feat: add Português link

feat: add a link to Gemini CLI Desktop for Qwen Code users who prefer desktop UIs

.github/workflows/e2e.yml

@@ -18,8 +18,6 @@ jobs:
           - 'sandbox:docker'
         node-version:
           - '20.x'
-          - '22.x'
-          - '24.x'
     steps:
       - name: 'Checkout'
         uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' # ratchet:actions/checkout@v5
@@ -67,10 +65,13 @@ jobs:
           OPENAI_BASE_URL: '${{ secrets.OPENAI_BASE_URL }}'
           OPENAI_MODEL: '${{ secrets.OPENAI_MODEL }}'
           KEEP_OUTPUT: 'true'
-          SANDBOX: '${{ matrix.sandbox }}'
           VERBOSE: 'true'
         run: |-
-          npm run "test:integration:${SANDBOX}"
+          if [[ "${{ matrix.sandbox }}" == "sandbox:docker" ]]; then
+            npm run test:integration:sandbox:docker
+          else
+            npm run test:integration:sandbox:none
+          fi
 
   e2e-test-macos:
     name: 'E2E Test - macOS'

CONTRIBUTING.md

@@ -2,27 +2,6 @@
 
 We would love to accept your patches and contributions to this project.
 
-## Before you begin
-
-### Sign our Contributor License Agreement
-
-Contributions to this project must be accompanied by a
-[Contributor License Agreement](https://cla.developers.google.com/about) (CLA).
-You (or your employer) retain the copyright to your contribution; this simply
-gives us permission to use and redistribute your contributions as part of the
-project.
-
-If you or your current employer have already signed the Google CLA (even if it
-was for a different project), you probably don't need to do it again.
-
-Visit <https://cla.developers.google.com/> to see your current agreements or to
-sign a new one.
-
-### Review our Community Guidelines
-
-This project follows [Google's Open Source Community
-Guidelines](https://opensource.google/conduct/).
-
 ## Contribution Process
 
 ### Code Reviews
@@ -74,12 +53,6 @@ Your PR should have a clear, descriptive title and a detailed description of the
 
 In the PR description, explain the "why" behind your changes and link to the relevant issue (e.g., `Fixes #123`).
 
-## Forking
-
-If you are forking the repository you will be able to run the Build, Test and Integration test workflows. However in order to make the integration tests run you'll need to add a [GitHub Repository Secret](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository) with a value of `GEMINI_API_KEY` and set that to a valid API key that you have available. Your key and secret are private to your repo; no one without access can see your key and you cannot see any secrets related to this repo.
-
-Additionally you will need to click on the `Actions` tab and enable workflows for your repository, you'll find it's the large blue button in the center of the screen.
-
 ## Development Setup and Workflow
 
 This section guides contributors on how to build, modify, and understand the development setup of this project.
@@ -98,8 +71,8 @@ This section guides contributors on how to build, modify, and understand the dev
 To clone the repository:
 
 ```bash
-git clone https://github.com/google-gemini/gemini-cli.git # Or your fork's URL
-cd gemini-cli
+git clone https://github.com/QwenLM/qwen-code.git # Or your fork's URL
+cd qwen-code
 ```
 
 To install dependencies defined in `package.json` as well as root dependencies:
@@ -118,9 +91,9 @@ This command typically compiles TypeScript to JavaScript, bundles assets, and pr
 
 ### Enabling Sandboxing
 
-[Sandboxing](#sandboxing) is highly recommended and requires, at a minimum, setting `GEMINI_SANDBOX=true` in your `~/.env` and ensuring a sandboxing provider (e.g. `macOS Seatbelt`, `docker`, or `podman`) is available. See [Sandboxing](#sandboxing) for details.
+[Sandboxing](#sandboxing) is highly recommended and requires, at a minimum, setting `QWEN_SANDBOX=true` in your `~/.env` and ensuring a sandboxing provider (e.g. `macOS Seatbelt`, `docker`, or `podman`) is available. See [Sandboxing](#sandboxing) for details.
 
-To build both the `gemini` CLI utility and the sandbox container, run `build:all` from the root directory:
+To build both the `qwen-code` CLI utility and the sandbox container, run `build:all` from the root directory:
 
 ```bash
 npm run build:all
@@ -130,13 +103,13 @@ To skip building the sandbox container, you can use `npm run build` instead.
 
 ### Running
 
-To start the Gemini CLI from the source code (after building), run the following command from the root directory:
+To start the Qwen Code application from the source code (after building), run the following command from the root directory:
 
 ```bash
 npm start
 ```
 
-If you'd like to run the source build outside of the gemini-cli folder, you can utilize `npm link path/to/gemini-cli/packages/cli` (see: [docs](https://docs.npmjs.com/cli/v9/commands/npm-link)) or `alias gemini="node path/to/gemini-cli/packages/cli"` to run with `gemini`
+If you'd like to run the source build outside of the qwen-code folder, you can utilize `npm link path/to/qwen-code/packages/cli` (see: [docs](https://docs.npmjs.com/cli/v9/commands/npm-link)) to run with `qwen-code`
 
 ### Running Tests
 
@@ -154,7 +127,7 @@ This will run tests located in the `packages/core` and `packages/cli` directorie
 
 #### Integration Tests
 
-The integration tests are designed to validate the end-to-end functionality of the Gemini CLI. They are not run as part of the default `npm run test` command.
+The integration tests are designed to validate the end-to-end functionality of Qwen Code. They are not run as part of the default `npm run test` command.
 
 To run the integration tests, use the following command:
 
@@ -209,19 +182,61 @@ npm run lint
 ### Coding Conventions
 
 - Please adhere to the coding style, patterns, and conventions used throughout the existing codebase.
-- Consult [QWEN.md](https://github.com/QwenLM/qwen-code/blob/main/QWEN.md) (typically found in the project root) for specific instructions related to AI-assisted development, including conventions for React, comments, and Git usage.
 - **Imports:** Pay special attention to import paths. The project uses ESLint to enforce restrictions on relative imports between packages.
 
 ### Project Structure
 
 - `packages/`: Contains the individual sub-packages of the project.
   - `cli/`: The command-line interface.
-  - `core/`: The core backend logic for the Gemini CLI.
+  - `core/`: The core backend logic for Qwen Code.
 - `docs/`: Contains all project documentation.
 - `scripts/`: Utility scripts for building, testing, and development tasks.
 
 For more detailed architecture, see `docs/architecture.md`.
 
+## Documentation Development
+
+This section describes how to develop and preview the documentation locally.
+
+### Prerequisites
+
+1. Ensure you have Node.js (version 18+) installed
+2. Have npm or yarn available
+
+### Setup Documentation Site Locally
+
+To work on the documentation and preview changes locally:
+
+1. Navigate to the `docs-site` directory:
+
+   ```bash
+   cd docs-site
+   ```
+
+2. Install dependencies:
+
+   ```bash
+   npm install
+   ```
+
+3. Link the documentation content from the main `docs` directory:
+
+   ```bash
+   npm run link
+   ```
+
+   This creates a symbolic link from `../docs` to `content` in the docs-site project, allowing the documentation content to be served by the Next.js site.
+
+4. Start the development server:
+
+   ```bash
+   npm run dev
+   ```
+
+5. Open [http://localhost:3000](http://localhost:3000) in your browser to see the documentation site with live updates as you make changes.
+
+Any changes made to the documentation files in the main `docs` directory will be reflected immediately in the documentation site.
+
 ## Debugging
 
 ### VS Code:
@@ -231,7 +246,7 @@ For more detailed architecture, see `docs/architecture.md`.
     ```bash
     npm run debug
     ```
-    This command runs `node --inspect-brk dist/gemini.js` within the `packages/cli` directory, pausing execution until a debugger attaches. You can then open `chrome://inspect` in your Chrome browser to connect to the debugger.
+    This command runs `node --inspect-brk dist/index.js` within the `packages/cli` directory, pausing execution until a debugger attaches. You can then open `chrome://inspect` in your Chrome browser to connect to the debugger.
 2.  In VS Code, use the "Attach" launch configuration (found in `.vscode/launch.json`).
 
 Alternatively, you can use the "Launch Program" configuration in VS Code if you prefer to launch the currently open file directly, but 'F5' is generally recommended.
@@ -239,16 +254,16 @@ Alternatively, you can use the "Launch Program" configuration in VS Code if you
 To hit a breakpoint inside the sandbox container run:
 
 ```bash
-DEBUG=1 gemini
+DEBUG=1 qwen-code
 ```
 
-**Note:** If you have `DEBUG=true` in a project's `.env` file, it won't affect gemini-cli due to automatic exclusion. Use `.gemini/.env` files for gemini-cli specific debug settings.
+**Note:** If you have `DEBUG=true` in a project's `.env` file, it won't affect qwen-code due to automatic exclusion. Use `.qwen-code/.env` files for qwen-code specific debug settings.
 
 ### React DevTools
 
 To debug the CLI's React-based UI, you can use React DevTools. Ink, the library used for the CLI's interface, is compatible with React DevTools version 4.x.
 
-1.  **Start the Gemini CLI in development mode:**
+1.  **Start the Qwen Code application in development mode:**
 
     ```bash
     DEV=true npm start
@@ -270,23 +285,10 @@ To debug the CLI's React-based UI, you can use React DevTools. Ink, the library
     ```
 
     Your running CLI application should then connect to React DevTools.
-    ![](/docs/assets/connected_devtools.png)
 
 ## Sandboxing
 
-### macOS Seatbelt
-
-On macOS, `qwen` uses Seatbelt (`sandbox-exec`) under a `permissive-open` profile (see `packages/cli/src/utils/sandbox-macos-permissive-open.sb`) that restricts writes to the project folder but otherwise allows all other operations and outbound network traffic ("open") by default. You can switch to a `restrictive-closed` profile (see `packages/cli/src/utils/sandbox-macos-restrictive-closed.sb`) that declines all operations and outbound network traffic ("closed") by default by setting `SEATBELT_PROFILE=restrictive-closed` in your environment or `.env` file. Available built-in profiles are `{permissive,restrictive}-{open,closed,proxied}` (see below for proxied networking). You can also switch to a custom profile `SEATBELT_PROFILE=<profile>` if you also create a file `.qwen/sandbox-macos-<profile>.sb` under your project settings directory `.qwen`.
-
-### Container-based Sandboxing (All Platforms)
-
-For stronger container-based sandboxing on macOS or other platforms, you can set `GEMINI_SANDBOX=true|docker|podman|<command>` in your environment or `.env` file. The specified command (or if `true` then either `docker` or `podman`) must be installed on the host machine. Once enabled, `npm run build:all` will build a minimal container ("sandbox") image and `npm start` will launch inside a fresh instance of that container. The first build can take 20-30s (mostly due to downloading of the base image) but after that both build and start overhead should be minimal. Default builds (`npm run build`) will not rebuild the sandbox.
-
-Container-based sandboxing mounts the project directory (and system temp directory) with read-write access and is started/stopped/removed automatically as you start/stop Gemini CLI. Files created within the sandbox should be automatically mapped to your user/group on host machine. You can easily specify additional mounts, ports, or environment variables by setting `SANDBOX_{MOUNTS,PORTS,ENV}` as needed. You can also fully customize the sandbox for your projects by creating the files `.qwen/sandbox.Dockerfile` and/or `.qwen/sandbox.bashrc` under your project settings directory (`.qwen`) and running `qwen` with `BUILD_SANDBOX=1` to trigger building of your custom sandbox.
-
-#### Proxied Networking
-
-All sandboxing methods, including macOS Seatbelt using `*-proxied` profiles, support restricting outbound network traffic through a custom proxy server that can be specified as `GEMINI_SANDBOX_PROXY_COMMAND=<command>`, where `<command>` must start a proxy server that listens on `:::8877` for relevant requests. See `docs/examples/proxy-script.md` for a minimal proxy that only allows `HTTPS` connections to `example.com:443` (e.g. `curl https://example.com`) and declines all other requests. The proxy is started and stopped automatically alongside the sandbox.
+> TBD
 
 ## Manual Publish
 

Makefile

@@ -1,9 +1,9 @@
-# Makefile for gemini-cli
+# Makefile for qwen-code
 
 .PHONY: help install build build-sandbox build-all test lint format preflight clean start debug release run-npx create-alias
 
 help:
-	@echo "Makefile for gemini-cli"
+	@echo "Makefile for qwen-code"
 	@echo ""
 	@echo "Usage:"
 	@echo "  make install          - Install npm dependencies"
@@ -14,11 +14,11 @@ help:
 	@echo "  make format           - Format the code"
 	@echo "  make preflight        - Run formatting, linting, and tests"
 	@echo "  make clean            - Remove generated files"
-	@echo "  make start            - Start the Gemini CLI"
-	@echo "  make debug            - Start the Gemini CLI in debug mode"
+	@echo "  make start            - Start the Qwen Code CLI"
+	@echo "  make debug            - Start the Qwen Code CLI in debug mode"
 	@echo ""
 	@echo "  make run-npx          - Run the CLI using npx (for testing the published package)"
-	@echo "  make create-alias     - Create a 'gemini' alias for your shell"
+	@echo "  make create-alias     - Create a 'qwen' alias for your shell"
 
 install:
 	npm install

README.md

@@ -1,382 +1,152 @@
-# Qwen Code
-
 <div align="center">
 
-![Qwen Code Screenshot](./docs/assets/qwen-screenshot.png)
-
 [![npm version](https://img.shields.io/npm/v/@qwen-code/qwen-code.svg)](https://www.npmjs.com/package/@qwen-code/qwen-code)
 [![License](https://img.shields.io/github/license/QwenLM/qwen-code.svg)](./LICENSE)
 [![Node.js Version](https://img.shields.io/badge/node-%3E%3D20.0.0-brightgreen.svg)](https://nodejs.org/)
 [![Downloads](https://img.shields.io/npm/dm/@qwen-code/qwen-code.svg)](https://www.npmjs.com/package/@qwen-code/qwen-code)
 
-**AI-powered command-line workflow tool for developers**
+**An open-source AI agent that lives in your terminal.**
 
-[Installation](#installation) • [Quick Start](#quick-start) • [Features](#key-features) • [Documentation](./docs/) • [Contributing](./CONTRIBUTING.md)
+<a href="https://qwenlm.github.io/qwen-code-docs/zh/users/overview">中文</a> |
+<a href="https://qwenlm.github.io/qwen-code-docs/de/users/overview">Deutsch</a> |
+<a href="https://qwenlm.github.io/qwen-code-docs/fr/users/overview">français</a> |
+<a href="https://qwenlm.github.io/qwen-code-docs/ja/users/overview">日本語</a> |
+<a href="https://qwenlm.github.io/qwen-code-docs/ru/users/overview">Русский</a> |
+<a href="https://qwenlm.github.io/qwen-code-docs/pt-BR/users/overview">Português (Brasil)</a>
 
 </div>
 
-<div align="center">
-  
-  <a href="https://qwenlm.github.io/qwen-code-docs/de/">Deutsch</a> | 
-  <a href="https://qwenlm.github.io/qwen-code-docs/fr">français</a> | 
-  <a href="https://qwenlm.github.io/qwen-code-docs/ja/">日本語</a> | 
-  <a href="https://qwenlm.github.io/qwen-code-docs/ru">Русский</a> | 
-  <a href="https://qwenlm.github.io/qwen-code-docs/zh/">中文</a>
-  
-</div>
+Qwen Code is an open-source AI agent for the terminal, optimized for [Qwen3-Coder](https://github.com/QwenLM/Qwen3-Coder). It helps you understand large codebases, automate tedious work, and ship faster.
 
-Qwen Code is a powerful command-line AI workflow tool adapted from [**Gemini CLI**](https://github.com/google-gemini/gemini-cli), specifically optimized for [Qwen3-Coder](https://github.com/QwenLM/Qwen3-Coder) models. It enhances your development workflow with advanced code understanding, automated tasks, and intelligent assistance.
+![](https://gw.alicdn.com/imgextra/i1/O1CN01D2DviS1wwtEtMwIzJ_!!6000000006373-2-tps-1600-900.png)
 
-## 💡 Free Options Available
+## Why Qwen Code?
 
-Get started with Qwen Code at no cost using any of these free options:
-
-### 🔥 Qwen OAuth (Recommended)
-
-- **2,000 requests per day** with no token limits
-- **60 requests per minute** rate limit
-- Simply run `qwen` and authenticate with your qwen.ai account
-- Automatic credential management and refresh
-- Use `/auth` command to switch to Qwen OAuth if you have initialized with OpenAI compatible mode
-
-### 🌏 Regional Free Tiers
-
-- **Mainland China**: ModelScope offers **2,000 free API calls per day**
-- **International**: OpenRouter provides **up to 1,000 free API calls per day** worldwide
-
-For detailed setup instructions, see [Authorization](#authorization).
-
-> [!WARNING]
-> **Token Usage Notice**: Qwen Code may issue multiple API calls per cycle, resulting in higher token usage (similar to Claude Code). We're actively optimizing API efficiency.
-
-## Key Features
-
-- **Code Understanding & Editing** - Query and edit large codebases beyond traditional context window limits
-- **Workflow Automation** - Automate operational tasks like handling pull requests and complex rebases
-- **Enhanced Parser** - Adapted parser specifically optimized for Qwen-Coder models
-- **Vision Model Support** - Automatically detect images in your input and seamlessly switch to vision-capable models for multimodal analysis
+- **OpenAI-compatible, OAuth free tier**: use an OpenAI-compatible API, or sign in with Qwen OAuth to get 2,000 free requests/day.
+- **Open-source, co-evolving**: both the framework and the Qwen3-Coder model are open-source—and they ship and evolve together.
+- **Agentic workflow, feature-rich**: rich built-in tools (Skills, SubAgents, Plan Mode) for a full agentic workflow and a Claude Code-like experience.
+- **Terminal-first, IDE-friendly**: built for developers who live in the command line, with optional integration for VS Code and Zed.
 
 ## Installation
 
-### Prerequisites
-
-Ensure you have [Node.js version 20](https://nodejs.org/en/download) or higher installed.
+#### Prerequisites
 
 ```bash
+# Node.js 20+
 curl -qL https://www.npmjs.com/install.sh | sh
 ```
 
-### Install from npm
+#### NPM (recommended)
 
 ```bash
 npm install -g @qwen-code/qwen-code@latest
-qwen --version
 ```
 
-### Install from source
-
-```bash
-git clone https://github.com/QwenLM/qwen-code.git
-cd qwen-code
-npm install
-npm install -g .
-```
-
-### Install globally with Homebrew (macOS/Linux)
+#### Homebrew (macOS, Linux)
 
 ```bash
 brew install qwen-code
 ```
 
-## VS Code Extension
-
-In addition to the CLI tool, Qwen Code also provides a **VS Code extension** that brings AI-powered coding assistance directly into your editor with features like file system operations, native diffing, interactive chat, and more.
-
-> 📦 The extension is currently in development. For installation, features, and development guide, see the [VS Code Extension README](./packages/vscode-ide-companion/README.md).
-
 ## Quick Start
 
 ```bash
-# Start Qwen Code
+# Start Qwen Code (interactive)
 qwen
 
-# Example commands
-> Explain this codebase structure
-> Help me refactor this function
-> Generate unit tests for this module
+# Then, in the session:
+/help
+/auth
 ```
 
-### Session Management
+On first use, you'll be prompted to sign in. You can run `/auth` anytime to switch authentication methods.
 
-Control your token usage with configurable session limits to optimize costs and performance.
+Example prompts:
 
-#### Configure Session Token Limit
-
-Create or edit `.qwen/settings.json` in your home directory:
-
-```json
-{
-  "sessionTokenLimit": 32000
-}
+```text
+What does this project do?
+Explain the codebase structure.
+Help me refactor this function.
+Generate unit tests for this module.
 ```
 
-#### Session Commands
-
-- **`/compress`** - Compress conversation history to continue within token limits
-- **`/clear`** - Clear all conversation history and start fresh
-- **`/stats`** - Check current token usage and limits
-
-> 📝 **Note**: Session token limit applies to a single conversation, not cumulative API calls.
-
-### Vision Model Configuration
-
-Qwen Code includes intelligent vision model auto-switching that detects images in your input and can automatically switch to vision-capable models for multimodal analysis. **This feature is enabled by default** - when you include images in your queries, you'll see a dialog asking how you'd like to handle the vision model switch.
-
-#### Skip the Switch Dialog (Optional)
-
-If you don't want to see the interactive dialog each time, configure the default behavior in your `.qwen/settings.json`:
-
-```json
-{
-  "experimental": {
-    "vlmSwitchMode": "once"
-  }
-}
-```
-
-**Available modes:**
-
-- **`"once"`** - Switch to vision model for this query only, then revert
-- **`"session"`** - Switch to vision model for the entire session
-- **`"persist"`** - Continue with current model (no switching)
-- **Not set** - Show interactive dialog each time (default)
-
-#### Command Line Override
-
-You can also set the behavior via command line:
-
-```bash
-# Switch once per query
-qwen --vlm-switch-mode once
-
-# Switch for entire session
-qwen --vlm-switch-mode session
-
-# Never switch automatically
-qwen --vlm-switch-mode persist
-```
-
-#### Disable Vision Models (Optional)
-
-To completely disable vision model support, add to your `.qwen/settings.json`:
-
-```json
-{
-  "experimental": {
-    "visionModelPreview": false
-  }
-}
-```
-
-> 💡 **Tip**: In YOLO mode (`--yolo`), vision switching happens automatically without prompts when images are detected.
-
-### Authorization
-
-Choose your preferred authentication method based on your needs:
-
-#### 1. Qwen OAuth (🚀 Recommended - Start in 30 seconds)
-
-The easiest way to get started - completely free with generous quotas:
-
-```bash
-# Just run this command and follow the browser authentication
-qwen
-```
-
-**What happens:**
-
-1. **Instant Setup**: CLI opens your browser automatically
-2. **One-Click Login**: Authenticate with your qwen.ai account
-3. **Automatic Management**: Credentials cached locally for future use
-4. **No Configuration**: Zero setup required - just start coding!
-
-**Free Tier Benefits:**
-
-- ✅ **2,000 requests/day** (no token counting needed)
-- ✅ **60 requests/minute** rate limit
-- ✅ **Automatic credential refresh**
-- ✅ **Zero cost** for individual users
-- ℹ️ **Note**: Model fallback may occur to maintain service quality
-
-#### 2. OpenAI-Compatible API
-
-Use API keys for OpenAI or other compatible providers:
-
-**Configuration Methods:**
-
-1. **Environment Variables**
-
-   ```bash
-   export OPENAI_API_KEY="your_api_key_here"
-   export OPENAI_BASE_URL="your_api_endpoint"
-   export OPENAI_MODEL="your_model_choice"
-   ```
-
-2. **Project `.env` File**
-   Create a `.env` file in your project root:
-   ```env
-   OPENAI_API_KEY=your_api_key_here
-   OPENAI_BASE_URL=your_api_endpoint
-   OPENAI_MODEL=your_model_choice
-   ```
-
-**API Provider Options**
-
-> ⚠️ **Regional Notice:**
->
-> - **Mainland China**: Use Alibaba Cloud Bailian or ModelScope
-> - **International**: Use Alibaba Cloud ModelStudio or OpenRouter
-
 <details>
-<summary><b>🇨🇳 For Users in Mainland China</b></summary>
+<summary>Click to watch a demo video</summary>
 
-**Option 1: Alibaba Cloud Bailian** ([Apply for API Key](https://bailian.console.aliyun.com/))
-
-```bash
-export OPENAI_API_KEY="your_api_key_here"
-export OPENAI_BASE_URL="https://dashscope.aliyuncs.com/compatible-mode/v1"
-export OPENAI_MODEL="qwen3-coder-plus"
-```
-
-**Option 2: ModelScope (Free Tier)** ([Apply for API Key](https://modelscope.cn/docs/model-service/API-Inference/intro))
-
-- ✅ **2,000 free API calls per day**
-- ⚠️ Connect your Aliyun account to avoid authentication errors
-
-```bash
-export OPENAI_API_KEY="your_api_key_here"
-export OPENAI_BASE_URL="https://api-inference.modelscope.cn/v1"
-export OPENAI_MODEL="Qwen/Qwen3-Coder-480B-A35B-Instruct"
-```
+<video src="https://cloud.video.taobao.com/vod/HLfyppnCHplRV9Qhz2xSqeazHeRzYtG-EYJnHAqtzkQ.mp4" controls>
+Your browser does not support the video tag.
+</video>
 
 </details>
 
-<details>
-<summary><b>🌍 For International Users</b></summary>
+## Authentication
 
-**Option 1: Alibaba Cloud ModelStudio** ([Apply for API Key](https://modelstudio.console.alibabacloud.com/))
+Qwen Code supports two authentication methods:
+
+- **Qwen OAuth (recommended & free)**: sign in with your `qwen.ai` account in a browser.
+- **OpenAI-compatible API**: use `OPENAI_API_KEY` (and optionally a custom base URL / model).
+
+#### Qwen OAuth (recommended)
+
+Start `qwen`, then run:
 
 ```bash
-export OPENAI_API_KEY="your_api_key_here"
-export OPENAI_BASE_URL="https://dashscope-intl.aliyuncs.com/compatible-mode/v1"
-export OPENAI_MODEL="qwen3-coder-plus"
+/auth
 ```
 
-**Option 2: OpenRouter (Free Tier Available)** ([Apply for API Key](https://openrouter.ai/))
+Choose **Qwen OAuth** and complete the browser flow. Your credentials are cached locally so you usually won't need to log in again.
+
+#### OpenAI-compatible API (API key)
+
+Environment variables (recommended for CI / headless environments):
 
 ```bash
-export OPENAI_API_KEY="your_api_key_here"
-export OPENAI_BASE_URL="https://openrouter.ai/api/v1"
-export OPENAI_MODEL="qwen/qwen3-coder:free"
+export OPENAI_API_KEY="your-api-key-here"
+export OPENAI_BASE_URL="https://api.openai.com/v1"  # optional
+export OPENAI_MODEL="gpt-4o"                        # optional
 ```
 
-</details>
+For details (including `.qwen/.env` loading and security notes), see the [authentication guide](https://qwenlm.github.io/qwen-code-docs/en/users/configuration/auth/).
 
-## Usage Examples
+## Usage
 
-### 🔍 Explore Codebases
+As an open-source terminal agent, you can use Qwen Code in four primary ways:
+
+1. Interactive mode (terminal UI)
+2. Headless mode (scripts, CI)
+3. IDE integration (VS Code, Zed)
+4. TypeScript SDK
+
+#### Interactive mode
 
 ```bash
 cd your-project/
 qwen
-
-# Architecture analysis
-> Describe the main pieces of this system's architecture
-> What are the key dependencies and how do they interact?
-> Find all API endpoints and their authentication methods
 ```
 
-### 💻 Code Development
+Run `qwen` in your project folder to launch the interactive terminal UI. Use `@` to reference local files (for example `@src/main.ts`).
+
+#### Headless mode
 
 ```bash
-# Refactoring
-> Refactor this function to improve readability and performance
-> Convert this class to use dependency injection
-> Split this large module into smaller, focused components
-
-# Code generation
-> Create a REST API endpoint for user management
-> Generate unit tests for the authentication module
-> Add error handling to all database operations
+cd your-project/
+qwen -p "your question"
 ```
 
-### 🔄 Automate Workflows
+Use `-p` to run Qwen Code without the interactive UI—ideal for scripts, automation, and CI/CD. Learn more: [Headless mode](https://qwenlm.github.io/qwen-code-docs/en/users/features/headless).
 
-```bash
-# Git automation
-> Analyze git commits from the last 7 days, grouped by feature
-> Create a changelog from recent commits
-> Find all TODO comments and create GitHub issues
+#### IDE integration
 
-# File operations
-> Convert all images in this directory to PNG format
-> Rename all test files to follow the *.test.ts pattern
-> Find and remove all console.log statements
-```
+Use Qwen Code inside your editor (VS Code and Zed):
 
-### 🐛 Debugging & Analysis
+- [Use in VS Code](https://qwenlm.github.io/qwen-code-docs/en/users/integration-vscode/)
+- [Use in Zed](https://qwenlm.github.io/qwen-code-docs/en/users/integration-zed/)
 
-```bash
-# Performance analysis
-> Identify performance bottlenecks in this React component
-> Find all N+1 query problems in the codebase
+#### TypeScript SDK
 
-# Security audit
-> Check for potential SQL injection vulnerabilities
-> Find all hardcoded credentials or API keys
-```
+Build on top of Qwen Code with the TypeScript SDK:
 
-## Popular Tasks
-
-### 📚 Understand New Codebases
-
-```text
-> What are the core business logic components?
-> What security mechanisms are in place?
-> How does the data flow through the system?
-> What are the main design patterns used?
-> Generate a dependency graph for this module
-```
-
-### 🔨 Code Refactoring & Optimization
-
-```text
-> What parts of this module can be optimized?
-> Help me refactor this class to follow SOLID principles
-> Add proper error handling and logging
-> Convert callbacks to async/await pattern
-> Implement caching for expensive operations
-```
-
-### 📝 Documentation & Testing
-
-```text
-> Generate comprehensive JSDoc comments for all public APIs
-> Write unit tests with edge cases for this component
-> Create API documentation in OpenAPI format
-> Add inline comments explaining complex algorithms
-> Generate a README for this module
-```
-
-### 🚀 Development Acceleration
-
-```text
-> Set up a new Express server with authentication
-> Create a React component with TypeScript and tests
-> Implement a rate limiter middleware
-> Add database migrations for new schema
-> Configure CI/CD pipeline for this project
-```
+- [Use the Qwen Code SDK](./packages/sdk-typescript/README.md)
 
 ## Commands & Shortcuts
 
@@ -386,6 +156,7 @@ qwen
 - `/clear` - Clear conversation history
 - `/compress` - Compress history to save tokens
 - `/stats` - Show current session information
+- `/bug` - Submit a bug report
 - `/exit` or `/quit` - Exit Qwen Code
 
 ### Keyboard Shortcuts
@@ -394,6 +165,19 @@ qwen
 - `Ctrl+D` - Exit (on empty line)
 - `Up/Down` - Navigate command history
 
+> Learn more about [Commands](https://qwenlm.github.io/qwen-code-docs/en/users/features/commands/)
+>
+> **Tip**: In YOLO mode (`--yolo`), vision switching happens automatically without prompts when images are detected. Learn more about [Approval Mode](https://qwenlm.github.io/qwen-code-docs/en/users/features/approval-mode/)
+
+## Configuration
+
+Qwen Code can be configured via `settings.json`, environment variables, and CLI flags.
+
+- **User settings**: `~/.qwen/settings.json`
+- **Project settings**: `.qwen/settings.json`
+
+See [settings](https://qwenlm.github.io/qwen-code-docs/en/users/configuration/settings/) for available options and precedence.
+
 ## Benchmark Results
 
 ### Terminal-Bench Performance
@@ -403,24 +187,18 @@ qwen
 | Qwen Code | Qwen3-Coder-480A35 | 37.5%    |
 | Qwen Code | Qwen3-Coder-30BA3B | 31.3%    |
 
-## Development & Contributing
+## Ecosystem
 
-See [CONTRIBUTING.md](./CONTRIBUTING.md) to learn how to contribute to the project.
+Looking for a graphical interface?
 
-For detailed authentication setup, see the [authentication guide](./docs/cli/authentication.md).
+- [**Gemini CLI Desktop**](https://github.com/Piebald-AI/gemini-cli-desktop) A cross-platform desktop/web/mobile UI for Qwen Code
 
 ## Troubleshooting
 
-If you encounter issues, check the [troubleshooting guide](docs/troubleshooting.md).
+If you encounter issues, check the [troubleshooting guide](https://qwenlm.github.io/qwen-code-docs/en/users/support/troubleshooting/).
+
+To report a bug from within the CLI, run `/bug` and include a short title and repro steps.
 
 ## Acknowledgments
 
 This project is based on [Google Gemini CLI](https://github.com/google-gemini/gemini-cli). We acknowledge and appreciate the excellent work of the Gemini CLI team. Our main contribution focuses on parser-level adaptations to better support Qwen-Coder models.
-
-## License
-
-[LICENSE](./LICENSE)
-
-## Star History
-
-[![Star History Chart](https://api.star-history.com/svg?repos=QwenLM/qwen-code&type=Date)](https://www.star-history.com/#QwenLM/qwen-code&Date)

package.json

@@ -18,6 +18,9 @@
   "scripts": {
     "start": "cross-env node scripts/start.js",
     "debug": "cross-env DEBUG=1 node --inspect-brk scripts/start.js",
+    "auth:npm": "npx google-artifactregistry-auth",
+    "auth:docker": "gcloud auth configure-docker us-west1-docker.pkg.dev",
+    "auth": "npm run auth:npm && npm run auth:docker",
     "generate": "node scripts/generate-git-commit-info.js",
     "build": "node scripts/build.js",
     "build-and-start": "npm run build && npm run start",
@@ -92,6 +95,7 @@
     "eslint-plugin-react-hooks": "^5.2.0",
     "glob": "^10.5.0",
     "globals": "^16.0.0",
+    "google-artifactregistry-auth": "^3.4.0",
     "husky": "^9.1.7",
     "json": "^11.0.0",
     "lint-staged": "^16.1.6",

packages/cli/package.json

@@ -36,10 +36,10 @@
     "sandboxImageUri": "ghcr.io/qwenlm/qwen-code:0.6.0"
   },
   "dependencies": {
-    "@google/genai": "1.30.0",
+    "@google/genai": "1.16.0",
     "@iarna/toml": "^2.2.5",
     "@qwen-code/qwen-code-core": "file:../core",
-    "@modelcontextprotocol/sdk": "^1.25.1",
+    "@modelcontextprotocol/sdk": "^1.15.1",
     "@types/update-notifier": "^6.0.8",
     "ansi-regex": "^6.2.2",
     "command-exists": "^1.2.9",

packages/cli/src/config/auth.ts

@@ -26,23 +26,5 @@ export function validateAuthMethod(authMethod: string): string | null {
     return null;
   }
 
-  if (authMethod === AuthType.USE_GEMINI) {
-    const hasApiKey = process.env['GEMINI_API_KEY'];
-    if (!hasApiKey) {
-      return 'GEMINI_API_KEY environment variable not found. Please set it in your .env file or environment variables.';
-    }
-    return null;
-  }
-
-  if (authMethod === AuthType.USE_VERTEX_AI) {
-    const hasApiKey = process.env['GOOGLE_API_KEY'];
-    if (!hasApiKey) {
-      return 'GOOGLE_API_KEY environment variable not found. Please set it in your .env file or environment variables.';
-    }
-
-    process.env['GOOGLE_GENAI_USE_VERTEXAI'] = 'true';
-    return null;
-  }
-
   return 'Invalid auth method selected.';
 }

packages/cli/src/config/config.ts

@@ -460,12 +460,7 @@ export async function parseArguments(settings: Settings): Promise<CliArgs> {
         })
         .option('auth-type', {
           type: 'string',
-          choices: [
-            AuthType.USE_OPENAI,
-            AuthType.QWEN_OAUTH,
-            AuthType.USE_GEMINI,
-            AuthType.USE_VERTEX_AI,
-          ],
+          choices: [AuthType.USE_OPENAI, AuthType.QWEN_OAUTH],
           description: 'Authentication type',
         })
         .deprecateOption(

packages/cli/src/config/extension.test.ts

@@ -56,17 +56,6 @@ vi.mock('simple-git', () => ({
   }),
 }));
 
-vi.mock('./extensions/github.js', async (importOriginal) => {
-  const actual =
-    await importOriginal<typeof import('./extensions/github.js')>();
-  return {
-    ...actual,
-    downloadFromGitHubRelease: vi
-      .fn()
-      .mockRejectedValue(new Error('Mocked GitHub release download failure')),
-  };
-});
-
 vi.mock('os', async (importOriginal) => {
   const mockedOs = await importOriginal<typeof os>();
   return {

packages/cli/src/config/extensions/update.test.ts

@@ -41,17 +41,6 @@ vi.mock('simple-git', () => ({
   }),
 }));
 
-vi.mock('../extensions/github.js', async (importOriginal) => {
-  const actual =
-    await importOriginal<typeof import('../extensions/github.js')>();
-  return {
-    ...actual,
-    downloadFromGitHubRelease: vi
-      .fn()
-      .mockRejectedValue(new Error('Mocked GitHub release download failure')),
-  };
-});
-
 vi.mock('os', async (importOriginal) => {
   const mockedOs = await importOriginal<typeof os>();
   return {

packages/cli/src/gemini.tsx

@@ -4,8 +4,13 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-import type { Config, AuthType } from '@qwen-code/qwen-code-core';
-import { InputFormat, logUserPrompt } from '@qwen-code/qwen-code-core';
+import type { Config } from '@qwen-code/qwen-code-core';
+import {
+  AuthType,
+  getOauthClient,
+  InputFormat,
+  logUserPrompt,
+} from '@qwen-code/qwen-code-core';
 import { render } from 'ink';
 import dns from 'node:dns';
 import os from 'node:os';
@@ -394,6 +399,15 @@ export async function main() {
       initializationResult = await initializeApp(config, settings);
     }
 
+    if (
+      settings.merged.security?.auth?.selectedType ===
+        AuthType.LOGIN_WITH_GOOGLE &&
+      config.isBrowserLaunchSuppressed()
+    ) {
+      // Do oauth before app renders to make copying the link possible.
+      await getOauthClient(settings.merged.security.auth.selectedType, config);
+    }
+
     if (config.getExperimentalZedIntegration()) {
       return runAcpAgent(config, settings, extensions, argv);
     }

packages/cli/src/nonInteractive/io/BaseJsonOutputAdapter.ts

@@ -610,6 +610,8 @@ export abstract class BaseJsonOutputAdapter {
         const errorText = parseAndFormatApiError(
           event.value.error,
           this.config.getContentGeneratorConfig()?.authType,
+          undefined,
+          this.config.getModel(),
         );
         this.appendText(state, errorText, null);
         break;

packages/cli/src/nonInteractiveCli.ts

@@ -221,6 +221,8 @@ export async function runNonInteractive(
               const errorText = parseAndFormatApiError(
                 event.value.error,
                 config.getContentGeneratorConfig()?.authType,
+                undefined,
+                config.getModel(),
               );
               process.stderr.write(`${errorText}\n`);
             }

packages/cli/src/services/McpPromptLoader.test.ts

@@ -28,7 +28,7 @@ const mockPrompt = {
     { name: 'trail', required: false, description: "The animal's trail." },
   ],
   invoke: vi.fn().mockResolvedValue({
-    messages: [{ content: { type: 'text', text: 'Hello, world!' } }],
+    messages: [{ content: { text: 'Hello, world!' } }],
   }),
 };
 

packages/cli/src/services/McpPromptLoader.ts

@@ -123,10 +123,7 @@ export class McpPromptLoader implements ICommandLoader {
                 };
               }
 
-              const firstMessage = result.messages?.[0];
-              const content = firstMessage?.content;
-
-              if (content?.type !== 'text') {
+              if (!result.messages?.[0]?.content?.['text']) {
                 return {
                   type: 'message',
                   messageType: 'error',
@@ -137,7 +134,7 @@ export class McpPromptLoader implements ICommandLoader {
 
               return {
                 type: 'submit_prompt',
-                content: JSON.stringify(content.text),
+                content: JSON.stringify(result.messages[0].content.text),
               };
             } catch (error) {
               return {

packages/cli/src/ui/AppContainer.test.tsx

@@ -23,6 +23,7 @@ import {
 } from '@qwen-code/qwen-code-core';
 import type { LoadedSettings } from '../config/settings.js';
 import type { InitializationResult } from '../core/initializer.js';
+import { useQuotaAndFallback } from './hooks/useQuotaAndFallback.js';
 import { UIStateContext, type UIState } from './contexts/UIStateContext.js';
 import {
   UIActionsContext,
@@ -55,6 +56,7 @@ vi.mock('./App.js', () => ({
   App: TestContextConsumer,
 }));
 
+vi.mock('./hooks/useQuotaAndFallback.js');
 vi.mock('./hooks/useHistoryManager.js');
 vi.mock('./hooks/useThemeCommand.js');
 vi.mock('./auth/useAuth.js');
@@ -120,6 +122,7 @@ describe('AppContainer State Management', () => {
   let mockInitResult: InitializationResult;
 
   // Create typed mocks for all hooks
+  const mockedUseQuotaAndFallback = useQuotaAndFallback as Mock;
   const mockedUseHistory = useHistory as Mock;
   const mockedUseThemeCommand = useThemeCommand as Mock;
   const mockedUseAuthCommand = useAuthCommand as Mock;
@@ -161,6 +164,10 @@ describe('AppContainer State Management', () => {
     capturedUIActions = null!;
 
     // **Provide a default return value for EVERY mocked hook.**
+    mockedUseQuotaAndFallback.mockReturnValue({
+      proQuotaRequest: null,
+      handleProQuotaChoice: vi.fn(),
+    });
     mockedUseHistory.mockReturnValue({
       history: [],
       addItem: vi.fn(),
@@ -560,6 +567,75 @@ describe('AppContainer State Management', () => {
     });
   });
 
+  describe('Quota and Fallback Integration', () => {
+    it('passes a null proQuotaRequest to UIStateContext by default', () => {
+      // The default mock from beforeEach already sets proQuotaRequest to null
+      render(
+        <AppContainer
+          config={mockConfig}
+          settings={mockSettings}
+          version="1.0.0"
+          initializationResult={mockInitResult}
+        />,
+      );
+
+      // Assert that the context value is as expected
+      expect(capturedUIState.proQuotaRequest).toBeNull();
+    });
+
+    it('passes a valid proQuotaRequest to UIStateContext when provided by the hook', () => {
+      // Arrange: Create a mock request object that a UI dialog would receive
+      const mockRequest = {
+        failedModel: 'gemini-pro',
+        fallbackModel: 'gemini-flash',
+        resolve: vi.fn(),
+      };
+      mockedUseQuotaAndFallback.mockReturnValue({
+        proQuotaRequest: mockRequest,
+        handleProQuotaChoice: vi.fn(),
+      });
+
+      // Act: Render the container
+      render(
+        <AppContainer
+          config={mockConfig}
+          settings={mockSettings}
+          version="1.0.0"
+          initializationResult={mockInitResult}
+        />,
+      );
+
+      // Assert: The mock request is correctly passed through the context
+      expect(capturedUIState.proQuotaRequest).toEqual(mockRequest);
+    });
+
+    it('passes the handleProQuotaChoice function to UIActionsContext', () => {
+      // Arrange: Create a mock handler function
+      const mockHandler = vi.fn();
+      mockedUseQuotaAndFallback.mockReturnValue({
+        proQuotaRequest: null,
+        handleProQuotaChoice: mockHandler,
+      });
+
+      // Act: Render the container
+      render(
+        <AppContainer
+          config={mockConfig}
+          settings={mockSettings}
+          version="1.0.0"
+          initializationResult={mockInitResult}
+        />,
+      );
+
+      // Assert: The action in the context is the mock handler we provided
+      expect(capturedUIActions.handleProQuotaChoice).toBe(mockHandler);
+
+      // You can even verify that the plumbed function is callable
+      capturedUIActions.handleProQuotaChoice('auth');
+      expect(mockHandler).toHaveBeenCalledWith('auth');
+    });
+  });
+
   describe('Terminal Title Update Feature', () => {
     beforeEach(() => {
       // Reset mock stdout for each test

packages/cli/src/ui/AppContainer.tsx

@@ -32,6 +32,7 @@ import {
   type Config,
   type IdeInfo,
   type IdeContext,
+  type UserTierId,
   DEFAULT_GEMINI_FLASH_MODEL,
   IdeClient,
   ideContextStore,
@@ -47,6 +48,7 @@ import { useHistory } from './hooks/useHistoryManager.js';
 import { useMemoryMonitor } from './hooks/useMemoryMonitor.js';
 import { useThemeCommand } from './hooks/useThemeCommand.js';
 import { useAuthCommand } from './auth/useAuth.js';
+import { useQuotaAndFallback } from './hooks/useQuotaAndFallback.js';
 import { useEditorSettings } from './hooks/useEditorSettings.js';
 import { useSettingsCommand } from './hooks/useSettingsCommand.js';
 import { useModelCommand } from './hooks/useModelCommand.js';
@@ -190,6 +192,8 @@ export const AppContainer = (props: AppContainerProps) => {
 
   const [currentModel, setCurrentModel] = useState(getEffectiveModel());
 
+  const [userTier] = useState<UserTierId | undefined>(undefined);
+
   const [isConfigInitialized, setConfigInitialized] = useState(false);
 
   const [userMessages, setUserMessages] = useState<string[]>([]);
@@ -363,6 +367,14 @@ export const AppContainer = (props: AppContainerProps) => {
     cancelAuthentication,
   } = useAuthCommand(settings, config, historyManager.addItem);
 
+  const { proQuotaRequest, handleProQuotaChoice } = useQuotaAndFallback({
+    config,
+    historyManager,
+    userTier,
+    setAuthState,
+    setModelSwitchedFromQuotaError,
+  });
+
   useInitializationAuthError(initializationResult.authError, onAuthError);
 
   // Sync user tier from config when authentication changes
@@ -740,7 +752,8 @@ export const AppContainer = (props: AppContainerProps) => {
     !initError &&
     !isProcessing &&
     (streamingState === StreamingState.Idle ||
-      streamingState === StreamingState.Responding);
+      streamingState === StreamingState.Responding) &&
+    !proQuotaRequest;
 
   const [controlsHeight, setControlsHeight] = useState(0);
 
@@ -1193,6 +1206,7 @@ export const AppContainer = (props: AppContainerProps) => {
     isAuthenticating ||
     isEditorDialogOpen ||
     showIdeRestartPrompt ||
+    !!proQuotaRequest ||
     isSubagentCreateDialogOpen ||
     isAgentsManagerDialogOpen ||
     isApprovalModeDialogOpen ||
@@ -1263,6 +1277,8 @@ export const AppContainer = (props: AppContainerProps) => {
       showWorkspaceMigrationDialog,
       workspaceExtensions,
       currentModel,
+      userTier,
+      proQuotaRequest,
       contextFileNames,
       errorCount,
       availableTerminalHeight,
@@ -1351,6 +1367,8 @@ export const AppContainer = (props: AppContainerProps) => {
       showAutoAcceptIndicator,
       showWorkspaceMigrationDialog,
       workspaceExtensions,
+      userTier,
+      proQuotaRequest,
       contextFileNames,
       errorCount,
       availableTerminalHeight,
@@ -1412,6 +1430,7 @@ export const AppContainer = (props: AppContainerProps) => {
       handleClearScreen,
       onWorkspaceMigrationDialogOpen,
       onWorkspaceMigrationDialogClose,
+      handleProQuotaChoice,
       // Vision switch dialog
       handleVisionSwitchSelect,
       // Welcome back dialog
@@ -1449,6 +1468,7 @@ export const AppContainer = (props: AppContainerProps) => {
       handleClearScreen,
       onWorkspaceMigrationDialogOpen,
       onWorkspaceMigrationDialogClose,
+      handleProQuotaChoice,
       handleVisionSwitchSelect,
       handleWelcomeBackSelection,
       handleWelcomeBackClose,

packages/cli/src/ui/auth/AuthDialog.test.tsx

@@ -168,7 +168,7 @@ describe('AuthDialog', () => {
 
     it('should not show the GEMINI_API_KEY message if QWEN_DEFAULT_AUTH_TYPE is set to something else', () => {
       process.env['GEMINI_API_KEY'] = 'foobar';
-      process.env['QWEN_DEFAULT_AUTH_TYPE'] = AuthType.USE_OPENAI;
+      process.env['QWEN_DEFAULT_AUTH_TYPE'] = AuthType.LOGIN_WITH_GOOGLE;
 
       const settings: LoadedSettings = new LoadedSettings(
         {
@@ -212,7 +212,7 @@ describe('AuthDialog', () => {
 
     it('should show the GEMINI_API_KEY message if QWEN_DEFAULT_AUTH_TYPE is set to use api key', () => {
       process.env['GEMINI_API_KEY'] = 'foobar';
-      process.env['QWEN_DEFAULT_AUTH_TYPE'] = AuthType.USE_OPENAI;
+      process.env['QWEN_DEFAULT_AUTH_TYPE'] = AuthType.USE_GEMINI;
 
       const settings: LoadedSettings = new LoadedSettings(
         {
@@ -504,12 +504,12 @@ describe('AuthDialog', () => {
       },
       {
         settings: {
-          security: { auth: { selectedType: AuthType.USE_OPENAI } },
+          security: { auth: { selectedType: AuthType.LOGIN_WITH_GOOGLE } },
           ui: { customThemes: {} },
           mcpServers: {},
         },
         originalSettings: {
-          security: { auth: { selectedType: AuthType.USE_OPENAI } },
+          security: { auth: { selectedType: AuthType.LOGIN_WITH_GOOGLE } },
           ui: { customThemes: {} },
           mcpServers: {},
         },

packages/cli/src/ui/auth/useAuth.ts

@@ -225,24 +225,16 @@ export const useAuthCommand = (
     const defaultAuthType = process.env['QWEN_DEFAULT_AUTH_TYPE'];
     if (
       defaultAuthType &&
-      ![
-        AuthType.QWEN_OAUTH,
-        AuthType.USE_OPENAI,
-        AuthType.USE_GEMINI,
-        AuthType.USE_VERTEX_AI,
-      ].includes(defaultAuthType as AuthType)
+      ![AuthType.QWEN_OAUTH, AuthType.USE_OPENAI].includes(
+        defaultAuthType as AuthType,
+      )
     ) {
       onAuthError(
         t(
           'Invalid QWEN_DEFAULT_AUTH_TYPE value: "{{value}}". Valid values are: {{validValues}}',
           {
             value: defaultAuthType,
-            validValues: [
-              AuthType.QWEN_OAUTH,
-              AuthType.USE_OPENAI,
-              AuthType.USE_GEMINI,
-              AuthType.USE_VERTEX_AI,
-            ].join(', '),
+            validValues: [AuthType.QWEN_OAUTH, AuthType.USE_OPENAI].join(', '),
           },
         ),
       );

packages/cli/src/ui/commands/ideCommand.test.ts

@@ -15,6 +15,7 @@ vi.mock('@qwen-code/qwen-code-core', async (importOriginal) => {
   const original = await importOriginal<typeof core>();
   return {
     ...original,
+    getOauthClient: vi.fn(original.getOauthClient),
     getIdeInstaller: vi.fn(original.getIdeInstaller),
     IdeClient: {
       getInstance: vi.fn(),

packages/cli/src/ui/components/DialogManager.tsx

@@ -17,6 +17,7 @@ import { AuthDialog } from '../auth/AuthDialog.js';
 import { OpenAIKeyPrompt } from './OpenAIKeyPrompt.js';
 import { EditorSettingsDialog } from './EditorSettingsDialog.js';
 import { WorkspaceMigrationDialog } from './WorkspaceMigrationDialog.js';
+import { ProQuotaDialog } from './ProQuotaDialog.js';
 import { PermissionsModifyTrustDialog } from './PermissionsModifyTrustDialog.js';
 import { ModelDialog } from './ModelDialog.js';
 import { ApprovalModeDialog } from './ApprovalModeDialog.js';
@@ -86,6 +87,15 @@ export const DialogManager = ({
       />
     );
   }
+  if (uiState.proQuotaRequest) {
+    return (
+      <ProQuotaDialog
+        failedModel={uiState.proQuotaRequest.failedModel}
+        fallbackModel={uiState.proQuotaRequest.fallbackModel}
+        onChoice={uiActions.handleProQuotaChoice}
+      />
+    );
+  }
   if (uiState.shouldShowIdePrompt) {
     return (
       <IdeIntegrationNudge

packages/cli/src/ui/components/ProQuotaDialog.test.tsx

@@ -0,0 +1,91 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { render } from 'ink-testing-library';
+import { describe, it, expect, vi, beforeEach, type Mock } from 'vitest';
+import { ProQuotaDialog } from './ProQuotaDialog.js';
+import { RadioButtonSelect } from './shared/RadioButtonSelect.js';
+
+// Mock the child component to make it easier to test the parent
+vi.mock('./shared/RadioButtonSelect.js', () => ({
+  RadioButtonSelect: vi.fn(),
+}));
+
+describe('ProQuotaDialog', () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+  });
+
+  it('should render with correct title and options', () => {
+    const { lastFrame } = render(
+      <ProQuotaDialog
+        failedModel="gemini-2.5-pro"
+        fallbackModel="gemini-2.5-flash"
+        onChoice={() => {}}
+      />,
+    );
+
+    const output = lastFrame();
+    expect(output).toContain('Pro quota limit reached for gemini-2.5-pro.');
+
+    // Check that RadioButtonSelect was called with the correct items
+    expect(RadioButtonSelect).toHaveBeenCalledWith(
+      expect.objectContaining({
+        items: [
+          {
+            label: 'Change auth (executes the /auth command)',
+            value: 'auth',
+            key: 'auth',
+          },
+          {
+            label: `Continue with gemini-2.5-flash`,
+            value: 'continue',
+            key: 'continue',
+          },
+        ],
+      }),
+      undefined,
+    );
+  });
+
+  it('should call onChoice with "auth" when "Change auth" is selected', () => {
+    const mockOnChoice = vi.fn();
+    render(
+      <ProQuotaDialog
+        failedModel="gemini-2.5-pro"
+        fallbackModel="gemini-2.5-flash"
+        onChoice={mockOnChoice}
+      />,
+    );
+
+    // Get the onSelect function passed to RadioButtonSelect
+    const onSelect = (RadioButtonSelect as Mock).mock.calls[0][0].onSelect;
+
+    // Simulate the selection
+    onSelect('auth');
+
+    expect(mockOnChoice).toHaveBeenCalledWith('auth');
+  });
+
+  it('should call onChoice with "continue" when "Continue with flash" is selected', () => {
+    const mockOnChoice = vi.fn();
+    render(
+      <ProQuotaDialog
+        failedModel="gemini-2.5-pro"
+        fallbackModel="gemini-2.5-flash"
+        onChoice={mockOnChoice}
+      />,
+    );
+
+    // Get the onSelect function passed to RadioButtonSelect
+    const onSelect = (RadioButtonSelect as Mock).mock.calls[0][0].onSelect;
+
+    // Simulate the selection
+    onSelect('continue');
+
+    expect(mockOnChoice).toHaveBeenCalledWith('continue');
+  });
+});

packages/cli/src/ui/components/ProQuotaDialog.tsx

@@ -0,0 +1,55 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import type React from 'react';
+import { Box, Text } from 'ink';
+import { RadioButtonSelect } from './shared/RadioButtonSelect.js';
+import { theme } from '../semantic-colors.js';
+import { t } from '../../i18n/index.js';
+
+interface ProQuotaDialogProps {
+  failedModel: string;
+  fallbackModel: string;
+  onChoice: (choice: 'auth' | 'continue') => void;
+}
+
+export function ProQuotaDialog({
+  failedModel,
+  fallbackModel,
+  onChoice,
+}: ProQuotaDialogProps): React.JSX.Element {
+  const items = [
+    {
+      label: t('Change auth (executes the /auth command)'),
+      value: 'auth' as const,
+      key: 'auth',
+    },
+    {
+      label: t('Continue with {{model}}', { model: fallbackModel }),
+      value: 'continue' as const,
+      key: 'continue',
+    },
+  ];
+
+  const handleSelect = (choice: 'auth' | 'continue') => {
+    onChoice(choice);
+  };
+
+  return (
+    <Box borderStyle="round" flexDirection="column" paddingX={1}>
+      <Text bold color={theme.status.warning}>
+        {t('Pro quota limit reached for {{model}}.', { model: failedModel })}
+      </Text>
+      <Box marginTop={1}>
+        <RadioButtonSelect
+          items={items}
+          initialIndex={1}
+          onSelect={handleSelect}
+        />
+      </Box>
+    </Box>
+  );
+}

packages/cli/src/ui/contexts/UIActionsContext.tsx

@@ -55,6 +55,7 @@ export interface UIActions {
   handleClearScreen: () => void;
   onWorkspaceMigrationDialogOpen: () => void;
   onWorkspaceMigrationDialogClose: () => void;
+  handleProQuotaChoice: (choice: 'auth' | 'continue') => void;
   // Vision switch dialog
   handleVisionSwitchSelect: (outcome: VisionSwitchOutcome) => void;
   // Welcome back dialog

packages/cli/src/ui/contexts/UIStateContext.tsx

@@ -22,13 +22,21 @@ import type {
   AuthType,
   IdeContext,
   ApprovalMode,
+  UserTierId,
   IdeInfo,
+  FallbackIntent,
 } from '@qwen-code/qwen-code-core';
 import type { DOMElement } from 'ink';
 import type { SessionStatsState } from '../contexts/SessionContext.js';
 import type { ExtensionUpdateState } from '../state/extensions.js';
 import type { UpdateObject } from '../utils/updateCheck.js';
 
+export interface ProQuotaDialogRequest {
+  failedModel: string;
+  fallbackModel: string;
+  resolve: (intent: FallbackIntent) => void;
+}
+
 import { type UseHistoryManagerReturn } from '../hooks/useHistoryManager.js';
 import { type RestartReason } from '../hooks/useIdeTrustListener.js';
 
@@ -91,6 +99,8 @@ export interface UIState {
   // eslint-disable-next-line @typescript-eslint/no-explicit-any
   workspaceExtensions: any[]; // Extension[]
   // Quota-related state
+  userTier: UserTierId | undefined;
+  proQuotaRequest: ProQuotaDialogRequest | null;
   currentModel: string;
   contextFileNames: string[];
   errorCount: number;

packages/cli/src/ui/hooks/useGeminiStream.test.tsx

@@ -1323,7 +1323,7 @@ describe('useGeminiStream', () => {
     it('should call parseAndFormatApiError with the correct authType on stream initialization failure', async () => {
       // 1. Setup
       const mockError = new Error('Rate limit exceeded');
-      const mockAuthType = AuthType.USE_VERTEX_AI;
+      const mockAuthType = AuthType.LOGIN_WITH_GOOGLE;
       mockParseAndFormatApiError.mockClear();
       mockSendMessageStream.mockReturnValue(
         (async function* () {
@@ -1374,6 +1374,9 @@ describe('useGeminiStream', () => {
         expect(mockParseAndFormatApiError).toHaveBeenCalledWith(
           'Rate limit exceeded',
           mockAuthType,
+          undefined,
+          'gemini-2.5-pro',
+          'gemini-2.5-flash',
         );
       });
     });
@@ -2490,6 +2493,9 @@ describe('useGeminiStream', () => {
       expect(mockParseAndFormatApiError).toHaveBeenCalledWith(
         { message: 'Test error' },
         expect.any(String),
+        undefined,
+        'gemini-2.5-pro',
+        'gemini-2.5-flash',
       );
     });
   });

packages/cli/src/ui/hooks/useGeminiStream.ts

@@ -26,6 +26,7 @@ import {
   GitService,
   UnauthorizedError,
   UserPromptEvent,
+  DEFAULT_GEMINI_FLASH_MODEL,
   logConversationFinishedEvent,
   ConversationFinishedEvent,
   ApprovalMode,
@@ -599,6 +600,9 @@ export const useGeminiStream = (
           text: parseAndFormatApiError(
             eventValue.error,
             config.getContentGeneratorConfig()?.authType,
+            undefined,
+            config.getModel(),
+            DEFAULT_GEMINI_FLASH_MODEL,
           ),
         },
         userMessageTimestamp,
@@ -650,9 +654,6 @@ export const useGeminiStream = (
           'Response stopped due to image safety violations.',
         [FinishReason.UNEXPECTED_TOOL_CALL]:
           'Response stopped due to unexpected tool call.',
-        [FinishReason.IMAGE_PROHIBITED_CONTENT]:
-          'Response stopped due to image prohibited content.',
-        [FinishReason.NO_IMAGE]: 'Response stopped due to no image.',
       };
 
       const message = finishReasonMessages[finishReason];
@@ -769,17 +770,11 @@ export const useGeminiStream = (
       for await (const event of stream) {
         switch (event.type) {
           case ServerGeminiEventType.Thought:
-            // If the thought has a subject, it's a discrete status update rather than
-            // a streamed textual thought, so we update the thought state directly.
-            if (event.value.subject) {
-              setThought(event.value);
-            } else {
-              thoughtBuffer = handleThoughtEvent(
-                event.value,
-                thoughtBuffer,
-                userMessageTimestamp,
-              );
-            }
+            thoughtBuffer = handleThoughtEvent(
+              event.value,
+              thoughtBuffer,
+              userMessageTimestamp,
+            );
             break;
           case ServerGeminiEventType.Content:
             geminiMessageBuffer = handleContentEvent(
@@ -850,7 +845,6 @@ export const useGeminiStream = (
       handleMaxSessionTurnsEvent,
       handleSessionTokenLimitExceededEvent,
       handleCitationEvent,
-      setThought,
     ],
   );
 
@@ -993,6 +987,9 @@ export const useGeminiStream = (
                 text: parseAndFormatApiError(
                   getErrorMessage(error) || 'Unknown error',
                   config.getContentGeneratorConfig()?.authType,
+                  undefined,
+                  config.getModel(),
+                  DEFAULT_GEMINI_FLASH_MODEL,
                 ),
               },
               userMessageTimestamp,

packages/cli/src/ui/hooks/useQuotaAndFallback.test.ts

@@ -0,0 +1,391 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import {
+  vi,
+  describe,
+  it,
+  expect,
+  beforeEach,
+  afterEach,
+  type Mock,
+} from 'vitest';
+import { act, renderHook } from '@testing-library/react';
+import {
+  type Config,
+  type FallbackModelHandler,
+  UserTierId,
+  AuthType,
+  isGenericQuotaExceededError,
+  isProQuotaExceededError,
+  makeFakeConfig,
+} from '@qwen-code/qwen-code-core';
+import { useQuotaAndFallback } from './useQuotaAndFallback.js';
+import type { UseHistoryManagerReturn } from './useHistoryManager.js';
+import { AuthState, MessageType } from '../types.js';
+
+// Mock the error checking functions from the core package to control test scenarios
+vi.mock('@qwen-code/qwen-code-core', async (importOriginal) => {
+  const original =
+    await importOriginal<typeof import('@qwen-code/qwen-code-core')>();
+  return {
+    ...original,
+    isGenericQuotaExceededError: vi.fn(),
+    isProQuotaExceededError: vi.fn(),
+  };
+});
+
+// Use a type alias for SpyInstance as it's not directly exported
+type SpyInstance = ReturnType<typeof vi.spyOn>;
+
+describe('useQuotaAndFallback', () => {
+  let mockConfig: Config;
+  let mockHistoryManager: UseHistoryManagerReturn;
+  let mockSetAuthState: Mock;
+  let mockSetModelSwitchedFromQuotaError: Mock;
+  let setFallbackHandlerSpy: SpyInstance;
+
+  const mockedIsGenericQuotaExceededError = isGenericQuotaExceededError as Mock;
+  const mockedIsProQuotaExceededError = isProQuotaExceededError as Mock;
+
+  beforeEach(() => {
+    mockConfig = makeFakeConfig();
+
+    // Spy on the method that requires the private field and mock its return.
+    // This is cleaner than modifying the config class for tests.
+    vi.spyOn(mockConfig, 'getContentGeneratorConfig').mockReturnValue({
+      model: 'test-model',
+      authType: AuthType.LOGIN_WITH_GOOGLE,
+    });
+
+    mockHistoryManager = {
+      addItem: vi.fn(),
+      history: [],
+      updateItem: vi.fn(),
+      clearItems: vi.fn(),
+      loadHistory: vi.fn(),
+    };
+    mockSetAuthState = vi.fn();
+    mockSetModelSwitchedFromQuotaError = vi.fn();
+
+    setFallbackHandlerSpy = vi.spyOn(mockConfig, 'setFallbackModelHandler');
+    vi.spyOn(mockConfig, 'setQuotaErrorOccurred');
+
+    mockedIsGenericQuotaExceededError.mockReturnValue(false);
+    mockedIsProQuotaExceededError.mockReturnValue(false);
+  });
+
+  afterEach(() => {
+    vi.clearAllMocks();
+  });
+
+  it('should register a fallback handler on initialization', () => {
+    renderHook(() =>
+      useQuotaAndFallback({
+        config: mockConfig,
+        historyManager: mockHistoryManager,
+        userTier: UserTierId.FREE,
+        setAuthState: mockSetAuthState,
+        setModelSwitchedFromQuotaError: mockSetModelSwitchedFromQuotaError,
+      }),
+    );
+
+    expect(setFallbackHandlerSpy).toHaveBeenCalledTimes(1);
+    expect(setFallbackHandlerSpy.mock.calls[0][0]).toBeInstanceOf(Function);
+  });
+
+  describe('Fallback Handler Logic', () => {
+    // Helper function to render the hook and extract the registered handler
+    const getRegisteredHandler = (
+      userTier: UserTierId = UserTierId.FREE,
+    ): FallbackModelHandler => {
+      renderHook(
+        (props) =>
+          useQuotaAndFallback({
+            config: mockConfig,
+            historyManager: mockHistoryManager,
+            userTier: props.userTier,
+            setAuthState: mockSetAuthState,
+            setModelSwitchedFromQuotaError: mockSetModelSwitchedFromQuotaError,
+          }),
+        { initialProps: { userTier } },
+      );
+      return setFallbackHandlerSpy.mock.calls[0][0] as FallbackModelHandler;
+    };
+
+    it('should return null and take no action if already in fallback mode', async () => {
+      vi.spyOn(mockConfig, 'isInFallbackMode').mockReturnValue(true);
+      const handler = getRegisteredHandler();
+      const result = await handler('gemini-pro', 'gemini-flash', new Error());
+
+      expect(result).toBeNull();
+      expect(mockHistoryManager.addItem).not.toHaveBeenCalled();
+    });
+
+    it('should return null and take no action if authType is not LOGIN_WITH_GOOGLE', async () => {
+      // Override the default mock from beforeEach for this specific test
+      vi.spyOn(mockConfig, 'getContentGeneratorConfig').mockReturnValue({
+        model: 'test-model',
+        authType: AuthType.USE_GEMINI,
+      });
+
+      const handler = getRegisteredHandler();
+      const result = await handler('gemini-pro', 'gemini-flash', new Error());
+
+      expect(result).toBeNull();
+      expect(mockHistoryManager.addItem).not.toHaveBeenCalled();
+    });
+
+    describe('Automatic Fallback Scenarios', () => {
+      const testCases = [
+        {
+          errorType: 'generic',
+          tier: UserTierId.FREE,
+          expectedMessageSnippets: [
+            'Automatically switching from model-A to model-B',
+            'upgrade to a Gemini Code Assist Standard or Enterprise plan',
+          ],
+        },
+        {
+          errorType: 'generic',
+          tier: UserTierId.STANDARD, // Paid tier
+          expectedMessageSnippets: [
+            'Automatically switching from model-A to model-B',
+            'switch to using a paid API key from AI Studio',
+          ],
+        },
+        {
+          errorType: 'other',
+          tier: UserTierId.FREE,
+          expectedMessageSnippets: [
+            'Automatically switching from model-A to model-B for faster responses',
+            'upgrade to a Gemini Code Assist Standard or Enterprise plan',
+          ],
+        },
+        {
+          errorType: 'other',
+          tier: UserTierId.LEGACY, // Paid tier
+          expectedMessageSnippets: [
+            'Automatically switching from model-A to model-B for faster responses',
+            'switch to using a paid API key from AI Studio',
+          ],
+        },
+      ];
+
+      for (const { errorType, tier, expectedMessageSnippets } of testCases) {
+        it(`should handle ${errorType} error for ${tier} tier correctly`, async () => {
+          mockedIsGenericQuotaExceededError.mockReturnValue(
+            errorType === 'generic',
+          );
+
+          const handler = getRegisteredHandler(tier);
+          const result = await handler(
+            'model-A',
+            'model-B',
+            new Error('quota exceeded'),
+          );
+
+          // Automatic fallbacks should return 'stop'
+          expect(result).toBe('stop');
+
+          expect(mockHistoryManager.addItem).toHaveBeenCalledWith(
+            expect.objectContaining({ type: MessageType.INFO }),
+            expect.any(Number),
+          );
+
+          const message = (mockHistoryManager.addItem as Mock).mock.calls[0][0]
+            .text;
+          for (const snippet of expectedMessageSnippets) {
+            expect(message).toContain(snippet);
+          }
+
+          expect(mockSetModelSwitchedFromQuotaError).toHaveBeenCalledWith(true);
+          expect(mockConfig.setQuotaErrorOccurred).toHaveBeenCalledWith(true);
+        });
+      }
+    });
+
+    describe('Interactive Fallback (Pro Quota Error)', () => {
+      beforeEach(() => {
+        mockedIsProQuotaExceededError.mockReturnValue(true);
+      });
+
+      it('should set an interactive request and wait for user choice', async () => {
+        const { result } = renderHook(() =>
+          useQuotaAndFallback({
+            config: mockConfig,
+            historyManager: mockHistoryManager,
+            userTier: UserTierId.FREE,
+            setAuthState: mockSetAuthState,
+            setModelSwitchedFromQuotaError: mockSetModelSwitchedFromQuotaError,
+          }),
+        );
+
+        const handler = setFallbackHandlerSpy.mock
+          .calls[0][0] as FallbackModelHandler;
+
+        // Call the handler but do not await it, to check the intermediate state
+        const promise = handler(
+          'gemini-pro',
+          'gemini-flash',
+          new Error('pro quota'),
+        );
+
+        await act(async () => {});
+
+        // The hook should now have a pending request for the UI to handle
+        expect(result.current.proQuotaRequest).not.toBeNull();
+        expect(result.current.proQuotaRequest?.failedModel).toBe('gemini-pro');
+
+        // Simulate the user choosing to continue with the fallback model
+        act(() => {
+          result.current.handleProQuotaChoice('continue');
+        });
+
+        // The original promise from the handler should now resolve
+        const intent = await promise;
+        expect(intent).toBe('retry');
+
+        // The pending request should be cleared from the state
+        expect(result.current.proQuotaRequest).toBeNull();
+      });
+
+      it('should handle race conditions by stopping subsequent requests', async () => {
+        const { result } = renderHook(() =>
+          useQuotaAndFallback({
+            config: mockConfig,
+            historyManager: mockHistoryManager,
+            userTier: UserTierId.FREE,
+            setAuthState: mockSetAuthState,
+            setModelSwitchedFromQuotaError: mockSetModelSwitchedFromQuotaError,
+          }),
+        );
+
+        const handler = setFallbackHandlerSpy.mock
+          .calls[0][0] as FallbackModelHandler;
+
+        const promise1 = handler(
+          'gemini-pro',
+          'gemini-flash',
+          new Error('pro quota 1'),
+        );
+        await act(async () => {});
+
+        const firstRequest = result.current.proQuotaRequest;
+        expect(firstRequest).not.toBeNull();
+
+        const result2 = await handler(
+          'gemini-pro',
+          'gemini-flash',
+          new Error('pro quota 2'),
+        );
+
+        // The lock should have stopped the second request
+        expect(result2).toBe('stop');
+        expect(result.current.proQuotaRequest).toBe(firstRequest);
+
+        act(() => {
+          result.current.handleProQuotaChoice('continue');
+        });
+
+        const intent1 = await promise1;
+        expect(intent1).toBe('retry');
+        expect(result.current.proQuotaRequest).toBeNull();
+      });
+    });
+  });
+
+  describe('handleProQuotaChoice', () => {
+    beforeEach(() => {
+      mockedIsProQuotaExceededError.mockReturnValue(true);
+    });
+
+    it('should do nothing if there is no pending pro quota request', () => {
+      const { result } = renderHook(() =>
+        useQuotaAndFallback({
+          config: mockConfig,
+          historyManager: mockHistoryManager,
+          userTier: UserTierId.FREE,
+          setAuthState: mockSetAuthState,
+          setModelSwitchedFromQuotaError: mockSetModelSwitchedFromQuotaError,
+        }),
+      );
+
+      act(() => {
+        result.current.handleProQuotaChoice('auth');
+      });
+
+      expect(mockSetAuthState).not.toHaveBeenCalled();
+      expect(mockHistoryManager.addItem).not.toHaveBeenCalled();
+    });
+
+    it('should resolve intent to "auth" and trigger auth state update', async () => {
+      const { result } = renderHook(() =>
+        useQuotaAndFallback({
+          config: mockConfig,
+          historyManager: mockHistoryManager,
+          userTier: UserTierId.FREE,
+          setAuthState: mockSetAuthState,
+          setModelSwitchedFromQuotaError: mockSetModelSwitchedFromQuotaError,
+        }),
+      );
+
+      const handler = setFallbackHandlerSpy.mock
+        .calls[0][0] as FallbackModelHandler;
+      const promise = handler(
+        'gemini-pro',
+        'gemini-flash',
+        new Error('pro quota'),
+      );
+      await act(async () => {}); // Allow state to update
+
+      act(() => {
+        result.current.handleProQuotaChoice('auth');
+      });
+
+      const intent = await promise;
+      expect(intent).toBe('auth');
+      expect(mockSetAuthState).toHaveBeenCalledWith(AuthState.Updating);
+      expect(result.current.proQuotaRequest).toBeNull();
+    });
+
+    it('should resolve intent to "retry" and add info message on continue', async () => {
+      const { result } = renderHook(() =>
+        useQuotaAndFallback({
+          config: mockConfig,
+          historyManager: mockHistoryManager,
+          userTier: UserTierId.FREE,
+          setAuthState: mockSetAuthState,
+          setModelSwitchedFromQuotaError: mockSetModelSwitchedFromQuotaError,
+        }),
+      );
+
+      const handler = setFallbackHandlerSpy.mock
+        .calls[0][0] as FallbackModelHandler;
+      // The first `addItem` call is for the initial quota error message
+      const promise = handler(
+        'gemini-pro',
+        'gemini-flash',
+        new Error('pro quota'),
+      );
+      await act(async () => {}); // Allow state to update
+
+      act(() => {
+        result.current.handleProQuotaChoice('continue');
+      });
+
+      const intent = await promise;
+      expect(intent).toBe('retry');
+      expect(result.current.proQuotaRequest).toBeNull();
+
+      // Check for the second "Switched to fallback model" message
+      expect(mockHistoryManager.addItem).toHaveBeenCalledTimes(2);
+      const lastCall = (mockHistoryManager.addItem as Mock).mock.calls[1][0];
+      expect(lastCall.type).toBe(MessageType.INFO);
+      expect(lastCall.text).toContain('Switched to fallback model.');
+    });
+  });
+});

packages/cli/src/ui/hooks/useQuotaAndFallback.ts

@@ -0,0 +1,175 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import {
+  AuthType,
+  type Config,
+  type FallbackModelHandler,
+  type FallbackIntent,
+  isGenericQuotaExceededError,
+  isProQuotaExceededError,
+  UserTierId,
+} from '@qwen-code/qwen-code-core';
+import { useCallback, useEffect, useRef, useState } from 'react';
+import { type UseHistoryManagerReturn } from './useHistoryManager.js';
+import { AuthState, MessageType } from '../types.js';
+import { type ProQuotaDialogRequest } from '../contexts/UIStateContext.js';
+
+interface UseQuotaAndFallbackArgs {
+  config: Config;
+  historyManager: UseHistoryManagerReturn;
+  userTier: UserTierId | undefined;
+  setAuthState: (state: AuthState) => void;
+  setModelSwitchedFromQuotaError: (value: boolean) => void;
+}
+
+export function useQuotaAndFallback({
+  config,
+  historyManager,
+  userTier,
+  setAuthState,
+  setModelSwitchedFromQuotaError,
+}: UseQuotaAndFallbackArgs) {
+  const [proQuotaRequest, setProQuotaRequest] =
+    useState<ProQuotaDialogRequest | null>(null);
+  const isDialogPending = useRef(false);
+
+  // Set up Flash fallback handler
+  useEffect(() => {
+    const fallbackHandler: FallbackModelHandler = async (
+      failedModel,
+      fallbackModel,
+      error,
+    ): Promise<FallbackIntent | null> => {
+      if (config.isInFallbackMode()) {
+        return null;
+      }
+
+      // Fallbacks are currently only handled for OAuth users.
+      const contentGeneratorConfig = config.getContentGeneratorConfig();
+      if (
+        !contentGeneratorConfig ||
+        contentGeneratorConfig.authType !== AuthType.LOGIN_WITH_GOOGLE
+      ) {
+        return null;
+      }
+
+      // Use actual user tier if available; otherwise, default to FREE tier behavior (safe default)
+      const isPaidTier =
+        userTier === UserTierId.LEGACY || userTier === UserTierId.STANDARD;
+
+      let message: string;
+
+      if (error && isProQuotaExceededError(error)) {
+        // Pro Quota specific messages (Interactive)
+        if (isPaidTier) {
+          message = `⚡ You have reached your daily ${failedModel} quota limit.
+⚡ You can choose to authenticate with a paid API key or continue with the fallback model.
+⚡ To continue accessing the ${failedModel} model today, consider using /auth to switch to using a paid API key from AI Studio at https://aistudio.google.com/apikey`;
+        } else {
+          message = `⚡ You have reached your daily ${failedModel} quota limit.
+⚡ You can choose to authenticate with a paid API key or continue with the fallback model.
+⚡ To increase your limits, upgrade to a Gemini Code Assist Standard or Enterprise plan with higher limits at https://goo.gle/set-up-gemini-code-assist
+⚡ Or you can utilize a Gemini API Key. See: https://goo.gle/gemini-cli-docs-auth#gemini-api-key
+⚡ You can switch authentication methods by typing /auth`;
+        }
+      } else if (error && isGenericQuotaExceededError(error)) {
+        // Generic Quota (Automatic fallback)
+        const actionMessage = `⚡ You have reached your daily quota limit.\n⚡ Automatically switching from ${failedModel} to ${fallbackModel} for the remainder of this session.`;
+
+        if (isPaidTier) {
+          message = `${actionMessage}
+⚡ To continue accessing the ${failedModel} model today, consider using /auth to switch to using a paid API key from AI Studio at https://aistudio.google.com/apikey`;
+        } else {
+          message = `${actionMessage}
+⚡ To increase your limits, upgrade to a Gemini Code Assist Standard or Enterprise plan with higher limits at https://goo.gle/set-up-gemini-code-assist
+⚡ Or you can utilize a Gemini API Key. See: https://goo.gle/gemini-cli-docs-auth#gemini-api-key
+⚡ You can switch authentication methods by typing /auth`;
+        }
+      } else {
+        // Consecutive 429s or other errors (Automatic fallback)
+        const actionMessage = `⚡ Automatically switching from ${failedModel} to ${fallbackModel} for faster responses for the remainder of this session.`;
+
+        if (isPaidTier) {
+          message = `${actionMessage}
+⚡ Possible reasons for this are that you have received multiple consecutive capacity errors or you have reached your daily ${failedModel} quota limit
+⚡ To continue accessing the ${failedModel} model today, consider using /auth to switch to using a paid API key from AI Studio at https://aistudio.google.com/apikey`;
+        } else {
+          message = `${actionMessage}
+⚡ Possible reasons for this are that you have received multiple consecutive capacity errors or you have reached your daily ${failedModel} quota limit
+⚡ To increase your limits, upgrade to a Gemini Code Assist Standard or Enterprise plan with higher limits at https://goo.gle/set-up-gemini-code-assist
+⚡ Or you can utilize a Gemini API Key. See: https://goo.gle/gemini-cli-docs-auth#gemini-api-key
+⚡ You can switch authentication methods by typing /auth`;
+        }
+      }
+
+      // Add message to UI history
+      historyManager.addItem(
+        {
+          type: MessageType.INFO,
+          text: message,
+        },
+        Date.now(),
+      );
+
+      setModelSwitchedFromQuotaError(true);
+      config.setQuotaErrorOccurred(true);
+
+      // Interactive Fallback for Pro quota
+      if (error && isProQuotaExceededError(error)) {
+        if (isDialogPending.current) {
+          return 'stop'; // A dialog is already active, so just stop this request.
+        }
+        isDialogPending.current = true;
+
+        const intent: FallbackIntent = await new Promise<FallbackIntent>(
+          (resolve) => {
+            setProQuotaRequest({
+              failedModel,
+              fallbackModel,
+              resolve,
+            });
+          },
+        );
+
+        return intent;
+      }
+
+      return 'stop';
+    };
+
+    config.setFallbackModelHandler(fallbackHandler);
+  }, [config, historyManager, userTier, setModelSwitchedFromQuotaError]);
+
+  const handleProQuotaChoice = useCallback(
+    (choice: 'auth' | 'continue') => {
+      if (!proQuotaRequest) return;
+
+      const intent: FallbackIntent = choice === 'auth' ? 'auth' : 'retry';
+      proQuotaRequest.resolve(intent);
+      setProQuotaRequest(null);
+      isDialogPending.current = false; // Reset the flag here
+
+      if (choice === 'auth') {
+        setAuthState(AuthState.Updating);
+      } else {
+        historyManager.addItem(
+          {
+            type: MessageType.INFO,
+            text: 'Switched to fallback model. Tip: Press Ctrl+P (or Up Arrow) to recall your previous prompt and submit it again if you wish.',
+          },
+          Date.now(),
+        );
+      }
+    },
+    [proQuotaRequest, setAuthState, historyManager],
+  );
+
+  return {
+    proQuotaRequest,
+    handleProQuotaChoice,
+  };
+}

packages/cli/src/ui/hooks/useQwenAuth.test.ts

@@ -411,7 +411,7 @@ describe('useQwenAuth', () => {
     expect(geminiResult.current.qwenAuthState.authStatus).toBe('idle');
 
     const { result: oauthResult } = renderHook(() =>
-      useQwenAuth(AuthType.USE_OPENAI, true),
+      useQwenAuth(AuthType.LOGIN_WITH_GOOGLE, true),
     );
     expect(oauthResult.current.qwenAuthState.authStatus).toBe('idle');
   });

packages/cli/src/ui/hooks/useToolScheduler.test.ts

@@ -62,7 +62,7 @@ const mockConfig = {
   getAllowedTools: vi.fn(() => []),
   getContentGeneratorConfig: () => ({
     model: 'test-model',
-    authType: 'gemini-api-key',
+    authType: 'oauth-personal',
   }),
   getUseSmartEdit: () => false,
   getUseModelRouter: () => false,

packages/cli/src/validateNonInterActiveAuth.ts

@@ -21,13 +21,6 @@ function getAuthTypeFromEnv(): AuthType | undefined {
     return AuthType.QWEN_OAUTH;
   }
 
-  if (process.env['GEMINI_API_KEY']) {
-    return AuthType.USE_GEMINI;
-  }
-  if (process.env['GOOGLE_API_KEY']) {
-    return AuthType.USE_VERTEX_AI;
-  }
-
   return undefined;
 }
 

packages/core/package.json

@@ -23,8 +23,8 @@
     "scripts/postinstall.js"
   ],
   "dependencies": {
-    "@google/genai": "1.30.0",
-    "@modelcontextprotocol/sdk": "^1.25.1",
+    "@google/genai": "1.16.0",
+    "@modelcontextprotocol/sdk": "^1.11.0",
     "@opentelemetry/api": "^1.9.0",
     "async-mutex": "^0.5.0",
     "@opentelemetry/exporter-logs-otlp-grpc": "^0.203.0",
@@ -34,6 +34,7 @@
     "@opentelemetry/exporter-trace-otlp-grpc": "^0.203.0",
     "@opentelemetry/exporter-trace-otlp-http": "^0.203.0",
     "@opentelemetry/instrumentation-http": "^0.203.0",
+    "@opentelemetry/resource-detector-gcp": "^0.40.0",
     "@opentelemetry/sdk-node": "^0.203.0",
     "@types/html-to-text": "^9.0.4",
     "@xterm/headless": "5.5.0",
@@ -47,7 +48,7 @@
     "fdir": "^6.4.6",
     "fzf": "^0.5.2",
     "glob": "^10.5.0",
-    "google-auth-library": "^10.5.0",
+    "google-auth-library": "^9.11.0",
     "html-to-text": "^9.0.5",
     "https-proxy-agent": "^7.0.6",
     "ignore": "^7.0.0",

packages/core/src/code_assist/codeAssist.ts

@@ -0,0 +1,54 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import type { ContentGenerator } from '../core/contentGenerator.js';
+import { AuthType } from '../core/contentGenerator.js';
+import { getOauthClient } from './oauth2.js';
+import { setupUser } from './setup.js';
+import type { HttpOptions } from './server.js';
+import { CodeAssistServer } from './server.js';
+import type { Config } from '../config/config.js';
+import { LoggingContentGenerator } from '../core/loggingContentGenerator.js';
+
+export async function createCodeAssistContentGenerator(
+  httpOptions: HttpOptions,
+  authType: AuthType,
+  config: Config,
+  sessionId?: string,
+): Promise<ContentGenerator> {
+  if (
+    authType === AuthType.LOGIN_WITH_GOOGLE ||
+    authType === AuthType.CLOUD_SHELL
+  ) {
+    const authClient = await getOauthClient(authType, config);
+    const userData = await setupUser(authClient);
+    return new CodeAssistServer(
+      authClient,
+      userData.projectId,
+      httpOptions,
+      sessionId,
+      userData.userTier,
+    );
+  }
+
+  throw new Error(`Unsupported authType: ${authType}`);
+}
+
+export function getCodeAssistServer(
+  config: Config,
+): CodeAssistServer | undefined {
+  let server = config.getContentGenerator();
+
+  // Unwrap LoggingContentGenerator if present
+  if (server instanceof LoggingContentGenerator) {
+    server = server.getWrapped();
+  }
+
+  if (!(server instanceof CodeAssistServer)) {
+    return undefined;
+  }
+  return server;
+}

packages/core/src/code_assist/converter.test.ts

@@ -0,0 +1,456 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { describe, it, expect } from 'vitest';
+import type { CaGenerateContentResponse } from './converter.js';
+import {
+  toGenerateContentRequest,
+  fromGenerateContentResponse,
+  toContents,
+} from './converter.js';
+import type {
+  ContentListUnion,
+  GenerateContentParameters,
+} from '@google/genai';
+import {
+  GenerateContentResponse,
+  FinishReason,
+  BlockedReason,
+  type Part,
+} from '@google/genai';
+
+describe('converter', () => {
+  describe('toCodeAssistRequest', () => {
+    it('should convert a simple request with project', () => {
+      const genaiReq: GenerateContentParameters = {
+        model: 'gemini-pro',
+        contents: [{ role: 'user', parts: [{ text: 'Hello' }] }],
+      };
+      const codeAssistReq = toGenerateContentRequest(
+        genaiReq,
+        'my-prompt',
+        'my-project',
+        'my-session',
+      );
+      expect(codeAssistReq).toEqual({
+        model: 'gemini-pro',
+        project: 'my-project',
+        request: {
+          contents: [{ role: 'user', parts: [{ text: 'Hello' }] }],
+          systemInstruction: undefined,
+          cachedContent: undefined,
+          tools: undefined,
+          toolConfig: undefined,
+          labels: undefined,
+          safetySettings: undefined,
+          generationConfig: undefined,
+          session_id: 'my-session',
+        },
+        user_prompt_id: 'my-prompt',
+      });
+    });
+
+    it('should convert a request without a project', () => {
+      const genaiReq: GenerateContentParameters = {
+        model: 'gemini-pro',
+        contents: [{ role: 'user', parts: [{ text: 'Hello' }] }],
+      };
+      const codeAssistReq = toGenerateContentRequest(
+        genaiReq,
+        'my-prompt',
+        undefined,
+        'my-session',
+      );
+      expect(codeAssistReq).toEqual({
+        model: 'gemini-pro',
+        project: undefined,
+        request: {
+          contents: [{ role: 'user', parts: [{ text: 'Hello' }] }],
+          systemInstruction: undefined,
+          cachedContent: undefined,
+          tools: undefined,
+          toolConfig: undefined,
+          labels: undefined,
+          safetySettings: undefined,
+          generationConfig: undefined,
+          session_id: 'my-session',
+        },
+        user_prompt_id: 'my-prompt',
+      });
+    });
+
+    it('should convert a request with sessionId', () => {
+      const genaiReq: GenerateContentParameters = {
+        model: 'gemini-pro',
+        contents: [{ role: 'user', parts: [{ text: 'Hello' }] }],
+      };
+      const codeAssistReq = toGenerateContentRequest(
+        genaiReq,
+        'my-prompt',
+        'my-project',
+        'session-123',
+      );
+      expect(codeAssistReq).toEqual({
+        model: 'gemini-pro',
+        project: 'my-project',
+        request: {
+          contents: [{ role: 'user', parts: [{ text: 'Hello' }] }],
+          systemInstruction: undefined,
+          cachedContent: undefined,
+          tools: undefined,
+          toolConfig: undefined,
+          labels: undefined,
+          safetySettings: undefined,
+          generationConfig: undefined,
+          session_id: 'session-123',
+        },
+        user_prompt_id: 'my-prompt',
+      });
+    });
+
+    it('should handle string content', () => {
+      const genaiReq: GenerateContentParameters = {
+        model: 'gemini-pro',
+        contents: 'Hello',
+      };
+      const codeAssistReq = toGenerateContentRequest(
+        genaiReq,
+        'my-prompt',
+        'my-project',
+        'my-session',
+      );
+      expect(codeAssistReq.request.contents).toEqual([
+        { role: 'user', parts: [{ text: 'Hello' }] },
+      ]);
+    });
+
+    it('should handle Part[] content', () => {
+      const genaiReq: GenerateContentParameters = {
+        model: 'gemini-pro',
+        contents: [{ text: 'Hello' }, { text: 'World' }],
+      };
+      const codeAssistReq = toGenerateContentRequest(
+        genaiReq,
+        'my-prompt',
+        'my-project',
+        'my-session',
+      );
+      expect(codeAssistReq.request.contents).toEqual([
+        { role: 'user', parts: [{ text: 'Hello' }] },
+        { role: 'user', parts: [{ text: 'World' }] },
+      ]);
+    });
+
+    it('should handle system instructions', () => {
+      const genaiReq: GenerateContentParameters = {
+        model: 'gemini-pro',
+        contents: 'Hello',
+        config: {
+          systemInstruction: 'You are a helpful assistant.',
+        },
+      };
+      const codeAssistReq = toGenerateContentRequest(
+        genaiReq,
+        'my-prompt',
+        'my-project',
+        'my-session',
+      );
+      expect(codeAssistReq.request.systemInstruction).toEqual({
+        role: 'user',
+        parts: [{ text: 'You are a helpful assistant.' }],
+      });
+    });
+
+    it('should handle generation config', () => {
+      const genaiReq: GenerateContentParameters = {
+        model: 'gemini-pro',
+        contents: 'Hello',
+        config: {
+          temperature: 0.8,
+          topK: 40,
+        },
+      };
+      const codeAssistReq = toGenerateContentRequest(
+        genaiReq,
+        'my-prompt',
+        'my-project',
+        'my-session',
+      );
+      expect(codeAssistReq.request.generationConfig).toEqual({
+        temperature: 0.8,
+        topK: 40,
+      });
+    });
+
+    it('should handle all generation config fields', () => {
+      const genaiReq: GenerateContentParameters = {
+        model: 'gemini-pro',
+        contents: 'Hello',
+        config: {
+          temperature: 0.1,
+          topP: 0.2,
+          topK: 3,
+          candidateCount: 4,
+          maxOutputTokens: 5,
+          stopSequences: ['a'],
+          responseLogprobs: true,
+          logprobs: 6,
+          presencePenalty: 0.7,
+          frequencyPenalty: 0.8,
+          seed: 9,
+          responseMimeType: 'application/json',
+        },
+      };
+      const codeAssistReq = toGenerateContentRequest(
+        genaiReq,
+        'my-prompt',
+        'my-project',
+        'my-session',
+      );
+      expect(codeAssistReq.request.generationConfig).toEqual({
+        temperature: 0.1,
+        topP: 0.2,
+        topK: 3,
+        candidateCount: 4,
+        maxOutputTokens: 5,
+        stopSequences: ['a'],
+        responseLogprobs: true,
+        logprobs: 6,
+        presencePenalty: 0.7,
+        frequencyPenalty: 0.8,
+        seed: 9,
+        responseMimeType: 'application/json',
+      });
+    });
+  });
+
+  describe('fromCodeAssistResponse', () => {
+    it('should convert a simple response', () => {
+      const codeAssistRes: CaGenerateContentResponse = {
+        response: {
+          candidates: [
+            {
+              index: 0,
+              content: {
+                role: 'model',
+                parts: [{ text: 'Hi there!' }],
+              },
+              finishReason: FinishReason.STOP,
+              safetyRatings: [],
+            },
+          ],
+        },
+      };
+      const genaiRes = fromGenerateContentResponse(codeAssistRes);
+      expect(genaiRes).toBeInstanceOf(GenerateContentResponse);
+      expect(genaiRes.candidates).toEqual(codeAssistRes.response.candidates);
+    });
+
+    it('should handle prompt feedback and usage metadata', () => {
+      const codeAssistRes: CaGenerateContentResponse = {
+        response: {
+          candidates: [],
+          promptFeedback: {
+            blockReason: BlockedReason.SAFETY,
+            safetyRatings: [],
+          },
+          usageMetadata: {
+            promptTokenCount: 10,
+            candidatesTokenCount: 20,
+            totalTokenCount: 30,
+          },
+        },
+      };
+      const genaiRes = fromGenerateContentResponse(codeAssistRes);
+      expect(genaiRes.promptFeedback).toEqual(
+        codeAssistRes.response.promptFeedback,
+      );
+      expect(genaiRes.usageMetadata).toEqual(
+        codeAssistRes.response.usageMetadata,
+      );
+    });
+
+    it('should handle automatic function calling history', () => {
+      const codeAssistRes: CaGenerateContentResponse = {
+        response: {
+          candidates: [],
+          automaticFunctionCallingHistory: [
+            {
+              role: 'model',
+              parts: [
+                {
+                  functionCall: {
+                    name: 'test_function',
+                    args: {
+                      foo: 'bar',
+                    },
+                  },
+                },
+              ],
+            },
+          ],
+        },
+      };
+      const genaiRes = fromGenerateContentResponse(codeAssistRes);
+      expect(genaiRes.automaticFunctionCallingHistory).toEqual(
+        codeAssistRes.response.automaticFunctionCallingHistory,
+      );
+    });
+
+    it('should handle modelVersion', () => {
+      const codeAssistRes: CaGenerateContentResponse = {
+        response: {
+          candidates: [],
+          modelVersion: 'qwen3-coder-plus',
+        },
+      };
+      const genaiRes = fromGenerateContentResponse(codeAssistRes);
+      expect(genaiRes.modelVersion).toEqual('qwen3-coder-plus');
+    });
+  });
+
+  describe('toContents', () => {
+    it('should handle Content', () => {
+      const content: ContentListUnion = {
+        role: 'user',
+        parts: [{ text: 'hello' }],
+      };
+      expect(toContents(content)).toEqual([
+        { role: 'user', parts: [{ text: 'hello' }] },
+      ]);
+    });
+
+    it('should handle array of Contents', () => {
+      const contents: ContentListUnion = [
+        { role: 'user', parts: [{ text: 'hello' }] },
+        { role: 'model', parts: [{ text: 'hi' }] },
+      ];
+      expect(toContents(contents)).toEqual([
+        { role: 'user', parts: [{ text: 'hello' }] },
+        { role: 'model', parts: [{ text: 'hi' }] },
+      ]);
+    });
+
+    it('should handle Part', () => {
+      const part: ContentListUnion = { text: 'a part' };
+      expect(toContents(part)).toEqual([
+        { role: 'user', parts: [{ text: 'a part' }] },
+      ]);
+    });
+
+    it('should handle array of Parts', () => {
+      const parts = [{ text: 'part 1' }, 'part 2'];
+      expect(toContents(parts)).toEqual([
+        { role: 'user', parts: [{ text: 'part 1' }] },
+        { role: 'user', parts: [{ text: 'part 2' }] },
+      ]);
+    });
+
+    it('should handle string', () => {
+      const str: ContentListUnion = 'a string';
+      expect(toContents(str)).toEqual([
+        { role: 'user', parts: [{ text: 'a string' }] },
+      ]);
+    });
+
+    it('should handle array of strings', () => {
+      const strings: ContentListUnion = ['string 1', 'string 2'];
+      expect(toContents(strings)).toEqual([
+        { role: 'user', parts: [{ text: 'string 1' }] },
+        { role: 'user', parts: [{ text: 'string 2' }] },
+      ]);
+    });
+
+    it('should convert thought parts to text parts for API compatibility', () => {
+      const contentWithThought: ContentListUnion = {
+        role: 'model',
+        parts: [
+          { text: 'regular text' },
+          { thought: 'thinking about the problem' } as Part & {
+            thought: string;
+          },
+          { text: 'more text' },
+        ],
+      };
+      expect(toContents(contentWithThought)).toEqual([
+        {
+          role: 'model',
+          parts: [
+            { text: 'regular text' },
+            { text: '[Thought: thinking about the problem]' },
+            { text: 'more text' },
+          ],
+        },
+      ]);
+    });
+
+    it('should combine text and thought for text parts with thoughts', () => {
+      const contentWithTextAndThought: ContentListUnion = {
+        role: 'model',
+        parts: [
+          {
+            text: 'Here is my response',
+            thought: 'I need to be careful here',
+          } as Part & { thought: string },
+        ],
+      };
+      expect(toContents(contentWithTextAndThought)).toEqual([
+        {
+          role: 'model',
+          parts: [
+            {
+              text: 'Here is my response\n[Thought: I need to be careful here]',
+            },
+          ],
+        },
+      ]);
+    });
+
+    it('should preserve non-thought properties while removing thought', () => {
+      const contentWithComplexPart: ContentListUnion = {
+        role: 'model',
+        parts: [
+          {
+            functionCall: { name: 'calculate', args: { x: 5, y: 10 } },
+            thought: 'Performing calculation',
+          } as Part & { thought: string },
+        ],
+      };
+      expect(toContents(contentWithComplexPart)).toEqual([
+        {
+          role: 'model',
+          parts: [
+            {
+              functionCall: { name: 'calculate', args: { x: 5, y: 10 } },
+            },
+          ],
+        },
+      ]);
+    });
+
+    it('should convert invalid text content to valid text part with thought', () => {
+      const contentWithInvalidText: ContentListUnion = {
+        role: 'model',
+        parts: [
+          {
+            text: 123, // Invalid - should be string
+            thought: 'Processing number',
+          } as Part & { thought: string; text: number },
+        ],
+      };
+      expect(toContents(contentWithInvalidText)).toEqual([
+        {
+          role: 'model',
+          parts: [
+            {
+              text: '123\n[Thought: Processing number]',
+            },
+          ],
+        },
+      ]);
+    });
+  });
+});

packages/core/src/code_assist/converter.ts

@@ -0,0 +1,285 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import type {
+  Content,
+  ContentListUnion,
+  ContentUnion,
+  GenerateContentConfig,
+  GenerateContentParameters,
+  CountTokensParameters,
+  CountTokensResponse,
+  GenerationConfigRoutingConfig,
+  MediaResolution,
+  Candidate,
+  ModelSelectionConfig,
+  GenerateContentResponsePromptFeedback,
+  GenerateContentResponseUsageMetadata,
+  Part,
+  SafetySetting,
+  PartUnion,
+  SpeechConfigUnion,
+  ThinkingConfig,
+  ToolListUnion,
+  ToolConfig,
+} from '@google/genai';
+import { GenerateContentResponse } from '@google/genai';
+
+export interface CAGenerateContentRequest {
+  model: string;
+  project?: string;
+  user_prompt_id?: string;
+  request: VertexGenerateContentRequest;
+}
+
+interface VertexGenerateContentRequest {
+  contents: Content[];
+  systemInstruction?: Content;
+  cachedContent?: string;
+  tools?: ToolListUnion;
+  toolConfig?: ToolConfig;
+  labels?: Record<string, string>;
+  safetySettings?: SafetySetting[];
+  generationConfig?: VertexGenerationConfig;
+  session_id?: string;
+}
+
+interface VertexGenerationConfig {
+  temperature?: number;
+  topP?: number;
+  topK?: number;
+  candidateCount?: number;
+  maxOutputTokens?: number;
+  stopSequences?: string[];
+  responseLogprobs?: boolean;
+  logprobs?: number;
+  presencePenalty?: number;
+  frequencyPenalty?: number;
+  seed?: number;
+  responseMimeType?: string;
+  responseJsonSchema?: unknown;
+  responseSchema?: unknown;
+  routingConfig?: GenerationConfigRoutingConfig;
+  modelSelectionConfig?: ModelSelectionConfig;
+  responseModalities?: string[];
+  mediaResolution?: MediaResolution;
+  speechConfig?: SpeechConfigUnion;
+  audioTimestamp?: boolean;
+  thinkingConfig?: ThinkingConfig;
+}
+
+export interface CaGenerateContentResponse {
+  response: VertexGenerateContentResponse;
+}
+
+interface VertexGenerateContentResponse {
+  candidates: Candidate[];
+  automaticFunctionCallingHistory?: Content[];
+  promptFeedback?: GenerateContentResponsePromptFeedback;
+  usageMetadata?: GenerateContentResponseUsageMetadata;
+  modelVersion?: string;
+}
+
+export interface CaCountTokenRequest {
+  request: VertexCountTokenRequest;
+}
+
+interface VertexCountTokenRequest {
+  model: string;
+  contents: Content[];
+}
+
+export interface CaCountTokenResponse {
+  totalTokens: number;
+}
+
+export function toCountTokenRequest(
+  req: CountTokensParameters,
+): CaCountTokenRequest {
+  return {
+    request: {
+      model: 'models/' + req.model,
+      contents: toContents(req.contents),
+    },
+  };
+}
+
+export function fromCountTokenResponse(
+  res: CaCountTokenResponse,
+): CountTokensResponse {
+  return {
+    totalTokens: res.totalTokens,
+  };
+}
+
+export function toGenerateContentRequest(
+  req: GenerateContentParameters,
+  userPromptId: string,
+  project?: string,
+  sessionId?: string,
+): CAGenerateContentRequest {
+  return {
+    model: req.model,
+    project,
+    user_prompt_id: userPromptId,
+    request: toVertexGenerateContentRequest(req, sessionId),
+  };
+}
+
+export function fromGenerateContentResponse(
+  res: CaGenerateContentResponse,
+): GenerateContentResponse {
+  const inres = res.response;
+  const out = new GenerateContentResponse();
+  out.candidates = inres.candidates;
+  out.automaticFunctionCallingHistory = inres.automaticFunctionCallingHistory;
+  out.promptFeedback = inres.promptFeedback;
+  out.usageMetadata = inres.usageMetadata;
+  out.modelVersion = inres.modelVersion;
+  return out;
+}
+
+function toVertexGenerateContentRequest(
+  req: GenerateContentParameters,
+  sessionId?: string,
+): VertexGenerateContentRequest {
+  return {
+    contents: toContents(req.contents),
+    systemInstruction: maybeToContent(req.config?.systemInstruction),
+    cachedContent: req.config?.cachedContent,
+    tools: req.config?.tools,
+    toolConfig: req.config?.toolConfig,
+    labels: req.config?.labels,
+    safetySettings: req.config?.safetySettings,
+    generationConfig: toVertexGenerationConfig(req.config),
+    session_id: sessionId,
+  };
+}
+
+export function toContents(contents: ContentListUnion): Content[] {
+  if (Array.isArray(contents)) {
+    // it's a Content[] or a PartsUnion[]
+    return contents.map(toContent);
+  }
+  // it's a Content or a PartsUnion
+  return [toContent(contents)];
+}
+
+function maybeToContent(content?: ContentUnion): Content | undefined {
+  if (!content) {
+    return undefined;
+  }
+  return toContent(content);
+}
+
+function toContent(content: ContentUnion): Content {
+  if (Array.isArray(content)) {
+    // it's a PartsUnion[]
+    return {
+      role: 'user',
+      parts: toParts(content),
+    };
+  }
+  if (typeof content === 'string') {
+    // it's a string
+    return {
+      role: 'user',
+      parts: [{ text: content }],
+    };
+  }
+  if ('parts' in content) {
+    // it's a Content - process parts to handle thought filtering
+    return {
+      ...content,
+      parts: content.parts
+        ? toParts(content.parts.filter((p) => p != null))
+        : [],
+    };
+  }
+  // it's a Part
+  return {
+    role: 'user',
+    parts: [toPart(content as Part)],
+  };
+}
+
+export function toParts(parts: PartUnion[]): Part[] {
+  return parts.map(toPart);
+}
+
+function toPart(part: PartUnion): Part {
+  if (typeof part === 'string') {
+    // it's a string
+    return { text: part };
+  }
+
+  // Handle thought parts for CountToken API compatibility
+  // The CountToken API expects parts to have certain required "oneof" fields initialized,
+  // but thought parts don't conform to this schema and cause API failures
+  if ('thought' in part && part.thought) {
+    const thoughtText = `[Thought: ${part.thought}]`;
+
+    const newPart = { ...part };
+    delete (newPart as Record<string, unknown>)['thought'];
+
+    const hasApiContent =
+      'functionCall' in newPart ||
+      'functionResponse' in newPart ||
+      'inlineData' in newPart ||
+      'fileData' in newPart;
+
+    if (hasApiContent) {
+      // It's a functionCall or other non-text part. Just strip the thought.
+      return newPart;
+    }
+
+    // If no other valid API content, this must be a text part.
+    // Combine existing text (if any) with the thought, preserving other properties.
+    const text = (newPart as { text?: unknown }).text;
+    const existingText = text ? String(text) : '';
+    const combinedText = existingText
+      ? `${existingText}\n${thoughtText}`
+      : thoughtText;
+
+    return {
+      ...newPart,
+      text: combinedText,
+    };
+  }
+
+  return part;
+}
+
+function toVertexGenerationConfig(
+  config?: GenerateContentConfig,
+): VertexGenerationConfig | undefined {
+  if (!config) {
+    return undefined;
+  }
+  return {
+    temperature: config.temperature,
+    topP: config.topP,
+    topK: config.topK,
+    candidateCount: config.candidateCount,
+    maxOutputTokens: config.maxOutputTokens,
+    stopSequences: config.stopSequences,
+    responseLogprobs: config.responseLogprobs,
+    logprobs: config.logprobs,
+    presencePenalty: config.presencePenalty,
+    frequencyPenalty: config.frequencyPenalty,
+    seed: config.seed,
+    responseMimeType: config.responseMimeType,
+    responseSchema: config.responseSchema,
+    responseJsonSchema: config.responseJsonSchema,
+    routingConfig: config.routingConfig,
+    modelSelectionConfig: config.modelSelectionConfig,
+    responseModalities: config.responseModalities,
+    mediaResolution: config.mediaResolution,
+    speechConfig: config.speechConfig,
+    audioTimestamp: config.audioTimestamp,
+    thinkingConfig: config.thinkingConfig,
+  };
+}

packages/core/src/code_assist/oauth-credential-storage.test.ts

@@ -0,0 +1,217 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { type Credentials } from 'google-auth-library';
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import { OAuthCredentialStorage } from './oauth-credential-storage.js';
+import type { OAuthCredentials } from '../mcp/token-storage/types.js';
+
+import * as path from 'node:path';
+import * as os from 'node:os';
+import { promises as fs } from 'node:fs';
+
+// Mock external dependencies
+const mockHybridTokenStorage = vi.hoisted(() => ({
+  getCredentials: vi.fn(),
+  setCredentials: vi.fn(),
+  deleteCredentials: vi.fn(),
+}));
+vi.mock('../mcp/token-storage/hybrid-token-storage.js', () => ({
+  HybridTokenStorage: vi.fn(() => mockHybridTokenStorage),
+}));
+vi.mock('node:fs', () => ({
+  promises: {
+    readFile: vi.fn(),
+    rm: vi.fn(),
+  },
+}));
+vi.mock('node:os');
+vi.mock('node:path');
+
+describe('OAuthCredentialStorage', () => {
+  const mockCredentials: Credentials = {
+    access_token: 'mock_access_token',
+    refresh_token: 'mock_refresh_token',
+    expiry_date: Date.now() + 3600 * 1000,
+    token_type: 'Bearer',
+    scope: 'email profile',
+  };
+
+  const mockMcpCredentials: OAuthCredentials = {
+    serverName: 'main-account',
+    token: {
+      accessToken: 'mock_access_token',
+      refreshToken: 'mock_refresh_token',
+      tokenType: 'Bearer',
+      scope: 'email profile',
+      expiresAt: mockCredentials.expiry_date!,
+    },
+    updatedAt: expect.any(Number),
+  };
+
+  const oldFilePath = '/mock/home/.qwen/oauth.json';
+
+  beforeEach(() => {
+    vi.spyOn(mockHybridTokenStorage, 'getCredentials').mockResolvedValue(null);
+    vi.spyOn(mockHybridTokenStorage, 'setCredentials').mockResolvedValue(
+      undefined,
+    );
+    vi.spyOn(mockHybridTokenStorage, 'deleteCredentials').mockResolvedValue(
+      undefined,
+    );
+
+    vi.spyOn(fs, 'readFile').mockRejectedValue(new Error('File not found'));
+    vi.spyOn(fs, 'rm').mockResolvedValue(undefined);
+
+    vi.spyOn(os, 'homedir').mockReturnValue('/mock/home');
+    vi.spyOn(path, 'join').mockReturnValue(oldFilePath);
+  });
+
+  afterEach(() => {
+    vi.restoreAllMocks();
+  });
+
+  describe('loadCredentials', () => {
+    it('should load credentials from HybridTokenStorage if available', async () => {
+      vi.spyOn(mockHybridTokenStorage, 'getCredentials').mockResolvedValue(
+        mockMcpCredentials,
+      );
+
+      const result = await OAuthCredentialStorage.loadCredentials();
+
+      expect(mockHybridTokenStorage.getCredentials).toHaveBeenCalledWith(
+        'main-account',
+      );
+      expect(result).toEqual(mockCredentials);
+    });
+
+    it('should fallback to migrateFromFileStorage if no credentials in HybridTokenStorage', async () => {
+      vi.spyOn(mockHybridTokenStorage, 'getCredentials').mockResolvedValue(
+        null,
+      );
+      vi.spyOn(fs, 'readFile').mockResolvedValue(
+        JSON.stringify(mockCredentials),
+      );
+
+      const result = await OAuthCredentialStorage.loadCredentials();
+
+      expect(mockHybridTokenStorage.getCredentials).toHaveBeenCalledWith(
+        'main-account',
+      );
+      expect(fs.readFile).toHaveBeenCalledWith(oldFilePath, 'utf-8');
+      expect(mockHybridTokenStorage.setCredentials).toHaveBeenCalled(); // Verify credentials were saved
+      expect(fs.rm).toHaveBeenCalledWith(oldFilePath, { force: true }); // Verify old file was removed
+      expect(result).toEqual(mockCredentials);
+    });
+
+    it('should return null if no credentials found and no old file to migrate', async () => {
+      vi.spyOn(fs, 'readFile').mockRejectedValue({
+        message: 'File not found',
+        code: 'ENOENT',
+      });
+
+      const result = await OAuthCredentialStorage.loadCredentials();
+
+      expect(result).toBeNull();
+    });
+
+    it('should throw an error if loading fails', async () => {
+      vi.spyOn(mockHybridTokenStorage, 'getCredentials').mockRejectedValue(
+        new Error('Loading error'),
+      );
+
+      await expect(OAuthCredentialStorage.loadCredentials()).rejects.toThrow(
+        'Failed to load OAuth credentials',
+      );
+    });
+
+    it('should throw an error if read file fails', async () => {
+      vi.spyOn(mockHybridTokenStorage, 'getCredentials').mockResolvedValue(
+        null,
+      );
+      vi.spyOn(fs, 'readFile').mockRejectedValue(
+        new Error('Permission denied'),
+      );
+
+      await expect(OAuthCredentialStorage.loadCredentials()).rejects.toThrow(
+        'Failed to load OAuth credentials',
+      );
+    });
+
+    it('should not throw error if migration file removal failed', async () => {
+      vi.spyOn(mockHybridTokenStorage, 'getCredentials').mockResolvedValue(
+        null,
+      );
+      vi.spyOn(fs, 'readFile').mockResolvedValue(
+        JSON.stringify(mockCredentials),
+      );
+      vi.spyOn(OAuthCredentialStorage, 'saveCredentials').mockResolvedValue(
+        undefined,
+      );
+      vi.spyOn(fs, 'rm').mockRejectedValue(new Error('Deletion failed'));
+
+      const result = await OAuthCredentialStorage.loadCredentials();
+
+      expect(result).toEqual(mockCredentials);
+    });
+  });
+
+  describe('saveCredentials', () => {
+    it('should save credentials to HybridTokenStorage', async () => {
+      await OAuthCredentialStorage.saveCredentials(mockCredentials);
+
+      expect(mockHybridTokenStorage.setCredentials).toHaveBeenCalledWith(
+        mockMcpCredentials,
+      );
+    });
+
+    it('should throw an error if access_token is missing', async () => {
+      const invalidCredentials: Credentials = {
+        ...mockCredentials,
+        access_token: undefined,
+      };
+      await expect(
+        OAuthCredentialStorage.saveCredentials(invalidCredentials),
+      ).rejects.toThrow(
+        'Attempted to save credentials without an access token.',
+      );
+    });
+  });
+
+  describe('clearCredentials', () => {
+    it('should delete credentials from HybridTokenStorage', async () => {
+      await OAuthCredentialStorage.clearCredentials();
+
+      expect(mockHybridTokenStorage.deleteCredentials).toHaveBeenCalledWith(
+        'main-account',
+      );
+    });
+
+    it('should attempt to remove the old file-based storage', async () => {
+      await OAuthCredentialStorage.clearCredentials();
+
+      expect(fs.rm).toHaveBeenCalledWith(oldFilePath, { force: true });
+    });
+
+    it('should not throw an error if deleting old file fails', async () => {
+      vi.spyOn(fs, 'rm').mockRejectedValue(new Error('File deletion failed'));
+
+      await expect(
+        OAuthCredentialStorage.clearCredentials(),
+      ).resolves.toBeUndefined();
+    });
+
+    it('should throw an error if clearing from HybridTokenStorage fails', async () => {
+      vi.spyOn(mockHybridTokenStorage, 'deleteCredentials').mockRejectedValue(
+        new Error('Deletion error'),
+      );
+
+      await expect(OAuthCredentialStorage.clearCredentials()).rejects.toThrow(
+        'Failed to clear OAuth credentials',
+      );
+    });
+  });
+});

packages/core/src/code_assist/oauth-credential-storage.ts

@@ -0,0 +1,130 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { type Credentials } from 'google-auth-library';
+import { HybridTokenStorage } from '../mcp/token-storage/hybrid-token-storage.js';
+import { OAUTH_FILE } from '../config/storage.js';
+import type { OAuthCredentials } from '../mcp/token-storage/types.js';
+import * as path from 'node:path';
+import * as os from 'node:os';
+import { promises as fs } from 'node:fs';
+
+const QWEN_DIR = '.qwen';
+const KEYCHAIN_SERVICE_NAME = 'qwen-code-oauth';
+const MAIN_ACCOUNT_KEY = 'main-account';
+
+export class OAuthCredentialStorage {
+  private static storage: HybridTokenStorage = new HybridTokenStorage(
+    KEYCHAIN_SERVICE_NAME,
+  );
+
+  /**
+   * Load cached OAuth credentials
+   */
+  static async loadCredentials(): Promise<Credentials | null> {
+    try {
+      const credentials = await this.storage.getCredentials(MAIN_ACCOUNT_KEY);
+
+      if (credentials?.token) {
+        const { accessToken, refreshToken, expiresAt, tokenType, scope } =
+          credentials.token;
+        // Convert from OAuthCredentials format to Google Credentials format
+        const googleCreds: Credentials = {
+          access_token: accessToken,
+          refresh_token: refreshToken || undefined,
+          token_type: tokenType || undefined,
+          scope: scope || undefined,
+        };
+
+        if (expiresAt) {
+          googleCreds.expiry_date = expiresAt;
+        }
+
+        return googleCreds;
+      }
+
+      // Fallback: Try to migrate from old file-based storage
+      return await this.migrateFromFileStorage();
+    } catch (error: unknown) {
+      console.error(error);
+      throw new Error('Failed to load OAuth credentials');
+    }
+  }
+
+  /**
+   * Save OAuth credentials
+   */
+  static async saveCredentials(credentials: Credentials): Promise<void> {
+    if (!credentials.access_token) {
+      throw new Error('Attempted to save credentials without an access token.');
+    }
+
+    // Convert Google Credentials to OAuthCredentials format
+    const mcpCredentials: OAuthCredentials = {
+      serverName: MAIN_ACCOUNT_KEY,
+      token: {
+        accessToken: credentials.access_token,
+        refreshToken: credentials.refresh_token || undefined,
+        tokenType: credentials.token_type || 'Bearer',
+        scope: credentials.scope || undefined,
+        expiresAt: credentials.expiry_date || undefined,
+      },
+      updatedAt: Date.now(),
+    };
+
+    await this.storage.setCredentials(mcpCredentials);
+  }
+
+  /**
+   * Clear cached OAuth credentials
+   */
+  static async clearCredentials(): Promise<void> {
+    try {
+      await this.storage.deleteCredentials(MAIN_ACCOUNT_KEY);
+
+      // Also try to remove the old file if it exists
+      const oldFilePath = path.join(os.homedir(), QWEN_DIR, OAUTH_FILE);
+      await fs.rm(oldFilePath, { force: true }).catch(() => {});
+    } catch (error: unknown) {
+      console.error(error);
+      throw new Error('Failed to clear OAuth credentials');
+    }
+  }
+
+  /**
+   * Migrate credentials from old file-based storage to keychain
+   */
+  private static async migrateFromFileStorage(): Promise<Credentials | null> {
+    const oldFilePath = path.join(os.homedir(), QWEN_DIR, OAUTH_FILE);
+
+    let credsJson: string;
+    try {
+      credsJson = await fs.readFile(oldFilePath, 'utf-8');
+    } catch (error: unknown) {
+      if (
+        typeof error === 'object' &&
+        error !== null &&
+        'code' in error &&
+        error.code === 'ENOENT'
+      ) {
+        // File doesn't exist, so no migration.
+        return null;
+      }
+      // Other read errors should propagate.
+      throw error;
+    }
+
+    const credentials = JSON.parse(credsJson) as Credentials;
+
+    // Save to new storage
+    await this.saveCredentials(credentials);
+
+    // Remove old file after successful migration
+    await fs.rm(oldFilePath, { force: true }).catch(() => {});
+
+    return credentials;
+  }
+}

packages/core/src/code_assist/oauth2.ts

@@ -0,0 +1,563 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import type { Credentials } from 'google-auth-library';
+import {
+  CodeChallengeMethod,
+  Compute,
+  OAuth2Client,
+} from 'google-auth-library';
+import crypto from 'node:crypto';
+import { promises as fs } from 'node:fs';
+import * as http from 'node:http';
+import * as net from 'node:net';
+import path from 'node:path';
+import readline from 'node:readline';
+import url from 'node:url';
+import open from 'open';
+import type { Config } from '../config/config.js';
+import { Storage } from '../config/storage.js';
+import { AuthType } from '../core/contentGenerator.js';
+import { FatalAuthenticationError, getErrorMessage } from '../utils/errors.js';
+import { UserAccountManager } from '../utils/userAccountManager.js';
+import { OAuthCredentialStorage } from './oauth-credential-storage.js';
+import { FORCE_ENCRYPTED_FILE_ENV_VAR } from '../mcp/token-storage/index.js';
+
+const userAccountManager = new UserAccountManager();
+
+//  OAuth Client ID used to initiate OAuth2Client class.
+const OAUTH_CLIENT_ID =
+  '681255809395-oo8ft2oprdrnp9e3aqf6av3hmdib135j.apps.googleusercontent.com';
+
+// OAuth Secret value used to initiate OAuth2Client class.
+// Note: It's ok to save this in git because this is an installed application
+// as described here: https://developers.google.com/identity/protocols/oauth2#installed
+// "The process results in a client ID and, in some cases, a client secret,
+// which you embed in the source code of your application. (In this context,
+// the client secret is obviously not treated as a secret.)"
+const OAUTH_CLIENT_SECRET = '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';
+
+// OAuth Scopes for Cloud Code authorization.
+const OAUTH_SCOPE = [
+  'https://www.googleapis.com/auth/cloud-platform',
+  'https://www.googleapis.com/auth/userinfo.email',
+  'https://www.googleapis.com/auth/userinfo.profile',
+];
+
+const HTTP_REDIRECT = 301;
+const SIGN_IN_SUCCESS_URL =
+  'https://developers.google.com/gemini-code-assist/auth_success_gemini';
+const SIGN_IN_FAILURE_URL =
+  'https://developers.google.com/gemini-code-assist/auth_failure_gemini';
+
+/**
+ * An Authentication URL for updating the credentials of a Oauth2Client
+ * as well as a promise that will resolve when the credentials have
+ * been refreshed (or which throws error when refreshing credentials failed).
+ */
+export interface OauthWebLogin {
+  authUrl: string;
+  loginCompletePromise: Promise<void>;
+}
+
+const oauthClientPromises = new Map<AuthType, Promise<OAuth2Client>>();
+
+function getUseEncryptedStorageFlag() {
+  return process.env[FORCE_ENCRYPTED_FILE_ENV_VAR] === 'true';
+}
+
+async function initOauthClient(
+  authType: AuthType,
+  config: Config,
+): Promise<OAuth2Client> {
+  const client = new OAuth2Client({
+    clientId: OAUTH_CLIENT_ID,
+    clientSecret: OAUTH_CLIENT_SECRET,
+    transporterOptions: {
+      proxy: config.getProxy(),
+    },
+  });
+  const useEncryptedStorage = getUseEncryptedStorageFlag();
+
+  if (
+    process.env['GOOGLE_GENAI_USE_GCA'] &&
+    process.env['GOOGLE_CLOUD_ACCESS_TOKEN']
+  ) {
+    client.setCredentials({
+      access_token: process.env['GOOGLE_CLOUD_ACCESS_TOKEN'],
+    });
+    await fetchAndCacheUserInfo(client);
+    return client;
+  }
+
+  client.on('tokens', async (tokens: Credentials) => {
+    if (useEncryptedStorage) {
+      await OAuthCredentialStorage.saveCredentials(tokens);
+    } else {
+      await cacheCredentials(tokens);
+    }
+  });
+
+  // If there are cached creds on disk, they always take precedence
+  if (await loadCachedCredentials(client)) {
+    // Found valid cached credentials.
+    // Check if we need to retrieve Google Account ID or Email
+    if (!userAccountManager.getCachedGoogleAccount()) {
+      try {
+        await fetchAndCacheUserInfo(client);
+      } catch (error) {
+        // Non-fatal, continue with existing auth.
+        console.warn('Failed to fetch user info:', getErrorMessage(error));
+      }
+    }
+    console.log('Loaded cached credentials.');
+    return client;
+  }
+
+  // In Google Cloud Shell, we can use Application Default Credentials (ADC)
+  // provided via its metadata server to authenticate non-interactively using
+  // the identity of the user logged into Cloud Shell.
+  if (authType === AuthType.CLOUD_SHELL) {
+    try {
+      console.log("Attempting to authenticate via Cloud Shell VM's ADC.");
+      const computeClient = new Compute({
+        // We can leave this empty, since the metadata server will provide
+        // the service account email.
+      });
+      await computeClient.getAccessToken();
+      console.log('Authentication successful.');
+
+      // Do not cache creds in this case; note that Compute client will handle its own refresh
+      return computeClient;
+    } catch (e) {
+      throw new Error(
+        `Could not authenticate using Cloud Shell credentials. Please select a different authentication method or ensure you are in a properly configured environment. Error: ${getErrorMessage(
+          e,
+        )}`,
+      );
+    }
+  }
+
+  if (config.isBrowserLaunchSuppressed()) {
+    let success = false;
+    const maxRetries = 2;
+    for (let i = 0; !success && i < maxRetries; i++) {
+      success = await authWithUserCode(client);
+      if (!success) {
+        console.error(
+          '\nFailed to authenticate with user code.',
+          i === maxRetries - 1 ? '' : 'Retrying...\n',
+        );
+      }
+    }
+    if (!success) {
+      throw new FatalAuthenticationError(
+        'Failed to authenticate with user code.',
+      );
+    }
+  } else {
+    const webLogin = await authWithWeb(client);
+
+    console.log(
+      `\n\nCode Assist login required.\n` +
+        `Attempting to open authentication page in your browser.\n` +
+        `Otherwise navigate to:\n\n${webLogin.authUrl}\n\n`,
+    );
+    try {
+      // Attempt to open the authentication URL in the default browser.
+      // We do not use the `wait` option here because the main script's execution
+      // is already paused by `loginCompletePromise`, which awaits the server callback.
+      const childProcess = await open(webLogin.authUrl);
+
+      // IMPORTANT: Attach an error handler to the returned child process.
+      // Without this, if `open` fails to spawn a process (e.g., `xdg-open` is not found
+      // in a minimal Docker container), it will emit an unhandled 'error' event,
+      // causing the entire Node.js process to crash.
+      childProcess.on('error', (error) => {
+        console.error(
+          'Failed to open browser automatically. Please try running again with NO_BROWSER=true set.',
+        );
+        console.error('Browser error details:', getErrorMessage(error));
+      });
+    } catch (err) {
+      console.error(
+        'An unexpected error occurred while trying to open the browser:',
+        getErrorMessage(err),
+        '\nThis might be due to browser compatibility issues or system configuration.',
+        '\nPlease try running again with NO_BROWSER=true set for manual authentication.',
+      );
+      throw new FatalAuthenticationError(
+        `Failed to open browser: ${getErrorMessage(err)}`,
+      );
+    }
+    console.log('Waiting for authentication...');
+
+    // Add timeout to prevent infinite waiting when browser tab gets stuck
+    const authTimeout = 5 * 60 * 1000; // 5 minutes timeout
+    const timeoutPromise = new Promise<never>((_, reject) => {
+      setTimeout(() => {
+        reject(
+          new FatalAuthenticationError(
+            'Authentication timed out after 5 minutes. The browser tab may have gotten stuck in a loading state. ' +
+              'Please try again or use NO_BROWSER=true for manual authentication.',
+          ),
+        );
+      }, authTimeout);
+    });
+
+    await Promise.race([webLogin.loginCompletePromise, timeoutPromise]);
+  }
+
+  return client;
+}
+
+export async function getOauthClient(
+  authType: AuthType,
+  config: Config,
+): Promise<OAuth2Client> {
+  if (!oauthClientPromises.has(authType)) {
+    oauthClientPromises.set(authType, initOauthClient(authType, config));
+  }
+  return oauthClientPromises.get(authType)!;
+}
+
+async function authWithUserCode(client: OAuth2Client): Promise<boolean> {
+  const redirectUri = 'https://codeassist.google.com/authcode';
+  const codeVerifier = await client.generateCodeVerifierAsync();
+  const state = crypto.randomBytes(32).toString('hex');
+  const authUrl: string = client.generateAuthUrl({
+    redirect_uri: redirectUri,
+    access_type: 'offline',
+    scope: OAUTH_SCOPE,
+    code_challenge_method: CodeChallengeMethod.S256,
+    code_challenge: codeVerifier.codeChallenge,
+    state,
+  });
+  console.log('Please visit the following URL to authorize the application:');
+  console.log('');
+  console.log(authUrl);
+  console.log('');
+
+  const code = await new Promise<string>((resolve) => {
+    const rl = readline.createInterface({
+      input: process.stdin,
+      output: process.stdout,
+    });
+    rl.question('Enter the authorization code: ', (code) => {
+      rl.close();
+      resolve(code.trim());
+    });
+  });
+
+  if (!code) {
+    console.error('Authorization code is required.');
+    return false;
+  }
+
+  try {
+    const { tokens } = await client.getToken({
+      code,
+      codeVerifier: codeVerifier.codeVerifier,
+      redirect_uri: redirectUri,
+    });
+    client.setCredentials(tokens);
+  } catch (error) {
+    console.error(
+      'Failed to authenticate with authorization code:',
+      getErrorMessage(error),
+    );
+    return false;
+  }
+  return true;
+}
+
+async function authWithWeb(client: OAuth2Client): Promise<OauthWebLogin> {
+  const port = await getAvailablePort();
+  // The hostname used for the HTTP server binding (e.g., '0.0.0.0' in Docker).
+  const host = process.env['OAUTH_CALLBACK_HOST'] || 'localhost';
+  // The `redirectUri` sent to Google's authorization server MUST use a loopback IP literal
+  // (i.e., 'localhost' or '127.0.0.1'). This is a strict security policy for credentials of
+  // type 'Desktop app' or 'Web application' (when using loopback flow) to mitigate
+  // authorization code interception attacks.
+  const redirectUri = `http://localhost:${port}/oauth2callback`;
+  const state = crypto.randomBytes(32).toString('hex');
+  const authUrl = client.generateAuthUrl({
+    redirect_uri: redirectUri,
+    access_type: 'offline',
+    scope: OAUTH_SCOPE,
+    state,
+  });
+
+  const loginCompletePromise = new Promise<void>((resolve, reject) => {
+    const server = http.createServer(async (req, res) => {
+      try {
+        if (req.url!.indexOf('/oauth2callback') === -1) {
+          res.writeHead(HTTP_REDIRECT, { Location: SIGN_IN_FAILURE_URL });
+          res.end();
+          reject(
+            new FatalAuthenticationError(
+              'OAuth callback not received. Unexpected request: ' + req.url,
+            ),
+          );
+        }
+        // acquire the code from the querystring, and close the web server.
+        const qs = new url.URL(req.url!, 'http://localhost:3000').searchParams;
+        if (qs.get('error')) {
+          res.writeHead(HTTP_REDIRECT, { Location: SIGN_IN_FAILURE_URL });
+          res.end();
+
+          const errorCode = qs.get('error');
+          const errorDescription =
+            qs.get('error_description') || 'No additional details provided';
+          reject(
+            new FatalAuthenticationError(
+              `Google OAuth error: ${errorCode}. ${errorDescription}`,
+            ),
+          );
+        } else if (qs.get('state') !== state) {
+          res.end('State mismatch. Possible CSRF attack');
+
+          reject(
+            new FatalAuthenticationError(
+              'OAuth state mismatch. Possible CSRF attack or browser session issue.',
+            ),
+          );
+        } else if (qs.get('code')) {
+          try {
+            const { tokens } = await client.getToken({
+              code: qs.get('code')!,
+              redirect_uri: redirectUri,
+            });
+            client.setCredentials(tokens);
+
+            // Retrieve and cache Google Account ID during authentication
+            try {
+              await fetchAndCacheUserInfo(client);
+            } catch (error) {
+              console.warn(
+                'Failed to retrieve Google Account ID during authentication:',
+                getErrorMessage(error),
+              );
+              // Don't fail the auth flow if Google Account ID retrieval fails
+            }
+
+            res.writeHead(HTTP_REDIRECT, { Location: SIGN_IN_SUCCESS_URL });
+            res.end();
+            resolve();
+          } catch (error) {
+            res.writeHead(HTTP_REDIRECT, { Location: SIGN_IN_FAILURE_URL });
+            res.end();
+            reject(
+              new FatalAuthenticationError(
+                `Failed to exchange authorization code for tokens: ${getErrorMessage(error)}`,
+              ),
+            );
+          }
+        } else {
+          reject(
+            new FatalAuthenticationError(
+              'No authorization code received from Google OAuth. Please try authenticating again.',
+            ),
+          );
+        }
+      } catch (e) {
+        // Provide more specific error message for unexpected errors during OAuth flow
+        if (e instanceof FatalAuthenticationError) {
+          reject(e);
+        } else {
+          reject(
+            new FatalAuthenticationError(
+              `Unexpected error during OAuth authentication: ${getErrorMessage(e)}`,
+            ),
+          );
+        }
+      } finally {
+        server.close();
+      }
+    });
+
+    server.listen(port, host, () => {
+      // Server started successfully
+    });
+
+    server.on('error', (err) => {
+      reject(
+        new FatalAuthenticationError(
+          `OAuth callback server error: ${getErrorMessage(err)}`,
+        ),
+      );
+    });
+  });
+
+  return {
+    authUrl,
+    loginCompletePromise,
+  };
+}
+
+export function getAvailablePort(): Promise<number> {
+  return new Promise((resolve, reject) => {
+    let port = 0;
+    try {
+      const portStr = process.env['OAUTH_CALLBACK_PORT'];
+      if (portStr) {
+        port = parseInt(portStr, 10);
+        if (isNaN(port) || port <= 0 || port > 65535) {
+          return reject(
+            new Error(`Invalid value for OAUTH_CALLBACK_PORT: "${portStr}"`),
+          );
+        }
+        return resolve(port);
+      }
+      const server = net.createServer();
+      server.listen(0, () => {
+        const address = server.address()! as net.AddressInfo;
+        port = address.port;
+      });
+      server.on('listening', () => {
+        server.close();
+        server.unref();
+      });
+      server.on('error', (e) => reject(e));
+      server.on('close', () => resolve(port));
+    } catch (e) {
+      reject(e);
+    }
+  });
+}
+
+async function loadCachedCredentials(client: OAuth2Client): Promise<boolean> {
+  const useEncryptedStorage = getUseEncryptedStorageFlag();
+  if (useEncryptedStorage) {
+    const credentials = await OAuthCredentialStorage.loadCredentials();
+    if (credentials) {
+      client.setCredentials(credentials);
+      return true;
+    }
+    return false;
+  }
+
+  const pathsToTry = [
+    Storage.getOAuthCredsPath(),
+    process.env['GOOGLE_APPLICATION_CREDENTIALS'],
+  ].filter((p): p is string => !!p);
+
+  for (const keyFile of pathsToTry) {
+    try {
+      const creds = await fs.readFile(keyFile, 'utf-8');
+      client.setCredentials(JSON.parse(creds));
+
+      // This will verify locally that the credentials look good.
+      const { token } = await client.getAccessToken();
+      if (!token) {
+        continue;
+      }
+
+      // This will check with the server to see if it hasn't been revoked.
+      await client.getTokenInfo(token);
+
+      return true;
+    } catch (error) {
+      // Log specific error for debugging, but continue trying other paths
+      console.debug(
+        `Failed to load credentials from ${keyFile}:`,
+        getErrorMessage(error),
+      );
+    }
+  }
+
+  return false;
+}
+
+async function cacheCredentials(credentials: Credentials) {
+  const filePath = Storage.getOAuthCredsPath();
+  await fs.mkdir(path.dirname(filePath), { recursive: true });
+
+  const credString = JSON.stringify(credentials, null, 2);
+  await fs.writeFile(filePath, credString, { mode: 0o600 });
+  try {
+    await fs.chmod(filePath, 0o600);
+  } catch {
+    /* empty */
+  }
+}
+
+export function clearOauthClientCache() {
+  oauthClientPromises.clear();
+}
+
+export async function clearCachedCredentialFile() {
+  try {
+    const useEncryptedStorage = getUseEncryptedStorageFlag();
+    if (useEncryptedStorage) {
+      await OAuthCredentialStorage.clearCredentials();
+    } else {
+      await fs.rm(Storage.getOAuthCredsPath(), { force: true });
+    }
+    // Clear the Google Account ID cache when credentials are cleared
+    await userAccountManager.clearCachedGoogleAccount();
+    // Clear the in-memory OAuth client cache to force re-authentication
+    clearOauthClientCache();
+
+    /**
+     * Also clear Qwen SharedTokenManager cache and credentials file to prevent stale credentials
+     * when switching between auth types
+     * TODO: We do not depend on code_assist, we'll have to build an independent auth-cleaning procedure.
+     */
+    try {
+      const { SharedTokenManager } = await import(
+        '../qwen/sharedTokenManager.js'
+      );
+      const { clearQwenCredentials } = await import('../qwen/qwenOAuth2.js');
+
+      const sharedManager = SharedTokenManager.getInstance();
+      sharedManager.clearCache();
+
+      await clearQwenCredentials();
+    } catch (qwenError) {
+      console.debug('Could not clear Qwen credentials:', qwenError);
+    }
+  } catch (e) {
+    console.error('Failed to clear cached credentials:', e);
+  }
+}
+
+async function fetchAndCacheUserInfo(client: OAuth2Client): Promise<void> {
+  try {
+    const { token } = await client.getAccessToken();
+    if (!token) {
+      return;
+    }
+
+    const response = await fetch(
+      'https://www.googleapis.com/oauth2/v2/userinfo',
+      {
+        headers: {
+          Authorization: `Bearer ${token}`,
+        },
+      },
+    );
+
+    if (!response.ok) {
+      console.error(
+        'Failed to fetch user info:',
+        response.status,
+        response.statusText,
+      );
+      return;
+    }
+
+    const userInfo = await response.json();
+    await userAccountManager.cacheGoogleAccount(userInfo.email);
+  } catch (error) {
+    console.error('Error retrieving user info:', error);
+  }
+}
+
+// Helper to ensure test isolation
+export function resetOauthClientForTesting() {
+  oauthClientPromises.clear();
+}

packages/core/src/code_assist/server.test.ts

@@ -0,0 +1,255 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { beforeEach, describe, it, expect, vi } from 'vitest';
+import { CodeAssistServer } from './server.js';
+import { OAuth2Client } from 'google-auth-library';
+import { UserTierId } from './types.js';
+
+vi.mock('google-auth-library');
+
+describe('CodeAssistServer', () => {
+  beforeEach(() => {
+    vi.resetAllMocks();
+  });
+
+  it('should be able to be constructed', () => {
+    const auth = new OAuth2Client();
+    const server = new CodeAssistServer(
+      auth,
+      'test-project',
+      {},
+      'test-session',
+      UserTierId.FREE,
+    );
+    expect(server).toBeInstanceOf(CodeAssistServer);
+  });
+
+  it('should call the generateContent endpoint', async () => {
+    const client = new OAuth2Client();
+    const server = new CodeAssistServer(
+      client,
+      'test-project',
+      {},
+      'test-session',
+      UserTierId.FREE,
+    );
+    const mockResponse = {
+      response: {
+        candidates: [
+          {
+            index: 0,
+            content: {
+              role: 'model',
+              parts: [{ text: 'response' }],
+            },
+            finishReason: 'STOP',
+            safetyRatings: [],
+          },
+        ],
+      },
+    };
+    vi.spyOn(server, 'requestPost').mockResolvedValue(mockResponse);
+
+    const response = await server.generateContent(
+      {
+        model: 'test-model',
+        contents: [{ role: 'user', parts: [{ text: 'request' }] }],
+      },
+      'user-prompt-id',
+    );
+
+    expect(server.requestPost).toHaveBeenCalledWith(
+      'generateContent',
+      expect.any(Object),
+      undefined,
+    );
+    expect(response.candidates?.[0]?.content?.parts?.[0]?.text).toBe(
+      'response',
+    );
+  });
+
+  it('should call the generateContentStream endpoint', async () => {
+    const client = new OAuth2Client();
+    const server = new CodeAssistServer(
+      client,
+      'test-project',
+      {},
+      'test-session',
+      UserTierId.FREE,
+    );
+    const mockResponse = (async function* () {
+      yield {
+        response: {
+          candidates: [
+            {
+              index: 0,
+              content: {
+                role: 'model',
+                parts: [{ text: 'response' }],
+              },
+              finishReason: 'STOP',
+              safetyRatings: [],
+            },
+          ],
+        },
+      };
+    })();
+    vi.spyOn(server, 'requestStreamingPost').mockResolvedValue(mockResponse);
+
+    const stream = await server.generateContentStream(
+      {
+        model: 'test-model',
+        contents: [{ role: 'user', parts: [{ text: 'request' }] }],
+      },
+      'user-prompt-id',
+    );
+
+    for await (const res of stream) {
+      expect(server.requestStreamingPost).toHaveBeenCalledWith(
+        'streamGenerateContent',
+        expect.any(Object),
+        undefined,
+      );
+      expect(res.candidates?.[0]?.content?.parts?.[0]?.text).toBe('response');
+    }
+  });
+
+  it('should call the onboardUser endpoint', async () => {
+    const client = new OAuth2Client();
+    const server = new CodeAssistServer(
+      client,
+      'test-project',
+      {},
+      'test-session',
+      UserTierId.FREE,
+    );
+    const mockResponse = {
+      name: 'operations/123',
+      done: true,
+    };
+    vi.spyOn(server, 'requestPost').mockResolvedValue(mockResponse);
+
+    const response = await server.onboardUser({
+      tierId: 'test-tier',
+      cloudaicompanionProject: 'test-project',
+      metadata: {},
+    });
+
+    expect(server.requestPost).toHaveBeenCalledWith(
+      'onboardUser',
+      expect.any(Object),
+    );
+    expect(response.name).toBe('operations/123');
+  });
+
+  it('should call the loadCodeAssist endpoint', async () => {
+    const client = new OAuth2Client();
+    const server = new CodeAssistServer(
+      client,
+      'test-project',
+      {},
+      'test-session',
+      UserTierId.FREE,
+    );
+    const mockResponse = {
+      currentTier: {
+        id: UserTierId.FREE,
+        name: 'Free',
+        description: 'free tier',
+      },
+      allowedTiers: [],
+      ineligibleTiers: [],
+      cloudaicompanionProject: 'projects/test',
+    };
+    vi.spyOn(server, 'requestPost').mockResolvedValue(mockResponse);
+
+    const response = await server.loadCodeAssist({
+      metadata: {},
+    });
+
+    expect(server.requestPost).toHaveBeenCalledWith(
+      'loadCodeAssist',
+      expect.any(Object),
+    );
+    expect(response).toEqual(mockResponse);
+  });
+
+  it('should return 0 for countTokens', async () => {
+    const client = new OAuth2Client();
+    const server = new CodeAssistServer(
+      client,
+      'test-project',
+      {},
+      'test-session',
+      UserTierId.FREE,
+    );
+    const mockResponse = {
+      totalTokens: 100,
+    };
+    vi.spyOn(server, 'requestPost').mockResolvedValue(mockResponse);
+
+    const response = await server.countTokens({
+      model: 'test-model',
+      contents: [{ role: 'user', parts: [{ text: 'request' }] }],
+    });
+    expect(response.totalTokens).toBe(100);
+  });
+
+  it('should throw an error for embedContent', async () => {
+    const client = new OAuth2Client();
+    const server = new CodeAssistServer(
+      client,
+      'test-project',
+      {},
+      'test-session',
+      UserTierId.FREE,
+    );
+    await expect(
+      server.embedContent({
+        model: 'test-model',
+        contents: [{ role: 'user', parts: [{ text: 'request' }] }],
+      }),
+    ).rejects.toThrow();
+  });
+
+  it('should handle VPC-SC errors when calling loadCodeAssist', async () => {
+    const client = new OAuth2Client();
+    const server = new CodeAssistServer(
+      client,
+      'test-project',
+      {},
+      'test-session',
+      UserTierId.FREE,
+    );
+    const mockVpcScError = {
+      response: {
+        data: {
+          error: {
+            details: [
+              {
+                reason: 'SECURITY_POLICY_VIOLATED',
+              },
+            ],
+          },
+        },
+      },
+    };
+    vi.spyOn(server, 'requestPost').mockRejectedValue(mockVpcScError);
+
+    const response = await server.loadCodeAssist({
+      metadata: {},
+    });
+
+    expect(server.requestPost).toHaveBeenCalledWith(
+      'loadCodeAssist',
+      expect.any(Object),
+    );
+    expect(response).toEqual({
+      currentTier: { id: UserTierId.STANDARD },
+    });
+  });
+});

packages/core/src/code_assist/server.ts

@@ -0,0 +1,253 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import type { OAuth2Client } from 'google-auth-library';
+import type {
+  CodeAssistGlobalUserSettingResponse,
+  GoogleRpcResponse,
+  LoadCodeAssistRequest,
+  LoadCodeAssistResponse,
+  LongRunningOperationResponse,
+  OnboardUserRequest,
+  SetCodeAssistGlobalUserSettingRequest,
+} from './types.js';
+import type {
+  CountTokensParameters,
+  CountTokensResponse,
+  EmbedContentParameters,
+  EmbedContentResponse,
+  GenerateContentParameters,
+  GenerateContentResponse,
+} from '@google/genai';
+import * as readline from 'node:readline';
+import type { ContentGenerator } from '../core/contentGenerator.js';
+import { UserTierId } from './types.js';
+import type {
+  CaCountTokenResponse,
+  CaGenerateContentResponse,
+} from './converter.js';
+import {
+  fromCountTokenResponse,
+  fromGenerateContentResponse,
+  toCountTokenRequest,
+  toGenerateContentRequest,
+} from './converter.js';
+
+/** HTTP options to be used in each of the requests. */
+export interface HttpOptions {
+  /** Additional HTTP headers to be sent with the request. */
+  headers?: Record<string, string>;
+}
+
+export const CODE_ASSIST_ENDPOINT = 'https://localhost:0'; // Disable Google Code Assist API Request
+export const CODE_ASSIST_API_VERSION = 'v1internal';
+
+export class CodeAssistServer implements ContentGenerator {
+  constructor(
+    readonly client: OAuth2Client,
+    readonly projectId?: string,
+    readonly httpOptions: HttpOptions = {},
+    readonly sessionId?: string,
+    readonly userTier?: UserTierId,
+  ) {}
+
+  async generateContentStream(
+    req: GenerateContentParameters,
+    userPromptId: string,
+  ): Promise<AsyncGenerator<GenerateContentResponse>> {
+    const resps = await this.requestStreamingPost<CaGenerateContentResponse>(
+      'streamGenerateContent',
+      toGenerateContentRequest(
+        req,
+        userPromptId,
+        this.projectId,
+        this.sessionId,
+      ),
+      req.config?.abortSignal,
+    );
+    return (async function* (): AsyncGenerator<GenerateContentResponse> {
+      for await (const resp of resps) {
+        yield fromGenerateContentResponse(resp);
+      }
+    })();
+  }
+
+  async generateContent(
+    req: GenerateContentParameters,
+    userPromptId: string,
+  ): Promise<GenerateContentResponse> {
+    const resp = await this.requestPost<CaGenerateContentResponse>(
+      'generateContent',
+      toGenerateContentRequest(
+        req,
+        userPromptId,
+        this.projectId,
+        this.sessionId,
+      ),
+      req.config?.abortSignal,
+    );
+    return fromGenerateContentResponse(resp);
+  }
+
+  async onboardUser(
+    req: OnboardUserRequest,
+  ): Promise<LongRunningOperationResponse> {
+    return await this.requestPost<LongRunningOperationResponse>(
+      'onboardUser',
+      req,
+    );
+  }
+
+  async loadCodeAssist(
+    req: LoadCodeAssistRequest,
+  ): Promise<LoadCodeAssistResponse> {
+    try {
+      return await this.requestPost<LoadCodeAssistResponse>(
+        'loadCodeAssist',
+        req,
+      );
+    } catch (e) {
+      if (isVpcScAffectedUser(e)) {
+        return {
+          currentTier: { id: UserTierId.STANDARD },
+        };
+      } else {
+        throw e;
+      }
+    }
+  }
+
+  async getCodeAssistGlobalUserSetting(): Promise<CodeAssistGlobalUserSettingResponse> {
+    return await this.requestGet<CodeAssistGlobalUserSettingResponse>(
+      'getCodeAssistGlobalUserSetting',
+    );
+  }
+
+  async setCodeAssistGlobalUserSetting(
+    req: SetCodeAssistGlobalUserSettingRequest,
+  ): Promise<CodeAssistGlobalUserSettingResponse> {
+    return await this.requestPost<CodeAssistGlobalUserSettingResponse>(
+      'setCodeAssistGlobalUserSetting',
+      req,
+    );
+  }
+
+  async countTokens(req: CountTokensParameters): Promise<CountTokensResponse> {
+    const resp = await this.requestPost<CaCountTokenResponse>(
+      'countTokens',
+      toCountTokenRequest(req),
+    );
+    return fromCountTokenResponse(resp);
+  }
+
+  async embedContent(
+    _req: EmbedContentParameters,
+  ): Promise<EmbedContentResponse> {
+    throw Error();
+  }
+
+  async requestPost<T>(
+    method: string,
+    req: object,
+    signal?: AbortSignal,
+  ): Promise<T> {
+    const res = await this.client.request({
+      url: this.getMethodUrl(method),
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        ...this.httpOptions.headers,
+      },
+      responseType: 'json',
+      body: JSON.stringify(req),
+      signal,
+    });
+    return res.data as T;
+  }
+
+  async requestGet<T>(method: string, signal?: AbortSignal): Promise<T> {
+    const res = await this.client.request({
+      url: this.getMethodUrl(method),
+      method: 'GET',
+      headers: {
+        'Content-Type': 'application/json',
+        ...this.httpOptions.headers,
+      },
+      responseType: 'json',
+      signal,
+    });
+    return res.data as T;
+  }
+
+  async requestStreamingPost<T>(
+    method: string,
+    req: object,
+    signal?: AbortSignal,
+  ): Promise<AsyncGenerator<T>> {
+    const res = await this.client.request({
+      url: this.getMethodUrl(method),
+      method: 'POST',
+      params: {
+        alt: 'sse',
+      },
+      headers: {
+        'Content-Type': 'application/json',
+        ...this.httpOptions.headers,
+      },
+      responseType: 'stream',
+      body: JSON.stringify(req),
+      signal,
+    });
+
+    return (async function* (): AsyncGenerator<T> {
+      const rl = readline.createInterface({
+        input: res.data as NodeJS.ReadableStream,
+        crlfDelay: Infinity, // Recognizes '\r\n' and '\n' as line breaks
+      });
+
+      let bufferedLines: string[] = [];
+      for await (const line of rl) {
+        // blank lines are used to separate JSON objects in the stream
+        if (line === '') {
+          if (bufferedLines.length === 0) {
+            continue; // no data to yield
+          }
+          yield JSON.parse(bufferedLines.join('\n')) as T;
+          bufferedLines = []; // Reset the buffer after yielding
+        } else if (line.startsWith('data: ')) {
+          bufferedLines.push(line.slice(6).trim());
+        } else {
+          throw new Error(`Unexpected line format in response: ${line}`);
+        }
+      }
+    })();
+  }
+
+  getMethodUrl(method: string): string {
+    const endpoint =
+      process.env['CODE_ASSIST_ENDPOINT'] ?? CODE_ASSIST_ENDPOINT;
+    return `${endpoint}/${CODE_ASSIST_API_VERSION}:${method}`;
+  }
+}
+
+function isVpcScAffectedUser(error: unknown): boolean {
+  if (error && typeof error === 'object' && 'response' in error) {
+    const gaxiosError = error as {
+      response?: {
+        data?: unknown;
+      };
+    };
+    const response = gaxiosError.response?.data as
+      | GoogleRpcResponse
+      | undefined;
+    if (Array.isArray(response?.error?.details)) {
+      return response.error.details.some(
+        (detail) => detail.reason === 'SECURITY_POLICY_VIOLATED',
+      );
+    }
+  }
+  return false;
+}

packages/core/src/code_assist/setup.test.ts

@@ -0,0 +1,224 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import { setupUser, ProjectIdRequiredError } from './setup.js';
+import { CodeAssistServer } from '../code_assist/server.js';
+import type { OAuth2Client } from 'google-auth-library';
+import type { GeminiUserTier } from './types.js';
+import { UserTierId } from './types.js';
+
+vi.mock('../code_assist/server.js');
+
+const mockPaidTier: GeminiUserTier = {
+  id: UserTierId.STANDARD,
+  name: 'paid',
+  description: 'Paid tier',
+  isDefault: true,
+};
+
+const mockFreeTier: GeminiUserTier = {
+  id: UserTierId.FREE,
+  name: 'free',
+  description: 'Free tier',
+  isDefault: true,
+};
+
+describe('setupUser for existing user', () => {
+  let mockLoad: ReturnType<typeof vi.fn>;
+  let mockOnboardUser: ReturnType<typeof vi.fn>;
+
+  beforeEach(() => {
+    vi.resetAllMocks();
+    mockLoad = vi.fn();
+    mockOnboardUser = vi.fn().mockResolvedValue({
+      done: true,
+      response: {
+        cloudaicompanionProject: {
+          id: 'server-project',
+        },
+      },
+    });
+    vi.mocked(CodeAssistServer).mockImplementation(
+      () =>
+        ({
+          loadCodeAssist: mockLoad,
+          onboardUser: mockOnboardUser,
+        }) as unknown as CodeAssistServer,
+    );
+  });
+
+  afterEach(() => {
+    vi.unstubAllEnvs();
+  });
+
+  it('should use GOOGLE_CLOUD_PROJECT when set and project from server is undefined', async () => {
+    vi.stubEnv('GOOGLE_CLOUD_PROJECT', 'test-project');
+    mockLoad.mockResolvedValue({
+      currentTier: mockPaidTier,
+    });
+    await setupUser({} as OAuth2Client);
+    expect(CodeAssistServer).toHaveBeenCalledWith(
+      {},
+      'test-project',
+      {},
+      '',
+      undefined,
+    );
+  });
+
+  it('should ignore GOOGLE_CLOUD_PROJECT when project from server is set', async () => {
+    vi.stubEnv('GOOGLE_CLOUD_PROJECT', 'test-project');
+    mockLoad.mockResolvedValue({
+      cloudaicompanionProject: 'server-project',
+      currentTier: mockPaidTier,
+    });
+    const projectId = await setupUser({} as OAuth2Client);
+    expect(CodeAssistServer).toHaveBeenCalledWith(
+      {},
+      'test-project',
+      {},
+      '',
+      undefined,
+    );
+    expect(projectId).toEqual({
+      projectId: 'server-project',
+      userTier: 'standard-tier',
+    });
+  });
+
+  it('should throw ProjectIdRequiredError when no project ID is available', async () => {
+    vi.stubEnv('GOOGLE_CLOUD_PROJECT', '');
+    // And the server itself requires a project ID internally
+    vi.mocked(CodeAssistServer).mockImplementation(() => {
+      throw new ProjectIdRequiredError();
+    });
+
+    await expect(setupUser({} as OAuth2Client)).rejects.toThrow(
+      ProjectIdRequiredError,
+    );
+  });
+});
+
+describe('setupUser for new user', () => {
+  let mockLoad: ReturnType<typeof vi.fn>;
+  let mockOnboardUser: ReturnType<typeof vi.fn>;
+
+  beforeEach(() => {
+    vi.resetAllMocks();
+    mockLoad = vi.fn();
+    mockOnboardUser = vi.fn().mockResolvedValue({
+      done: true,
+      response: {
+        cloudaicompanionProject: {
+          id: 'server-project',
+        },
+      },
+    });
+    vi.mocked(CodeAssistServer).mockImplementation(
+      () =>
+        ({
+          loadCodeAssist: mockLoad,
+          onboardUser: mockOnboardUser,
+        }) as unknown as CodeAssistServer,
+    );
+  });
+
+  afterEach(() => {
+    vi.unstubAllEnvs();
+  });
+
+  it('should use GOOGLE_CLOUD_PROJECT when set and onboard a new paid user', async () => {
+    vi.stubEnv('GOOGLE_CLOUD_PROJECT', 'test-project');
+    mockLoad.mockResolvedValue({
+      allowedTiers: [mockPaidTier],
+    });
+    const userData = await setupUser({} as OAuth2Client);
+    expect(CodeAssistServer).toHaveBeenCalledWith(
+      {},
+      'test-project',
+      {},
+      '',
+      undefined,
+    );
+    expect(mockLoad).toHaveBeenCalled();
+    expect(mockOnboardUser).toHaveBeenCalledWith({
+      tierId: 'standard-tier',
+      cloudaicompanionProject: 'test-project',
+      metadata: {
+        ideType: 'IDE_UNSPECIFIED',
+        platform: 'PLATFORM_UNSPECIFIED',
+        pluginType: 'GEMINI',
+        duetProject: 'test-project',
+      },
+    });
+    expect(userData).toEqual({
+      projectId: 'server-project',
+      userTier: 'standard-tier',
+    });
+  });
+
+  it('should onboard a new free user when GOOGLE_CLOUD_PROJECT is not set', async () => {
+    vi.stubEnv('GOOGLE_CLOUD_PROJECT', '');
+    mockLoad.mockResolvedValue({
+      allowedTiers: [mockFreeTier],
+    });
+    const userData = await setupUser({} as OAuth2Client);
+    expect(CodeAssistServer).toHaveBeenCalledWith(
+      {},
+      undefined,
+      {},
+      '',
+      undefined,
+    );
+    expect(mockLoad).toHaveBeenCalled();
+    expect(mockOnboardUser).toHaveBeenCalledWith({
+      tierId: 'free-tier',
+      cloudaicompanionProject: undefined,
+      metadata: {
+        ideType: 'IDE_UNSPECIFIED',
+        platform: 'PLATFORM_UNSPECIFIED',
+        pluginType: 'GEMINI',
+      },
+    });
+    expect(userData).toEqual({
+      projectId: 'server-project',
+      userTier: 'free-tier',
+    });
+  });
+
+  it('should use GOOGLE_CLOUD_PROJECT when onboard response has no project ID', async () => {
+    vi.stubEnv('GOOGLE_CLOUD_PROJECT', 'test-project');
+    mockLoad.mockResolvedValue({
+      allowedTiers: [mockPaidTier],
+    });
+    mockOnboardUser.mockResolvedValue({
+      done: true,
+      response: {
+        cloudaicompanionProject: undefined,
+      },
+    });
+    const userData = await setupUser({} as OAuth2Client);
+    expect(userData).toEqual({
+      projectId: 'test-project',
+      userTier: 'standard-tier',
+    });
+  });
+
+  it('should throw ProjectIdRequiredError when no project ID is available', async () => {
+    vi.stubEnv('GOOGLE_CLOUD_PROJECT', '');
+    mockLoad.mockResolvedValue({
+      allowedTiers: [mockPaidTier],
+    });
+    mockOnboardUser.mockResolvedValue({
+      done: true,
+      response: {},
+    });
+    await expect(setupUser({} as OAuth2Client)).rejects.toThrow(
+      ProjectIdRequiredError,
+    );
+  });
+});

packages/core/src/code_assist/setup.ts

@@ -0,0 +1,124 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import type {
+  ClientMetadata,
+  GeminiUserTier,
+  LoadCodeAssistResponse,
+  OnboardUserRequest,
+} from './types.js';
+import { UserTierId } from './types.js';
+import { CodeAssistServer } from './server.js';
+import type { OAuth2Client } from 'google-auth-library';
+
+export class ProjectIdRequiredError extends Error {
+  constructor() {
+    super(
+      'This account requires setting the GOOGLE_CLOUD_PROJECT env var. See https://goo.gle/gemini-cli-auth-docs#workspace-gca',
+    );
+  }
+}
+
+export interface UserData {
+  projectId: string;
+  userTier: UserTierId;
+}
+
+/**
+ *
+ * @param projectId the user's project id, if any
+ * @returns the user's actual project id
+ */
+export async function setupUser(client: OAuth2Client): Promise<UserData> {
+  const projectId = process.env['GOOGLE_CLOUD_PROJECT'] || undefined;
+  const caServer = new CodeAssistServer(client, projectId, {}, '', undefined);
+  const coreClientMetadata: ClientMetadata = {
+    ideType: 'IDE_UNSPECIFIED',
+    platform: 'PLATFORM_UNSPECIFIED',
+    pluginType: 'GEMINI',
+  };
+
+  const loadRes = await caServer.loadCodeAssist({
+    cloudaicompanionProject: projectId,
+    metadata: {
+      ...coreClientMetadata,
+      duetProject: projectId,
+    },
+  });
+
+  if (loadRes.currentTier) {
+    if (!loadRes.cloudaicompanionProject) {
+      if (projectId) {
+        return {
+          projectId,
+          userTier: loadRes.currentTier.id,
+        };
+      }
+      throw new ProjectIdRequiredError();
+    }
+    return {
+      projectId: loadRes.cloudaicompanionProject,
+      userTier: loadRes.currentTier.id,
+    };
+  }
+
+  const tier = getOnboardTier(loadRes);
+
+  let onboardReq: OnboardUserRequest;
+  if (tier.id === UserTierId.FREE) {
+    // The free tier uses a managed google cloud project. Setting a project in the `onboardUser` request causes a `Precondition Failed` error.
+    onboardReq = {
+      tierId: tier.id,
+      cloudaicompanionProject: undefined,
+      metadata: coreClientMetadata,
+    };
+  } else {
+    onboardReq = {
+      tierId: tier.id,
+      cloudaicompanionProject: projectId,
+      metadata: {
+        ...coreClientMetadata,
+        duetProject: projectId,
+      },
+    };
+  }
+
+  // Poll onboardUser until long running operation is complete.
+  let lroRes = await caServer.onboardUser(onboardReq);
+  while (!lroRes.done) {
+    await new Promise((f) => setTimeout(f, 5000));
+    lroRes = await caServer.onboardUser(onboardReq);
+  }
+
+  if (!lroRes.response?.cloudaicompanionProject?.id) {
+    if (projectId) {
+      return {
+        projectId,
+        userTier: tier.id,
+      };
+    }
+    throw new ProjectIdRequiredError();
+  }
+
+  return {
+    projectId: lroRes.response.cloudaicompanionProject.id,
+    userTier: tier.id,
+  };
+}
+
+function getOnboardTier(res: LoadCodeAssistResponse): GeminiUserTier {
+  for (const tier of res.allowedTiers || []) {
+    if (tier.isDefault) {
+      return tier;
+    }
+  }
+  return {
+    name: '',
+    description: '',
+    id: UserTierId.LEGACY,
+    userDefinedCloudaicompanionProject: true,
+  };
+}

packages/core/src/code_assist/types.ts

@@ -0,0 +1,201 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+export interface ClientMetadata {
+  ideType?: ClientMetadataIdeType;
+  ideVersion?: string;
+  pluginVersion?: string;
+  platform?: ClientMetadataPlatform;
+  updateChannel?: string;
+  duetProject?: string;
+  pluginType?: ClientMetadataPluginType;
+  ideName?: string;
+}
+
+export type ClientMetadataIdeType =
+  | 'IDE_UNSPECIFIED'
+  | 'VSCODE'
+  | 'INTELLIJ'
+  | 'VSCODE_CLOUD_WORKSTATION'
+  | 'INTELLIJ_CLOUD_WORKSTATION'
+  | 'CLOUD_SHELL';
+export type ClientMetadataPlatform =
+  | 'PLATFORM_UNSPECIFIED'
+  | 'DARWIN_AMD64'
+  | 'DARWIN_ARM64'
+  | 'LINUX_AMD64'
+  | 'LINUX_ARM64'
+  | 'WINDOWS_AMD64';
+export type ClientMetadataPluginType =
+  | 'PLUGIN_UNSPECIFIED'
+  | 'CLOUD_CODE'
+  | 'GEMINI'
+  | 'AIPLUGIN_INTELLIJ'
+  | 'AIPLUGIN_STUDIO';
+
+export interface LoadCodeAssistRequest {
+  cloudaicompanionProject?: string;
+  metadata: ClientMetadata;
+}
+
+/**
+ * Represents LoadCodeAssistResponse proto json field
+ * http://google3/google/internal/cloud/code/v1internal/cloudcode.proto;l=224
+ */
+export interface LoadCodeAssistResponse {
+  currentTier?: GeminiUserTier | null;
+  allowedTiers?: GeminiUserTier[] | null;
+  ineligibleTiers?: IneligibleTier[] | null;
+  cloudaicompanionProject?: string | null;
+}
+
+/**
+ * GeminiUserTier reflects the structure received from the CodeAssist when calling LoadCodeAssist.
+ */
+export interface GeminiUserTier {
+  id: UserTierId;
+  name?: string;
+  description?: string;
+  // This value is used to declare whether a given tier requires the user to configure the project setting on the IDE settings or not.
+  userDefinedCloudaicompanionProject?: boolean | null;
+  isDefault?: boolean;
+  privacyNotice?: PrivacyNotice;
+  hasAcceptedTos?: boolean;
+  hasOnboardedPreviously?: boolean;
+}
+
+/**
+ * Includes information specifying the reasons for a user's ineligibility for a specific tier.
+ * @param reasonCode mnemonic code representing the reason for in-eligibility.
+ * @param reasonMessage message to display to the user.
+ * @param tierId id of the tier.
+ * @param tierName name of the tier.
+ */
+export interface IneligibleTier {
+  reasonCode: IneligibleTierReasonCode;
+  reasonMessage: string;
+  tierId: UserTierId;
+  tierName: string;
+}
+
+/**
+ * List of predefined reason codes when a tier is blocked from a specific tier.
+ * https://source.corp.google.com/piper///depot/google3/google/internal/cloud/code/v1internal/cloudcode.proto;l=378
+ */
+export enum IneligibleTierReasonCode {
+  // go/keep-sorted start
+  DASHER_USER = 'DASHER_USER',
+  INELIGIBLE_ACCOUNT = 'INELIGIBLE_ACCOUNT',
+  NON_USER_ACCOUNT = 'NON_USER_ACCOUNT',
+  RESTRICTED_AGE = 'RESTRICTED_AGE',
+  RESTRICTED_NETWORK = 'RESTRICTED_NETWORK',
+  UNKNOWN = 'UNKNOWN',
+  UNKNOWN_LOCATION = 'UNKNOWN_LOCATION',
+  UNSUPPORTED_LOCATION = 'UNSUPPORTED_LOCATION',
+  // go/keep-sorted end
+}
+/**
+ * UserTierId represents IDs returned from the Cloud Code Private API representing a user's tier
+ *
+ * //depot/google3/cloud/developer_experience/cloudcode/pa/service/usertier.go;l=16
+ */
+export enum UserTierId {
+  FREE = 'free-tier',
+  LEGACY = 'legacy-tier',
+  STANDARD = 'standard-tier',
+}
+
+/**
+ * PrivacyNotice reflects the structure received from the CodeAssist in regards to a tier
+ * privacy notice.
+ */
+export interface PrivacyNotice {
+  showNotice: boolean;
+  noticeText?: string;
+}
+
+/**
+ * Proto signature of OnboardUserRequest as payload to OnboardUser call
+ */
+export interface OnboardUserRequest {
+  tierId: string | undefined;
+  cloudaicompanionProject: string | undefined;
+  metadata: ClientMetadata | undefined;
+}
+
+/**
+ * Represents LongRunningOperation proto
+ * http://google3/google/longrunning/operations.proto;rcl=698857719;l=107
+ */
+export interface LongRunningOperationResponse {
+  name: string;
+  done?: boolean;
+  response?: OnboardUserResponse;
+}
+
+/**
+ * Represents OnboardUserResponse proto
+ * http://google3/google/internal/cloud/code/v1internal/cloudcode.proto;l=215
+ */
+export interface OnboardUserResponse {
+  // tslint:disable-next-line:enforce-name-casing This is the name of the field in the proto.
+  cloudaicompanionProject?: {
+    id: string;
+    name: string;
+  };
+}
+
+/**
+ * Status code of user license status
+ * it does not strictly correspond to the proto
+ * Error value is an additional value assigned to error responses from OnboardUser
+ */
+export enum OnboardUserStatusCode {
+  Default = 'DEFAULT',
+  Notice = 'NOTICE',
+  Warning = 'WARNING',
+  Error = 'ERROR',
+}
+
+/**
+ * Status of user onboarded to gemini
+ */
+export interface OnboardUserStatus {
+  statusCode: OnboardUserStatusCode;
+  displayMessage: string;
+  helpLink: HelpLinkUrl | undefined;
+}
+
+export interface HelpLinkUrl {
+  description: string;
+  url: string;
+}
+
+export interface SetCodeAssistGlobalUserSettingRequest {
+  cloudaicompanionProject?: string;
+  freeTierDataCollectionOptin: boolean;
+}
+
+export interface CodeAssistGlobalUserSettingResponse {
+  cloudaicompanionProject?: string;
+  freeTierDataCollectionOptin: boolean;
+}
+
+/**
+ * Relevant fields that can be returned from a Google RPC response
+ */
+export interface GoogleRpcResponse {
+  error?: {
+    details?: GoogleRpcErrorInfo[];
+  };
+}
+
+/**
+ * Relevant fields that can be returned in the details of an error returned from GoogleRPCs
+ */
+interface GoogleRpcErrorInfo {
+  reason?: string;
+}

packages/core/src/config/config.test.ts

@@ -283,6 +283,23 @@ describe('Server Config (config.ts)', () => {
       expect(config.isInFallbackMode()).toBe(false);
     });
 
+    it('should strip thoughts when switching from GenAI to Vertex', async () => {
+      const config = new Config(baseParams);
+
+      vi.mocked(createContentGeneratorConfig).mockImplementation(
+        (_: Config, authType: AuthType | undefined) =>
+          ({ authType }) as unknown as ContentGeneratorConfig,
+      );
+
+      await config.refreshAuth(AuthType.USE_GEMINI);
+
+      await config.refreshAuth(AuthType.LOGIN_WITH_GOOGLE);
+
+      expect(
+        config.getGeminiClient().stripThoughtsFromHistory,
+      ).toHaveBeenCalledWith();
+    });
+
     it('should not strip thoughts when switching from Vertex to GenAI', async () => {
       const config = new Config(baseParams);
 

packages/core/src/config/config.ts

@@ -16,7 +16,6 @@ import { ProxyAgent, setGlobalDispatcher } from 'undici';
 import type {
   ContentGenerator,
   ContentGeneratorConfig,
-  AuthType,
 } from '../core/contentGenerator.js';
 import type { FallbackModelHandler } from '../fallback/types.js';
 import type { MCPOAuthConfig } from '../mcp/oauth-provider.js';
@@ -27,6 +26,7 @@ import type { AnyToolInvocation } from '../tools/tools.js';
 import { BaseLlmClient } from '../core/baseLlmClient.js';
 import { GeminiClient } from '../core/client.js';
 import {
+  AuthType,
   createContentGenerator,
   createContentGeneratorConfig,
 } from '../core/contentGenerator.js';
@@ -684,6 +684,16 @@ export class Config {
   }
 
   async refreshAuth(authMethod: AuthType, isInitialAuth?: boolean) {
+    // Vertex and Genai have incompatible encryption and sending history with
+    // throughtSignature from Genai to Vertex will fail, we need to strip them
+    if (
+      this.contentGeneratorConfig?.authType === AuthType.USE_GEMINI &&
+      authMethod === AuthType.LOGIN_WITH_GOOGLE
+    ) {
+      // Restore the conversation history to the new client
+      this.geminiClient.stripThoughtsFromHistory();
+    }
+
     const newContentGeneratorConfig = createContentGeneratorConfig(
       this,
       authMethod,

packages/core/src/config/flashFallback.test.ts

@@ -31,7 +31,7 @@ describe('Flash Model Fallback Configuration', () => {
       config as unknown as { contentGeneratorConfig: unknown }
     ).contentGeneratorConfig = {
       model: DEFAULT_GEMINI_MODEL,
-      authType: 'gemini-api-key',
+      authType: 'oauth-personal',
     };
   });
 

packages/core/src/core/__tests__/openaiTimeoutHandling.test.ts

@@ -73,7 +73,6 @@ describe('OpenAIContentGenerator Timeout Handling', () => {
       }),
       buildClient: vi.fn().mockReturnValue(mockOpenAIClient),
       buildRequest: vi.fn().mockImplementation((req) => req),
-      getDefaultGenerationConfig: vi.fn().mockReturnValue({}),
     };
 
     // Create generator instance
@@ -300,7 +299,6 @@ describe('OpenAIContentGenerator Timeout Handling', () => {
         }),
         buildClient: vi.fn().mockReturnValue(mockOpenAIClient),
         buildRequest: vi.fn().mockImplementation((req) => req),
-        getDefaultGenerationConfig: vi.fn().mockReturnValue({}),
       };
 
       new OpenAIContentGenerator(
@@ -335,7 +333,6 @@ describe('OpenAIContentGenerator Timeout Handling', () => {
         }),
         buildClient: vi.fn().mockReturnValue(mockOpenAIClient),
         buildRequest: vi.fn().mockImplementation((req) => req),
-        getDefaultGenerationConfig: vi.fn().mockReturnValue({}),
       };
 
       new OpenAIContentGenerator(

packages/core/src/core/baseLlmClient.test.ts

@@ -146,11 +146,12 @@ describe('BaseLlmClient', () => {
       // Validate the parameters passed to the underlying generator
       expect(mockGenerateContent).toHaveBeenCalledTimes(1);
       expect(mockGenerateContent).toHaveBeenCalledWith(
-        expect.objectContaining({
+        {
           model: 'test-model',
           contents: defaultOptions.contents,
-          config: expect.objectContaining({
+          config: {
             abortSignal: defaultOptions.abortSignal,
+            topP: 0.8,
             tools: [
               {
                 functionDeclarations: [
@@ -162,8 +163,9 @@ describe('BaseLlmClient', () => {
                 ],
               },
             ],
-          }),
-        }),
+            // Crucial: systemInstruction should NOT be in the config object if not provided
+          },
+        },
         'test-prompt-id',
       );
     });
@@ -186,6 +188,7 @@ describe('BaseLlmClient', () => {
         expect.objectContaining({
           config: expect.objectContaining({
             temperature: 0.8,
+            topP: 0.8, // Default should remain if not overridden
             topK: 10,
             tools: expect.any(Array),
           }),

packages/core/src/core/baseLlmClient.ts

@@ -64,6 +64,11 @@ export interface GenerateJsonOptions {
  * A client dedicated to stateless, utility-focused LLM calls.
  */
 export class BaseLlmClient {
+  // Default configuration for utility tasks
+  private readonly defaultUtilityConfig: GenerateContentConfig = {
+    topP: 0.8,
+  };
+
   constructor(
     private readonly contentGenerator: ContentGenerator,
     private readonly config: Config,
@@ -84,6 +89,7 @@ export class BaseLlmClient {
 
     const requestConfig: GenerateContentConfig = {
       abortSignal,
+      ...this.defaultUtilityConfig,
       ...options.config,
       ...(systemInstruction && { systemInstruction }),
     };

packages/core/src/core/client.test.ts

@@ -15,7 +15,11 @@ import {
 } from 'vitest';
 
 import type { Content, GenerateContentResponse, Part } from '@google/genai';
-import { GeminiClient } from './client.js';
+import {
+  isThinkingDefault,
+  isThinkingSupported,
+  GeminiClient,
+} from './client.js';
 import { findCompressSplitPoint } from '../services/chatCompressionService.js';
 import {
   AuthType,
@@ -243,6 +247,40 @@ describe('findCompressSplitPoint', () => {
   });
 });
 
+describe('isThinkingSupported', () => {
+  it('should return true for gemini-2.5', () => {
+    expect(isThinkingSupported('gemini-2.5')).toBe(true);
+  });
+
+  it('should return true for gemini-2.5-pro', () => {
+    expect(isThinkingSupported('gemini-2.5-pro')).toBe(true);
+  });
+
+  it('should return false for other models', () => {
+    expect(isThinkingSupported('gemini-1.5-flash')).toBe(false);
+    expect(isThinkingSupported('some-other-model')).toBe(false);
+  });
+});
+
+describe('isThinkingDefault', () => {
+  it('should return false for gemini-2.5-flash-lite', () => {
+    expect(isThinkingDefault('gemini-2.5-flash-lite')).toBe(false);
+  });
+
+  it('should return true for gemini-2.5', () => {
+    expect(isThinkingDefault('gemini-2.5')).toBe(true);
+  });
+
+  it('should return true for gemini-2.5-pro', () => {
+    expect(isThinkingDefault('gemini-2.5-pro')).toBe(true);
+  });
+
+  it('should return false for other models', () => {
+    expect(isThinkingDefault('gemini-1.5-flash')).toBe(false);
+    expect(isThinkingDefault('some-other-model')).toBe(false);
+  });
+});
+
 describe('Gemini Client (client.ts)', () => {
   let mockContentGenerator: ContentGenerator;
   let mockConfig: Config;
@@ -2266,15 +2304,16 @@ ${JSON.stringify(
       );
 
       expect(mockContentGenerator.generateContent).toHaveBeenCalledWith(
-        expect.objectContaining({
+        {
           model: DEFAULT_GEMINI_FLASH_MODEL,
-          config: expect.objectContaining({
+          config: {
             abortSignal,
             systemInstruction: getCoreSystemPrompt(''),
             temperature: 0.5,
-          }),
+            topP: 0.8,
+          },
           contents,
-        }),
+        },
         'test-session-id',
       );
     });

packages/core/src/core/client.ts

@@ -15,7 +15,11 @@ import type {
 
 // Config
 import { ApprovalMode, type Config } from '../config/config.js';
-import { DEFAULT_GEMINI_FLASH_MODEL } from '../config/models.js';
+import {
+  DEFAULT_GEMINI_FLASH_MODEL,
+  DEFAULT_GEMINI_MODEL_AUTO,
+  DEFAULT_THINKING_MODE,
+} from '../config/models.js';
 
 // Core modules
 import type { ContentGenerator } from './contentGenerator.js';
@@ -74,10 +78,24 @@ import { type File, type IdeContext } from '../ide/types.js';
 // Fallback handling
 import { handleFallback } from '../fallback/handler.js';
 
+export function isThinkingSupported(model: string) {
+  return model.startsWith('gemini-2.5') || model === DEFAULT_GEMINI_MODEL_AUTO;
+}
+
+export function isThinkingDefault(model: string) {
+  if (model.startsWith('gemini-2.5-flash-lite')) {
+    return false;
+  }
+  return model.startsWith('gemini-2.5') || model === DEFAULT_GEMINI_MODEL_AUTO;
+}
+
 const MAX_TURNS = 100;
 
 export class GeminiClient {
   private chat?: GeminiChat;
+  private readonly generateContentConfig: GenerateContentConfig = {
+    topP: 0.8,
+  };
   private sessionTurnCount = 0;
 
   private readonly loopDetector: LoopDetectionService;
@@ -189,10 +207,20 @@ export class GeminiClient {
       const model = this.config.getModel();
       const systemInstruction = getCoreSystemPrompt(userMemory, model);
 
+      const config: GenerateContentConfig = { ...this.generateContentConfig };
+
+      if (isThinkingSupported(model)) {
+        config.thinkingConfig = {
+          includeThoughts: true,
+          thinkingBudget: DEFAULT_THINKING_MODE,
+        };
+      }
+
       return new GeminiChat(
         this.config,
         {
           systemInstruction,
+          ...config,
           tools,
         },
         history,
@@ -589,6 +617,11 @@ export class GeminiClient {
   ): Promise<GenerateContentResponse> {
     let currentAttemptModel: string = model;
 
+    const configToUse: GenerateContentConfig = {
+      ...this.generateContentConfig,
+      ...generationConfig,
+    };
+
     try {
       const userMemory = this.config.getUserMemory();
       const finalSystemInstruction = generationConfig.systemInstruction
@@ -597,7 +630,7 @@ export class GeminiClient {
 
       const requestConfig: GenerateContentConfig = {
         abortSignal,
-        ...generationConfig,
+        ...configToUse,
         systemInstruction: finalSystemInstruction,
       };
 
@@ -638,7 +671,7 @@ export class GeminiClient {
         `Error generating content via API with model ${currentAttemptModel}.`,
         {
           requestContents: contents,
-          requestConfig: generationConfig,
+          requestConfig: configToUse,
         },
         'generateContent-api',
       );

packages/core/src/core/contentGenerator.test.ts

@@ -5,19 +5,42 @@
  */
 
 import { describe, it, expect, vi } from 'vitest';
+import type { ContentGenerator } from './contentGenerator.js';
 import { createContentGenerator, AuthType } from './contentGenerator.js';
+import { createCodeAssistContentGenerator } from '../code_assist/codeAssist.js';
 import { GoogleGenAI } from '@google/genai';
 import type { Config } from '../config/config.js';
-import { LoggingContentGenerator } from './geminiContentGenerator/loggingContentGenerator.js';
+import { LoggingContentGenerator } from './loggingContentGenerator.js';
 
+vi.mock('../code_assist/codeAssist.js');
 vi.mock('@google/genai');
 
+const mockConfig = {
+  getCliVersion: vi.fn().mockReturnValue('1.0.0'),
+} as unknown as Config;
+
 describe('createContentGenerator', () => {
-  it('should create a Gemini content generator', async () => {
+  it('should create a CodeAssistContentGenerator', async () => {
+    const mockGenerator = {} as unknown as ContentGenerator;
+    vi.mocked(createCodeAssistContentGenerator).mockResolvedValue(
+      mockGenerator as never,
+    );
+    const generator = await createContentGenerator(
+      {
+        model: 'test-model',
+        authType: AuthType.LOGIN_WITH_GOOGLE,
+      },
+      mockConfig,
+    );
+    expect(createCodeAssistContentGenerator).toHaveBeenCalled();
+    expect(generator).toEqual(
+      new LoggingContentGenerator(mockGenerator, mockConfig),
+    );
+  });
+
+  it('should create a GoogleGenAI content generator', async () => {
     const mockConfig = {
       getUsageStatisticsEnabled: () => true,
-      getContentGeneratorConfig: () => ({}),
-      getCliVersion: () => '1.0.0',
     } as unknown as Config;
 
     const mockGenerator = {
@@ -42,17 +65,17 @@ describe('createContentGenerator', () => {
         },
       },
     });
-    // We expect it to be a LoggingContentGenerator wrapping a GeminiContentGenerator
-    expect(generator).toBeInstanceOf(LoggingContentGenerator);
-    const wrapped = (generator as LoggingContentGenerator).getWrapped();
-    expect(wrapped).toBeDefined();
+    expect(generator).toEqual(
+      new LoggingContentGenerator(
+        (mockGenerator as GoogleGenAI).models,
+        mockConfig,
+      ),
+    );
   });
 
-  it('should create a Gemini content generator with client install id logging disabled', async () => {
+  it('should create a GoogleGenAI content generator with client install id logging disabled', async () => {
     const mockConfig = {
       getUsageStatisticsEnabled: () => false,
-      getContentGeneratorConfig: () => ({}),
-      getCliVersion: () => '1.0.0',
     } as unknown as Config;
     const mockGenerator = {
       models: {},
@@ -75,6 +98,11 @@ describe('createContentGenerator', () => {
         },
       },
     });
-    expect(generator).toBeInstanceOf(LoggingContentGenerator);
+    expect(generator).toEqual(
+      new LoggingContentGenerator(
+        (mockGenerator as GoogleGenAI).models,
+        mockConfig,
+      ),
+    );
   });
 });

packages/core/src/core/contentGenerator.ts

@@ -12,9 +12,15 @@ import type {
   GenerateContentParameters,
   GenerateContentResponse,
 } from '@google/genai';
+import { GoogleGenAI } from '@google/genai';
+import { createCodeAssistContentGenerator } from '../code_assist/codeAssist.js';
 import { DEFAULT_QWEN_MODEL } from '../config/models.js';
 import type { Config } from '../config/config.js';
 
+import type { UserTierId } from '../code_assist/types.js';
+import { InstallationManager } from '../utils/installationManager.js';
+import { LoggingContentGenerator } from './loggingContentGenerator.js';
+
 /**
  * Interface abstracting the core functionalities for generating content and counting tokens.
  */
@@ -33,12 +39,14 @@ export interface ContentGenerator {
 
   embedContent(request: EmbedContentParameters): Promise<EmbedContentResponse>;
 
-  useSummarizedThinking(): boolean;
+  userTier?: UserTierId;
 }
 
 export enum AuthType {
+  LOGIN_WITH_GOOGLE = 'oauth-personal',
   USE_GEMINI = 'gemini-api-key',
   USE_VERTEX_AI = 'vertex-ai',
+  CLOUD_SHELL = 'cloud-shell',
   USE_OPENAI = 'openai',
   QWEN_OAUTH = 'qwen-oauth',
 }
@@ -51,9 +59,12 @@ export type ContentGeneratorConfig = {
   authType?: AuthType | undefined;
   enableOpenAILogging?: boolean;
   openAILoggingDir?: string;
-  timeout?: number; // Timeout configuration in milliseconds
-  maxRetries?: number; // Maximum retries for failed requests
-  disableCacheControl?: boolean; // Disable cache control for DashScope providers
+  // Timeout configuration in milliseconds
+  timeout?: number;
+  // Maximum retries for failed requests
+  maxRetries?: number;
+  // Disable cache control for DashScope providers
+  disableCacheControl?: boolean;
   samplingParams?: {
     top_p?: number;
     top_k?: number;
@@ -63,9 +74,6 @@ export type ContentGeneratorConfig = {
     temperature?: number;
     max_tokens?: number;
   };
-  reasoning?: {
-    effort?: 'low' | 'medium' | 'high';
-  };
   proxy?: string | undefined;
   userAgent?: string;
   // Schema compliance mode for tool definitions
@@ -115,14 +123,48 @@ export async function createContentGenerator(
   gcConfig: Config,
   isInitialAuth?: boolean,
 ): Promise<ContentGenerator> {
+  const version = process.env['CLI_VERSION'] || process.version;
+  const userAgent = `QwenCode/${version} (${process.platform}; ${process.arch})`;
+  const baseHeaders: Record<string, string> = {
+    'User-Agent': userAgent,
+  };
+
+  if (
+    config.authType === AuthType.LOGIN_WITH_GOOGLE ||
+    config.authType === AuthType.CLOUD_SHELL
+  ) {
+    const httpOptions = { headers: baseHeaders };
+    return new LoggingContentGenerator(
+      await createCodeAssistContentGenerator(
+        httpOptions,
+        config.authType,
+        gcConfig,
+      ),
+      gcConfig,
+    );
+  }
+
   if (
     config.authType === AuthType.USE_GEMINI ||
     config.authType === AuthType.USE_VERTEX_AI
   ) {
-    const { createGeminiContentGenerator } = await import(
-      './geminiContentGenerator/index.js'
-    );
-    return createGeminiContentGenerator(config, gcConfig);
+    let headers: Record<string, string> = { ...baseHeaders };
+    if (gcConfig?.getUsageStatisticsEnabled()) {
+      const installationManager = new InstallationManager();
+      const installationId = installationManager.getInstallationId();
+      headers = {
+        ...headers,
+        'x-gemini-api-privileged-user-id': `${installationId}`,
+      };
+    }
+    const httpOptions = { headers };
+
+    const googleGenAI = new GoogleGenAI({
+      apiKey: config.apiKey === '' ? undefined : config.apiKey,
+      vertexai: config.vertexai,
+      httpOptions,
+    });
+    return new LoggingContentGenerator(googleGenAI.models, gcConfig);
   }
 
   if (config.authType === AuthType.USE_OPENAI) {

packages/core/src/core/coreToolScheduler.test.ts

@@ -240,7 +240,7 @@ describe('CoreToolScheduler', () => {
       getAllowedTools: () => [],
       getContentGeneratorConfig: () => ({
         model: 'test-model',
-        authType: 'gemini-api-key',
+        authType: 'oauth-personal',
       }),
       getShellExecutionConfig: () => ({
         terminalWidth: 90,
@@ -318,7 +318,7 @@ describe('CoreToolScheduler', () => {
       getAllowedTools: () => [],
       getContentGeneratorConfig: () => ({
         model: 'test-model',
-        authType: 'gemini-api-key',
+        authType: 'oauth-personal',
       }),
       getShellExecutionConfig: () => ({
         terminalWidth: 90,
@@ -497,7 +497,7 @@ describe('CoreToolScheduler', () => {
         getExcludeTools: () => ['write_file', 'edit', 'run_shell_command'],
         getContentGeneratorConfig: () => ({
           model: 'test-model',
-          authType: 'gemini-api-key',
+          authType: 'oauth-personal',
         }),
         getShellExecutionConfig: () => ({
           terminalWidth: 90,
@@ -584,7 +584,7 @@ describe('CoreToolScheduler', () => {
         getExcludeTools: () => ['write_file', 'edit'], // Different excluded tools
         getContentGeneratorConfig: () => ({
           model: 'test-model',
-          authType: 'gemini-api-key',
+          authType: 'oauth-personal',
         }),
         getShellExecutionConfig: () => ({
           terminalWidth: 90,
@@ -674,7 +674,7 @@ describe('CoreToolScheduler with payload', () => {
       getAllowedTools: () => [],
       getContentGeneratorConfig: () => ({
         model: 'test-model',
-        authType: 'gemini-api-key',
+        authType: 'oauth-personal',
       }),
       getShellExecutionConfig: () => ({
         terminalWidth: 90,
@@ -1001,7 +1001,7 @@ describe('CoreToolScheduler edit cancellation', () => {
       getAllowedTools: () => [],
       getContentGeneratorConfig: () => ({
         model: 'test-model',
-        authType: 'gemini-api-key',
+        authType: 'oauth-personal',
       }),
       getShellExecutionConfig: () => ({
         terminalWidth: 90,
@@ -1108,7 +1108,7 @@ describe('CoreToolScheduler YOLO mode', () => {
       getAllowedTools: () => [],
       getContentGeneratorConfig: () => ({
         model: 'test-model',
-        authType: 'gemini-api-key',
+        authType: 'oauth-personal',
       }),
       getShellExecutionConfig: () => ({
         terminalWidth: 90,
@@ -1258,7 +1258,7 @@ describe('CoreToolScheduler cancellation during executing with live output', ()
       getApprovalMode: () => ApprovalMode.DEFAULT,
       getContentGeneratorConfig: () => ({
         model: 'test-model',
-        authType: 'gemini-api-key',
+        authType: 'oauth-personal',
       }),
       getToolRegistry: () => mockToolRegistry,
       getShellExecutionConfig: () => ({
@@ -1350,7 +1350,7 @@ describe('CoreToolScheduler request queueing', () => {
       getAllowedTools: () => [],
       getContentGeneratorConfig: () => ({
         model: 'test-model',
-        authType: 'gemini-api-key',
+        authType: 'oauth-personal',
       }),
       getShellExecutionConfig: () => ({
         terminalWidth: 90,
@@ -1482,7 +1482,7 @@ describe('CoreToolScheduler request queueing', () => {
       getToolRegistry: () => toolRegistry,
       getContentGeneratorConfig: () => ({
         model: 'test-model',
-        authType: 'gemini-api-key',
+        authType: 'oauth-personal',
       }),
       getShellExecutionConfig: () => ({
         terminalWidth: 80,
@@ -1586,7 +1586,7 @@ describe('CoreToolScheduler request queueing', () => {
       getAllowedTools: () => [],
       getContentGeneratorConfig: () => ({
         model: 'test-model',
-        authType: 'gemini-api-key',
+        authType: 'oauth-personal',
       }),
       getShellExecutionConfig: () => ({
         terminalWidth: 90,
@@ -1854,7 +1854,7 @@ describe('CoreToolScheduler Sequential Execution', () => {
       getAllowedTools: () => [],
       getContentGeneratorConfig: () => ({
         model: 'test-model',
-        authType: 'gemini-api-key',
+        authType: 'oauth-personal',
       }),
       getShellExecutionConfig: () => ({
         terminalWidth: 90,
@@ -1975,7 +1975,7 @@ describe('CoreToolScheduler Sequential Execution', () => {
       getAllowedTools: () => [],
       getContentGeneratorConfig: () => ({
         model: 'test-model',
-        authType: 'gemini-api-key',
+        authType: 'oauth-personal',
       }),
       getShellExecutionConfig: () => ({
         terminalWidth: 90,

packages/core/src/core/geminiChat.test.ts

@@ -100,7 +100,6 @@ describe('GeminiChat', () => {
       countTokens: vi.fn(),
       embedContent: vi.fn(),
       batchEmbedContents: vi.fn(),
-      useSummarizedThinking: vi.fn().mockReturnValue(false),
     } as unknown as ContentGenerator;
 
     mockHandleFallback.mockClear();
@@ -112,7 +111,7 @@ describe('GeminiChat', () => {
       getUsageStatisticsEnabled: () => true,
       getDebugMode: () => false,
       getContentGeneratorConfig: vi.fn().mockReturnValue({
-        authType: 'gemini-api-key', // Ensure this is set for fallback tests
+        authType: 'oauth-personal', // Ensure this is set for fallback tests
         model: 'test-model',
       }),
       getModel: vi.fn().mockReturnValue('gemini-pro'),
@@ -719,99 +718,6 @@ describe('GeminiChat', () => {
         1,
       );
     });
-
-    it('should handle summarized thinking by conditionally including thoughts in history', async () => {
-      // Case 1: useSummarizedThinking is true -> thoughts NOT in history
-      vi.mocked(mockContentGenerator.useSummarizedThinking).mockReturnValue(
-        true,
-      );
-      const stream1 = (async function* () {
-        yield {
-          candidates: [
-            {
-              content: {
-                role: 'model',
-                parts: [{ thought: true, text: 'T1' }, { text: 'A1' }],
-              },
-              finishReason: 'STOP',
-            },
-          ],
-        } as unknown as GenerateContentResponse;
-      })();
-      vi.mocked(mockContentGenerator.generateContentStream).mockResolvedValue(
-        stream1,
-      );
-
-      const res1 = await chat.sendMessageStream('m1', { message: 'h1' }, 'p1');
-      for await (const _ of res1);
-
-      const history1 = chat.getHistory();
-      expect(history1[1].parts).toEqual([{ text: 'A1' }]);
-
-      // Case 2: useSummarizedThinking is false -> thoughts ARE in history
-      chat.clearHistory();
-      vi.mocked(mockContentGenerator.useSummarizedThinking).mockReturnValue(
-        false,
-      );
-      const stream2 = (async function* () {
-        yield {
-          candidates: [
-            {
-              content: {
-                role: 'model',
-                parts: [{ thought: true, text: 'T2' }, { text: 'A2' }],
-              },
-              finishReason: 'STOP',
-            },
-          ],
-        } as unknown as GenerateContentResponse;
-      })();
-      vi.mocked(mockContentGenerator.generateContentStream).mockResolvedValue(
-        stream2,
-      );
-
-      const res2 = await chat.sendMessageStream('m1', { message: 'h1' }, 'p2');
-      for await (const _ of res2);
-
-      const history2 = chat.getHistory();
-      expect(history2[1].parts).toEqual([
-        { text: 'T2', thought: true },
-        { text: 'A2' },
-      ]);
-    });
-
-    it('should keep parts with thoughtSignature when consolidating history', async () => {
-      const stream = (async function* () {
-        yield {
-          candidates: [
-            {
-              content: {
-                role: 'model',
-                parts: [
-                  {
-                    text: 'p1',
-                    thoughtSignature: 's1',
-                  } as unknown as { text: string; thoughtSignature: string },
-                ],
-              },
-              finishReason: 'STOP',
-            },
-          ],
-        } as unknown as GenerateContentResponse;
-      })();
-      vi.mocked(mockContentGenerator.generateContentStream).mockResolvedValue(
-        stream,
-      );
-
-      const res = await chat.sendMessageStream('m1', { message: 'h1' }, 'p1');
-      for await (const _ of res);
-
-      const history = chat.getHistory();
-      expect(history[1].parts![0]).toEqual({
-        text: 'p1',
-        thoughtSignature: 's1',
-      });
-    });
   });
 
   describe('addHistory', () => {
@@ -1476,7 +1382,7 @@ describe('GeminiChat', () => {
     });
 
     it('should call handleFallback with the specific failed model and retry if handler returns true', async () => {
-      const authType = AuthType.USE_GEMINI;
+      const authType = AuthType.LOGIN_WITH_GOOGLE;
       vi.mocked(mockConfig.getContentGeneratorConfig).mockReturnValue({
         model: 'test-model',
         authType,
@@ -1626,7 +1532,7 @@ describe('GeminiChat', () => {
   });
 
   describe('stripThoughtsFromHistory', () => {
-    it('should strip thoughts and thought signatures, and remove empty content objects', () => {
+    it('should strip thought signatures', () => {
       chat.setHistory([
         {
           role: 'user',
@@ -1638,15 +1544,10 @@ describe('GeminiChat', () => {
             { text: 'thinking...', thought: true },
             { text: 'hi' },
             {
-              text: 'hidden metadata',
-              thoughtSignature: 'abc',
-            } as unknown as { text: string; thoughtSignature: string },
+              functionCall: { name: 'test', args: {} },
+            },
           ],
         },
-        {
-          role: 'model',
-          parts: [{ text: 'only thinking', thought: true }],
-        },
       ]);
 
       chat.stripThoughtsFromHistory();
@@ -1658,7 +1559,7 @@ describe('GeminiChat', () => {
         },
         {
           role: 'model',
-          parts: [{ text: 'hi' }, { text: 'hidden metadata' }],
+          parts: [{ text: 'hi' }, { functionCall: { name: 'test', args: {} } }],
         },
       ]);
     });

packages/core/src/core/geminiChat.ts

@@ -92,7 +92,6 @@ export function isValidNonThoughtTextPart(part: Part): boolean {
   return (
     typeof part.text === 'string' &&
     !part.thought &&
-    !part.thoughtSignature &&
     // Technically, the model should never generate parts that have text and
     //  any of these but we don't trust them so check anyways.
     !part.functionCall &&
@@ -110,24 +109,18 @@ function isValidContent(content: Content): boolean {
     if (part === undefined || Object.keys(part).length === 0) {
       return false;
     }
-    if (!isValidContentPart(part)) {
+    if (
+      !part.thought &&
+      part.text !== undefined &&
+      part.text === '' &&
+      part.functionCall === undefined
+    ) {
       return false;
     }
   }
   return true;
 }
 
-function isValidContentPart(part: Part): boolean {
-  const isInvalid =
-    !part.thought &&
-    !part.thoughtSignature &&
-    part.text !== undefined &&
-    part.text === '' &&
-    part.functionCall === undefined;
-
-  return !isInvalid;
-}
-
 /**
  * Validates the history contains the correct roles.
  *
@@ -455,29 +448,15 @@ export class GeminiChat {
         if (!content.parts) return content;
 
         // Filter out thought parts entirely
-        const filteredParts = content.parts
-          .filter(
-            (part) =>
-              !(
-                part &&
-                typeof part === 'object' &&
-                'thought' in part &&
-                part.thought
-              ),
-          )
-          .map((part) => {
-            if (
+        const filteredParts = content.parts.filter(
+          (part) =>
+            !(
               part &&
               typeof part === 'object' &&
-              'thoughtSignature' in part
-            ) {
-              const newPart = { ...part };
-              delete (newPart as { thoughtSignature?: string })
-                .thoughtSignature;
-              return newPart;
-            }
-            return part;
-          });
+              'thought' in part &&
+              part.thought
+            ),
+        );
 
         return {
           ...content,
@@ -559,15 +538,11 @@ export class GeminiChat {
       yield chunk; // Yield every chunk to the UI immediately.
     }
 
-    let thoughtText = '';
-    // Only include thoughts if not using summarized thinking.
-    if (!this.config.getContentGenerator().useSummarizedThinking()) {
-      thoughtText = allModelParts
-        .filter((part) => part.thought)
-        .map((part) => part.text)
-        .join('')
-        .trim();
-    }
+    const thoughtParts = allModelParts.filter((part) => part.thought);
+    const thoughtText = thoughtParts
+      .map((part) => part.text)
+      .join('')
+      .trim();
 
     const contentParts = allModelParts.filter((part) => !part.thought);
     const consolidatedHistoryParts: Part[] = [];
@@ -580,7 +555,7 @@ export class GeminiChat {
         isValidNonThoughtTextPart(part)
       ) {
         lastPart.text += part.text;
-      } else if (isValidContentPart(part)) {
+      } else {
         consolidatedHistoryParts.push(part);
       }
     }

packages/core/src/core/geminiContentGenerator/geminiContentGenerator.test.ts

@@ -1,173 +0,0 @@
-/**
- * @license
- * Copyright 2025 Google LLC
- * SPDX-License-Identifier: Apache-2.0
- */
-
-import { describe, it, expect, vi, beforeEach } from 'vitest';
-import { GeminiContentGenerator } from './geminiContentGenerator.js';
-import { GoogleGenAI } from '@google/genai';
-
-vi.mock('@google/genai', () => {
-  const mockGenerateContent = vi.fn();
-  const mockGenerateContentStream = vi.fn();
-  const mockCountTokens = vi.fn();
-  const mockEmbedContent = vi.fn();
-
-  return {
-    GoogleGenAI: vi.fn().mockImplementation(() => ({
-      models: {
-        generateContent: mockGenerateContent,
-        generateContentStream: mockGenerateContentStream,
-        countTokens: mockCountTokens,
-        embedContent: mockEmbedContent,
-      },
-    })),
-  };
-});
-
-describe('GeminiContentGenerator', () => {
-  let generator: GeminiContentGenerator;
-  // eslint-disable-next-line @typescript-eslint/no-explicit-any
-  let mockGoogleGenAI: any;
-
-  beforeEach(() => {
-    vi.clearAllMocks();
-    generator = new GeminiContentGenerator({
-      apiKey: 'test-api-key',
-    });
-    mockGoogleGenAI = vi.mocked(GoogleGenAI).mock.results[0].value;
-  });
-
-  it('should call generateContent on the underlying model', async () => {
-    const request = { model: 'gemini-1.5-flash', contents: [] };
-    const expectedResponse = { responseId: 'test-id' };
-    mockGoogleGenAI.models.generateContent.mockResolvedValue(expectedResponse);
-
-    const response = await generator.generateContent(request, 'prompt-id');
-
-    expect(mockGoogleGenAI.models.generateContent).toHaveBeenCalledWith(
-      expect.objectContaining({
-        ...request,
-        config: expect.objectContaining({
-          temperature: 1,
-          topP: 0.95,
-          thinkingConfig: {
-            includeThoughts: true,
-            thinkingLevel: 'THINKING_LEVEL_UNSPECIFIED',
-          },
-        }),
-      }),
-    );
-    expect(response).toBe(expectedResponse);
-  });
-
-  it('should call generateContentStream on the underlying model', async () => {
-    const request = { model: 'gemini-1.5-flash', contents: [] };
-    const mockStream = (async function* () {
-      yield { responseId: '1' };
-    })();
-    mockGoogleGenAI.models.generateContentStream.mockResolvedValue(mockStream);
-
-    const stream = await generator.generateContentStream(request, 'prompt-id');
-
-    expect(mockGoogleGenAI.models.generateContentStream).toHaveBeenCalledWith(
-      expect.objectContaining({
-        ...request,
-        config: expect.objectContaining({
-          temperature: 1,
-          topP: 0.95,
-          thinkingConfig: {
-            includeThoughts: true,
-            thinkingLevel: 'THINKING_LEVEL_UNSPECIFIED',
-          },
-        }),
-      }),
-    );
-    expect(stream).toBe(mockStream);
-  });
-
-  it('should call countTokens on the underlying model', async () => {
-    const request = { model: 'gemini-1.5-flash', contents: [] };
-    const expectedResponse = { totalTokens: 10 };
-    mockGoogleGenAI.models.countTokens.mockResolvedValue(expectedResponse);
-
-    const response = await generator.countTokens(request);
-
-    expect(mockGoogleGenAI.models.countTokens).toHaveBeenCalledWith(request);
-    expect(response).toBe(expectedResponse);
-  });
-
-  it('should call embedContent on the underlying model', async () => {
-    const request = { model: 'embedding-model', contents: [] };
-    const expectedResponse = { embeddings: [] };
-    mockGoogleGenAI.models.embedContent.mockResolvedValue(expectedResponse);
-
-    const response = await generator.embedContent(request);
-
-    expect(mockGoogleGenAI.models.embedContent).toHaveBeenCalledWith(request);
-    expect(response).toBe(expectedResponse);
-  });
-
-  it('should prioritize contentGeneratorConfig samplingParams over request config', async () => {
-    const generatorWithParams = new GeminiContentGenerator({ apiKey: 'test' }, {
-      model: 'gemini-1.5-flash',
-      samplingParams: {
-        temperature: 0.1,
-        top_p: 0.2,
-      },
-      // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    } as any);
-
-    const request = {
-      model: 'gemini-1.5-flash',
-      contents: [],
-      config: {
-        temperature: 0.9,
-        topP: 0.9,
-      },
-    };
-
-    await generatorWithParams.generateContent(request, 'prompt-id');
-
-    expect(mockGoogleGenAI.models.generateContent).toHaveBeenCalledWith(
-      expect.objectContaining({
-        config: expect.objectContaining({
-          temperature: 0.1,
-          topP: 0.2,
-        }),
-      }),
-    );
-  });
-
-  it('should map reasoning effort to thinkingConfig', async () => {
-    const generatorWithReasoning = new GeminiContentGenerator(
-      { apiKey: 'test' },
-      {
-        model: 'gemini-2.5-pro',
-        reasoning: {
-          effort: 'high',
-        },
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-      } as any,
-    );
-
-    const request = {
-      model: 'gemini-2.5-pro',
-      contents: [],
-    };
-
-    await generatorWithReasoning.generateContent(request, 'prompt-id');
-
-    expect(mockGoogleGenAI.models.generateContent).toHaveBeenCalledWith(
-      expect.objectContaining({
-        config: expect.objectContaining({
-          thinkingConfig: {
-            includeThoughts: true,
-            thinkingLevel: 'HIGH',
-          },
-        }),
-      }),
-    );
-  });
-});

packages/core/src/core/geminiContentGenerator/geminiContentGenerator.ts

@@ -1,144 +0,0 @@
-/**
- * @license
- * Copyright 2025 Google LLC
- * SPDX-License-Identifier: Apache-2.0
- */
-
-import type {
-  CountTokensParameters,
-  CountTokensResponse,
-  EmbedContentParameters,
-  EmbedContentResponse,
-  GenerateContentParameters,
-  GenerateContentResponse,
-  GenerateContentConfig,
-  ThinkingLevel,
-} from '@google/genai';
-import { GoogleGenAI } from '@google/genai';
-import type {
-  ContentGenerator,
-  ContentGeneratorConfig,
-} from '../contentGenerator.js';
-
-/**
- * A wrapper for GoogleGenAI that implements the ContentGenerator interface.
- */
-export class GeminiContentGenerator implements ContentGenerator {
-  private readonly googleGenAI: GoogleGenAI;
-  private readonly contentGeneratorConfig?: ContentGeneratorConfig;
-
-  constructor(
-    options: {
-      apiKey?: string;
-      vertexai?: boolean;
-      httpOptions?: { headers: Record<string, string> };
-    },
-    contentGeneratorConfig?: ContentGeneratorConfig,
-  ) {
-    this.googleGenAI = new GoogleGenAI(options);
-    this.contentGeneratorConfig = contentGeneratorConfig;
-  }
-
-  private buildSamplingParameters(
-    request: GenerateContentParameters,
-  ): GenerateContentConfig {
-    const configSamplingParams = this.contentGeneratorConfig?.samplingParams;
-    const requestConfig = request.config || {};
-
-    // Helper function to get parameter value with priority: config > request > default
-    const getParameterValue = <T>(
-      configValue: T | undefined,
-      requestKey: keyof GenerateContentConfig,
-      defaultValue?: T,
-    ): T | undefined => {
-      const requestValue = requestConfig[requestKey] as T | undefined;
-
-      if (configValue !== undefined) return configValue;
-      if (requestValue !== undefined) return requestValue;
-      return defaultValue;
-    };
-
-    return {
-      ...requestConfig,
-      temperature: getParameterValue<number>(
-        configSamplingParams?.temperature,
-        'temperature',
-        1,
-      ),
-      topP: getParameterValue<number>(
-        configSamplingParams?.top_p,
-        'topP',
-        0.95,
-      ),
-      topK: getParameterValue<number>(configSamplingParams?.top_k, 'topK', 64),
-      maxOutputTokens: getParameterValue<number>(
-        configSamplingParams?.max_tokens,
-        'maxOutputTokens',
-      ),
-      presencePenalty: getParameterValue<number>(
-        configSamplingParams?.presence_penalty,
-        'presencePenalty',
-      ),
-      frequencyPenalty: getParameterValue<number>(
-        configSamplingParams?.frequency_penalty,
-        'frequencyPenalty',
-      ),
-      thinkingConfig: getParameterValue(
-        this.contentGeneratorConfig?.reasoning
-          ? {
-              includeThoughts: true,
-              thinkingLevel: (this.contentGeneratorConfig.reasoning.effort ===
-              'low'
-                ? 'LOW'
-                : this.contentGeneratorConfig.reasoning.effort === 'high'
-                  ? 'HIGH'
-                  : 'THINKING_LEVEL_UNSPECIFIED') as ThinkingLevel,
-            }
-          : undefined,
-        'thinkingConfig',
-        {
-          includeThoughts: true,
-          thinkingLevel: 'THINKING_LEVEL_UNSPECIFIED' as ThinkingLevel,
-        },
-      ),
-    };
-  }
-
-  async generateContent(
-    request: GenerateContentParameters,
-    _userPromptId: string,
-  ): Promise<GenerateContentResponse> {
-    const finalRequest = {
-      ...request,
-      config: this.buildSamplingParameters(request),
-    };
-    return this.googleGenAI.models.generateContent(finalRequest);
-  }
-
-  async generateContentStream(
-    request: GenerateContentParameters,
-    _userPromptId: string,
-  ): Promise<AsyncGenerator<GenerateContentResponse>> {
-    const finalRequest = {
-      ...request,
-      config: this.buildSamplingParameters(request),
-    };
-    return this.googleGenAI.models.generateContentStream(finalRequest);
-  }
-
-  async countTokens(
-    request: CountTokensParameters,
-  ): Promise<CountTokensResponse> {
-    return this.googleGenAI.models.countTokens(request);
-  }
-
-  async embedContent(
-    request: EmbedContentParameters,
-  ): Promise<EmbedContentResponse> {
-    return this.googleGenAI.models.embedContent(request);
-  }
-
-  useSummarizedThinking(): boolean {
-    return true;
-  }
-}

packages/core/src/core/geminiContentGenerator/index.test.ts

@@ -1,47 +0,0 @@
-/**
- * @license
- * Copyright 2025 Google LLC
- * SPDX-License-Identifier: Apache-2.0
- */
-
-import { describe, it, expect, vi, beforeEach } from 'vitest';
-import { createGeminiContentGenerator } from './index.js';
-import { GeminiContentGenerator } from './geminiContentGenerator.js';
-import { LoggingContentGenerator } from './loggingContentGenerator.js';
-import type { Config } from '../../config/config.js';
-import { AuthType } from '../contentGenerator.js';
-
-vi.mock('./geminiContentGenerator.js', () => ({
-  GeminiContentGenerator: vi.fn().mockImplementation(() => ({})),
-}));
-
-vi.mock('./loggingContentGenerator.js', () => ({
-  LoggingContentGenerator: vi.fn().mockImplementation((wrapped) => wrapped),
-}));
-
-describe('createGeminiContentGenerator', () => {
-  let mockConfig: Config;
-
-  beforeEach(() => {
-    vi.clearAllMocks();
-    mockConfig = {
-      getUsageStatisticsEnabled: vi.fn().mockReturnValue(false),
-      getContentGeneratorConfig: vi.fn().mockReturnValue({}),
-      getCliVersion: vi.fn().mockReturnValue('1.0.0'),
-    } as unknown as Config;
-  });
-
-  it('should create a GeminiContentGenerator wrapped in LoggingContentGenerator', () => {
-    const config = {
-      model: 'gemini-1.5-flash',
-      apiKey: 'test-key',
-      authType: AuthType.USE_GEMINI,
-    };
-
-    const generator = createGeminiContentGenerator(config, mockConfig);
-
-    expect(GeminiContentGenerator).toHaveBeenCalled();
-    expect(LoggingContentGenerator).toHaveBeenCalled();
-    expect(generator).toBeDefined();
-  });
-});

packages/core/src/core/geminiContentGenerator/index.ts

@@ -1,55 +0,0 @@
-/**
- * @license
- * Copyright 2025 Google LLC
- * SPDX-License-Identifier: Apache-2.0
- */
-
-import { GeminiContentGenerator } from './geminiContentGenerator.js';
-import type {
-  ContentGenerator,
-  ContentGeneratorConfig,
-} from '../contentGenerator.js';
-import type { Config } from '../../config/config.js';
-import { InstallationManager } from '../../utils/installationManager.js';
-import { LoggingContentGenerator } from './loggingContentGenerator.js';
-
-export { GeminiContentGenerator } from './geminiContentGenerator.js';
-export { LoggingContentGenerator } from './loggingContentGenerator.js';
-
-/**
- * Create a Gemini content generator.
- */
-export function createGeminiContentGenerator(
-  config: ContentGeneratorConfig,
-  gcConfig: Config,
-): ContentGenerator {
-  const version = process.env['CLI_VERSION'] || process.version;
-  const userAgent =
-    config.userAgent ||
-    `QwenCode/${version} (${process.platform}; ${process.arch})`;
-  const baseHeaders: Record<string, string> = {
-    'User-Agent': userAgent,
-  };
-
-  let headers: Record<string, string> = { ...baseHeaders };
-  if (gcConfig?.getUsageStatisticsEnabled()) {
-    const installationManager = new InstallationManager();
-    const installationId = installationManager.getInstallationId();
-    headers = {
-      ...headers,
-      'x-gemini-api-privileged-user-id': `${installationId}`,
-    };
-  }
-  const httpOptions = { headers };
-
-  const geminiContentGenerator = new GeminiContentGenerator(
-    {
-      apiKey: config.apiKey === '' ? undefined : config.apiKey,
-      vertexai: config.vertexai,
-      httpOptions,
-    },
-    config,
-  );
-
-  return new LoggingContentGenerator(geminiContentGenerator, gcConfig);
-}

packages/core/src/core/loggingContentGenerator.ts

@@ -13,24 +13,21 @@ import type {
   GenerateContentParameters,
   GenerateContentResponseUsageMetadata,
   GenerateContentResponse,
-  ContentListUnion,
-  ContentUnion,
-  Part,
-  PartUnion,
 } from '@google/genai';
 import {
   ApiRequestEvent,
   ApiResponseEvent,
   ApiErrorEvent,
-} from '../../telemetry/types.js';
-import type { Config } from '../../config/config.js';
+} from '../telemetry/types.js';
+import type { Config } from '../config/config.js';
 import {
   logApiError,
   logApiRequest,
   logApiResponse,
-} from '../../telemetry/loggers.js';
-import type { ContentGenerator } from '../contentGenerator.js';
-import { isStructuredError } from '../../utils/quotaErrorDetection.js';
+} from '../telemetry/loggers.js';
+import type { ContentGenerator } from './contentGenerator.js';
+import { toContents } from '../code_assist/converter.js';
+import { isStructuredError } from '../utils/quotaErrorDetection.js';
 
 interface StructuredError {
   status: number;
@@ -115,7 +112,7 @@ export class LoggingContentGenerator implements ContentGenerator {
     userPromptId: string,
   ): Promise<GenerateContentResponse> {
     const startTime = Date.now();
-    this.logApiRequest(this.toContents(req.contents), req.model, userPromptId);
+    this.logApiRequest(toContents(req.contents), req.model, userPromptId);
     try {
       const response = await this.wrapped.generateContent(req, userPromptId);
       const durationMs = Date.now() - startTime;
@@ -140,7 +137,7 @@ export class LoggingContentGenerator implements ContentGenerator {
     userPromptId: string,
   ): Promise<AsyncGenerator<GenerateContentResponse>> {
     const startTime = Date.now();
-    this.logApiRequest(this.toContents(req.contents), req.model, userPromptId);
+    this.logApiRequest(toContents(req.contents), req.model, userPromptId);
 
     let stream: AsyncGenerator<GenerateContentResponse>;
     try {
@@ -208,95 +205,4 @@ export class LoggingContentGenerator implements ContentGenerator {
   ): Promise<EmbedContentResponse> {
     return this.wrapped.embedContent(req);
   }
-
-  useSummarizedThinking(): boolean {
-    return this.wrapped.useSummarizedThinking();
-  }
-
-  private toContents(contents: ContentListUnion): Content[] {
-    if (Array.isArray(contents)) {
-      // it's a Content[] or a PartsUnion[]
-      return contents.map((c) => this.toContent(c));
-    }
-    // it's a Content or a PartsUnion
-    return [this.toContent(contents)];
-  }
-
-  private toContent(content: ContentUnion): Content {
-    if (Array.isArray(content)) {
-      // it's a PartsUnion[]
-      return {
-        role: 'user',
-        parts: this.toParts(content),
-      };
-    }
-    if (typeof content === 'string') {
-      // it's a string
-      return {
-        role: 'user',
-        parts: [{ text: content }],
-      };
-    }
-    if ('parts' in content) {
-      // it's a Content - process parts to handle thought filtering
-      return {
-        ...content,
-        parts: content.parts
-          ? this.toParts(content.parts.filter((p) => p != null))
-          : [],
-      };
-    }
-    // it's a Part
-    return {
-      role: 'user',
-      parts: [this.toPart(content as Part)],
-    };
-  }
-
-  private toParts(parts: PartUnion[]): Part[] {
-    return parts.map((p) => this.toPart(p));
-  }
-
-  private toPart(part: PartUnion): Part {
-    if (typeof part === 'string') {
-      // it's a string
-      return { text: part };
-    }
-
-    // Handle thought parts for CountToken API compatibility
-    // The CountToken API expects parts to have certain required "oneof" fields initialized,
-    // but thought parts don't conform to this schema and cause API failures
-    if ('thought' in part && part.thought) {
-      const thoughtText = `[Thought: ${part.thought}]`;
-
-      const newPart = { ...part };
-      delete (newPart as Record<string, unknown>)['thought'];
-
-      const hasApiContent =
-        'functionCall' in newPart ||
-        'functionResponse' in newPart ||
-        'inlineData' in newPart ||
-        'fileData' in newPart;
-
-      if (hasApiContent) {
-        // It's a functionCall or other non-text part. Just strip the thought.
-        return newPart;
-      }
-
-      // If no other valid API content, this must be a text part.
-      // Combine existing text (if any) with the thought, preserving other properties.
-      const text = (newPart as { text?: unknown }).text;
-      const existingText = text ? String(text) : '';
-      const combinedText = existingText
-        ? `${existingText}\n${thoughtText}`
-        : thoughtText;
-
-      return {
-        ...newPart,
-        text: combinedText,
-      };
-    }
-
-    return part;
-  }
 }

packages/core/src/core/nonInteractiveToolExecutor.test.ts

@@ -47,7 +47,7 @@ describe('executeToolCall', () => {
       getDebugMode: () => false,
       getContentGeneratorConfig: () => ({
         model: 'test-model',
-        authType: 'gemini-api-key',
+        authType: 'oauth-personal',
       }),
       getShellExecutionConfig: () => ({
         terminalWidth: 90,

packages/core/src/core/openaiContentGenerator/openaiContentGenerator.test.ts

@@ -99,7 +99,6 @@ describe('OpenAIContentGenerator (Refactored)', () => {
         },
       } as unknown as OpenAI),
       buildRequest: vi.fn().mockImplementation((req) => req),
-      getDefaultGenerationConfig: vi.fn().mockReturnValue({}),
     };
 
     generator = new OpenAIContentGenerator(
@@ -212,7 +211,6 @@ describe('OpenAIContentGenerator (Refactored)', () => {
           },
         } as unknown as OpenAI),
         buildRequest: vi.fn().mockImplementation((req) => req),
-        getDefaultGenerationConfig: vi.fn().mockReturnValue({}),
       };
 
       const testGenerator = new TestGenerator(
@@ -279,7 +277,6 @@ describe('OpenAIContentGenerator (Refactored)', () => {
           },
         } as unknown as OpenAI),
         buildRequest: vi.fn().mockImplementation((req) => req),
-        getDefaultGenerationConfig: vi.fn().mockReturnValue({}),
       };
 
       const testGenerator = new TestGenerator(

packages/core/src/core/openaiContentGenerator/openaiContentGenerator.ts

@@ -154,8 +154,4 @@ export class OpenAIContentGenerator implements ContentGenerator {
       );
     }
   }
-
-  useSummarizedThinking(): boolean {
-    return false;
-  }
 }

packages/core/src/core/openaiContentGenerator/pipeline.test.ts

@@ -60,7 +60,6 @@ describe('ContentGenerationPipeline', () => {
       buildClient: vi.fn().mockReturnValue(mockClient),
       buildRequest: vi.fn().mockImplementation((req) => req),
       buildHeaders: vi.fn().mockReturnValue({}),
-      getDefaultGenerationConfig: vi.fn().mockReturnValue({}),
     };
 
     // Mock telemetry service

packages/core/src/core/openaiContentGenerator/pipeline.ts

@@ -283,22 +283,16 @@ export class ContentGenerationPipeline {
   private buildSamplingParameters(
     request: GenerateContentParameters,
   ): Record<string, unknown> {
-    const defaultSamplingParams =
-      this.config.provider.getDefaultGenerationConfig();
     const configSamplingParams = this.contentGeneratorConfig.samplingParams;
 
     // Helper function to get parameter value with priority: config > request > default
     const getParameterValue = <T>(
       configKey: keyof NonNullable<typeof configSamplingParams>,
-      requestKey?: keyof NonNullable<typeof request.config>,
+      requestKey: keyof NonNullable<typeof request.config>,
+      defaultValue?: T,
     ): T | undefined => {
       const configValue = configSamplingParams?.[configKey] as T | undefined;
-      const requestValue = requestKey
-        ? (request.config?.[requestKey] as T | undefined)
-        : undefined;
-      const defaultValue = requestKey
-        ? (defaultSamplingParams[requestKey] as T)
-        : undefined;
+      const requestValue = request.config?.[requestKey] as T | undefined;
 
       if (configValue !== undefined) return configValue;
       if (requestValue !== undefined) return requestValue;
@@ -310,8 +304,12 @@ export class ContentGenerationPipeline {
       key: string,
       configKey: keyof NonNullable<typeof configSamplingParams>,
       requestKey?: keyof NonNullable<typeof request.config>,
-    ): Record<string, T | undefined> => {
-      const value = getParameterValue<T>(configKey, requestKey);
+      defaultValue?: T,
+    ): Record<string, T> | Record<string, never> => {
+      const value = requestKey
+        ? getParameterValue(configKey, requestKey, defaultValue)
+        : ((configSamplingParams?.[configKey] as T | undefined) ??
+          defaultValue);
 
       return value !== undefined ? { [key]: value } : {};
     };
@@ -325,18 +323,10 @@ export class ContentGenerationPipeline {
       ...addParameterIfDefined('max_tokens', 'max_tokens', 'maxOutputTokens'),
 
       // Config-only parameters (no request fallback)
-      ...addParameterIfDefined('top_k', 'top_k', 'topK'),
+      ...addParameterIfDefined('top_k', 'top_k'),
       ...addParameterIfDefined('repetition_penalty', 'repetition_penalty'),
-      ...addParameterIfDefined(
-        'presence_penalty',
-        'presence_penalty',
-        'presencePenalty',
-      ),
-      ...addParameterIfDefined(
-        'frequency_penalty',
-        'frequency_penalty',
-        'frequencyPenalty',
-      ),
+      ...addParameterIfDefined('presence_penalty', 'presence_penalty'),
+      ...addParameterIfDefined('frequency_penalty', 'frequency_penalty'),
     };
 
     return params;

packages/core/src/core/openaiContentGenerator/provider/dashscope.ts

@@ -1,5 +1,4 @@
 import OpenAI from 'openai';
-import type { GenerateContentConfig } from '@google/genai';
 import type { Config } from '../../../config/config.js';
 import type { ContentGeneratorConfig } from '../../contentGenerator.js';
 import { AuthType } from '../../contentGenerator.js';
@@ -142,14 +141,6 @@ export class DashScopeOpenAICompatibleProvider
     };
   }
 
-  getDefaultGenerationConfig(): GenerateContentConfig {
-    return {
-      temperature: 0.7,
-      topP: 0.8,
-      topK: 20,
-    };
-  }
-
   /**
    * Add cache control flag to specified message(s) for DashScope providers
    */

packages/core/src/core/openaiContentGenerator/provider/deepseek.ts

@@ -8,7 +8,6 @@ import type OpenAI from 'openai';
 import type { Config } from '../../../config/config.js';
 import type { ContentGeneratorConfig } from '../../contentGenerator.js';
 import { DefaultOpenAICompatibleProvider } from './default.js';
-import type { GenerateContentConfig } from '@google/genai';
 
 export class DeepSeekOpenAICompatibleProvider extends DefaultOpenAICompatibleProvider {
   constructor(
@@ -77,10 +76,4 @@ export class DeepSeekOpenAICompatibleProvider extends DefaultOpenAICompatiblePro
       messages,
     };
   }
-
-  override getDefaultGenerationConfig(): GenerateContentConfig {
-    return {
-      temperature: 0,
-    };
-  }
 }

packages/core/src/core/openaiContentGenerator/provider/default.ts

@@ -1,5 +1,4 @@
 import OpenAI from 'openai';
-import type { GenerateContentConfig } from '@google/genai';
 import type { Config } from '../../../config/config.js';
 import type { ContentGeneratorConfig } from '../../contentGenerator.js';
 import { DEFAULT_TIMEOUT, DEFAULT_MAX_RETRIES } from '../constants.js';
@@ -56,10 +55,4 @@ export class DefaultOpenAICompatibleProvider
       ...request, // Preserve all original parameters including sampling params
     };
   }
-
-  getDefaultGenerationConfig(): GenerateContentConfig {
-    return {
-      topP: 0.95,
-    };
-  }
 }

packages/core/src/core/openaiContentGenerator/provider/types.ts

@@ -1,4 +1,3 @@
-import type { GenerateContentConfig } from '@google/genai';
 import type OpenAI from 'openai';
 
 // Extended types to support cache_control for DashScope
@@ -23,7 +22,6 @@ export interface OpenAICompatibleProvider {
     request: OpenAI.Chat.ChatCompletionCreateParams,
     userPromptId: string,
   ): OpenAI.Chat.ChatCompletionCreateParams;
-  getDefaultGenerationConfig(): GenerateContentConfig;
 }
 
 export type DashScopeRequestMetadata = {

packages/core/src/core/turn.test.ts

@@ -36,6 +36,13 @@ vi.mock('../utils/errorReporting', () => ({
   reportError: vi.fn(),
 }));
 
+// Use the actual implementation from partUtils now that it's provided.
+vi.mock('../utils/generateContentResponseUtilities', () => ({
+  getResponseText: (resp: GenerateContentResponse) =>
+    resp.candidates?.[0]?.content?.parts?.map((part) => part.text).join('') ||
+    undefined,
+}));
+
 describe('Turn', () => {
   let turn: Turn;
   // Define a type for the mocked Chat instance for clarity
@@ -149,7 +156,6 @@ describe('Turn', () => {
           type: GeminiEventType.Thought,
           value: { subject: '', description: 'reasoning...' },
         },
-        { type: GeminiEventType.Content, value: 'final answer' },
       ]);
     });
 

packages/core/src/core/turn.ts

@@ -27,11 +27,7 @@ import {
   toFriendlyError,
 } from '../utils/errors.js';
 import type { GeminiChat } from './geminiChat.js';
-import {
-  getThoughtText,
-  parseThought,
-  type ThoughtSummary,
-} from '../utils/thoughtUtils.js';
+import { getThoughtText, type ThoughtSummary } from '../utils/thoughtUtils.js';
 
 // Define a structure for tools passed to the server
 export interface ServerTool {
@@ -270,12 +266,13 @@ export class Turn {
           this.currentResponseId = resp.responseId;
         }
 
-        const thoughtText = getThoughtText(resp);
-        if (thoughtText) {
+        const thoughtPart = getThoughtText(resp);
+        if (thoughtPart) {
           yield {
             type: GeminiEventType.Thought,
-            value: parseThought(thoughtText),
+            value: { subject: '', description: thoughtPart },
           };
+          continue;
         }
 
         const text = getResponseText(resp);

packages/core/src/fallback/handler.test.ts

@@ -4,10 +4,36 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-import { describe, it, expect, vi, beforeEach } from 'vitest';
+import {
+  describe,
+  it,
+  expect,
+  vi,
+  beforeEach,
+  type Mock,
+  type MockInstance,
+  afterEach,
+} from 'vitest';
 import { handleFallback } from './handler.js';
 import type { Config } from '../config/config.js';
 import { AuthType } from '../core/contentGenerator.js';
+import {
+  DEFAULT_GEMINI_FLASH_MODEL,
+  DEFAULT_GEMINI_MODEL,
+} from '../config/models.js';
+import { logFlashFallback } from '../telemetry/index.js';
+import type { FallbackModelHandler } from './types.js';
+
+// Mock the telemetry logger and event class
+vi.mock('../telemetry/index.js', () => ({
+  logFlashFallback: vi.fn(),
+  FlashFallbackEvent: class {},
+}));
+
+const MOCK_PRO_MODEL = DEFAULT_GEMINI_MODEL;
+const FALLBACK_MODEL = DEFAULT_GEMINI_FLASH_MODEL;
+const AUTH_OAUTH = AuthType.LOGIN_WITH_GOOGLE;
+const AUTH_API_KEY = AuthType.USE_GEMINI;
 
 const createMockConfig = (overrides: Partial<Config> = {}): Config =>
   ({
@@ -19,28 +45,174 @@ const createMockConfig = (overrides: Partial<Config> = {}): Config =>
 
 describe('handleFallback', () => {
   let mockConfig: Config;
+  let mockHandler: Mock<FallbackModelHandler>;
+  let consoleErrorSpy: MockInstance;
 
   beforeEach(() => {
     vi.clearAllMocks();
-    mockConfig = createMockConfig();
+    mockHandler = vi.fn();
+    // Default setup: OAuth user, Pro model failed, handler injected
+    mockConfig = createMockConfig({
+      fallbackModelHandler: mockHandler,
+    });
+    consoleErrorSpy = vi.spyOn(console, 'error').mockImplementation(() => {});
   });
 
-  it('should return null for unknown auth types', async () => {
+  afterEach(() => {
+    consoleErrorSpy.mockRestore();
+  });
+
+  it('should return null immediately if authType is not OAuth', async () => {
     const result = await handleFallback(
       mockConfig,
-      'test-model',
-      'unknown-auth',
+      MOCK_PRO_MODEL,
+      AUTH_API_KEY,
+    );
+    expect(result).toBeNull();
+    expect(mockHandler).not.toHaveBeenCalled();
+    expect(mockConfig.setFallbackMode).not.toHaveBeenCalled();
+  });
+
+  it('should return null if the failed model is already the fallback model', async () => {
+    const result = await handleFallback(
+      mockConfig,
+      FALLBACK_MODEL, // Failed model is Flash
+      AUTH_OAUTH,
+    );
+    expect(result).toBeNull();
+    expect(mockHandler).not.toHaveBeenCalled();
+  });
+
+  it('should return null if no fallbackHandler is injected in config', async () => {
+    const configWithoutHandler = createMockConfig({
+      fallbackModelHandler: undefined,
+    });
+    const result = await handleFallback(
+      configWithoutHandler,
+      MOCK_PRO_MODEL,
+      AUTH_OAUTH,
     );
     expect(result).toBeNull();
   });
 
-  it('should handle Qwen OAuth error', async () => {
-    const result = await handleFallback(
-      mockConfig,
-      'test-model',
-      AuthType.QWEN_OAUTH,
-      new Error('unauthorized'),
+  describe('when handler returns "retry"', () => {
+    it('should activate fallback mode, log telemetry, and return true', async () => {
+      mockHandler.mockResolvedValue('retry');
+
+      const result = await handleFallback(
+        mockConfig,
+        MOCK_PRO_MODEL,
+        AUTH_OAUTH,
+      );
+
+      expect(result).toBe(true);
+      expect(mockConfig.setFallbackMode).toHaveBeenCalledWith(true);
+      expect(logFlashFallback).toHaveBeenCalled();
+    });
+  });
+
+  describe('when handler returns "stop"', () => {
+    it('should activate fallback mode, log telemetry, and return false', async () => {
+      mockHandler.mockResolvedValue('stop');
+
+      const result = await handleFallback(
+        mockConfig,
+        MOCK_PRO_MODEL,
+        AUTH_OAUTH,
+      );
+
+      expect(result).toBe(false);
+      expect(mockConfig.setFallbackMode).toHaveBeenCalledWith(true);
+      expect(logFlashFallback).toHaveBeenCalled();
+    });
+  });
+
+  describe('when handler returns "auth"', () => {
+    it('should NOT activate fallback mode and return false', async () => {
+      mockHandler.mockResolvedValue('auth');
+
+      const result = await handleFallback(
+        mockConfig,
+        MOCK_PRO_MODEL,
+        AUTH_OAUTH,
+      );
+
+      expect(result).toBe(false);
+      expect(mockConfig.setFallbackMode).not.toHaveBeenCalled();
+      expect(logFlashFallback).not.toHaveBeenCalled();
+    });
+  });
+
+  describe('when handler returns an unexpected value', () => {
+    it('should log an error and return null', async () => {
+      mockHandler.mockResolvedValue(null);
+
+      const result = await handleFallback(
+        mockConfig,
+        MOCK_PRO_MODEL,
+        AUTH_OAUTH,
+      );
+
+      expect(result).toBeNull();
+      expect(consoleErrorSpy).toHaveBeenCalledWith(
+        'Fallback UI handler failed:',
+        new Error(
+          'Unexpected fallback intent received from fallbackModelHandler: "null"',
+        ),
+      );
+      expect(mockConfig.setFallbackMode).not.toHaveBeenCalled();
+    });
+  });
+
+  it('should pass the correct context (failedModel, fallbackModel, error) to the handler', async () => {
+    const mockError = new Error('Quota Exceeded');
+    mockHandler.mockResolvedValue('retry');
+
+    await handleFallback(mockConfig, MOCK_PRO_MODEL, AUTH_OAUTH, mockError);
+
+    expect(mockHandler).toHaveBeenCalledWith(
+      MOCK_PRO_MODEL,
+      FALLBACK_MODEL,
+      mockError,
     );
+  });
+
+  it('should not call setFallbackMode or log telemetry if already in fallback mode', async () => {
+    // Setup config where fallback mode is already active
+    const activeFallbackConfig = createMockConfig({
+      fallbackModelHandler: mockHandler,
+      isInFallbackMode: vi.fn(() => true), // Already active
+      setFallbackMode: vi.fn(),
+    });
+
+    mockHandler.mockResolvedValue('retry');
+
+    const result = await handleFallback(
+      activeFallbackConfig,
+      MOCK_PRO_MODEL,
+      AUTH_OAUTH,
+    );
+
+    // Should still return true to allow the retry (which will use the active fallback mode)
+    expect(result).toBe(true);
+    // Should still consult the handler
+    expect(mockHandler).toHaveBeenCalled();
+    // But should not mutate state or log telemetry again
+    expect(activeFallbackConfig.setFallbackMode).not.toHaveBeenCalled();
+    expect(logFlashFallback).not.toHaveBeenCalled();
+  });
+
+  it('should catch errors from the handler, log an error, and return null', async () => {
+    const handlerError = new Error('UI interaction failed');
+    mockHandler.mockRejectedValue(handlerError);
+
+    const result = await handleFallback(mockConfig, MOCK_PRO_MODEL, AUTH_OAUTH);
+
     expect(result).toBeNull();
+    expect(consoleErrorSpy).toHaveBeenCalledWith(
+      'Fallback UI handler failed:',
+      handlerError,
+    );
+    expect(mockConfig.setFallbackMode).not.toHaveBeenCalled();
   });
 });

packages/core/src/fallback/handler.ts

@@ -6,6 +6,8 @@
 
 import type { Config } from '../config/config.js';
 import { AuthType } from '../core/contentGenerator.js';
+import { DEFAULT_GEMINI_FLASH_MODEL } from '../config/models.js';
+import { logFlashFallback, FlashFallbackEvent } from '../telemetry/index.js';
 
 export async function handleFallback(
   config: Config,
@@ -18,7 +20,48 @@ export async function handleFallback(
     return handleQwenOAuthError(error);
   }
 
-  return null;
+  // Applicability Checks
+  if (authType !== AuthType.LOGIN_WITH_GOOGLE) return null;
+
+  const fallbackModel = DEFAULT_GEMINI_FLASH_MODEL;
+
+  if (failedModel === fallbackModel) return null;
+
+  // Consult UI Handler for Intent
+  const fallbackModelHandler = config.fallbackModelHandler;
+  if (typeof fallbackModelHandler !== 'function') return null;
+
+  try {
+    // Pass the specific failed model to the UI handler.
+    const intent = await fallbackModelHandler(
+      failedModel,
+      fallbackModel,
+      error,
+    );
+
+    // Process Intent and Update State
+    switch (intent) {
+      case 'retry':
+        // Activate fallback mode. The NEXT retry attempt will pick this up.
+        activateFallbackMode(config, authType);
+        return true; // Signal retryWithBackoff to continue.
+
+      case 'stop':
+        activateFallbackMode(config, authType);
+        return false;
+
+      case 'auth':
+        return false;
+
+      default:
+        throw new Error(
+          `Unexpected fallback intent received from fallbackModelHandler: "${intent}"`,
+        );
+    }
+  } catch (handlerError) {
+    console.error('Fallback UI handler failed:', handlerError);
+    return null;
+  }
 }
 
 /**
@@ -75,3 +118,12 @@ async function handleQwenOAuthError(error?: unknown): Promise<string | null> {
   // For other errors, don't handle them specially
   return null;
 }
+
+function activateFallbackMode(config: Config, authType: string | undefined) {
+  if (!config.isInFallbackMode()) {
+    config.setFallbackMode(true);
+    if (authType) {
+      logFlashFallback(config, new FlashFallbackEvent(authType));
+    }
+  }
+}

packages/core/src/ide/process-utils.ts

@@ -20,11 +20,26 @@ async function getProcessInfo(pid: number): Promise<{
   command: string;
 }> {
   // Only used for Unix systems (macOS and Linux)
-  const { stdout } = await execAsync(`ps -p ${pid} -o ppid=,comm=`);
-  const [ppidStr, ...commandParts] = stdout.trim().split(/\s+/);
-  const parentPid = parseInt(ppidStr, 10);
-  const command = commandParts.join(' ');
-  return { parentPid, name: path.basename(command), command };
+  try {
+    const command = `ps -o ppid=,command= -p ${pid}`;
+    const { stdout } = await execAsync(command);
+    const trimmedStdout = stdout.trim();
+    if (!trimmedStdout) {
+      return { parentPid: 0, name: '', command: '' };
+    }
+    const parts = trimmedStdout.split(/\s+/);
+    const ppidString = parts[0];
+    const parentPid = parseInt(ppidString, 10);
+    const fullCommand = trimmedStdout.substring(ppidString.length).trim();
+    const processName = path.basename(fullCommand.split(' ')[0]);
+    return {
+      parentPid: isNaN(parentPid) ? 1 : parentPid,
+      name: processName,
+      command: fullCommand,
+    };
+  } catch (_e) {
+    return { parentPid: 0, name: '', command: '' };
+  }
 }
 /**
  * Finds the IDE process info on Unix-like systems.

packages/core/src/index.ts

@@ -12,6 +12,7 @@ export * from './output/json-formatter.js';
 // Export Core Logic
 export * from './core/client.js';
 export * from './core/contentGenerator.js';
+export * from './core/loggingContentGenerator.js';
 export * from './core/geminiChat.js';
 export * from './core/logger.js';
 export * from './core/prompts.js';
@@ -23,7 +24,11 @@ export * from './core/nonInteractiveToolExecutor.js';
 
 export * from './fallback/types.js';
 
+export * from './code_assist/codeAssist.js';
+export * from './code_assist/oauth2.js';
 export * from './qwen/qwenOAuth2.js';
+export * from './code_assist/server.js';
+export * from './code_assist/types.js';
 
 // Export utilities
 export * from './utils/paths.js';

packages/core/src/qwen/qwenOAuth2.ts

@@ -907,5 +907,3 @@ export async function clearQwenCredentials(): Promise<void> {
 function getQwenCachedCredentialPath(): string {
   return path.join(os.homedir(), QWEN_DIR, QWEN_CREDENTIAL_FILENAME);
 }
-
-export const clearCachedCredentialFile = clearQwenCredentials;

packages/core/src/telemetry/clearcut-logger/clearcut-logger.test.ts

@@ -30,6 +30,7 @@ import {
   ToolCallEvent,
 } from '../types.js';
 import { GIT_COMMIT_INFO, CLI_VERSION } from '../../generated/git-commit.js';
+import { UserAccountManager } from '../../utils/userAccountManager.js';
 import { InstallationManager } from '../../utils/installationManager.js';
 import { safeJsonStringify } from '../../utils/safeJsonStringify.js';
 
@@ -89,8 +90,10 @@ expect.extend({
   },
 });
 
+vi.mock('../../utils/userAccountManager.js');
 vi.mock('../../utils/installationManager.js');
 
+const mockUserAccount = vi.mocked(UserAccountManager.prototype);
 const mockInstallMgr = vi.mocked(InstallationManager.prototype);
 
 // TODO(richieforeman): Consider moving this to test setup globally.
@@ -125,7 +128,11 @@ describe('ClearcutLogger', () => {
     vi.unstubAllEnvs();
   });
 
-  function setup({ config = {} as Partial<ConfigParameters> } = {}) {
+  function setup({
+    config = {} as Partial<ConfigParameters>,
+    lifetimeGoogleAccounts = 1,
+    cachedGoogleAccount = 'test@google.com',
+  } = {}) {
     server.resetHandlers(
       http.post(CLEARCUT_URL, () => HttpResponse.text(EXAMPLE_RESPONSE)),
     );
@@ -139,6 +146,10 @@ describe('ClearcutLogger', () => {
     });
     ClearcutLogger.clearInstance();
 
+    mockUserAccount.getCachedGoogleAccount.mockReturnValue(cachedGoogleAccount);
+    mockUserAccount.getLifetimeGoogleAccounts.mockReturnValue(
+      lifetimeGoogleAccounts,
+    );
     mockInstallMgr.getInstallationId = vi
       .fn()
       .mockReturnValue('test-installation-id');
@@ -184,6 +195,19 @@ describe('ClearcutLogger', () => {
   });
 
   describe('createLogEvent', () => {
+    it('logs the total number of google accounts', () => {
+      const { logger } = setup({
+        lifetimeGoogleAccounts: 9001,
+      });
+
+      const event = logger?.createLogEvent(EventNames.API_ERROR, []);
+
+      expect(event?.event_metadata[0]).toContainEqual({
+        gemini_cli_key: EventMetadataKey.GEMINI_CLI_GOOGLE_ACCOUNTS_COUNT,
+        value: '9001',
+      });
+    });
+
     it('logs the current surface from a github action', () => {
       const { logger } = setup({});
 
@@ -227,6 +251,7 @@ describe('ClearcutLogger', () => {
       // Define expected values
       const session_id = 'test-session-id';
       const auth_type = AuthType.USE_GEMINI;
+      const google_accounts = 123;
       const surface = 'ide-1234';
       const cli_version = CLI_VERSION;
       const git_commit_hash = GIT_COMMIT_INFO;
@@ -235,6 +260,7 @@ describe('ClearcutLogger', () => {
 
       // Setup logger with expected values
       const { logger, loggerConfig } = setup({
+        lifetimeGoogleAccounts: google_accounts,
         config: {},
       });
       vi.spyOn(loggerConfig, 'getContentGeneratorConfig').mockReturnValue({
@@ -257,6 +283,10 @@ describe('ClearcutLogger', () => {
             gemini_cli_key: EventMetadataKey.GEMINI_CLI_AUTH_TYPE,
             value: JSON.stringify(auth_type),
           },
+          {
+            gemini_cli_key: EventMetadataKey.GEMINI_CLI_GOOGLE_ACCOUNTS_COUNT,
+            value: `${google_accounts}`,
+          },
           {
             gemini_cli_key: EventMetadataKey.GEMINI_CLI_SURFACE,
             value: surface,
@@ -374,14 +404,10 @@ describe('ClearcutLogger', () => {
           vi.stubEnv(key, value);
         }
         const event = logger?.createLogEvent(EventNames.API_ERROR, []);
-        expect(event?.event_metadata[0]).toEqual(
-          expect.arrayContaining([
-            {
-              gemini_cli_key: EventMetadataKey.GEMINI_CLI_SURFACE,
-              value: expectedValue,
-            },
-          ]),
-        );
+        expect(event?.event_metadata[0][3]).toEqual({
+          gemini_cli_key: EventMetadataKey.GEMINI_CLI_SURFACE,
+          value: expectedValue,
+        });
       },
     );
   });

packages/core/src/telemetry/clearcut-logger/clearcut-logger.ts

@@ -34,6 +34,7 @@ import type {
 import { EventMetadataKey } from './event-metadata-key.js';
 import type { Config } from '../../config/config.js';
 import { InstallationManager } from '../../utils/installationManager.js';
+import { UserAccountManager } from '../../utils/userAccountManager.js';
 import { safeJsonStringify } from '../../utils/safeJsonStringify.js';
 import { FixedDeque } from 'mnemonist';
 import { GIT_COMMIT_INFO, CLI_VERSION } from '../../generated/git-commit.js';
@@ -156,6 +157,7 @@ export class ClearcutLogger {
   private sessionData: EventValue[] = [];
   private promptId: string = '';
   private readonly installationManager: InstallationManager;
+  private readonly userAccountManager: UserAccountManager;
 
   /**
    * Queue of pending events that need to be flushed to the server.  New events
@@ -184,6 +186,7 @@ export class ClearcutLogger {
     this.events = new FixedDeque<LogEventEntry[]>(Array, MAX_EVENTS);
     this.promptId = config?.getSessionId() ?? '';
     this.installationManager = new InstallationManager();
+    this.userAccountManager = new UserAccountManager();
   }
 
   static getInstance(config?: Config): ClearcutLogger | undefined {
@@ -230,11 +233,14 @@ export class ClearcutLogger {
   }
 
   createLogEvent(eventName: EventNames, data: EventValue[] = []): LogEvent {
+    const email = this.userAccountManager.getCachedGoogleAccount();
+
     if (eventName !== EventNames.START_SESSION) {
       data.push(...this.sessionData);
     }
+    const totalAccounts = this.userAccountManager.getLifetimeGoogleAccounts();
 
-    data = this.addDefaultFields(data);
+    data = this.addDefaultFields(data, totalAccounts);
 
     const logEvent: LogEvent = {
       console_type: 'GEMINI_CLI',
@@ -243,7 +249,12 @@ export class ClearcutLogger {
       event_metadata: [data],
     };
 
-    logEvent.client_install_id = this.installationManager.getInstallationId();
+    // Should log either email or install ID, not both. See go/cloudmill-1p-oss-instrumentation#define-sessionable-id
+    if (email) {
+      logEvent.client_email = email;
+    } else {
+      logEvent.client_install_id = this.installationManager.getInstallationId();
+    }
 
     return logEvent;
   }
@@ -1007,7 +1018,7 @@ export class ClearcutLogger {
    * Adds default fields to data, and returns a new data array.  This fields
    * should exist on all log events.
    */
-  addDefaultFields(data: EventValue[]): EventValue[] {
+  addDefaultFields(data: EventValue[], totalAccounts: number): EventValue[] {
     const surface = determineSurface();
 
     const defaultLogMetadata: EventValue[] = [
@@ -1021,6 +1032,10 @@ export class ClearcutLogger {
           this.config?.getContentGeneratorConfig()?.authType,
         ),
       },
+      {
+        gemini_cli_key: EventMetadataKey.GEMINI_CLI_GOOGLE_ACCOUNTS_COUNT,
+        value: `${totalAccounts}`,
+      },
       {
         gemini_cli_key: EventMetadataKey.GEMINI_CLI_SURFACE,
         value: surface,

packages/core/src/telemetry/loggers.test.ts

@@ -83,6 +83,7 @@ import type {
 } from '@google/genai';
 import { DiscoveredMCPTool } from '../tools/mcp-tool.js';
 import * as uiTelemetry from './uiTelemetry.js';
+import { UserAccountManager } from '../utils/userAccountManager.js';
 import { makeFakeConfig } from '../test-utils/config.js';
 
 describe('loggers', () => {
@@ -100,6 +101,10 @@ describe('loggers', () => {
     vi.spyOn(uiTelemetry.uiTelemetryService, 'addEvent').mockImplementation(
       mockUiEvent.addEvent,
     );
+    vi.spyOn(
+      UserAccountManager.prototype,
+      'getCachedGoogleAccount',
+    ).mockReturnValue('test-user@example.com');
     vi.useFakeTimers();
     vi.setSystemTime(new Date('2025-01-01T00:00:00.000Z'));
   });
@@ -183,6 +188,7 @@ describe('loggers', () => {
         body: 'CLI configuration loaded.',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_CLI_CONFIG,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           model: 'test-model',
@@ -227,6 +233,7 @@ describe('loggers', () => {
         body: 'User prompt. Length: 11.',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_USER_PROMPT,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           prompt_length: 11,
@@ -248,7 +255,7 @@ describe('loggers', () => {
       const event = new UserPromptEvent(
         11,
         'prompt-id-9',
-        AuthType.USE_GEMINI,
+        AuthType.CLOUD_SHELL,
         'test-prompt',
       );
 
@@ -258,11 +265,12 @@ describe('loggers', () => {
         body: 'User prompt. Length: 11.',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_USER_PROMPT,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           prompt_length: 11,
           prompt_id: 'prompt-id-9',
-          auth_type: 'gemini-api-key',
+          auth_type: 'cloud-shell',
         },
       });
     });
@@ -305,7 +313,7 @@ describe('loggers', () => {
         'test-model',
         100,
         'prompt-id-1',
-        AuthType.USE_GEMINI,
+        AuthType.LOGIN_WITH_GOOGLE,
         usageData,
         'test-response',
       );
@@ -316,6 +324,7 @@ describe('loggers', () => {
         body: 'API response from test-model. Status: 200. Duration: 100ms.',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_API_RESPONSE,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           [SemanticAttributes.HTTP_STATUS_CODE]: 200,
@@ -331,7 +340,7 @@ describe('loggers', () => {
           total_token_count: 0,
           response_text: 'test-response',
           prompt_id: 'prompt-id-1',
-          auth_type: 'gemini-api-key',
+          auth_type: 'oauth-personal',
         },
       });
 
@@ -377,6 +386,7 @@ describe('loggers', () => {
         body: 'API request to test-model.',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_API_REQUEST,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           model: 'test-model',
@@ -395,6 +405,7 @@ describe('loggers', () => {
         body: 'API request to test-model.',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_API_REQUEST,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           model: 'test-model',
@@ -419,6 +430,7 @@ describe('loggers', () => {
         body: 'Switching to flash as Fallback.',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_FLASH_FALLBACK,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           auth_type: 'vertex-ai',
@@ -453,6 +465,7 @@ describe('loggers', () => {
       expect(emittedEvent.attributes).toEqual(
         expect.objectContaining({
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_RIPGREP_FALLBACK,
           error: 'ripgrep is not available',
         }),
@@ -471,6 +484,7 @@ describe('loggers', () => {
       expect(emittedEvent.attributes).toEqual(
         expect.objectContaining({
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_RIPGREP_FALLBACK,
           error: 'rg not found',
         }),
@@ -584,6 +598,7 @@ describe('loggers', () => {
         body: 'Tool call: test-function. Decision: accept. Success: true. Duration: 100ms.',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_TOOL_CALL,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           function_name: 'test-function',
@@ -667,6 +682,7 @@ describe('loggers', () => {
         body: 'Tool call: test-function. Decision: reject. Success: false. Duration: 100ms.',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_TOOL_CALL,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           function_name: 'test-function',
@@ -743,6 +759,7 @@ describe('loggers', () => {
         body: 'Tool call: test-function. Decision: modify. Success: true. Duration: 100ms.',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_TOOL_CALL,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           function_name: 'test-function',
@@ -818,6 +835,7 @@ describe('loggers', () => {
         body: 'Tool call: test-function. Success: true. Duration: 100ms.',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_TOOL_CALL,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           function_name: 'test-function',
@@ -892,6 +910,7 @@ describe('loggers', () => {
         body: 'Tool call: test-function. Success: false. Duration: 100ms.',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_TOOL_CALL,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           function_name: 'test-function',
@@ -980,6 +999,7 @@ describe('loggers', () => {
         body: 'Tool call: mock_mcp_tool. Success: true. Duration: 100ms.',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_TOOL_CALL,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           function_name: 'mock_mcp_tool',
@@ -1027,6 +1047,7 @@ describe('loggers', () => {
         body: 'Malformed JSON response from test-model.',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_MALFORMED_JSON_RESPONSE,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           model: 'test-model',
@@ -1070,6 +1091,7 @@ describe('loggers', () => {
         body: 'File operation: read. Lines: 10.',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_FILE_OPERATION,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           tool_name: 'test-tool',
@@ -1115,6 +1137,7 @@ describe('loggers', () => {
         body: 'Tool output truncated for test-tool.',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': 'tool_output_truncated',
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           eventName: 'tool_output_truncated',
@@ -1161,6 +1184,7 @@ describe('loggers', () => {
         body: 'Installed extension vscode',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_EXTENSION_INSTALL,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           extension_name: 'vscode',
@@ -1199,6 +1223,7 @@ describe('loggers', () => {
         body: 'Uninstalled extension vscode',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_EXTENSION_UNINSTALL,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           extension_name: 'vscode',
@@ -1235,6 +1260,7 @@ describe('loggers', () => {
         body: 'Enabled extension vscode',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_EXTENSION_ENABLE,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           extension_name: 'vscode',
@@ -1271,6 +1297,7 @@ describe('loggers', () => {
         body: 'Disabled extension vscode',
         attributes: {
           'session.id': 'test-session-id',
+          'user.email': 'test-user@example.com',
           'event.name': EVENT_EXTENSION_DISABLE,
           'event.timestamp': '2025-01-01T00:00:00.000Z',
           extension_name: 'vscode',

packages/core/src/telemetry/loggers.ts

@@ -9,6 +9,7 @@ import { logs } from '@opentelemetry/api-logs';
 import { SemanticAttributes } from '@opentelemetry/semantic-conventions';
 import type { Config } from '../config/config.js';
 import { safeJsonStringify } from '../utils/safeJsonStringify.js';
+import { UserAccountManager } from '../utils/userAccountManager.js';
 import {
   EVENT_API_ERROR,
   EVENT_API_CANCEL,
@@ -92,8 +93,11 @@ const shouldLogUserPrompts = (config: Config): boolean =>
   config.getTelemetryLogPromptsEnabled();
 
 function getCommonAttributes(config: Config): LogAttributes {
+  const userAccountManager = new UserAccountManager();
+  const email = userAccountManager.getCachedGoogleAccount();
   return {
     'session.id': config.getSessionId(),
+    ...(email && { 'user.email': email }),
   };
 }
 

packages/core/src/tools/mcp-client.test.ts

@@ -217,9 +217,9 @@ describe('mcp-client', () => {
           false,
         );
 
-        expect(transport).toBeInstanceOf(StreamableHTTPClientTransport);
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        expect((transport as any)._url).toEqual(new URL('http://test-server'));
+        expect(transport).toEqual(
+          new StreamableHTTPClientTransport(new URL('http://test-server'), {}),
+        );
       });
 
       it('with headers', async () => {
@@ -232,13 +232,13 @@ describe('mcp-client', () => {
           false,
         );
 
-        expect(transport).toBeInstanceOf(StreamableHTTPClientTransport);
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        expect((transport as any)._url).toEqual(new URL('http://test-server'));
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        expect((transport as any)._requestInit?.headers).toEqual({
-          Authorization: 'derp',
-        });
+        expect(transport).toEqual(
+          new StreamableHTTPClientTransport(new URL('http://test-server'), {
+            requestInit: {
+              headers: { Authorization: 'derp' },
+            },
+          }),
+        );
       });
     });
 
@@ -251,9 +251,9 @@ describe('mcp-client', () => {
           },
           false,
         );
-        expect(transport).toBeInstanceOf(SSEClientTransport);
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        expect((transport as any)._url).toEqual(new URL('http://test-server'));
+        expect(transport).toEqual(
+          new SSEClientTransport(new URL('http://test-server'), {}),
+        );
       });
 
       it('with headers', async () => {
@@ -266,13 +266,13 @@ describe('mcp-client', () => {
           false,
         );
 
-        expect(transport).toBeInstanceOf(SSEClientTransport);
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        expect((transport as any)._url).toEqual(new URL('http://test-server'));
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        expect((transport as any)._requestInit?.headers).toEqual({
-          Authorization: 'derp',
-        });
+        expect(transport).toEqual(
+          new SSEClientTransport(new URL('http://test-server'), {
+            requestInit: {
+              headers: { Authorization: 'derp' },
+            },
+          }),
+        );
       });
     });
 

packages/core/src/utils/errorParsing.test.ts

@@ -6,6 +6,9 @@
 
 import { describe, it, expect } from 'vitest';
 import { parseAndFormatApiError } from './errorParsing.js';
+import { isProQuotaExceededError } from './quotaErrorDetection.js';
+import { DEFAULT_GEMINI_FLASH_MODEL } from '../config/models.js';
+import { UserTierId } from '../code_assist/types.js';
 import { AuthType } from '../core/contentGenerator.js';
 import type { StructuredError } from '../core/turn.js';
 
@@ -24,10 +27,32 @@ describe('parseAndFormatApiError', () => {
   it('should format a 429 API error with the default message', () => {
     const errorMessage =
       'got status: 429 Too Many Requests. {"error":{"code":429,"message":"Rate limit exceeded","status":"RESOURCE_EXHAUSTED"}}';
-    const result = parseAndFormatApiError(errorMessage, undefined);
+    const result = parseAndFormatApiError(
+      errorMessage,
+      undefined,
+      undefined,
+      'gemini-2.5-pro',
+      DEFAULT_GEMINI_FLASH_MODEL,
+    );
     expect(result).toContain('[API Error: Rate limit exceeded');
     expect(result).toContain(
-      'Possible quota limitations in place or slow response times detected. Please wait and try again later.',
+      'Possible quota limitations in place or slow response times detected. Switching to the gemini-2.5-flash model',
+    );
+  });
+
+  it('should format a 429 API error with the personal message', () => {
+    const errorMessage =
+      'got status: 429 Too Many Requests. {"error":{"code":429,"message":"Rate limit exceeded","status":"RESOURCE_EXHAUSTED"}}';
+    const result = parseAndFormatApiError(
+      errorMessage,
+      AuthType.LOGIN_WITH_GOOGLE,
+      undefined,
+      'gemini-2.5-pro',
+      DEFAULT_GEMINI_FLASH_MODEL,
+    );
+    expect(result).toContain('[API Error: Rate limit exceeded');
+    expect(result).toContain(
+      'Possible quota limitations in place or slow response times detected. Switching to the gemini-2.5-flash model',
     );
   });
 
@@ -107,4 +132,230 @@ describe('parseAndFormatApiError', () => {
     const expected = '[API Error: An unknown error occurred.]';
     expect(parseAndFormatApiError(error)).toBe(expected);
   });
+
+  it('should format a 429 API error with Pro quota exceeded message for Google auth (Free tier)', () => {
+    const errorMessage =
+      'got status: 429 Too Many Requests. {"error":{"code":429,"message":"Quota exceeded for quota metric \'Gemini 2.5 Pro Requests\' and limit \'RequestsPerDay\' of service \'generativelanguage.googleapis.com\' for consumer \'project_number:123456789\'.","status":"RESOURCE_EXHAUSTED"}}';
+    const result = parseAndFormatApiError(
+      errorMessage,
+      AuthType.LOGIN_WITH_GOOGLE,
+      undefined,
+      'gemini-2.5-pro',
+      DEFAULT_GEMINI_FLASH_MODEL,
+    );
+    expect(result).toContain(
+      "[API Error: Quota exceeded for quota metric 'Gemini 2.5 Pro Requests'",
+    );
+    expect(result).toContain(
+      'You have reached your daily gemini-2.5-pro quota limit',
+    );
+    expect(result).toContain('upgrade to get higher limits');
+  });
+
+  it('should format a regular 429 API error with standard message for Google auth', () => {
+    const errorMessage =
+      'got status: 429 Too Many Requests. {"error":{"code":429,"message":"Rate limit exceeded","status":"RESOURCE_EXHAUSTED"}}';
+    const result = parseAndFormatApiError(
+      errorMessage,
+      AuthType.LOGIN_WITH_GOOGLE,
+      undefined,
+      'gemini-2.5-pro',
+      DEFAULT_GEMINI_FLASH_MODEL,
+    );
+    expect(result).toContain('[API Error: Rate limit exceeded');
+    expect(result).toContain(
+      'Possible quota limitations in place or slow response times detected. Switching to the gemini-2.5-flash model',
+    );
+    expect(result).not.toContain(
+      'You have reached your daily gemini-2.5-pro quota limit',
+    );
+  });
+
+  it('should format a 429 API error with generic quota exceeded message for Google auth', () => {
+    const errorMessage =
+      'got status: 429 Too Many Requests. {"error":{"code":429,"message":"Quota exceeded for quota metric \'GenerationRequests\' and limit \'RequestsPerDay\' of service \'generativelanguage.googleapis.com\' for consumer \'project_number:123456789\'.","status":"RESOURCE_EXHAUSTED"}}';
+    const result = parseAndFormatApiError(
+      errorMessage,
+      AuthType.LOGIN_WITH_GOOGLE,
+      undefined,
+      'gemini-2.5-pro',
+      DEFAULT_GEMINI_FLASH_MODEL,
+    );
+    expect(result).toContain(
+      "[API Error: Quota exceeded for quota metric 'GenerationRequests'",
+    );
+    expect(result).toContain('You have reached your daily quota limit');
+    expect(result).not.toContain(
+      'You have reached your daily Gemini 2.5 Pro quota limit',
+    );
+  });
+
+  it('should prioritize Pro quota message over generic quota message for Google auth', () => {
+    const errorMessage =
+      'got status: 429 Too Many Requests. {"error":{"code":429,"message":"Quota exceeded for quota metric \'Gemini 2.5 Pro Requests\' and limit \'RequestsPerDay\' of service \'generativelanguage.googleapis.com\' for consumer \'project_number:123456789\'.","status":"RESOURCE_EXHAUSTED"}}';
+    const result = parseAndFormatApiError(
+      errorMessage,
+      AuthType.LOGIN_WITH_GOOGLE,
+      undefined,
+      'gemini-2.5-pro',
+      DEFAULT_GEMINI_FLASH_MODEL,
+    );
+    expect(result).toContain(
+      "[API Error: Quota exceeded for quota metric 'Gemini 2.5 Pro Requests'",
+    );
+    expect(result).toContain(
+      'You have reached your daily gemini-2.5-pro quota limit',
+    );
+    expect(result).not.toContain('You have reached your daily quota limit');
+  });
+
+  it('should format a 429 API error with Pro quota exceeded message for Google auth (Standard tier)', () => {
+    const errorMessage =
+      'got status: 429 Too Many Requests. {"error":{"code":429,"message":"Quota exceeded for quota metric \'Gemini 2.5 Pro Requests\' and limit \'RequestsPerDay\' of service \'generativelanguage.googleapis.com\' for consumer \'project_number:123456789\'.","status":"RESOURCE_EXHAUSTED"}}';
+    const result = parseAndFormatApiError(
+      errorMessage,
+      AuthType.LOGIN_WITH_GOOGLE,
+      UserTierId.STANDARD,
+      'gemini-2.5-pro',
+      DEFAULT_GEMINI_FLASH_MODEL,
+    );
+    expect(result).toContain(
+      "[API Error: Quota exceeded for quota metric 'Gemini 2.5 Pro Requests'",
+    );
+    expect(result).toContain(
+      'You have reached your daily gemini-2.5-pro quota limit',
+    );
+    expect(result).toContain(
+      'We appreciate you for choosing Gemini Code Assist and the Gemini CLI',
+    );
+    expect(result).not.toContain('upgrade to get higher limits');
+  });
+
+  it('should format a 429 API error with Pro quota exceeded message for Google auth (Legacy tier)', () => {
+    const errorMessage =
+      'got status: 429 Too Many Requests. {"error":{"code":429,"message":"Quota exceeded for quota metric \'Gemini 2.5 Pro Requests\' and limit \'RequestsPerDay\' of service \'generativelanguage.googleapis.com\' for consumer \'project_number:123456789\'.","status":"RESOURCE_EXHAUSTED"}}';
+    const result = parseAndFormatApiError(
+      errorMessage,
+      AuthType.LOGIN_WITH_GOOGLE,
+      UserTierId.LEGACY,
+      'gemini-2.5-pro',
+      DEFAULT_GEMINI_FLASH_MODEL,
+    );
+    expect(result).toContain(
+      "[API Error: Quota exceeded for quota metric 'Gemini 2.5 Pro Requests'",
+    );
+    expect(result).toContain(
+      'You have reached your daily gemini-2.5-pro quota limit',
+    );
+    expect(result).toContain(
+      'We appreciate you for choosing Gemini Code Assist and the Gemini CLI',
+    );
+    expect(result).not.toContain('upgrade to get higher limits');
+  });
+
+  it('should handle different Gemini 2.5 version strings in Pro quota exceeded errors', () => {
+    const errorMessage25 =
+      'got status: 429 Too Many Requests. {"error":{"code":429,"message":"Quota exceeded for quota metric \'Gemini 2.5 Pro Requests\' and limit \'RequestsPerDay\' of service \'generativelanguage.googleapis.com\' for consumer \'project_number:123456789\'.","status":"RESOURCE_EXHAUSTED"}}';
+    const errorMessagePreview =
+      'got status: 429 Too Many Requests. {"error":{"code":429,"message":"Quota exceeded for quota metric \'Gemini 2.5-preview Pro Requests\' and limit \'RequestsPerDay\' of service \'generativelanguage.googleapis.com\' for consumer \'project_number:123456789\'.","status":"RESOURCE_EXHAUSTED"}}';
+
+    const result25 = parseAndFormatApiError(
+      errorMessage25,
+      AuthType.LOGIN_WITH_GOOGLE,
+      undefined,
+      'gemini-2.5-pro',
+      DEFAULT_GEMINI_FLASH_MODEL,
+    );
+    const resultPreview = parseAndFormatApiError(
+      errorMessagePreview,
+      AuthType.LOGIN_WITH_GOOGLE,
+      undefined,
+      'gemini-2.5-preview-pro',
+      DEFAULT_GEMINI_FLASH_MODEL,
+    );
+
+    expect(result25).toContain(
+      'You have reached your daily gemini-2.5-pro quota limit',
+    );
+    expect(resultPreview).toContain(
+      'You have reached your daily gemini-2.5-preview-pro quota limit',
+    );
+    expect(result25).toContain('upgrade to get higher limits');
+    expect(resultPreview).toContain('upgrade to get higher limits');
+  });
+
+  it('should not match non-Pro models with similar version strings', () => {
+    // Test that Flash models with similar version strings don't match
+    expect(
+      isProQuotaExceededError(
+        "Quota exceeded for quota metric 'Gemini 2.5 Flash Requests' and limit",
+      ),
+    ).toBe(false);
+    expect(
+      isProQuotaExceededError(
+        "Quota exceeded for quota metric 'Gemini 2.5-preview Flash Requests' and limit",
+      ),
+    ).toBe(false);
+
+    // Test other model types
+    expect(
+      isProQuotaExceededError(
+        "Quota exceeded for quota metric 'Gemini 2.5 Ultra Requests' and limit",
+      ),
+    ).toBe(false);
+    expect(
+      isProQuotaExceededError(
+        "Quota exceeded for quota metric 'Gemini 2.5 Standard Requests' and limit",
+      ),
+    ).toBe(false);
+
+    // Test generic quota messages
+    expect(
+      isProQuotaExceededError(
+        "Quota exceeded for quota metric 'GenerationRequests' and limit",
+      ),
+    ).toBe(false);
+    expect(
+      isProQuotaExceededError(
+        "Quota exceeded for quota metric 'EmbeddingRequests' and limit",
+      ),
+    ).toBe(false);
+  });
+
+  it('should format a generic quota exceeded message for Google auth (Standard tier)', () => {
+    const errorMessage =
+      'got status: 429 Too Many Requests. {"error":{"code":429,"message":"Quota exceeded for quota metric \'GenerationRequests\' and limit \'RequestsPerDay\' of service \'generativelanguage.googleapis.com\' for consumer \'project_number:123456789\'.","status":"RESOURCE_EXHAUSTED"}}';
+    const result = parseAndFormatApiError(
+      errorMessage,
+      AuthType.LOGIN_WITH_GOOGLE,
+      UserTierId.STANDARD,
+      'gemini-2.5-pro',
+      DEFAULT_GEMINI_FLASH_MODEL,
+    );
+    expect(result).toContain(
+      "[API Error: Quota exceeded for quota metric 'GenerationRequests'",
+    );
+    expect(result).toContain('You have reached your daily quota limit');
+    expect(result).toContain(
+      'We appreciate you for choosing Gemini Code Assist and the Gemini CLI',
+    );
+    expect(result).not.toContain('upgrade to get higher limits');
+  });
+
+  it('should format a regular 429 API error with standard message for Google auth (Standard tier)', () => {
+    const errorMessage =
+      'got status: 429 Too Many Requests. {"error":{"code":429,"message":"Rate limit exceeded","status":"RESOURCE_EXHAUSTED"}}';
+    const result = parseAndFormatApiError(
+      errorMessage,
+      AuthType.LOGIN_WITH_GOOGLE,
+      UserTierId.STANDARD,
+      'gemini-2.5-pro',
+      DEFAULT_GEMINI_FLASH_MODEL,
+    );
+    expect(result).toContain('[API Error: Rate limit exceeded');
+    expect(result).toContain(
+      'We appreciate you for choosing Gemini Code Assist and the Gemini CLI',
+    );
+    expect(result).not.toContain('upgrade to get higher limits');
+  });
 });

packages/core/src/utils/errorParsing.ts

@@ -4,36 +4,120 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-import { isApiError, isStructuredError } from './quotaErrorDetection.js';
+import {
+  isProQuotaExceededError,
+  isGenericQuotaExceededError,
+  isApiError,
+  isStructuredError,
+} from './quotaErrorDetection.js';
+import {
+  DEFAULT_GEMINI_MODEL,
+  DEFAULT_GEMINI_FLASH_MODEL,
+} from '../config/models.js';
+import { UserTierId } from '../code_assist/types.js';
 import { AuthType } from '../core/contentGenerator.js';
 
 // Free Tier message functions
+const getRateLimitErrorMessageGoogleFree = (
+  fallbackModel: string = DEFAULT_GEMINI_FLASH_MODEL,
+) =>
+  `\nPossible quota limitations in place or slow response times detected. Switching to the ${fallbackModel} model for the rest of this session.`;
+
+const getRateLimitErrorMessageGoogleProQuotaFree = (
+  currentModel: string = DEFAULT_GEMINI_MODEL,
+  fallbackModel: string = DEFAULT_GEMINI_FLASH_MODEL,
+) =>
+  `\nYou have reached your daily ${currentModel} quota limit. You will be switched to the ${fallbackModel} model for the rest of this session. To increase your limits, upgrade to get higher limits at https://goo.gle/set-up-gemini-code-assist, or use /auth to switch to using a paid API key from AI Studio at https://aistudio.google.com/apikey`;
+
+const getRateLimitErrorMessageGoogleGenericQuotaFree = () =>
+  `\nYou have reached your daily quota limit. To increase your limits, upgrade to get higher limits at https://goo.gle/set-up-gemini-code-assist, or use /auth to switch to using a paid API key from AI Studio at https://aistudio.google.com/apikey`;
+
+// Legacy/Standard Tier message functions
+const getRateLimitErrorMessageGooglePaid = (
+  fallbackModel: string = DEFAULT_GEMINI_FLASH_MODEL,
+) =>
+  `\nPossible quota limitations in place or slow response times detected. Switching to the ${fallbackModel} model for the rest of this session. We appreciate you for choosing Gemini Code Assist and the Gemini CLI.`;
+
+const getRateLimitErrorMessageGoogleProQuotaPaid = (
+  currentModel: string = DEFAULT_GEMINI_MODEL,
+  fallbackModel: string = DEFAULT_GEMINI_FLASH_MODEL,
+) =>
+  `\nYou have reached your daily ${currentModel} quota limit. You will be switched to the ${fallbackModel} model for the rest of this session. We appreciate you for choosing Gemini Code Assist and the Gemini CLI. To continue accessing the ${currentModel} model today, consider using /auth to switch to using a paid API key from AI Studio at https://aistudio.google.com/apikey`;
+
+const getRateLimitErrorMessageGoogleGenericQuotaPaid = (
+  currentModel: string = DEFAULT_GEMINI_MODEL,
+) =>
+  `\nYou have reached your daily quota limit. We appreciate you for choosing Gemini Code Assist and the Gemini CLI. To continue accessing the ${currentModel} model today, consider using /auth to switch to using a paid API key from AI Studio at https://aistudio.google.com/apikey`;
 const RATE_LIMIT_ERROR_MESSAGE_USE_GEMINI =
   '\nPlease wait and try again later. To increase your limits, request a quota increase through AI Studio, or switch to another /auth method';
 const RATE_LIMIT_ERROR_MESSAGE_VERTEX =
   '\nPlease wait and try again later. To increase your limits, request a quota increase through Vertex, or switch to another /auth method';
-const RATE_LIMIT_ERROR_MESSAGE_DEFAULT =
-  '\nPossible quota limitations in place or slow response times detected. Please wait and try again later.';
+const getRateLimitErrorMessageDefault = (
+  fallbackModel: string = DEFAULT_GEMINI_FLASH_MODEL,
+) =>
+  `\nPossible quota limitations in place or slow response times detected. Switching to the ${fallbackModel} model for the rest of this session.`;
 
-function getRateLimitMessage(authType?: AuthType): string {
+function getRateLimitMessage(
+  authType?: AuthType,
+  error?: unknown,
+  userTier?: UserTierId,
+  currentModel?: string,
+  fallbackModel?: string,
+): string {
   switch (authType) {
+    case AuthType.LOGIN_WITH_GOOGLE: {
+      // Determine if user is on a paid tier (Legacy or Standard) - default to FREE if not specified
+      const isPaidTier =
+        userTier === UserTierId.LEGACY || userTier === UserTierId.STANDARD;
+
+      if (isProQuotaExceededError(error)) {
+        return isPaidTier
+          ? getRateLimitErrorMessageGoogleProQuotaPaid(
+              currentModel || DEFAULT_GEMINI_MODEL,
+              fallbackModel,
+            )
+          : getRateLimitErrorMessageGoogleProQuotaFree(
+              currentModel || DEFAULT_GEMINI_MODEL,
+              fallbackModel,
+            );
+      } else if (isGenericQuotaExceededError(error)) {
+        return isPaidTier
+          ? getRateLimitErrorMessageGoogleGenericQuotaPaid(
+              currentModel || DEFAULT_GEMINI_MODEL,
+            )
+          : getRateLimitErrorMessageGoogleGenericQuotaFree();
+      } else {
+        return isPaidTier
+          ? getRateLimitErrorMessageGooglePaid(fallbackModel)
+          : getRateLimitErrorMessageGoogleFree(fallbackModel);
+      }
+    }
     case AuthType.USE_GEMINI:
       return RATE_LIMIT_ERROR_MESSAGE_USE_GEMINI;
     case AuthType.USE_VERTEX_AI:
       return RATE_LIMIT_ERROR_MESSAGE_VERTEX;
     default:
-      return RATE_LIMIT_ERROR_MESSAGE_DEFAULT;
+      return getRateLimitErrorMessageDefault(fallbackModel);
   }
 }
 
 export function parseAndFormatApiError(
   error: unknown,
   authType?: AuthType,
+  userTier?: UserTierId,
+  currentModel?: string,
+  fallbackModel?: string,
 ): string {
   if (isStructuredError(error)) {
     let text = `[API Error: ${error.message}]`;
     if (error.status === 429) {
-      text += getRateLimitMessage(authType);
+      text += getRateLimitMessage(
+        authType,
+        error,
+        userTier,
+        currentModel,
+        fallbackModel,
+      );
     }
     return text;
   }
@@ -62,7 +146,13 @@ export function parseAndFormatApiError(
         }
         let text = `[API Error: ${finalMessage} (Status: ${parsedError.error.status})]`;
         if (parsedError.error.code === 429) {
-          text += getRateLimitMessage(authType);
+          text += getRateLimitMessage(
+            authType,
+            parsedError,
+            userTier,
+            currentModel,
+            fallbackModel,
+          );
         }
         return text;
       }

packages/core/src/utils/flashFallback.test.ts

@@ -11,9 +11,12 @@ import {
   setSimulate429,
   disableSimulationAfterFallback,
   shouldSimulate429,
+  createSimulated429Error,
   resetRequestCounter,
 } from './testUtils.js';
 import { DEFAULT_GEMINI_FLASH_MODEL } from '../config/models.js';
+import { retryWithBackoff } from './retry.js';
+import { AuthType } from '../core/contentGenerator.js';
 // Import the new types (Assuming this test file is in packages/core/src/utils/)
 import type { FallbackModelHandler } from '../fallback/types.js';
 
@@ -58,6 +61,84 @@ describe('Retry Utility Fallback Integration', () => {
     expect(result).toBe('retry');
   });
 
+  // This test validates the retry utility's logic for triggering the callback.
+  it('should trigger onPersistent429 after 2 consecutive 429 errors for OAuth users', async () => {
+    let fallbackCalled = false;
+    // Removed fallbackModel variable as it's no longer relevant here.
+
+    // Mock function that simulates exactly 2 429 errors, then succeeds after fallback
+    const mockApiCall = vi
+      .fn()
+      .mockRejectedValueOnce(createSimulated429Error())
+      .mockRejectedValueOnce(createSimulated429Error())
+      .mockResolvedValueOnce('success after fallback');
+
+    // Mock the onPersistent429 callback (this is what client.ts/geminiChat.ts provides)
+    const mockPersistent429Callback = vi.fn(async (_authType?: string) => {
+      fallbackCalled = true;
+      // Return true to signal retryWithBackoff to reset attempts and continue.
+      return true;
+    });
+
+    // Test with OAuth personal auth type, with maxAttempts = 2 to ensure fallback triggers
+    const result = await retryWithBackoff(mockApiCall, {
+      maxAttempts: 2,
+      initialDelayMs: 1,
+      maxDelayMs: 10,
+      shouldRetryOnError: (error: Error) => {
+        const status = (error as Error & { status?: number }).status;
+        return status === 429;
+      },
+      onPersistent429: mockPersistent429Callback,
+      authType: AuthType.LOGIN_WITH_GOOGLE,
+    });
+
+    // Verify fallback mechanism was triggered
+    expect(fallbackCalled).toBe(true);
+    expect(mockPersistent429Callback).toHaveBeenCalledWith(
+      AuthType.LOGIN_WITH_GOOGLE,
+      expect.any(Error),
+    );
+    expect(result).toBe('success after fallback');
+    // Should have: 2 failures, then fallback triggered, then 1 success after retry reset
+    expect(mockApiCall).toHaveBeenCalledTimes(3);
+  });
+
+  it('should not trigger onPersistent429 for API key users', async () => {
+    let fallbackCalled = false;
+
+    // Mock function that simulates 429 errors
+    const mockApiCall = vi.fn().mockRejectedValue(createSimulated429Error());
+
+    // Mock the callback
+    const mockPersistent429Callback = vi.fn(async () => {
+      fallbackCalled = true;
+      return true;
+    });
+
+    // Test with API key auth type - should not trigger fallback
+    try {
+      await retryWithBackoff(mockApiCall, {
+        maxAttempts: 5,
+        initialDelayMs: 10,
+        maxDelayMs: 100,
+        shouldRetryOnError: (error: Error) => {
+          const status = (error as Error & { status?: number }).status;
+          return status === 429;
+        },
+        onPersistent429: mockPersistent429Callback,
+        authType: AuthType.USE_GEMINI, // API key auth type
+      });
+    } catch (error) {
+      // Expected to throw after max attempts
+      expect((error as Error).message).toContain('Rate limit exceeded');
+    }
+
+    // Verify fallback was NOT triggered for API key users
+    expect(fallbackCalled).toBe(false);
+    expect(mockPersistent429Callback).not.toHaveBeenCalled();
+  });
+
   // This test validates the test utilities themselves.
   it('should properly disable simulation state after fallback (Test Utility)', () => {
     // Enable simulation

packages/core/src/utils/nextSpeakerChecker.test.ts

@@ -61,7 +61,6 @@ describe('checkNextSpeaker', () => {
         generateContentStream: vi.fn(),
         countTokens: vi.fn(),
         embedContent: vi.fn(),
-        useSummarizedThinking: vi.fn().mockReturnValue(false),
       } as ContentGenerator,
       {} as Config,
     );

packages/core/src/utils/partUtils.ts

@@ -81,7 +81,7 @@ export function getResponseText(
       candidate.content.parts.length > 0
     ) {
       return candidate.content.parts
-        .filter((part) => part.text && !part.thought)
+        .filter((part) => part.text)
         .map((part) => part.text)
         .join('');
     }

packages/core/src/utils/retry.test.ts

@@ -285,6 +285,173 @@ describe('retryWithBackoff', () => {
     });
   });
 
+  describe('Flash model fallback for OAuth users', () => {
+    it('should trigger fallback for OAuth personal users after persistent 429 errors', async () => {
+      const fallbackCallback = vi.fn().mockResolvedValue('gemini-2.5-flash');
+
+      let fallbackOccurred = false;
+      const mockFn = vi.fn().mockImplementation(async () => {
+        if (!fallbackOccurred) {
+          const error: HttpError = new Error('Rate limit exceeded');
+          error.status = 429;
+          throw error;
+        }
+        return 'success';
+      });
+
+      const promise = retryWithBackoff(mockFn, {
+        maxAttempts: 3,
+        initialDelayMs: 100,
+        onPersistent429: async (authType?: string) => {
+          fallbackOccurred = true;
+          return await fallbackCallback(authType);
+        },
+        authType: 'oauth-personal',
+      });
+
+      // Advance all timers to complete retries
+      await vi.runAllTimersAsync();
+
+      // Should succeed after fallback
+      await expect(promise).resolves.toBe('success');
+
+      // Verify callback was called with correct auth type
+      expect(fallbackCallback).toHaveBeenCalledWith('oauth-personal');
+
+      // Should retry again after fallback
+      expect(mockFn).toHaveBeenCalledTimes(3); // 2 initial attempts + 1 after fallback
+    });
+
+    it('should NOT trigger fallback for API key users', async () => {
+      const fallbackCallback = vi.fn();
+
+      const mockFn = vi.fn(async () => {
+        const error: HttpError = new Error('Rate limit exceeded');
+        error.status = 429;
+        throw error;
+      });
+
+      const promise = retryWithBackoff(mockFn, {
+        maxAttempts: 3,
+        initialDelayMs: 100,
+        onPersistent429: fallbackCallback,
+        authType: 'gemini-api-key',
+      });
+
+      // Handle the promise properly to avoid unhandled rejections
+      const resultPromise = promise.catch((error) => error);
+      await vi.runAllTimersAsync();
+      const result = await resultPromise;
+
+      // Should fail after all retries without fallback
+      expect(result).toBeInstanceOf(Error);
+      expect(result.message).toBe('Rate limit exceeded');
+
+      // Callback should not be called for API key users
+      expect(fallbackCallback).not.toHaveBeenCalled();
+    });
+
+    it('should reset attempt counter and continue after successful fallback', async () => {
+      let fallbackCalled = false;
+      const fallbackCallback = vi.fn().mockImplementation(async () => {
+        fallbackCalled = true;
+        return 'gemini-2.5-flash';
+      });
+
+      const mockFn = vi.fn().mockImplementation(async () => {
+        if (!fallbackCalled) {
+          const error: HttpError = new Error('Rate limit exceeded');
+          error.status = 429;
+          throw error;
+        }
+        return 'success';
+      });
+
+      const promise = retryWithBackoff(mockFn, {
+        maxAttempts: 3,
+        initialDelayMs: 100,
+        onPersistent429: fallbackCallback,
+        authType: 'oauth-personal',
+      });
+
+      await vi.runAllTimersAsync();
+
+      await expect(promise).resolves.toBe('success');
+      expect(fallbackCallback).toHaveBeenCalledOnce();
+    });
+
+    it('should continue with original error if fallback is rejected', async () => {
+      const fallbackCallback = vi.fn().mockResolvedValue(null); // User rejected fallback
+
+      const mockFn = vi.fn(async () => {
+        const error: HttpError = new Error('Rate limit exceeded');
+        error.status = 429;
+        throw error;
+      });
+
+      const promise = retryWithBackoff(mockFn, {
+        maxAttempts: 3,
+        initialDelayMs: 100,
+        onPersistent429: fallbackCallback,
+        authType: 'oauth-personal',
+      });
+
+      // Handle the promise properly to avoid unhandled rejections
+      const resultPromise = promise.catch((error) => error);
+      await vi.runAllTimersAsync();
+      const result = await resultPromise;
+
+      // Should fail with original error when fallback is rejected
+      expect(result).toBeInstanceOf(Error);
+      expect(result.message).toBe('Rate limit exceeded');
+      expect(fallbackCallback).toHaveBeenCalledWith(
+        'oauth-personal',
+        expect.any(Error),
+      );
+    });
+
+    it('should handle mixed error types (only count consecutive 429s)', async () => {
+      const fallbackCallback = vi.fn().mockResolvedValue('gemini-2.5-flash');
+      let attempts = 0;
+      let fallbackOccurred = false;
+
+      const mockFn = vi.fn().mockImplementation(async () => {
+        attempts++;
+        if (fallbackOccurred) {
+          return 'success';
+        }
+        if (attempts === 1) {
+          // First attempt: 500 error (resets consecutive count)
+          const error: HttpError = new Error('Server error');
+          error.status = 500;
+          throw error;
+        } else {
+          // Remaining attempts: 429 errors
+          const error: HttpError = new Error('Rate limit exceeded');
+          error.status = 429;
+          throw error;
+        }
+      });
+
+      const promise = retryWithBackoff(mockFn, {
+        maxAttempts: 5,
+        initialDelayMs: 100,
+        onPersistent429: async (authType?: string) => {
+          fallbackOccurred = true;
+          return await fallbackCallback(authType);
+        },
+        authType: 'oauth-personal',
+      });
+
+      await vi.runAllTimersAsync();
+
+      await expect(promise).resolves.toBe('success');
+
+      // Should trigger fallback after 2 consecutive 429s (attempts 2-3)
+      expect(fallbackCallback).toHaveBeenCalledWith('oauth-personal');
+    });
+  });
+
   describe('Qwen OAuth 429 error handling', () => {
     it('should retry for Qwen OAuth 429 errors that are throttling-related', async () => {
       const errorWith429: HttpError = new Error('Rate limit exceeded');

packages/core/src/utils/retry.ts

@@ -7,6 +7,8 @@
 import type { GenerateContentResponse } from '@google/genai';
 import { AuthType } from '../core/contentGenerator.js';
 import {
+  isProQuotaExceededError,
+  isGenericQuotaExceededError,
   isQwenQuotaExceededError,
   isQwenThrottlingError,
 } from './quotaErrorDetection.js';
@@ -88,6 +90,7 @@ export async function retryWithBackoff<T>(
     maxAttempts,
     initialDelayMs,
     maxDelayMs,
+    onPersistent429,
     authType,
     shouldRetryOnError,
     shouldRetryOnContent,
@@ -120,6 +123,59 @@ export async function retryWithBackoff<T>(
     } catch (error) {
       const errorStatus = getErrorStatus(error);
 
+      // Check for Pro quota exceeded error first - immediate fallback for OAuth users
+      if (
+        errorStatus === 429 &&
+        authType === AuthType.LOGIN_WITH_GOOGLE &&
+        isProQuotaExceededError(error) &&
+        onPersistent429
+      ) {
+        try {
+          const fallbackModel = await onPersistent429(authType, error);
+          if (fallbackModel !== false && fallbackModel !== null) {
+            // Reset attempt counter and try with new model
+            attempt = 0;
+            consecutive429Count = 0;
+            currentDelay = initialDelayMs;
+            // With the model updated, we continue to the next attempt
+            continue;
+          } else {
+            // Fallback handler returned null/false, meaning don't continue - stop retry process
+            throw error;
+          }
+        } catch (fallbackError) {
+          // If fallback fails, continue with original error
+          console.warn('Fallback to Flash model failed:', fallbackError);
+        }
+      }
+
+      // Check for generic quota exceeded error (but not Pro, which was handled above) - immediate fallback for OAuth users
+      if (
+        errorStatus === 429 &&
+        authType === AuthType.LOGIN_WITH_GOOGLE &&
+        !isProQuotaExceededError(error) &&
+        isGenericQuotaExceededError(error) &&
+        onPersistent429
+      ) {
+        try {
+          const fallbackModel = await onPersistent429(authType, error);
+          if (fallbackModel !== false && fallbackModel !== null) {
+            // Reset attempt counter and try with new model
+            attempt = 0;
+            consecutive429Count = 0;
+            currentDelay = initialDelayMs;
+            // With the model updated, we continue to the next attempt
+            continue;
+          } else {
+            // Fallback handler returned null/false, meaning don't continue - stop retry process
+            throw error;
+          }
+        } catch (fallbackError) {
+          // If fallback fails, continue with original error
+          console.warn('Fallback to Flash model failed:', fallbackError);
+        }
+      }
+
       // Check for Qwen OAuth quota exceeded error - throw immediately without retry
       if (authType === AuthType.QWEN_OAUTH && isQwenQuotaExceededError(error)) {
         throw new Error(
@@ -141,7 +197,30 @@ export async function retryWithBackoff<T>(
         consecutive429Count = 0;
       }
 
-      console.debug('consecutive429Count', consecutive429Count);
+      // If we have persistent 429s and a fallback callback for OAuth
+      if (
+        consecutive429Count >= 2 &&
+        onPersistent429 &&
+        authType === AuthType.LOGIN_WITH_GOOGLE
+      ) {
+        try {
+          const fallbackModel = await onPersistent429(authType, error);
+          if (fallbackModel !== false && fallbackModel !== null) {
+            // Reset attempt counter and try with new model
+            attempt = 0;
+            consecutive429Count = 0;
+            currentDelay = initialDelayMs;
+            // With the model updated, we continue to the next attempt
+            continue;
+          } else {
+            // Fallback handler returned null/false, meaning don't continue - stop retry process
+            throw error;
+          }
+        } catch (fallbackError) {
+          // If fallback fails, continue with original error
+          console.warn('Fallback to Flash model failed:', fallbackError);
+        }
+      }
 
       // Check if we've exhausted retries or shouldn't retry
       if (attempt >= maxAttempts || !shouldRetryOnError(error as Error)) {
@@ -161,7 +240,7 @@ export async function retryWithBackoff<T>(
         // Reset currentDelay for next potential non-429 error, or if Retry-After is not present next time
         currentDelay = initialDelayMs;
       } else {
-        // Fallback to exponential backoff with jitter
+        // Fall back to exponential backoff with jitter
         logRetryAttempt(attempt, error, errorStatus);
         // Add jitter: +/- 30% of currentDelay
         const jitter = currentDelay * 0.3 * (Math.random() * 2 - 1);

packages/core/src/utils/thoughtUtils.ts

@@ -29,7 +29,7 @@ export function parseThought(rawText: string): ThoughtSummary {
   const startIndex = rawText.indexOf(START_DELIMITER);
   if (startIndex === -1) {
     // No start delimiter found, the whole text is the description.
-    return { subject: '', description: rawText };
+    return { subject: '', description: rawText.trim() };
   }
 
   const endIndex = rawText.indexOf(
@@ -39,7 +39,7 @@ export function parseThought(rawText: string): ThoughtSummary {
   if (endIndex === -1) {
     // Start delimiter found but no end delimiter, so it's not a valid subject.
     // Treat the entire string as the description.
-    return { subject: '', description: rawText };
+    return { subject: '', description: rawText.trim() };
   }
 
   const subject = rawText

packages/core/src/utils/userAccountManager.test.ts

@@ -0,0 +1,340 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import type { Mock } from 'vitest';
+import { vi, describe, it, expect, beforeEach, afterEach } from 'vitest';
+import { UserAccountManager } from './userAccountManager.js';
+import * as fs from 'node:fs';
+import * as os from 'node:os';
+import path from 'node:path';
+
+vi.mock('os', async (importOriginal) => {
+  const os = await importOriginal<typeof import('os')>();
+  return {
+    ...os,
+    homedir: vi.fn(),
+  };
+});
+
+describe('UserAccountManager', () => {
+  let tempHomeDir: string;
+  let userAccountManager: UserAccountManager;
+  let accountsFile: () => string;
+
+  beforeEach(() => {
+    tempHomeDir = fs.mkdtempSync(
+      path.join(os.tmpdir(), 'qwen-code-test-home-'),
+    );
+    (os.homedir as Mock).mockReturnValue(tempHomeDir);
+    accountsFile = () =>
+      path.join(tempHomeDir, '.qwen', 'google_accounts.json');
+    userAccountManager = new UserAccountManager();
+  });
+
+  afterEach(() => {
+    fs.rmSync(tempHomeDir, { recursive: true, force: true });
+    vi.clearAllMocks();
+  });
+
+  describe('cacheGoogleAccount', () => {
+    it('should create directory and write initial account file', async () => {
+      await userAccountManager.cacheGoogleAccount('test1@google.com');
+
+      // Verify Google Account ID was cached
+      expect(fs.existsSync(accountsFile())).toBe(true);
+      expect(fs.readFileSync(accountsFile(), 'utf-8')).toBe(
+        JSON.stringify({ active: 'test1@google.com', old: [] }, null, 2),
+      );
+    });
+
+    it('should update active account and move previous to old', async () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(
+        accountsFile(),
+        JSON.stringify(
+          { active: 'test2@google.com', old: ['test1@google.com'] },
+          null,
+          2,
+        ),
+      );
+
+      await userAccountManager.cacheGoogleAccount('test3@google.com');
+
+      expect(fs.readFileSync(accountsFile(), 'utf-8')).toBe(
+        JSON.stringify(
+          {
+            active: 'test3@google.com',
+            old: ['test1@google.com', 'test2@google.com'],
+          },
+          null,
+          2,
+        ),
+      );
+    });
+
+    it('should not add a duplicate to the old list', async () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(
+        accountsFile(),
+        JSON.stringify(
+          { active: 'test1@google.com', old: ['test2@google.com'] },
+          null,
+          2,
+        ),
+      );
+      await userAccountManager.cacheGoogleAccount('test2@google.com');
+      await userAccountManager.cacheGoogleAccount('test1@google.com');
+
+      expect(fs.readFileSync(accountsFile(), 'utf-8')).toBe(
+        JSON.stringify(
+          { active: 'test1@google.com', old: ['test2@google.com'] },
+          null,
+          2,
+        ),
+      );
+    });
+
+    it('should handle corrupted JSON by starting fresh', async () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(accountsFile(), 'not valid json');
+      const consoleLogSpy = vi
+        .spyOn(console, 'log')
+        .mockImplementation(() => {});
+
+      await userAccountManager.cacheGoogleAccount('test1@google.com');
+
+      expect(consoleLogSpy).toHaveBeenCalled();
+      expect(JSON.parse(fs.readFileSync(accountsFile(), 'utf-8'))).toEqual({
+        active: 'test1@google.com',
+        old: [],
+      });
+    });
+
+    it('should handle valid JSON with incorrect schema by starting fresh', async () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(
+        accountsFile(),
+        JSON.stringify({ active: 'test1@google.com', old: 'not-an-array' }),
+      );
+      const consoleLogSpy = vi
+        .spyOn(console, 'log')
+        .mockImplementation(() => {});
+
+      await userAccountManager.cacheGoogleAccount('test2@google.com');
+
+      expect(consoleLogSpy).toHaveBeenCalled();
+      expect(JSON.parse(fs.readFileSync(accountsFile(), 'utf-8'))).toEqual({
+        active: 'test2@google.com',
+        old: [],
+      });
+    });
+  });
+
+  describe('getCachedGoogleAccount', () => {
+    it('should return the active account if file exists and is valid', () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(
+        accountsFile(),
+        JSON.stringify({ active: 'active@google.com', old: [] }, null, 2),
+      );
+      const account = userAccountManager.getCachedGoogleAccount();
+      expect(account).toBe('active@google.com');
+    });
+
+    it('should return null if file does not exist', () => {
+      const account = userAccountManager.getCachedGoogleAccount();
+      expect(account).toBeNull();
+    });
+
+    it('should return null if file is empty', () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(accountsFile(), '');
+      const account = userAccountManager.getCachedGoogleAccount();
+      expect(account).toBeNull();
+    });
+
+    it('should return null and log if file is corrupted', () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(accountsFile(), '{ "active": "test@google.com"'); // Invalid JSON
+      const consoleLogSpy = vi
+        .spyOn(console, 'log')
+        .mockImplementation(() => {});
+
+      const account = userAccountManager.getCachedGoogleAccount();
+
+      expect(account).toBeNull();
+      expect(consoleLogSpy).toHaveBeenCalled();
+    });
+
+    it('should return null if active key is missing', () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(accountsFile(), JSON.stringify({ old: [] }));
+      const account = userAccountManager.getCachedGoogleAccount();
+      expect(account).toBeNull();
+    });
+  });
+
+  describe('clearCachedGoogleAccount', () => {
+    it('should set active to null and move it to old', async () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(
+        accountsFile(),
+        JSON.stringify(
+          { active: 'active@google.com', old: ['old1@google.com'] },
+          null,
+          2,
+        ),
+      );
+
+      await userAccountManager.clearCachedGoogleAccount();
+
+      const stored = JSON.parse(fs.readFileSync(accountsFile(), 'utf-8'));
+      expect(stored.active).toBeNull();
+      expect(stored.old).toEqual(['old1@google.com', 'active@google.com']);
+    });
+
+    it('should handle empty file gracefully', async () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(accountsFile(), '');
+      await userAccountManager.clearCachedGoogleAccount();
+      const stored = JSON.parse(fs.readFileSync(accountsFile(), 'utf-8'));
+      expect(stored.active).toBeNull();
+      expect(stored.old).toEqual([]);
+    });
+
+    it('should handle corrupted JSON by creating a fresh file', async () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(accountsFile(), 'not valid json');
+      const consoleLogSpy = vi
+        .spyOn(console, 'log')
+        .mockImplementation(() => {});
+
+      await userAccountManager.clearCachedGoogleAccount();
+
+      expect(consoleLogSpy).toHaveBeenCalled();
+      const stored = JSON.parse(fs.readFileSync(accountsFile(), 'utf-8'));
+      expect(stored.active).toBeNull();
+      expect(stored.old).toEqual([]);
+    });
+
+    it('should be idempotent if active account is already null', async () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(
+        accountsFile(),
+        JSON.stringify({ active: null, old: ['old1@google.com'] }, null, 2),
+      );
+
+      await userAccountManager.clearCachedGoogleAccount();
+
+      const stored = JSON.parse(fs.readFileSync(accountsFile(), 'utf-8'));
+      expect(stored.active).toBeNull();
+      expect(stored.old).toEqual(['old1@google.com']);
+    });
+
+    it('should not add a duplicate to the old list', async () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(
+        accountsFile(),
+        JSON.stringify(
+          {
+            active: 'active@google.com',
+            old: ['active@google.com'],
+          },
+          null,
+          2,
+        ),
+      );
+
+      await userAccountManager.clearCachedGoogleAccount();
+
+      const stored = JSON.parse(fs.readFileSync(accountsFile(), 'utf-8'));
+      expect(stored.active).toBeNull();
+      expect(stored.old).toEqual(['active@google.com']);
+    });
+  });
+
+  describe('getLifetimeGoogleAccounts', () => {
+    it('should return 0 if the file does not exist', () => {
+      expect(userAccountManager.getLifetimeGoogleAccounts()).toBe(0);
+    });
+
+    it('should return 0 if the file is empty', () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(accountsFile(), '');
+      expect(userAccountManager.getLifetimeGoogleAccounts()).toBe(0);
+    });
+
+    it('should return 0 if the file is corrupted', () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(accountsFile(), 'invalid json');
+      const consoleDebugSpy = vi
+        .spyOn(console, 'log')
+        .mockImplementation(() => {});
+
+      expect(userAccountManager.getLifetimeGoogleAccounts()).toBe(0);
+      expect(consoleDebugSpy).toHaveBeenCalled();
+    });
+
+    it('should return 1 if there is only an active account', () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(
+        accountsFile(),
+        JSON.stringify({ active: 'test1@google.com', old: [] }),
+      );
+      expect(userAccountManager.getLifetimeGoogleAccounts()).toBe(1);
+    });
+
+    it('should correctly count old accounts when active is null', () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(
+        accountsFile(),
+        JSON.stringify({
+          active: null,
+          old: ['test1@google.com', 'test2@google.com'],
+        }),
+      );
+      expect(userAccountManager.getLifetimeGoogleAccounts()).toBe(2);
+    });
+
+    it('should correctly count both active and old accounts', () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(
+        accountsFile(),
+        JSON.stringify({
+          active: 'test3@google.com',
+          old: ['test1@google.com', 'test2@google.com'],
+        }),
+      );
+      expect(userAccountManager.getLifetimeGoogleAccounts()).toBe(3);
+    });
+
+    it('should handle valid JSON with incorrect schema by returning 0', () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(
+        accountsFile(),
+        JSON.stringify({ active: null, old: 1 }),
+      );
+      const consoleLogSpy = vi
+        .spyOn(console, 'log')
+        .mockImplementation(() => {});
+
+      expect(userAccountManager.getLifetimeGoogleAccounts()).toBe(0);
+      expect(consoleLogSpy).toHaveBeenCalled();
+    });
+
+    it('should not double count if active account is also in old list', () => {
+      fs.mkdirSync(path.dirname(accountsFile()), { recursive: true });
+      fs.writeFileSync(
+        accountsFile(),
+        JSON.stringify({
+          active: 'test1@google.com',
+          old: ['test1@google.com', 'test2@google.com'],
+        }),
+      );
+      expect(userAccountManager.getLifetimeGoogleAccounts()).toBe(2);
+    });
+  });
+});

packages/core/src/utils/userAccountManager.ts

@@ -0,0 +1,140 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import path from 'node:path';
+import { promises as fsp, readFileSync } from 'node:fs';
+import { Storage } from '../config/storage.js';
+
+interface UserAccounts {
+  active: string | null;
+  old: string[];
+}
+
+export class UserAccountManager {
+  private getGoogleAccountsCachePath(): string {
+    return Storage.getGoogleAccountsPath();
+  }
+
+  /**
+   * Parses and validates the string content of an accounts file.
+   * @param content The raw string content from the file.
+   * @returns A valid UserAccounts object.
+   */
+  private parseAndValidateAccounts(content: string): UserAccounts {
+    const defaultState = { active: null, old: [] };
+    if (!content.trim()) {
+      return defaultState;
+    }
+
+    const parsed = JSON.parse(content);
+
+    // Inlined validation logic
+    if (typeof parsed !== 'object' || parsed === null) {
+      console.log('Invalid accounts file schema, starting fresh.');
+      return defaultState;
+    }
+    const { active, old } = parsed as Partial<UserAccounts>;
+    const isValid =
+      (active === undefined || active === null || typeof active === 'string') &&
+      (old === undefined ||
+        (Array.isArray(old) && old.every((i) => typeof i === 'string')));
+
+    if (!isValid) {
+      console.log('Invalid accounts file schema, starting fresh.');
+      return defaultState;
+    }
+
+    return {
+      active: parsed.active ?? null,
+      old: parsed.old ?? [],
+    };
+  }
+
+  private readAccountsSync(filePath: string): UserAccounts {
+    const defaultState = { active: null, old: [] };
+    try {
+      const content = readFileSync(filePath, 'utf-8');
+      return this.parseAndValidateAccounts(content);
+    } catch (error) {
+      if (
+        error instanceof Error &&
+        'code' in error &&
+        error.code === 'ENOENT'
+      ) {
+        return defaultState;
+      }
+      console.log('Error during sync read of accounts, starting fresh.', error);
+      return defaultState;
+    }
+  }
+
+  private async readAccounts(filePath: string): Promise<UserAccounts> {
+    const defaultState = { active: null, old: [] };
+    try {
+      const content = await fsp.readFile(filePath, 'utf-8');
+      return this.parseAndValidateAccounts(content);
+    } catch (error) {
+      if (
+        error instanceof Error &&
+        'code' in error &&
+        error.code === 'ENOENT'
+      ) {
+        return defaultState;
+      }
+      console.log('Could not parse accounts file, starting fresh.', error);
+      return defaultState;
+    }
+  }
+
+  async cacheGoogleAccount(email: string): Promise<void> {
+    const filePath = this.getGoogleAccountsCachePath();
+    await fsp.mkdir(path.dirname(filePath), { recursive: true });
+
+    const accounts = await this.readAccounts(filePath);
+
+    if (accounts.active && accounts.active !== email) {
+      if (!accounts.old.includes(accounts.active)) {
+        accounts.old.push(accounts.active);
+      }
+    }
+
+    // If the new email was in the old list, remove it
+    accounts.old = accounts.old.filter((oldEmail) => oldEmail !== email);
+
+    accounts.active = email;
+    await fsp.writeFile(filePath, JSON.stringify(accounts, null, 2), 'utf-8');
+  }
+
+  getCachedGoogleAccount(): string | null {
+    const filePath = this.getGoogleAccountsCachePath();
+    const accounts = this.readAccountsSync(filePath);
+    return accounts.active;
+  }
+
+  getLifetimeGoogleAccounts(): number {
+    const filePath = this.getGoogleAccountsCachePath();
+    const accounts = this.readAccountsSync(filePath);
+    const allAccounts = new Set(accounts.old);
+    if (accounts.active) {
+      allAccounts.add(accounts.active);
+    }
+    return allAccounts.size;
+  }
+
+  async clearCachedGoogleAccount(): Promise<void> {
+    const filePath = this.getGoogleAccountsCachePath();
+    const accounts = await this.readAccounts(filePath);
+
+    if (accounts.active) {
+      if (!accounts.old.includes(accounts.active)) {
+        accounts.old.push(accounts.active);
+      }
+      accounts.active = null;
+    }
+
+    await fsp.writeFile(filePath, JSON.stringify(accounts, null, 2), 'utf-8');
+  }
+}

packages/sdk-typescript/package.json

@@ -45,8 +45,7 @@
     "node": ">=18.0.0"
   },
   "dependencies": {
-    "@modelcontextprotocol/sdk": "^1.25.1",
-    "zod": "^3.25.0",
+    "@modelcontextprotocol/sdk": "^1.0.4",
     "tiktoken": "^1.0.21"
   },
   "devDependencies": {
@@ -58,7 +57,8 @@
     "esbuild": "^0.25.12",
     "eslint": "^8.57.0",
     "typescript": "^5.4.5",
-    "vitest": "^1.6.0"
+    "vitest": "^1.6.0",
+    "zod": "^3.23.8"
   },
   "peerDependencies": {
     "typescript": ">=5.0.0"

packages/sdk-typescript/src/mcp/tool.ts

@@ -8,9 +8,11 @@
  * Tool definition helper for SDK-embedded MCP servers
  */
 
-import type { CallToolResult } from '@modelcontextprotocol/sdk/types.js';
+import type { CallToolResultSchema } from '@modelcontextprotocol/sdk/types.js';
 import type { z, ZodRawShape, ZodObject, ZodTypeAny } from 'zod';
 
+type CallToolResult = z.infer<typeof CallToolResultSchema>;
+
 /**
  * SDK MCP Tool Definition with Zod schema type inference
  */

packages/sdk-typescript/tsconfig.json

@@ -2,7 +2,7 @@
   "compilerOptions": {
     /* Language and Environment */
     "target": "ES2022",
-    "lib": ["ES2022", "DOM"],
+    "lib": ["ES2022"],
     "module": "ESNext",
     "moduleResolution": "bundler",
 

packages/vscode-ide-companion/NOTICES.txt

@@ -21,6 +21,213 @@ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
 IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 
 
+============================================================
+@modelcontextprotocol/sdk@1.15.1
+(git+https://github.com/modelcontextprotocol/typescript-sdk.git)
+
+MIT License
+
+Copyright (c) 2024 Anthropic, PBC
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+
+============================================================
+ajv@6.12.6
+(https://github.com/ajv-validator/ajv.git)
+
+The MIT License (MIT)
+
+Copyright (c) 2015-2017 Evgeny Poberezkin
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+
+
+============================================================
+fast-deep-equal@3.1.3
+(git+https://github.com/epoberezkin/fast-deep-equal.git)
+
+MIT License
+
+Copyright (c) 2017 Evgeny Poberezkin
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+
+============================================================
+fast-json-stable-stringify@2.1.0
+(git://github.com/epoberezkin/fast-json-stable-stringify.git)
+
+This software is released under the MIT license:
+
+Copyright (c) 2017 Evgeny Poberezkin
+Copyright (c) 2013 James Halliday
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+
+============================================================
+json-schema-traverse@0.4.1
+(git+https://github.com/epoberezkin/json-schema-traverse.git)
+
+MIT License
+
+Copyright (c) 2017 Evgeny Poberezkin
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+
+============================================================
+uri-js@4.4.1
+(http://github.com/garycourt/uri-js)
+
+Copyright 2011 Gary Court. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
+
+1.	Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
+
+2.	Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY GARY COURT "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GARY COURT OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+The views and conclusions contained in the software and documentation are those of the authors and should not be interpreted as representing official policies, either expressed or implied, of Gary Court.
+
+
+============================================================
+punycode@2.3.1
+(https://github.com/mathiasbynens/punycode.js.git)
+
+Copyright Mathias Bynens <https://mathiasbynens.be/>
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+
+============================================================
+content-type@1.0.5
+(No repository found)
+
+(The MIT License)
+
+Copyright (c) 2015 Douglas Christopher Wilson
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+
 ============================================================
 cors@2.8.5
 (No repository found)
@@ -104,6 +311,175 @@ TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
 SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
 
+============================================================
+cross-spawn@7.0.6
+(git@github.com:moxystudio/node-cross-spawn.git)
+
+The MIT License (MIT)
+
+Copyright (c) 2018 Made With MOXY Lda <hello@moxy.studio>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+
+
+============================================================
+path-key@3.1.1
+(No repository found)
+
+MIT License
+
+Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (sindresorhus.com)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+
+============================================================
+shebang-command@2.0.0
+(No repository found)
+
+MIT License
+
+Copyright (c) Kevin Mårtensson <kevinmartensson@gmail.com> (github.com/kevva)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+
+============================================================
+shebang-regex@3.0.0
+(No repository found)
+
+MIT License
+
+Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (sindresorhus.com)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+
+============================================================
+which@2.0.2
+(git://github.com/isaacs/node-which.git)
+
+The ISC License
+
+Copyright (c) Isaac Z. Schlueter and Contributors
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
+IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+
+============================================================
+isexe@2.0.0
+(git+https://github.com/isaacs/isexe.git)
+
+The ISC License
+
+Copyright (c) Isaac Z. Schlueter and Contributors
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
+IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+
+============================================================
+eventsource@3.0.7
+(git://git@github.com/EventSource/eventsource.git)
+
+The MIT License
+
+Copyright (c) EventSource GitHub organisation
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+
+============================================================
+eventsource-parser@3.0.3
+(git+ssh://git@github.com/rexxars/eventsource-parser.git)
+
+MIT License
+
+Copyright (c) 2025 Espen Hovlandsdal <espen@hovlandsdal.com>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+
 ============================================================
 express@4.21.2
 (No repository found)
@@ -336,34 +712,6 @@ TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
 SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
 
-============================================================
-content-type@1.0.5
-(No repository found)
-
-(The MIT License)
-
-Copyright (c) 2015 Douglas Christopher Wilson
-
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-'Software'), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
-
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
-IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
-CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
-TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
-SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
-
 ============================================================
 debug@4.4.1
 (git://github.com/debug-js/debug.git)
@@ -1890,6 +2238,106 @@ IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
 CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
 
+============================================================
+express-rate-limit@7.5.1
+(git+https://github.com/express-rate-limit/express-rate-limit.git)
+
+# MIT License
+
+Copyright 2023 Nathan Friedly, Vedant K
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+
+============================================================
+pkce-challenge@5.0.0
+(git+https://github.com/crouchcd/pkce-challenge.git)
+
+MIT License
+
+Copyright (c) 2019 
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+
+============================================================
+zod@3.25.76
+(git+https://github.com/colinhacks/zod.git)
+
+MIT License
+
+Copyright (c) 2025 Colin McDonnell
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+
+============================================================
+zod-to-json-schema@3.24.6
+(https://github.com/StefanTerdell/zod-to-json-schema)
+
+ISC License
+
+Copyright (c) 2020, Stefan Terdell
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
 ============================================================
 markdown-it@14.1.0
 (No repository found)
@@ -2407,30 +2855,3 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
 
 
-============================================================
-zod@3.25.76
-(git+https://github.com/colinhacks/zod.git)
-
-MIT License
-
-Copyright (c) 2025 Colin McDonnell
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
-
-

packages/vscode-ide-companion/package.json

@@ -153,7 +153,7 @@
   },
   "dependencies": {
     "semver": "^7.7.2",
-    "@modelcontextprotocol/sdk": "^1.25.1",
+    "@modelcontextprotocol/sdk": "^1.15.1",
     "cors": "^2.8.5",
     "express": "^5.1.0",
     "markdown-it": "^14.1.0",