feat: migrate from Python Claude Agent SDK to Vercel AI SDK v6 (TypeScript) (#1891)

* auto-claude: subtask-0a-1 - Install Vercel AI SDK v6 core + all provider packages

Added dependencies: ai@^6, @ai-sdk/anthropic, @ai-sdk/openai, @ai-sdk/google,
@ai-sdk/amazon-bedrock, @ai-sdk/azure, @ai-sdk/mistral, @ai-sdk/groq, @ai-sdk/xai,
@ai-sdk/openai-compatible, @ai-sdk/mcp, @modelcontextprotocol/sdk. Verified zod/v3
compat works with existing zod v4.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-0b-1 - Create provider types and config interfaces

Define SupportedProvider enum, ProviderConfig, ModelResolution, and
ProviderCapabilities types. Port MODEL_ID_MAP, THINKING_BUDGET_MAP,
MODEL_BETAS_MAP, and phase config types from phase_config.py.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-0b-2 - Create provider factory: createProvider(config) → LanguageModel

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-0b-3 - Create provider registry using createProviderRegistry

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-0b-4 - Create per-provider transforms layer

Port thinking token normalization, tool ID format transforms, prompt
caching thresholds, and adaptive thinking support from phase_config.py.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-0c-1 - Port command-parser.ts from Python security/parser

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-0c-2 - Port bash-validator.ts from Python security/hooks.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-0c-3 - Create path-containment.ts for filesystem boundary

Add path-containment.ts with assertPathContained() for filesystem boundary
enforcement including symlink resolution, traversal prevention, and
cross-platform normalization. Add security-profile.ts for loading and
caching project security profiles from .auto-claude config files.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-0c-4 - Write comprehensive Vitest tests for the security layer

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-0d-1 - Create tool types and Tool.define() wrapper

Define ToolContext interface (cwd, projectDir, specDir, securityProfile),
ToolPermission types, ToolExecutionOptions, and ToolDefinitionConfig.
Create Tool.define() that wraps AI SDK v6 tool() with Zod v3 inputSchema
and security hooks integration (bash validator pre-execution check).

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-0d-2 - Create 4 filesystem tools (Read, Write, Edit, Glob)

Implements Read (line offset/limit, image base64, PDF support),
Write (content validation, mkdir -p), Edit (exact string replacement,
replace_all), and Glob (fs.globSync, mtime sort) with Zod schemas
and path-containment security integration.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-0d-3 - Create Bash, Grep, WebFetch, WebSearch tools

Add the 4 remaining built-in tools following the existing Tool.define() pattern:
- Bash: command execution with bashSecurityHook() integration, timeout, background support
- Grep: ripgrep-based search with output modes, file type/glob filtering
- WebFetch: URL fetching with timeout and content truncation
- WebSearch: web search with domain allow/block list filtering

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-0d-4 - Create ToolRegistry class with agent config registry

Port tool constants (BASE_READ_TOOLS, BASE_WRITE_TOOLS, WEB_TOOLS), MCP tool
lists, and AGENT_CONFIGS from Python models.py. Implement ToolRegistry with
registerTool(), getToolsForAgent(), and helper functions getAgentConfig(),
getDefaultThinkingLevel(), getRequiredMcpServers().

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-0e-1 - Port AGENT_CONFIGS from models.py to agent-configs.ts

Port all 27 agent type configurations from Python backend to TypeScript.
Includes tool lists, MCP server mappings, auto-claude tools, thinking
defaults, and helper functions (getAgentConfig, getRequiredMcpServers,
getDefaultThinkingLevel, mapMcpServerName).

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-0e-2 - Port phase-config.ts from phase_config.py

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-0e-3 - Create auth resolver with multi-stage fallback chain

Add auth types and resolver that reuses existing claude-profile/credential-utils.ts.
Implements 4-stage fallback: profile OAuth token → profile API key → environment
variable → default provider credentials. Supports all providers with provider-specific
env var mappings.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-0e-4 - Create MCP client and registry

Add MCP integration layer using @ai-sdk/mcp with @modelcontextprotocol/sdk
for stdio/StreamableHTTP transports. Define server configs for context7,
linear, graphiti, electron, puppeteer, auto-claude. Implement
getMcpServersForAgent() via createMcpClientsForAgent() with dynamic server
resolution and graceful fallback on connection failures.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-0f-1 - Unit tests for provider factory, registry, and transforms

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-0f-2 - Unit tests for agent configs, phase config, and tool registry

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-1-1 - Create session types and client factory

Add SessionConfig, SessionResult, StreamEvent, ProgressState types for the
agent session runtime. Add AgentClientConfig/Result and SimpleClientConfig/Result
types for the client layer. Implement createAgentClient() with full tool/MCP
setup and createSimpleClient() for utility runners with minimal tools.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-1-1 - Fix unused imports in client factory

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-1-2 - Create stream handler and error classifier

Add stream-handler.ts to process AI SDK v6 fullStream events (text-delta,
reasoning, tool-call, tool-result, step-finish, error) and emit structured
StreamEvents. Add error-classifier.ts ported from Python core/error_utils.py
with classification for rate limit (429), auth failure (401), concurrency
(400), tool execution, and abort errors.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-1-3 - Create progress-tracker.ts for phase detection from tool calls + text patterns

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-1-4 - Create the core session runner: runAgentSession().

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-1-5 - Write unit tests for session runtime

Add 78 tests across 4 test files covering:
- stream-handler: text-delta, reasoning, tool-call/result, step-finish, error, multi-step conversations
- error-classifier: 429/401/400 detection, abort errors, classification priority, sanitization
- progress-tracker: phase detection from tools/text, regression prevention, terminal locking
- runner: completion, max_steps, auth retry, cancellation, event forwarding, tool tracking

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-2-1 - Create AgentExecutor, worker thread, and worker bridge

Add the worker thread infrastructure for running AI agent sessions off the
main Electron thread:

- executor.ts: AgentExecutor class wrapping WorkerBridge with start/stop/retry
- worker.ts: Worker thread entry point receiving config via workerData,
  running runAgentSession(), posting structured messages back via parentPort
- worker-bridge.ts: Main-thread bridge spawning Worker, relaying postMessage
  events to EventEmitter matching AgentManagerEvents interface
- types.ts: WorkerConfig, SerializableSessionConfig, WorkerMessage protocol

Handles dev/production Electron paths, SecurityProfile serialization across
worker boundaries, and abort signal propagation.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-2-2 - Add worker thread execution to AgentProcessManager

Replace Python subprocess spawn with Worker thread creation for AI SDK agents.
Add spawnWorkerProcess() using WorkerBridge for postMessage event handling.
Update killProcess/killAllProcesses to handle Worker thread termination.
Add optional worker field to AgentProcess interface. Keep spawnProcess()
and getPythonPath()/ensurePythonEnvReady() for backward compatibility.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-2-3 - Add structured progress event handling to AgentEvents

Add handleStructuredProgress() and buildProgressData() methods that accept
typed progress events from worker threads via postMessage, bypassing text
matching. Includes phase regression prevention. Existing parseExecutionPhase()
preserved as fallback for backward compatibility during transition.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-2-4 - Write tests for worker thread integration

Tests cover: worker spawning, message relay (log/error/progress/stream-event),
result handling with exit code mapping, crash handling (worker error/exit events),
termination with abort signal, executor lifecycle (start/stop/retry), config
management, and AgentManagerEvents compatibility.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-3-1 - Create build-orchestrator.ts and subtask-iterator.ts

Replaces Python run.py main build loop and agents/coder.py subtask iteration
with TypeScript equivalents for the Vercel AI SDK migration.

- BuildOrchestrator: drives planning → coding → qa_review → qa_fixing → complete
- SubtaskIterator: reads implementation_plan.json, iterates pending subtasks
- Phase transitions validated via phase-protocol.ts
- Retry tracking, stuck detection, abort signal support

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-3-2 - Create spec-orchestrator.ts and qa-loop.ts

Add TypeScript replacements for spec_runner.py and qa/loop.py:

- spec-orchestrator.ts: Drives spec creation pipeline with dynamic
  complexity-based phase selection (simple/standard/complex workflows)
- qa-loop.ts: QA review/fix iteration loop with recurring issue detection,
  consecutive error tracking, and human feedback processing

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-3-3 - Create parallel-executor.ts and recovery-manager.ts

Add concurrent subtask execution with Promise.allSettled() and failure
isolation, plus checkpoint/recovery logic for build resume.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-4-1 - Port utility runners (insights, ideation, commit-message)

Port insights runner, ideation generator, and commit message generator
from Python to TypeScript using Vercel AI SDK v6. Uses createSimpleClient()
with streamText/generateText and appropriate tool bindings.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-4-2 - Port roadmap, merge-resolver, insight-extractor, and changelog runners

Port four utility runners from Python backend to TypeScript using Vercel AI SDK:
- roadmap.ts: Multi-phase roadmap generation (discovery + features) with retry logic and feature preservation
- merge-resolver.ts: Single-turn merge conflict resolution with factory function
- insight-extractor.ts: Session insight extraction with JSON parsing and generic fallback
- changelog.ts: Changelog generation supporting tasks, git-history, and branch-diff modes

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-4-3 - Replace Python subprocess spawning with TS runners in agent-queue

Replace spawnIdeationProcess() and spawnRoadmapProcess() with direct calls
to the new TypeScript runners (runIdeation, runRoadmapGeneration). Uses
AbortController for cancellation instead of process.kill(). Removes Python
environment setup, subprocess spawning, and stdout parsing in favor of
structured streaming callbacks from the TS runners.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-5-1 - Port GitHub PR review engine and triage engine

Port pr_review_engine.py and triage_engine.py to TypeScript using Vercel AI SDK.
Implements multi-pass review workflow (quick scan → parallel security/quality/structural/deep analysis)
and issue triage with duplicate detection, spam detection, and feature creep analysis.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-5-2 - Port parallel PR orchestrator, followup reviewer, and GitLab MR review engine

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-6-1 - Add provider settings translation keys to en/settings.json and fr/settings.json

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-6-2 - Create Provider Settings UI component

Add ProviderSettings.tsx with provider selection (Anthropic, OpenAI,
Ollama, OpenRouter), per-provider API key input with masked fields,
Ollama endpoint URL configuration, test connection button, and
per-phase model preferences (spec, planning, coding, QA). All text
uses useTranslation('settings') with provider.* namespace keys.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-7-1 - Remove claude-agent-sdk pip dependency

Remove claude-agent-sdk from requirements.txt and pyproject.toml.
Add a local stub package (apps/backend/claude_agent_sdk/) so existing
Python imports resolve to deprecation stubs instead of crashing.
Clean up SDK references in worktree.py, auth.py, conftest.py, and
EXAMPLES.md.

Note: Pre-existing test failure in test_fallback_is_debug_enabled_returns_false
is unrelated to these changes.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-7-2 - Update CLAUDE.md to reflect the new TypeScript agent layer

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* auto-claude: subtask-7-3 - Run full verification suite

All checks pass:
- typecheck: 0 errors
- tests: 3548 passed (142 files), 6 skipped
- lint: 0 errors (683 pre-existing warnings)

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* fix: use inputSchema instead of parameters, fix platform/worker patterns (qa-requested)

- Changed `parameters` to `inputSchema` in Tool.define() wrapper (AI SDK v6)
- Replaced `process.platform === 'win32'` with `isWindows()` from platform utils
- Removed `process.exit(1)` from worker thread (terminates naturally)

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* TS logic working on kanban tasks

* fix: log phase formatting and task completion state transition

- Add TaskLogWriter that writes task_logs.json for structured phase sections
  in the Logs tab (Planning/Coding/Validation)
- Emit QA_PASSED/BUILD_COMPLETE task events from worker via postTaskEvent()
  so XState transitions to human_review instead of stuck
- Fix processType in startSpecCreation() from 'task-execution' to
  'spec-creation' so exit handler correctly chains into startTaskExecution()
- Skip handleProcessExited for successful spec-creation exits to prevent
  state poisoning before spec→build transition
- Add task-event relay in WorkerBridge for worker→main thread task events
- Wire orchestrator phase changes to emit kickoff messages per agent type

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* feat: add TypeScript worktree manager for task isolation

Port Python WorktreeManager.create_worktree() to TypeScript. Tasks now
run in isolated git worktrees at .auto-claude/worktrees/tasks/{specId}/
on branch auto-claude/{specId}, matching the Python backend behavior.

- Create worktree-manager.ts with idempotent 7-step creation logic
- Wire into agent-manager startTaskExecution() and startQAProcess()
- Agent cwd set to worktree path so file changes are isolated
- Spec files copied to worktree (gitignored, not in checkout)
- Falls back to project root if worktree creation fails

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* fix: normalize plan schema fields for subtask tracking

LLM planner outputs subtask_id/phase_id instead of id, omits status
field, and uses file_paths instead of files_to_modify. The subtask
iterator requires status === 'pending' to find work — without it,
no subtasks are found and no coding happens.

- normalizeSubtaskIds() now adds status: 'pending' default, normalizes
  phase_id → id, file_paths → files_to_modify, and adds name fallback
- ensureSubtaskMarkedCompleted() safety net after each coder session
- E2E validated: task 251 shows 2/2 subtasks, no 'Task Incomplete'

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* fix: wire TypeScript runners to IPC handlers, resolve all tsc errors

- Replace InsightsExecutor Python subprocess with runInsightsQuery() TS runner
  (AbortController-based cancellation, streaming events via callback)
- Fix pr-handlers.ts type mismatches: phase union cast via Set.has(), findings cast
- Fix insights-executor.ts metadata type cast (TaskCategory, TaskComplexity)
- Confirm autofix-handlers.ts and mr-review-handlers.ts already have correct
  imports/TypeScript implementations; tsc now passes with zero errors

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* fix: wire TypeScript Vercel AI SDK changelog runner to IPC handler

Replace Python subprocess-based changelogService.generateChangelog() with
the TypeScript generateChangelog() runner from ai/runners/changelog.ts,
which uses generateText() from the Vercel AI SDK. Emits proper
CHANGELOG_GENERATION_PROGRESS and CHANGELOG_GENERATION_COMPLETE events
directly from the handler.

E2E verified: changelog generation for 24 tasks completes successfully
via TypeScript path, producing structured markdown with ### Added,
### Changed, ### Fixed sections.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* all python logic over to TS

* temp_memory_docs

* feat: implement Memory System core engine (Steps 1-7)

Complete TypeScript memory system with libSQL/Turso storage, covering:
- Foundation: types, schema (DDL + FTS5), db client factory
- MemoryService: store, search, pattern matching, user-taught memories
- EmbeddingService: 5-tier fallback (Ollama 8b/4b/0.6b → OpenAI → ONNX)
- Knowledge Graph: tree-sitter AST extraction, chunking, closure tables,
  incremental indexer with chokidar, impact analysis
- Retrieval Pipeline: BM25 + dense vector + graph search, weighted RRF
  fusion, graph neighborhood boost, cross-encoder reranking
  (Ollama/Cohere), phase-aware context packing, HyDE fallback
- Observer: 17-signal behavioral taxonomy, scratchpad with O(1) analytics,
  dead-end detection, trust gate (anti-injection), promotion pipeline,
  parallel scratchpad merger
- Active Injection: step injection decider (3 triggers), planner/QA
  context builders, prefetch plan builder, calibrated stop conditions,
  prepareStep callback integration in session runner
- Agent tools: search_memory, record_memory
- IPC: worker-observer proxy, memory IPC handlers

331 tests across 23 test files, 0 TypeScript errors.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* feat: wire Memory System UI to libSQL backend (Step 8)

Update the existing Memory Panel UX to work with the new libSQL-backed
MemoryService. Adds singleton factory, rewires IPC handlers, updates
shared types with backward-compatible aliases, enhances MemoryCard with
confidence bars and trust badges, and adds i18n keys for all 16 memory
types. Removes all internal "V5" draft references from production code.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* fix: resolve __dirname ESM error in memory db.ts, clean up V5 naming

- Fix ReferenceError: __dirname is not defined in ESM bundles by using
  dirname(fileURLToPath(import.meta.url)) for sqlite-vec extension path
- Rename ParsedV5Memory → ParsedMemoryContent in MemoryCard.tsx
- Remove "V5" from comments across constants.ts and MemoriesTab.tsx
- Update memory system design doc with reranking and implementation details

E2E verified: memory status connected, 6 test memories rendered correctly
with category filtering, confidence bars, tags, and related files.
0 TypeScript errors, 3869 tests passing.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* refactor: remove Python backend, rename apps/frontend → apps/desktop

- Delete entire Python backend (agents, analysis, CLI, security, QA, runners)
  except graphiti MCP sidecar and prompts (kept temporarily)
- Rename apps/frontend → apps/desktop to reflect Electron desktop app
- Update all CI/CD workflows to remove Python jobs and references
- Update .husky/pre-commit: remove Python checks, reference apps/desktop
- Update .pre-commit-config.yaml: remove Python hooks, reference apps/desktop
- Clean 43+ config files referencing apps/frontend → apps/desktop
- Remove Python packaging scripts (download-python, verify-linux-packages)
- Delete python-env-manager.ts and python-detector.ts from frontend
- Add OAuth beta headers for Claude subscription auth
- Clean up investigation and migration planning documents

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* refactor: delete entire apps/backend, clean all references

- Delete apps/backend/ entirely (graphiti, linear integration, Python packaging)
- Move prompts from apps/frontend/prompts → apps/desktop/prompts
- Remove stale apps/frontend directory
- Clean 85+ TypeScript files of apps/backend references (JSDoc, paths, code)
- Clean 12+ config files (CI/CD, docs, scripts, .gitignore, dependabot)
- Update 3 prompt files with correct TypeScript paths
- Delete deprecated scripts (install-backend, test-backend, check_encoding, etc.)
- Delete setup-python-backend GitHub Action
- Remove Python test files (package-with-python.test.ts, insights-config PYTHONPATH tests)
- Fix agent-process.test.ts for deprecated spawnProcess behavior
- Update CLAUDE.md, README.md, CONTRIBUTING.md for TypeScript-only architecture

Build: 0 tsc errors, 169 test files pass (4031 tests), electron-vite build clean

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* memory system

* new provider ui

* new provider auth and ui

* feat: global priority queue with cross-provider fallback and multi-provider header UI

Replace per-provider isActive flags with a single global priority queue where
all accounts compete in one ordered list. Only one account is "In Use" at any
time, and cross-provider fallback happens automatically on 429/401 errors.

Key changes:
- Data model: remove isActive/priority from ProviderAccount, add billingModel
  (subscription vs pay-per-use), globalPriorityOrder in AppSettings
- Model equivalence system: DEFAULT_MODEL_EQUIVALENCES maps model shorthands
  across providers with reasoning config (thinking_tokens, reasoning_effort, etc.)
- Auth resolver: new resolveAuthFromQueue() walks queue, scores accounts,
  finds model equivalent, resolves credentials
- Session runner: onAccountSwitch callback retries on 429/401 with next account
- Client factory: dual-path resolution (queue-based or legacy)
- Profile scorer: new scoreProviderAccount() for queue-based availability
- AuthStatusIndicator: shows actual active provider name (OpenAI, Google AI,
  etc.) with provider-specific badge colors instead of hardcoded "Claude Code"
- UsageIndicator: Anthropic OAuth shows usage bars, pay-per-use/other providers
  show "Unlimited" badge; swap reorders global queue
- i18n: provider names and billing labels for all 10 providers (en + fr)
- IPC: replace PROVIDER_ACCOUNTS_SET_ACTIVE with SET_QUEUE_ORDER, add
  MODEL_OVERRIDES_SAVE
- Settings UI: remove "Set Active" button, derive active from queue position
- Tests updated for new provider accounts model (4035 passing)

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* feat: enhance provider account management with Codex support

- Updated settings handlers to manage provider accounts within a global priority queue, allowing for Codex-specific handling.
- Modified UI components to display Codex-related information and subscription options.
- Added internationalization support for Codex terminology in English and French.
- Improved account addition and deletion logic to reflect changes in global priority order.

This update enhances the user experience for managing accounts, particularly for OpenAI's Codex, ensuring a more intuitive interface and better account handling.

* provider settings changes

* multi-provider ui

* feat: concrete per-provider presets and cross-provider tab

Replace abstract shorthand-driven presets with concrete per-provider
preset definitions so what users see is what actually runs. Move
cross-provider configuration from a profile card to its own tab.

- Add PROVIDER_PRESET_DEFINITIONS with concrete models for 6 providers
  (Anthropic, OpenAI, Google, xAI, Mistral, Groq)
- Remove "Custom" profile card; 4 presets remain (Auto, Complex,
  Balanced, Quick) with provider-specific model names on badges
- Add Cross-Provider tab in ProviderTabBar (shown when 2+ providers
  connected) with MixedPhaseEditor and new MixedFeatureEditor
- Widen PhaseModelConfig/FeatureModelConfig/ModelType from narrow
  unions to string to accept any provider's model IDs
- Task creation writes phaseProviders to metadata in cross-provider mode
- Agent manager prefers specified provider per phase via queue reordering
- Provider-aware useResolvedAgentSettings hook with 4-step resolution
- i18n keys for cross-provider tab (en + fr)

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* fix: pre-PR validation fixes — xhigh thinking level, state management, tests

- Add 'xhigh' to VALID_THINKING_LEVELS in phase-config.ts (runtime bug)
- Reset customMixedProfileActive when switching away from cross-provider tab
- Clean up dead custom profile branch in AgentProfileSelector
- Add 14 tests for getProviderPreset/getProviderPresetOrFallback
- Add xhigh assertions to phase-config tests
- Update stale JSDoc in insights.ts

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* refactor: move Claude Code badge from sidebar to terminal toolbar

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* fix: Codex API integration — instructions, store, model routing, XState race

Three Codex API issues fixed:
1. Pass system prompt via providerOptions.openai.instructions (not system msg)
2. Set store: false (Codex requires it)
3. Use .responses() instead of .chat() for Codex models

Worker model routing fix:
- runSingleSession now uses baseSession.modelId (queue-resolved) instead of
  re-resolving via getPhaseModel() which maps opus → claude-opus-4-6 even
  when the queue selected an OpenAI Codex account

XState race condition fix:
- Skip fallback timer for successful spec-creation exits (spec → build
  transition starts a new process immediately, timer would incorrectly
  force USER_STOPPED on the new process)

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* fix: pipeline validation fixes + denylist security model

Fix planning log routing, subtask execution, worktree diff tracking,
and task completion status. Replace allowlist security model with a
denylist that blocks only dangerous system commands while allowing all
standard development tools.

- Route spec_orchestrator logs to planning phase (not coding)
- Merge planning logs from both main and worktree directories
- Normalize subtask IDs before coding phase (fixes 0/N completed)
- Emit execution-progress events from worker for file watcher re-pointing
- Show uncommitted worktree changes in Build for Review (git diff baseBranch)
- Fix task showing "Incomplete/Needs Resume" when reviewReason is set
- Replace allowlist with 25-command denylist + 15 per-command validators
- Fix QA phase transition ordering (markCompleted before transitionPhase)

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* fix: Codex pipeline halt + UI model display for non-Anthropic providers

- Reset all subtask statuses to "pending" after initial planning phase.
  Some LLMs (particularly OpenAI Codex) create implementation plans with
  subtasks pre-set to "completed", causing isBuildComplete() to skip
  coding and QA phases entirely.

- Build MODEL_SHORT_LABELS dynamically from ALL_AVAILABLE_MODELS catalog
  instead of hardcoding only Anthropic shorthands. Now properly displays
  model names for all providers (OpenAI, Google, Mistral, Groq, xAI).

- Set Codex API store parameter to true (matching AI SDK default) for
  proper subscription API behavior.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* task logs

* structured output for all providers with zod validation

* codex usage monitoring

* fix: pre-PR validation fixes for Vercel AI SDK migration

Security: fix worker.ts unsafe cast, sanitize Bearer tokens in error classifier,
block --no-preserve-root in rm validator, deny unparseable shell -c commands,
redact OAuth tokens in debug logs.

Cross-platform: resolve shell dynamically in bash tool (Git Bash/cmd.exe),
use findExecutable for ripgrep in grep tool, handle CRLF in read/write/
worktree-manager/auto-merger, use killProcessGracefully for process cleanup.

Build: remove stale Python/Graphiti extraResources from package.json, update
spec_runner.py marker to session/runner.ts, deduplicate AGENT_CONFIGS in
tools/registry.ts, remove hollow test assertion.

i18n: add 11 missing FR translation keys in onboarding.json (Ollama config,
Voyage embedding model), add memory.info section to en/fr common.json,
replace 4 hardcoded strings in MemoriesTab.tsx with t() calls.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* provider and auth improvements

* harness changes

* updates to provider features

* pr update

* websearch/browser

* z-ai and account settings

* upgrading model usage with cross provider

* usageindication

* Optimize usage monitoring: reduce API calls, fix false needs-reauth

- Increase polling interval from 30s to 60s for active profile
- Increase inactive profile cache TTL from 60s to 5 minutes
- Add adaptive cache: drops to 60s when active usage >80% session or >90% weekly
- Add request coalescing for getAllProfilesUsage() to prevent duplicate fetches
- Stagger same-provider fetches with 15s delay (prevents burst-hitting same API)
- Add 10-minute backoff for 429 rate limits (vs 2min general failure cooldown)
- Stop force-refreshing on AccountSettings open (use cached data + push updates)
- Fix false "needs re-auth" flag: clear needsReauthProfiles when valid token obtained
- Remove noisy ProjectStore subtask completion diagnostic logging

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* usage+worktree+harness

* oauth+structuredoutput

* husky fixes

* onboarding and memorycleanup

* memorycleanup

* new spec system

* fixes

* fix: resolve CodeQL high and medium security alerts

Address 60+ CodeQL security findings blocking PR merge:

- Insecure temp files: use mkdtempSync + atomic write-rename (26 alerts)
- TOCTOU race conditions: replace existsSync→act with try/catch (8 alerts)
- Shell injection: replace execSync with execFileSync + args array (1 alert)
- Network data validation: add type checks before disk writes (10 alerts)
- File data in requests: validate tokens/credentials before use (6 alerts)
- Log injection: sanitize control characters before logging (3 alerts)
- Incomplete string escaping: eliminate shell interpolation (1 alert)
- Dead code: remove useless conditionals and assignments (5 alerts)

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* fix: resolve remaining 7 CodeQL high-severity TOCTOU race conditions

- read.ts: use fstat via fd for PDF size, avoid stat→readFile gap
- spec-number-lock.ts: remove existsSync pre-checks, rely on atomic wx flag and direct readFileSync with ENOENT handling
- settings-utils.ts: remove access() pre-check, readFile directly with catch
- log-service.ts: derive sizeBytes from Buffer.byteLength of read content instead of separate statSync
- roadmap.ts: serialize from in-memory data to avoid re-read gap
- subtask-iterator-restamp.test.ts: use fd.stat() + fd.readFile() on same fd

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* chore: trigger CodeQL re-evaluation

Force GitHub code scanning PR check to re-evaluate after security fixes.

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* fix: eliminate TOCTOU by using fd-based file operations throughout

- read.ts: open fd once, use fstatSync + readFileSync(fd) for all paths
  (directory check, image, PDF, text) through a single file descriptor
- roadmap.ts: read via openSync/readFileSync(fd) instead of path-based read
  to decouple the "check" from the subsequent writeFileSync
- subtask-iterator-restamp.test.ts: use fd.stat() instead of path-based
  stat for mtime recording

Co-Authored-By: Claude Opus 4.6 <[email protected]>

* fix: resolve remaining TOCTOU alerts in roadmap, test, and bump-version

- roadmap.ts: atomic write via temp file + rename to break path flow
- subtask-iterator-restamp.test.ts: compare content snapshots instead of
  stat+read (eliminates multi-operation path reuse)
- bump-version.js: replace existsSync pre-checks with try/catch on read

Co-Authored-By: Claude Opus 4.6 <[email protected]>

---------

Co-authored-by: Claude Opus 4.6 <[email protected]>

Author: AndyMik90

.coderabbit.yaml

@@ -42,18 +42,14 @@ reviews:
 
   # Path-specific review instructions
   path_instructions:
-    - path: "apps/backend/**/*.py"
-      instructions: |
-        Focus on Python best practices, type hints, and async patterns.
-        Check for proper error handling and security considerations.
-        Verify compatibility with Python 3.12+.
-    - path: "apps/frontend/**/*.{ts,tsx}"
+    - path: "apps/desktop/**/*.{ts,tsx}"
       instructions: |
         Review React patterns and TypeScript type safety.
         Check for proper state management and component composition.
-    - path: "tests/**"
+        Verify Vercel AI SDK v6 usage patterns and tool definitions.
+    - path: "apps/desktop/**/*.test.{ts,tsx}"
       instructions: |
-        Ensure tests are comprehensive and follow pytest conventions.
+        Ensure tests are comprehensive and follow Vitest conventions.
         Check for proper mocking and test isolation.
 
 chat:

.github/actions/setup-node-frontend/action.yml

@@ -41,7 +41,7 @@ runs:
       shell: bash
       # Run npm ci from root to properly handle workspace dependencies.
       # With npm workspaces, the lock file is at root and dependencies are hoisted there.
-      # Running npm ci in apps/frontend would fail to populate node_modules correctly.
+      # Running npm ci in apps/desktop would fail to populate node_modules correctly.
       run: |
         if [ "${{ inputs.ignore-scripts }}" == "true" ]; then
           npm ci --ignore-scripts
@@ -51,12 +51,12 @@ runs:
 
     - name: Link node_modules for electron-builder
       shell: bash
-      # electron-builder expects node_modules in apps/frontend for native module rebuilding.
+      # electron-builder expects node_modules in apps/desktop for native module rebuilding.
       # With npm workspaces, packages are hoisted to root. Create a link so electron-builder
       # can find the modules during packaging and code signing.
       # Uses symlink on Unix, directory junction on Windows (works without admin privileges).
       #
-      # IMPORTANT: npm workspaces may create a partial node_modules in apps/frontend for
+      # IMPORTANT: npm workspaces may create a partial node_modules in apps/desktop for
       # packages that couldn't be hoisted. We must remove it and create a proper link to root.
       run: |
         # Verify npm ci succeeded
@@ -65,42 +65,42 @@ runs:
           exit 1
         fi
 
-        # Remove any existing node_modules in apps/frontend
+        # Remove any existing node_modules in apps/desktop
         # This handles: partial directories from npm workspaces, AND broken symlinks
-        if [ -e "apps/frontend/node_modules" ] || [ -L "apps/frontend/node_modules" ]; then
+        if [ -e "apps/desktop/node_modules" ] || [ -L "apps/desktop/node_modules" ]; then
           # Check if it's a valid symlink pointing to root node_modules
-          if [ -L "apps/frontend/node_modules" ]; then
-            target=$(readlink apps/frontend/node_modules 2>/dev/null || echo "")
-            if [ "$target" = "../../node_modules" ] && [ -d "apps/frontend/node_modules" ]; then
-              echo "Correct symlink already exists: apps/frontend/node_modules -> ../../node_modules"
+          if [ -L "apps/desktop/node_modules" ]; then
+            target=$(readlink apps/desktop/node_modules 2>/dev/null || echo "")
+            if [ "$target" = "../../node_modules" ] && [ -d "apps/desktop/node_modules" ]; then
+              echo "Correct symlink already exists: apps/desktop/node_modules -> ../../node_modules"
             else
               echo "Removing incorrect/broken symlink (was: $target)..."
-              rm -f "apps/frontend/node_modules"
+              rm -f "apps/desktop/node_modules"
             fi
           else
             echo "Removing partial node_modules directory created by npm workspaces..."
-            rm -rf "apps/frontend/node_modules"
+            rm -rf "apps/desktop/node_modules"
           fi
         fi
 
         # Create link if it doesn't exist or was removed
-        if [ ! -L "apps/frontend/node_modules" ]; then
+        if [ ! -L "apps/desktop/node_modules" ]; then
           if [ "$RUNNER_OS" == "Windows" ]; then
             # Use directory junction on Windows (works without admin privileges)
             # Use PowerShell's New-Item -ItemType Junction for reliable path handling
             abs_target=$(cygpath -w "$(pwd)/node_modules")
-            link_path=$(cygpath -w "$(pwd)/apps/frontend/node_modules")
+            link_path=$(cygpath -w "$(pwd)/apps/desktop/node_modules")
             powershell -Command "New-Item -ItemType Junction -Path '$link_path' -Target '$abs_target'" > /dev/null
             if [ $? -eq 0 ]; then
-              echo "Created junction: apps/frontend/node_modules -> $abs_target"
+              echo "Created junction: apps/desktop/node_modules -> $abs_target"
             else
               echo "::error::Failed to create directory junction on Windows"
               exit 1
             fi
           else
             # Use symlink on Unix (macOS/Linux)
-            if ln -s ../../node_modules apps/frontend/node_modules; then
-              echo "Created symlink: apps/frontend/node_modules -> ../../node_modules"
+            if ln -s ../../node_modules apps/desktop/node_modules; then
+              echo "Created symlink: apps/desktop/node_modules -> ../../node_modules"
             else
               echo "::error::Failed to create symlink"
               exit 1
@@ -111,16 +111,16 @@ runs:
         # Final verification - the link must exist and resolve correctly
         # Note: On Windows, junctions don't show as symlinks (-L), so we check if the directory exists
         # and can be listed. On Unix, we also verify it's a symlink.
-        if [ "$RUNNER_OS" != "Windows" ] && [ ! -L "apps/frontend/node_modules" ]; then
-          echo "::error::apps/frontend/node_modules symlink was not created"
+        if [ "$RUNNER_OS" != "Windows" ] && [ ! -L "apps/desktop/node_modules" ]; then
+          echo "::error::apps/desktop/node_modules symlink was not created"
           exit 1
         fi
         # Verify the link resolves to a valid directory with content
-        if ! ls apps/frontend/node_modules/electron >/dev/null 2>&1; then
-          echo "::error::apps/frontend/node_modules does not resolve correctly (electron not found)"
-          ls -la apps/frontend/ || true
-          ls apps/frontend/node_modules 2>&1 | head -5 || true
+        if ! ls apps/desktop/node_modules/electron >/dev/null 2>&1; then
+          echo "::error::apps/desktop/node_modules does not resolve correctly (electron not found)"
+          ls -la apps/desktop/ || true
+          ls apps/desktop/node_modules 2>&1 | head -5 || true
           exit 1
         fi
-        count=$(ls apps/frontend/node_modules 2>/dev/null | wc -l)
-        echo "Verified: apps/frontend/node_modules resolves correctly ($count entries)"
+        count=$(ls apps/desktop/node_modules 2>/dev/null | wc -l)
+        echo "Verified: apps/desktop/node_modules resolves correctly ($count entries)"

.github/actions/setup-python-backend/action.yml

@@ -14,7 +14,7 @@ inputs:
   dmg-path:
     description: 'Path to the dist directory containing the DMG file'
     required: false
-    default: 'apps/frontend/dist'
+    default: 'apps/desktop/dist'
 
 outputs:
   notarization-id:

.github/actions/submit-macos-notarization/action.yml

@@ -1,20 +1,8 @@
 version: 2
 updates:
-  # Python dependencies
-  - package-ecosystem: pip
-    directory: /apps/backend
-    schedule:
-      interval: weekly
-    open-pull-requests-limit: 5
-    labels:
-      - dependencies
-      - python
-    commit-message:
-      prefix: "chore(deps)"
-
   # npm dependencies
   - package-ecosystem: npm
-    directory: /apps/frontend
+    directory: /apps/desktop
     schedule:
       interval: weekly
     open-pull-requests-limit: 5