pathKey(dir)
+    const key = workspaceKey(dir)
     if (key === root) continue
     if (!live.has(key)) live.set(key, dir)
   }
@@ -78,7 +85,7 @@ export const effectiveWorkspaceOrder = (local: string, dirs: string[], persisted
 
   const result = [local]
   for (const dir of persisted) {
-    const key = pathKey(dir)
+    const key = workspaceKey(dir)
     if (key === root) continue
     const match = live.get(key)
     if (!match) continue

packages/app/src/pages/layout/sidebar-items.tsx

@@ -20,10 +20,9 @@ import { childSessionOnPath, hasProjectPermissions } from "./helpers"
 const OPENCODE_PROJECT_ID = "4b0ea68d7af9a6031a7ffda7ad66e0cb83315750"
 
 export function getProjectAvatarSource(id?: string, icon?: { color?: string; url?: string; override?: string }) {
-  if (id === OPENCODE_PROJECT_ID) return "https://opencode.ai/favicon.svg"
-  if (icon?.override) return icon?.override
-  if (icon?.color) return undefined
-  return icon?.url
+  return id === OPENCODE_PROJECT_ID
+    ? "https://opencode.ai/favicon.svg"
+    : (icon?.override ?? (icon?.color ? undefined : icon?.url))
 }
 
 export const ProjectIcon = (props: { project: LocalProject; class?: string; notify?: boolean }): JSX.Element => {

packages/app/src/pages/layout/sidebar-workspace.tsx

@@ -16,9 +16,8 @@ import { type Session } from "@opencode-ai/sdk/v2/client"
 import { type LocalProject } from "@/context/layout"
 import { loadSessionsQuery, useGlobalSync } from "@/context/global-sync"
 import { useLanguage } from "@/context/language"
-import { pathKey } from "@/utils/path-key"
 import { NewSessionItem, SessionItem, SessionSkeleton } from "./sidebar-items"
-import { sortedRootSessions } from "./helpers"
+import { sortedRootSessions, workspaceKey } from "./helpers"
 import { useQuery } from "@tanstack/solid-query"
 
 type InlineEditorComponent = (props: {
@@ -310,7 +309,7 @@ export const SortableWorkspace = (props: {
   const slug = createMemo(() => base64Encode(props.directory))
   const sessions = createMemo(() => sortedRootSessions(workspaceStore, props.sortNow()))
   const local = createMemo(() => props.directory === props.project.worktree)
-  const active = createMemo(() => pathKey(props.ctx.currentDir()) === pathKey(props.directory))
+  const active = createMemo(() => workspaceKey(props.ctx.currentDir()) === workspaceKey(props.directory))
   const workspaceValue = createMemo(() => {
     const branch = workspaceStore.vcs?.branch
     const name = branch ?? getFilename(props.directory)

packages/app/src/pages/session/composer/session-permission-dock.tsx

@@ -14,8 +14,9 @@ export function SessionPermissionDock(props: {
 
   const toolDescription = () => {
     const key = `settings.permissions.tool.${props.request.permission}.description`
+    const fallback = props.request.permission === "shell" ? "settings.permissions.tool.bash.description" : key
     const value = language.t(key as Parameters<typeof language.t>[0])
-    if (value === key) return ""
+    if (value === key) return fallback === key ? "" : language.t(fallback as Parameters<typeof language.t>[0])
     return value
   }
 

packages/app/src/pages/session/terminal-panel.tsx

@@ -37,7 +37,6 @@ export function TerminalPanel() {
   const [store, setStore] = createStore({
     autoCreated: false,
     activeDraggable: undefined as string | undefined,
-    recovered: {} as Record<string, boolean>,
     view: typeof window === "undefined" ? 1000 : (window.visualViewport?.height ?? window.innerHeight),
   })
 
@@ -146,21 +145,6 @@ export function TerminalPanel() {
   const all = terminal.all
   const ids = createMemo(() => all().map((pty) => pty.id))
 
-  const recoverTerminal = (key: string, id: string, clone: (id: string) => Promise<void>) => {
-    if (store.recovered[key]) return
-    setStore("recovered", key, true)
-    void clone(id)
-  }
-
-  const terminalRecoveryKey = (pty: { id: string; title: string; titleNumber: number }) => {
-    return String(pty.titleNumber || pty.title || pty.id)
-  }
-
-  const markTerminalConnected = (key: string, id: string, trim: (id: string) => void) => {
-    setStore("recovered", key, false)
-    trim(id)
-  }
-
   const handleTerminalDragStart = (event: unknown) => {
     const id = getDraggableId(event)
     if (!id) return
@@ -296,9 +280,9 @@ export function TerminalPanel() {
                             <Terminal
                               pty={pty()}
                               autoFocus={opened()}
-                              onConnect={() => markTerminalConnected(terminalRecoveryKey(pty()), id, ops.trim)}
+                              onConnect={() => ops.trim(id)}
                               onCleanup={ops.update}
-                              onConnectError={() => recoverTerminal(terminalRecoveryKey(pty()), id, ops.clone)}
+                              onConnectError={() => ops.clone(id)}
                             />
                           </div>
                         )}

packages/app/src/utils/path-key.ts

@@ -1,24 +0,0 @@
-export type PathKey = string & { _brand: "PathKey" }
-
-const isDrive = (value: string) => {
-  if (value.length !== 2) return false
-  const code = value.charCodeAt(0)
-  return value[1] === ":" && ((code >= 65 && code <= 90) || (code >= 97 && code <= 122))
-}
-
-const trimTrailingSlashes = (value: string) => {
-  for (let i = value.length - 1; i >= 0; i--) {
-    if (value[i] !== "/") return value.slice(0, i + 1)
-  }
-  return ""
-}
-
-const isWindowsPath = (value: string) => value[1] === ":" || value.startsWith("\\\\")
-
-export const pathKey = (path: string) => {
-  const value = isWindowsPath(path) ? path.replaceAll("\\", "/") : path
-  const trimmed = trimTrailingSlashes(value)
-  if (!trimmed && value.startsWith("/")) return "/" as PathKey
-  if (isDrive(trimmed)) return `${trimmed}/` as PathKey
-  return trimmed as PathKey
-}

packages/app/src/utils/persist.test.ts

@@ -1,8 +1,6 @@
 import { beforeAll, beforeEach, describe, expect, mock, test } from "bun:test"
 
 type PersistTestingType = typeof import("./persist").PersistTesting
-type PersistType = typeof import("./persist").Persist
-type RemovePersistedType = typeof import("./persist").removePersisted
 
 class MemoryStorage implements Storage {
   private values = new Map<string, string>()
@@ -47,8 +45,6 @@ class MemoryStorage implements Storage {
 const storage = new MemoryStorage()
 
 let persistTesting: PersistTestingType
-let Persist: PersistType
-let removePersisted: RemovePersistedType
 
 beforeAll(async () => {
   mock.module("@/context/platform", () => ({
@@ -57,8 +53,6 @@ beforeAll(async () => {
 
   const mod = await import("./persist")
   persistTesting = mod.PersistTesting
-  Persist = mod.Persist
-  removePersisted = mod.removePersisted
 })
 
 beforeEach(() => {
@@ -118,50 +112,4 @@ describe("persist localStorage resilience", () => {
     expect(result.endsWith(".dat")).toBeTrue()
     expect(/[:\\/]/.test(result)).toBeFalse()
   })
-
-  test("workspace target keeps raw path storage as legacy fallback", () => {
-    const target = Persist.workspace("C:\\Users\\foo", "vcs")
-
-    expect(target.storage).toBe(persistTesting.workspaceStorage("C:/Users/foo"))
-    expect(target.legacyStorageNames).toEqual([persistTesting.workspaceStorage("C:\\Users\\foo")])
-  })
-
-  test("workspace target keeps backslash storage as fallback for normalized Windows paths", () => {
-    const target = Persist.workspace("C:/Users/foo", "vcs")
-
-    expect(target.storage).toBe(persistTesting.workspaceStorage("C:/Users/foo"))
-    expect(target.legacyStorageNames).toEqual([persistTesting.workspaceStorage("C:\\Users\\foo")])
-  })
-
-  test("migrates direct legacy keys into scoped storage", () => {
-    storage.setItem("legacy.workspace", '{"value":2}')
-    const target = Persist.workspace("C:/Users/foo", "demo", ["legacy.workspace"])
-    const current = persistTesting.localStorageWithPrefix(target.storage!)
-    const legacyStore = persistTesting.localStorageDirect()
-
-    const result = persistTesting.migrateLegacy({
-      current,
-      legacyStore,
-      stores: [],
-      keys: target.legacy!,
-      key: target.key,
-      defaults: { value: 1 },
-    })
-
-    expect(result).toBe('{"value":2}')
-    expect(storage.getItem(`${target.storage}:${target.key}`)).toBe('{"value":2}')
-    expect(legacyStore.getItem("legacy.workspace")).toBeNull()
-    expect(storage.getItem("legacy.workspace")).toBeNull()
-  })
-
-  test("removes legacy workspace storage when removing persisted target", () => {
-    const target = Persist.workspace("C:\\Users\\foo", "terminal")
-    storage.setItem(`${target.storage}:${target.key}`, '{"value":1}')
-    storage.setItem(`${target.legacyStorageNames![0]}:${target.key}`, '{"value":2}')
-
-    removePersisted(target)
-
-    expect(storage.getItem(`${target.storage}:${target.key}`)).toBeNull()
-    expect(storage.getItem(`${target.legacyStorageNames![0]}:${target.key}`)).toBeNull()
-  })
 })

packages/app/src/utils/persist.ts

@@ -3,7 +3,6 @@ import { makePersisted, type AsyncStorage, type SyncStorage } from "@solid-primi
 import { checksum } from "@opencode-ai/core/util/encode"
 import { createResource, type Accessor } from "solid-js"
 import type { SetStoreFunction, Store } from "solid-js/store"
-import { pathKey } from "@/utils/path-key"
 
 type InitType = Promise<string> | string | null
 type PersistedWithReady<T> = [
@@ -15,7 +14,6 @@ type PersistedWithReady<T> = [
 
 type PersistTarget = {
   storage?: string
-  legacyStorageNames?: string[]
   key: string
   legacy?: string[]
   migrate?: (value: unknown) => unknown
@@ -210,153 +208,12 @@ function normalize(defaults: unknown, raw: string, migrate?: (value: unknown) =>
   return JSON.stringify(merged)
 }
 
-function readCurrent(input: {
-  storage: SyncStorage
-  key: string
-  defaults: unknown
-  migrate?: (value: unknown) => unknown
-}) {
-  const raw = input.storage.getItem(input.key)
-  if (raw === null) return
-  const next = normalize(input.defaults, raw, input.migrate)
-  if (next === undefined) {
-    input.storage.removeItem(input.key)
-    return null
-  }
-  if (raw !== next) input.storage.setItem(input.key, next)
-  return next
-}
-
-function migrateLegacy(input: {
-  current: SyncStorage
-  legacyStore?: SyncStorage
-  stores: SyncStorage[]
-  keys: string[]
-  key: string
-  defaults: unknown
-  migrate?: (value: unknown) => unknown
-}) {
-  for (const store of input.stores) {
-    const raw = store.getItem(input.key)
-    if (raw === null) continue
-
-    const next = normalize(input.defaults, raw, input.migrate)
-    if (next === undefined) {
-      store.removeItem(input.key)
-      continue
-    }
-    input.current.setItem(input.key, next)
-    store.removeItem(input.key)
-    return next
-  }
-
-  if (!input.legacyStore) return null
-
-  for (const key of input.keys) {
-    const raw = input.legacyStore.getItem(key)
-    if (raw === null) continue
-
-    const next = normalize(input.defaults, raw, input.migrate)
-    if (next === undefined) {
-      input.legacyStore.removeItem(key)
-      continue
-    }
-    input.current.setItem(input.key, next)
-    input.legacyStore.removeItem(key)
-    return next
-  }
-
-  return null
-}
-
-async function readCurrentAsync(input: {
-  storage: AsyncStorage
-  key: string
-  defaults: unknown
-  migrate?: (value: unknown) => unknown
-}) {
-  const raw = await input.storage.getItem(input.key)
-  if (raw === null) return
-  const next = normalize(input.defaults, raw, input.migrate)
-  if (next === undefined) {
-    await input.storage.removeItem(input.key).catch(() => undefined)
-    return null
-  }
-  if (raw !== next) await input.storage.setItem(input.key, next)
-  return next
-}
-
-async function removeAsync(storage: AsyncStorage, key: string) {
-  try {
-    await storage.removeItem(key)
-  } catch {}
-}
-
-async function migrateLegacyAsync(input: {
-  current: AsyncStorage
-  legacyStore?: AsyncStorage
-  stores: AsyncStorage[]
-  keys: string[]
-  key: string
-  defaults: unknown
-  migrate?: (value: unknown) => unknown
-}) {
-  for (const store of input.stores) {
-    const raw = await store.getItem(input.key)
-    if (raw === null) continue
-
-    const next = normalize(input.defaults, raw, input.migrate)
-    if (next === undefined) {
-      await removeAsync(store, input.key)
-      continue
-    }
-    await input.current.setItem(input.key, next)
-    await store.removeItem(input.key)
-    return next
-  }
-
-  if (!input.legacyStore) return null
-
-  for (const key of input.keys) {
-    const raw = await input.legacyStore.getItem(key)
-    if (raw === null) continue
-
-    const next = normalize(input.defaults, raw, input.migrate)
-    if (next === undefined) {
-      await removeAsync(input.legacyStore, key)
-      continue
-    }
-    await input.current.setItem(input.key, next)
-    await input.legacyStore.removeItem(key)
-    return next
-  }
-
-  return null
-}
-
 function workspaceStorage(dir: string) {
   const head = (dir.slice(0, 12) || "workspace").replace(/[^a-zA-Z0-9._-]/g, "-")
   const sum = checksum(dir) ?? "0"
   return `opencode.workspace.${head}.${sum}.dat`
 }
 
-function legacyWorkspaceStorage(dir: string) {
-  const storage = workspaceStorage(pathKey(dir))
-  const result = new Set<string>()
-  const raw = workspaceStorage(dir)
-  if (raw !== storage) result.add(raw)
-
-  const key = pathKey(dir)
-  const drive = key.length >= 3 && key[1] === ":" && key[2] === "/"
-  if (drive) {
-    const backslash = workspaceStorage(key.replaceAll("/", "\\"))
-    if (backslash !== storage) result.add(backslash)
-  }
-
-  if (result.size === 0) return
-  return [...result]
-}
-
 function localStorageWithPrefix(prefix: string): SyncStorage {
   const base = `${prefix}:`
   const scope = `prefix:${prefix}`
@@ -447,7 +304,6 @@ function localStorageDirect(): SyncStorage {
 export const PersistTesting = {
   localStorageDirect,
   localStorageWithPrefix,
-  migrateLegacy,
   normalize,
   workspaceStorage,
 }
@@ -457,17 +313,10 @@ export const Persist = {
     return { storage: GLOBAL_STORAGE, key, legacy }
   },
   workspace(dir: string, key: string, legacy?: string[]): PersistTarget {
-    const storage = workspaceStorage(pathKey(dir))
-    return { storage, legacyStorageNames: legacyWorkspaceStorage(dir), key: `workspace:${key}`, legacy }
+    return { storage: workspaceStorage(dir), key: `workspace:${key}`, legacy }
   },
   session(dir: string, session: string, key: string, legacy?: string[]): PersistTarget {
-    const storage = workspaceStorage(pathKey(dir))
-    return {
-      storage,
-      legacyStorageNames: legacyWorkspaceStorage(dir),
-      key: `session:${session}:${key}`,
-      legacy,
-    }
+    return { storage: workspaceStorage(dir), key: `session:${session}:${key}`, legacy }
   },
   scoped(dir: string, session: string | undefined, key: string, legacy?: string[]): PersistTarget {
     if (session) return Persist.session(dir, session, key, legacy)
@@ -475,18 +324,11 @@ export const Persist = {
   },
 }
 
-export function removePersisted(
-  target: { storage?: string; legacyStorageNames?: string[]; key: string },
-  platform?: Platform,
-) {
+export function removePersisted(target: { storage?: string; key: string }, platform?: Platform) {
   const isDesktop = platform?.platform === "desktop" && !!platform.storage
 
   if (isDesktop) {
-    void platform.storage?.(target.storage)?.removeItem(target.key)
-    for (const storage of target.legacyStorageNames ?? []) {
-      void platform.storage?.(storage)?.removeItem(target.key)
-    }
-    return
+    return platform.storage?.(target.storage)?.removeItem(target.key)
   }
 
   if (!target.storage) {
@@ -495,9 +337,6 @@ export function removePersisted(
   }
 
   localStorageWithPrefix(target.storage).removeItem(target.key)
-  for (const storage of target.legacyStorageNames ?? []) {
-    localStorageWithPrefix(storage).removeItem(target.key)
-  }
 }
 
 export function persisted<T>(
@@ -524,27 +363,39 @@ export function persisted<T>(
     return platform.storage?.(LEGACY_STORAGE)
   })()
 
-  const legacyStorageNames = config.legacyStorageNames ?? []
-
   const storage = (() => {
     if (!isDesktop) {
       const current = currentStorage as SyncStorage
       const legacyStore = legacyStorage as SyncStorage
-      const legacyStores = legacyStorageNames.map(localStorageWithPrefix)
 
       const api: SyncStorage = {
         getItem: (key) => {
-          const value = readCurrent({ storage: current, key, defaults, migrate: config.migrate })
-          if (value !== undefined) return value
-          return migrateLegacy({
-            current,
-            legacyStore,
-            stores: legacyStores,
-            keys: legacy,
-            key,
-            defaults,
-            migrate: config.migrate,
-          })
+          const raw = current.getItem(key)
+          if (raw !== null) {
+            const next = normalize(defaults, raw, config.migrate)
+            if (next === undefined) {
+              current.removeItem(key)
+              return null
+            }
+            if (raw !== next) current.setItem(key, next)
+            return next
+          }
+
+          for (const legacyKey of legacy) {
+            const legacyRaw = legacyStore.getItem(legacyKey)
+            if (legacyRaw === null) continue
+
+            const next = normalize(defaults, legacyRaw, config.migrate)
+            if (next === undefined) {
+              legacyStore.removeItem(legacyKey)
+              continue
+            }
+            current.setItem(key, next)
+            legacyStore.removeItem(legacyKey)
+            return next
+          }
+
+          return null
         },
         setItem: (key, value) => {
           current.setItem(key, value)
@@ -559,23 +410,37 @@ export function persisted<T>(
 
     const current = currentStorage as AsyncStorage
     const legacyStore = legacyStorage as AsyncStorage | undefined
-    const legacyStores = legacyStorageNames
-      .map((name) => platform.storage?.(name) as AsyncStorage | undefined)
-      .filter((x) => !!x)
 
     const api: AsyncStorage = {
       getItem: async (key) => {
-        const value = await readCurrentAsync({ storage: current, key, defaults, migrate: config.migrate })
-        if (value !== undefined) return value
-        return migrateLegacyAsync({
-          current,
-          legacyStore,
-          stores: legacyStores,
-          keys: legacy,
-          key,
-          defaults,
-          migrate: config.migrate,
-        })
+        const raw = await current.getItem(key)
+        if (raw !== null) {
+          const next = normalize(defaults, raw, config.migrate)
+          if (next === undefined) {
+            await current.removeItem(key).catch(() => undefined)
+            return null
+          }
+          if (raw !== next) await current.setItem(key, next)
+          return next
+        }
+
+        if (!legacyStore) return null
+
+        for (const legacyKey of legacy) {
+          const legacyRaw = await legacyStore.getItem(legacyKey)
+          if (legacyRaw === null) continue
+
+          const next = normalize(defaults, legacyRaw, config.migrate)
+          if (next === undefined) {
+            await legacyStore.removeItem(legacyKey).catch(() => undefined)
+            continue
+          }
+          await current.setItem(key, next)
+          await legacyStore.removeItem(legacyKey)
+          return next
+        }
+
+        return null
       },
       setItem: async (key, value) => {
         await current.setItem(key, value)

packages/app/src/utils/server.test.ts

@@ -1,23 +0,0 @@
-import { describe, expect, test } from "bun:test"
-import { authFromToken, authTokenFromCredentials } from "./server"
-
-describe("authFromToken", () => {
-  test("decodes basic auth credentials from auth_token", () => {
-    expect(authFromToken(btoa("kit:secret"))).toEqual({ username: "kit", password: "secret" })
-  })
-
-  test("defaults blank username to opencode", () => {
-    expect(authFromToken(btoa(":secret"))).toEqual({ username: "opencode", password: "secret" })
-  })
-
-  test("ignores malformed tokens", () => {
-    expect(authFromToken("not base64")).toBeUndefined()
-    expect(authFromToken(btoa("missing-separator"))).toBeUndefined()
-  })
-})
-
-describe("authTokenFromCredentials", () => {
-  test("encodes credentials with the default username", () => {
-    expect(authTokenFromCredentials({ password: "secret" })).toBe(btoa("opencode:secret"))
-  })
-})

packages/app/src/utils/server.ts

@@ -1,21 +1,5 @@
 import { createOpencodeClient } from "@opencode-ai/sdk/v2/client"
 import type { ServerConnection } from "@/context/server"
-import { decode64 } from "@/utils/base64"
-
-export function authTokenFromCredentials(input: { username?: string; password: string }) {
-  return btoa(`${input.username ?? "opencode"}:${input.password}`)
-}
-
-export function authFromToken(token: string | null) {
-  const decoded = decode64(token ?? undefined)
-  if (!decoded) return
-  const separator = decoded.indexOf(":")
-  if (separator === -1) return
-  return {
-    username: decoded.slice(0, separator) || "opencode",
-    password: decoded.slice(separator + 1),
-  }
-}
 
 export function createSdkForServer({
   server,
@@ -26,7 +10,7 @@ export function createSdkForServer({
   const auth = (() => {
     if (!server.password) return
     return {
-      Authorization: `Basic ${authTokenFromCredentials({ username: server.username, password: server.password })}`,
+      Authorization: `Basic ${btoa(`${server.username ?? "opencode"}:${server.password}`)}`,
     }
   })()
 

packages/app/src/utils/terminal-websocket-url.test.ts

@@ -1,52 +0,0 @@
-import { describe, expect, test } from "bun:test"
-import { terminalWebSocketURL } from "./terminal-websocket-url"
-
-describe("terminalWebSocketURL", () => {
-  test("uses query auth without embedding credentials in websocket URL", () => {
-    const url = terminalWebSocketURL({
-      url: "http://127.0.0.1:49365",
-      id: "pty_test",
-      directory: "/tmp/project",
-      cursor: 0,
-      sameOrigin: false,
-      username: "opencode",
-      password: "secret",
-    })
-
-    expect(url.protocol).toBe("ws:")
-    expect(url.username).toBe("")
-    expect(url.password).toBe("")
-    expect(url.searchParams.get("auth_token")).toBe(btoa("opencode:secret"))
-  })
-
-  test("omits query auth for same-origin saved credentials", () => {
-    const url = terminalWebSocketURL({
-      url: "https://app.example.test",
-      id: "pty_test",
-      directory: "/tmp/project",
-      cursor: 10,
-      sameOrigin: true,
-      username: "opencode",
-      password: "secret",
-    })
-
-    expect(url.protocol).toBe("wss:")
-    expect(url.searchParams.has("auth_token")).toBe(false)
-  })
-
-  test("uses query auth for same-origin credentials from auth_token", () => {
-    const url = terminalWebSocketURL({
-      url: "https://app.example.test",
-      id: "pty_test",
-      directory: "/tmp/project",
-      cursor: 10,
-      sameOrigin: true,
-      username: "opencode",
-      password: "secret",
-      authToken: true,
-    })
-
-    expect(url.protocol).toBe("wss:")
-    expect(url.searchParams.get("auth_token")).toBe(btoa("opencode:secret"))
-  })
-})

packages/app/src/utils/terminal-websocket-url.ts

@@ -1,28 +0,0 @@
-import { authTokenFromCredentials } from "@/utils/server"
-
-export function terminalWebSocketURL(input: {
-  url: string
-  id: string
-  directory: string
-  cursor: number
-  ticket?: string
-  sameOrigin?: boolean
-  username?: string
-  password?: string
-  authToken?: boolean
-}) {
-  const next = new URL(`${input.url}/pty/${input.id}/connect`)
-  next.searchParams.set("directory", input.directory)
-  next.searchParams.set("cursor", String(input.cursor))
-  next.protocol = next.protocol === "https:" ? "wss:" : "ws:"
-  if (input.ticket) {
-    next.searchParams.set("ticket", input.ticket)
-    return next
-  }
-  if (input.password && (!input.sameOrigin || input.authToken))
-    next.searchParams.set(
-      "auth_token",
-      authTokenFromCredentials({ username: input.username, password: input.password }),
-    )
-  return next
-}

packages/console/app/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@opencode-ai/console-app",
-  "version": "1.14.33",
+  "version": "1.14.28",
   "type": "module",
   "license": "MIT",
   "scripts": {

packages/console/app/src/config.ts

@@ -9,8 +9,8 @@ export const config = {
   github: {
     repoUrl: "https://github.com/anomalyco/opencode",
     starsFormatted: {
-      compact: "150K",
-      full: "150,000",
+      compact: "140K",
+      full: "140,000",
     },
   },
 

packages/console/app/src/routes/download/[channel]/[platform].ts

@@ -11,12 +11,12 @@ const prodAssetNames: Record<string, string> = {
 } satisfies Record<DownloadPlatform, string>
 
 const betaAssetNames: Record<string, string> = {
-  "darwin-aarch64-dmg": "opencode-desktop-mac-arm64.dmg",
-  "darwin-x64-dmg": "opencode-desktop-mac-x64.dmg",
-  "windows-x64-nsis": "opencode-desktop-win-x64.exe",
-  "linux-x64-deb": "opencode-desktop-linux-amd64.deb",
-  "linux-x64-appimage": "opencode-desktop-linux-x86_64.AppImage",
-  "linux-x64-rpm": "opencode-desktop-linux-x86_64.rpm",
+  "darwin-aarch64-dmg": "opencode-electron-mac-arm64.dmg",
+  "darwin-x64-dmg": "opencode-electron-mac-x64.dmg",
+  "windows-x64-nsis": "opencode-electron-win-x64.exe",
+  "linux-x64-deb": "opencode-electron-linux-amd64.deb",
+  "linux-x64-appimage": "opencode-electron-linux-x86_64.AppImage",
+  "linux-x64-rpm": "opencode-electron-linux-x86_64.rpm",
 } satisfies Record<DownloadPlatform, string>
 
 // Doing this on the server lets us preserve the original name for platforms we don't care to rename for

packages/console/app/src/routes/zen/util/handler.ts

@@ -141,10 +141,7 @@ export async function handler(
       )
       validateModelSettings(billingSource, authInfo)
       updateProviderKey(authInfo, providerInfo)
-      logger.metric({
-        provider: providerInfo.id,
-        "provider.model": providerInfo.model,
-      })
+      logger.metric({ provider: providerInfo.id })
 
       const startTimestamp = Date.now()
       const reqUrl = providerInfo.modifyUrl(providerInfo.api, isStream)
@@ -152,23 +149,12 @@ export async function handler(
         providerInfo.modifyBody({
           ...createBodyConverter(opts.format, providerInfo.format)(body),
           model: providerInfo.model,
-          ...(() => {
-            const replacer = (obj: Record<string, any>): Record<string, any> =>
-              Object.fromEntries(
-                Object.entries(obj).flatMap(([k, v]) => {
-                  if (Array.isArray(v)) return [[k, v]]
-                  if (typeof v === "object") return [[k, replacer(v)]]
-                  if (v === "$ip") return [[k, ip]]
-                  if (v === "$workspace") return authInfo?.workspaceID ? [[k, authInfo?.workspaceID]] : []
-                  if (v.startsWith("$header.")) {
-                    const headerValue = input.request.headers.get(v.slice(8))
-                    return headerValue ? [[k, headerValue]] : []
-                  }
-                  return [[k, v]]
-                }),
-              )
-            return replacer(providerInfo.payloadModifier ?? {})
-          })(),
+          ...providerInfo.payloadModifier,
+          ...Object.fromEntries(
+            Object.entries(providerInfo.payloadMappings ?? {})
+              .map(([k, v]) => [k, input.request.headers.get(v)])
+              .filter(([_k, v]) => !!v),
+          ),
         }),
       )
       logger.debug("REQUEST URL: " + reqUrl)
@@ -528,6 +514,7 @@ export async function handler(
           reqModel,
           providerModel: modelProvider.model,
           adjustCacheUsage: providerProps.adjustCacheUsage,
+          safetyIdentifier: modelProvider.safetyIdentifier ? ip : undefined,
           workspaceID: authInfo?.workspaceID,
         }
         if (format === "anthropic") return anthropicHelper(opts)

packages/console/app/src/routes/zen/util/provider/openai-compatible.ts

@@ -23,7 +23,7 @@ type Usage = {
   }
 }
 
-export const oaCompatHelper: ProviderHelper = ({ adjustCacheUsage }) => ({
+export const oaCompatHelper: ProviderHelper = ({ adjustCacheUsage, safetyIdentifier }) => ({
   format: "oa-compat",
   modifyUrl: (providerApi: string) => providerApi + "/chat/completions",
   modifyHeaders: (headers: Headers, body: Record<string, any>, apiKey: string) => {
@@ -34,6 +34,7 @@ export const oaCompatHelper: ProviderHelper = ({ adjustCacheUsage }) => ({
     return {
       ...body,
       ...(body.stream ? { stream_options: { include_usage: true } } : {}),
+      ...(safetyIdentifier ? { safety_identifier: safetyIdentifier } : {}),
     }
   },
   createBinaryStreamDecoder: () => undefined,

packages/console/app/src/routes/zen/util/provider/openai.ts

@@ -18,7 +18,10 @@ export const openaiHelper: ProviderHelper = ({ workspaceID }) => ({
   modifyHeaders: (headers: Headers, body: Record<string, any>, apiKey: string) => {
     headers.set("authorization", `Bearer ${apiKey}`)
   },
-  modifyBody: (body: Record<string, any>) => body,
+  modifyBody: (body: Record<string, any>) => ({
+    ...body,
+    ...(workspaceID ? { safety_identifier: workspaceID } : {}),
+  }),
   createBinaryStreamDecoder: () => undefined,
   streamSeparator: "\n\n",
   createUsageParser: () => {

packages/console/app/src/routes/zen/util/provider/provider.ts

@@ -37,6 +37,7 @@ export type ProviderHelper = (input: {
   reqModel: string
   providerModel: string
   adjustCacheUsage?: boolean
+  safetyIdentifier?: string
   workspaceID?: string
 }) => {
   format: ZenData.Format

packages/console/core/package.json

@@ -1,7 +1,7 @@
 {
   "$schema": "https://json.schemastore.org/package.json",
   "name": "@opencode-ai/console-core",
-  "version": "1.14.33",
+  "version": "1.14.28",
   "private": true,
   "type": "module",
   "license": "MIT",