fix: cli path parsing issue in Windows

docs(readme): clarify value props, usage modes

.github/workflows/e2e.yml

@@ -18,8 +18,6 @@ jobs:
           - 'sandbox:docker'
         node-version:
           - '20.x'
-          - '22.x'
-          - '24.x'
     steps:
       - name: 'Checkout'
         uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' # ratchet:actions/checkout@v5
@@ -67,10 +65,13 @@ jobs:
           OPENAI_BASE_URL: '${{ secrets.OPENAI_BASE_URL }}'
           OPENAI_MODEL: '${{ secrets.OPENAI_MODEL }}'
           KEEP_OUTPUT: 'true'
-          SANDBOX: '${{ matrix.sandbox }}'
           VERBOSE: 'true'
         run: |-
-          npm run "test:integration:${SANDBOX}"
+          if [[ "${{ matrix.sandbox }}" == "sandbox:docker" ]]; then
+            npm run test:integration:sandbox:docker
+          else
+            npm run test:integration:sandbox:none
+          fi
 
   e2e-test-macos:
     name: 'E2E Test - macOS'

CONTRIBUTING.md

@@ -2,27 +2,6 @@
 
 We would love to accept your patches and contributions to this project.
 
-## Before you begin
-
-### Sign our Contributor License Agreement
-
-Contributions to this project must be accompanied by a
-[Contributor License Agreement](https://cla.developers.google.com/about) (CLA).
-You (or your employer) retain the copyright to your contribution; this simply
-gives us permission to use and redistribute your contributions as part of the
-project.
-
-If you or your current employer have already signed the Google CLA (even if it
-was for a different project), you probably don't need to do it again.
-
-Visit <https://cla.developers.google.com/> to see your current agreements or to
-sign a new one.
-
-### Review our Community Guidelines
-
-This project follows [Google's Open Source Community
-Guidelines](https://opensource.google/conduct/).
-
 ## Contribution Process
 
 ### Code Reviews
@@ -74,12 +53,6 @@ Your PR should have a clear, descriptive title and a detailed description of the
 
 In the PR description, explain the "why" behind your changes and link to the relevant issue (e.g., `Fixes #123`).
 
-## Forking
-
-If you are forking the repository you will be able to run the Build, Test and Integration test workflows. However in order to make the integration tests run you'll need to add a [GitHub Repository Secret](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository) with a value of `GEMINI_API_KEY` and set that to a valid API key that you have available. Your key and secret are private to your repo; no one without access can see your key and you cannot see any secrets related to this repo.
-
-Additionally you will need to click on the `Actions` tab and enable workflows for your repository, you'll find it's the large blue button in the center of the screen.
-
 ## Development Setup and Workflow
 
 This section guides contributors on how to build, modify, and understand the development setup of this project.
@@ -98,8 +71,8 @@ This section guides contributors on how to build, modify, and understand the dev
 To clone the repository:
 
 ```bash
-git clone https://github.com/google-gemini/gemini-cli.git # Or your fork's URL
-cd gemini-cli
+git clone https://github.com/QwenLM/qwen-code.git # Or your fork's URL
+cd qwen-code
 ```
 
 To install dependencies defined in `package.json` as well as root dependencies:
@@ -118,9 +91,9 @@ This command typically compiles TypeScript to JavaScript, bundles assets, and pr
 
 ### Enabling Sandboxing
 
-[Sandboxing](#sandboxing) is highly recommended and requires, at a minimum, setting `GEMINI_SANDBOX=true` in your `~/.env` and ensuring a sandboxing provider (e.g. `macOS Seatbelt`, `docker`, or `podman`) is available. See [Sandboxing](#sandboxing) for details.
+[Sandboxing](#sandboxing) is highly recommended and requires, at a minimum, setting `QWEN_SANDBOX=true` in your `~/.env` and ensuring a sandboxing provider (e.g. `macOS Seatbelt`, `docker`, or `podman`) is available. See [Sandboxing](#sandboxing) for details.
 
-To build both the `gemini` CLI utility and the sandbox container, run `build:all` from the root directory:
+To build both the `qwen-code` CLI utility and the sandbox container, run `build:all` from the root directory:
 
 ```bash
 npm run build:all
@@ -130,13 +103,13 @@ To skip building the sandbox container, you can use `npm run build` instead.
 
 ### Running
 
-To start the Gemini CLI from the source code (after building), run the following command from the root directory:
+To start the Qwen Code application from the source code (after building), run the following command from the root directory:
 
 ```bash
 npm start
 ```
 
-If you'd like to run the source build outside of the gemini-cli folder, you can utilize `npm link path/to/gemini-cli/packages/cli` (see: [docs](https://docs.npmjs.com/cli/v9/commands/npm-link)) or `alias gemini="node path/to/gemini-cli/packages/cli"` to run with `gemini`
+If you'd like to run the source build outside of the qwen-code folder, you can utilize `npm link path/to/qwen-code/packages/cli` (see: [docs](https://docs.npmjs.com/cli/v9/commands/npm-link)) to run with `qwen-code`
 
 ### Running Tests
 
@@ -154,7 +127,7 @@ This will run tests located in the `packages/core` and `packages/cli` directorie
 
 #### Integration Tests
 
-The integration tests are designed to validate the end-to-end functionality of the Gemini CLI. They are not run as part of the default `npm run test` command.
+The integration tests are designed to validate the end-to-end functionality of Qwen Code. They are not run as part of the default `npm run test` command.
 
 To run the integration tests, use the following command:
 
@@ -209,19 +182,61 @@ npm run lint
 ### Coding Conventions
 
 - Please adhere to the coding style, patterns, and conventions used throughout the existing codebase.
-- Consult [QWEN.md](https://github.com/QwenLM/qwen-code/blob/main/QWEN.md) (typically found in the project root) for specific instructions related to AI-assisted development, including conventions for React, comments, and Git usage.
 - **Imports:** Pay special attention to import paths. The project uses ESLint to enforce restrictions on relative imports between packages.
 
 ### Project Structure
 
 - `packages/`: Contains the individual sub-packages of the project.
   - `cli/`: The command-line interface.
-  - `core/`: The core backend logic for the Gemini CLI.
+  - `core/`: The core backend logic for Qwen Code.
 - `docs/`: Contains all project documentation.
 - `scripts/`: Utility scripts for building, testing, and development tasks.
 
 For more detailed architecture, see `docs/architecture.md`.
 
+## Documentation Development
+
+This section describes how to develop and preview the documentation locally.
+
+### Prerequisites
+
+1. Ensure you have Node.js (version 18+) installed
+2. Have npm or yarn available
+
+### Setup Documentation Site Locally
+
+To work on the documentation and preview changes locally:
+
+1. Navigate to the `docs-site` directory:
+
+   ```bash
+   cd docs-site
+   ```
+
+2. Install dependencies:
+
+   ```bash
+   npm install
+   ```
+
+3. Link the documentation content from the main `docs` directory:
+
+   ```bash
+   npm run link
+   ```
+
+   This creates a symbolic link from `../docs` to `content` in the docs-site project, allowing the documentation content to be served by the Next.js site.
+
+4. Start the development server:
+
+   ```bash
+   npm run dev
+   ```
+
+5. Open [http://localhost:3000](http://localhost:3000) in your browser to see the documentation site with live updates as you make changes.
+
+Any changes made to the documentation files in the main `docs` directory will be reflected immediately in the documentation site.
+
 ## Debugging
 
 ### VS Code:
@@ -231,7 +246,7 @@ For more detailed architecture, see `docs/architecture.md`.
     ```bash
     npm run debug
     ```
-    This command runs `node --inspect-brk dist/gemini.js` within the `packages/cli` directory, pausing execution until a debugger attaches. You can then open `chrome://inspect` in your Chrome browser to connect to the debugger.
+    This command runs `node --inspect-brk dist/index.js` within the `packages/cli` directory, pausing execution until a debugger attaches. You can then open `chrome://inspect` in your Chrome browser to connect to the debugger.
 2.  In VS Code, use the "Attach" launch configuration (found in `.vscode/launch.json`).
 
 Alternatively, you can use the "Launch Program" configuration in VS Code if you prefer to launch the currently open file directly, but 'F5' is generally recommended.
@@ -239,16 +254,16 @@ Alternatively, you can use the "Launch Program" configuration in VS Code if you
 To hit a breakpoint inside the sandbox container run:
 
 ```bash
-DEBUG=1 gemini
+DEBUG=1 qwen-code
 ```
 
-**Note:** If you have `DEBUG=true` in a project's `.env` file, it won't affect gemini-cli due to automatic exclusion. Use `.gemini/.env` files for gemini-cli specific debug settings.
+**Note:** If you have `DEBUG=true` in a project's `.env` file, it won't affect qwen-code due to automatic exclusion. Use `.qwen-code/.env` files for qwen-code specific debug settings.
 
 ### React DevTools
 
 To debug the CLI's React-based UI, you can use React DevTools. Ink, the library used for the CLI's interface, is compatible with React DevTools version 4.x.
 
-1.  **Start the Gemini CLI in development mode:**
+1.  **Start the Qwen Code application in development mode:**
 
     ```bash
     DEV=true npm start
@@ -270,23 +285,10 @@ To debug the CLI's React-based UI, you can use React DevTools. Ink, the library
     ```
 
     Your running CLI application should then connect to React DevTools.
-    ![](/docs/assets/connected_devtools.png)
 
 ## Sandboxing
 
-### macOS Seatbelt
-
-On macOS, `qwen` uses Seatbelt (`sandbox-exec`) under a `permissive-open` profile (see `packages/cli/src/utils/sandbox-macos-permissive-open.sb`) that restricts writes to the project folder but otherwise allows all other operations and outbound network traffic ("open") by default. You can switch to a `restrictive-closed` profile (see `packages/cli/src/utils/sandbox-macos-restrictive-closed.sb`) that declines all operations and outbound network traffic ("closed") by default by setting `SEATBELT_PROFILE=restrictive-closed` in your environment or `.env` file. Available built-in profiles are `{permissive,restrictive}-{open,closed,proxied}` (see below for proxied networking). You can also switch to a custom profile `SEATBELT_PROFILE=<profile>` if you also create a file `.qwen/sandbox-macos-<profile>.sb` under your project settings directory `.qwen`.
-
-### Container-based Sandboxing (All Platforms)
-
-For stronger container-based sandboxing on macOS or other platforms, you can set `GEMINI_SANDBOX=true|docker|podman|<command>` in your environment or `.env` file. The specified command (or if `true` then either `docker` or `podman`) must be installed on the host machine. Once enabled, `npm run build:all` will build a minimal container ("sandbox") image and `npm start` will launch inside a fresh instance of that container. The first build can take 20-30s (mostly due to downloading of the base image) but after that both build and start overhead should be minimal. Default builds (`npm run build`) will not rebuild the sandbox.
-
-Container-based sandboxing mounts the project directory (and system temp directory) with read-write access and is started/stopped/removed automatically as you start/stop Gemini CLI. Files created within the sandbox should be automatically mapped to your user/group on host machine. You can easily specify additional mounts, ports, or environment variables by setting `SANDBOX_{MOUNTS,PORTS,ENV}` as needed. You can also fully customize the sandbox for your projects by creating the files `.qwen/sandbox.Dockerfile` and/or `.qwen/sandbox.bashrc` under your project settings directory (`.qwen`) and running `qwen` with `BUILD_SANDBOX=1` to trigger building of your custom sandbox.
-
-#### Proxied Networking
-
-All sandboxing methods, including macOS Seatbelt using `*-proxied` profiles, support restricting outbound network traffic through a custom proxy server that can be specified as `GEMINI_SANDBOX_PROXY_COMMAND=<command>`, where `<command>` must start a proxy server that listens on `:::8877` for relevant requests. See `docs/examples/proxy-script.md` for a minimal proxy that only allows `HTTPS` connections to `example.com:443` (e.g. `curl https://example.com`) and declines all other requests. The proxy is started and stopped automatically alongside the sandbox.
+> TBD
 
 ## Manual Publish
 

Makefile

@@ -1,9 +1,9 @@
-# Makefile for gemini-cli
+# Makefile for qwen-code
 
 .PHONY: help install build build-sandbox build-all test lint format preflight clean start debug release run-npx create-alias
 
 help:
-	@echo "Makefile for gemini-cli"
+	@echo "Makefile for qwen-code"
 	@echo ""
 	@echo "Usage:"
 	@echo "  make install          - Install npm dependencies"
@@ -14,11 +14,11 @@ help:
 	@echo "  make format           - Format the code"
 	@echo "  make preflight        - Run formatting, linting, and tests"
 	@echo "  make clean            - Remove generated files"
-	@echo "  make start            - Start the Gemini CLI"
-	@echo "  make debug            - Start the Gemini CLI in debug mode"
+	@echo "  make start            - Start the Qwen Code CLI"
+	@echo "  make debug            - Start the Qwen Code CLI in debug mode"
 	@echo ""
 	@echo "  make run-npx          - Run the CLI using npx (for testing the published package)"
-	@echo "  make create-alias     - Create a 'gemini' alias for your shell"
+	@echo "  make create-alias     - Create a 'qwen' alias for your shell"
 
 install:
 	npm install

README.md

@@ -1,382 +1,152 @@
-# Qwen Code
-
 <div align="center">
 
-![Qwen Code Screenshot](./docs/assets/qwen-screenshot.png)
-
 [![npm version](https://img.shields.io/npm/v/@qwen-code/qwen-code.svg)](https://www.npmjs.com/package/@qwen-code/qwen-code)
 [![License](https://img.shields.io/github/license/QwenLM/qwen-code.svg)](./LICENSE)
 [![Node.js Version](https://img.shields.io/badge/node-%3E%3D20.0.0-brightgreen.svg)](https://nodejs.org/)
 [![Downloads](https://img.shields.io/npm/dm/@qwen-code/qwen-code.svg)](https://www.npmjs.com/package/@qwen-code/qwen-code)
 
-**AI-powered command-line workflow tool for developers**
+**An open-source AI agent that lives in your terminal.**
 
-[Installation](#installation) • [Quick Start](#quick-start) • [Features](#key-features) • [Documentation](./docs/) • [Contributing](./CONTRIBUTING.md)
+<a href="https://qwenlm.github.io/qwen-code-docs/zh/users/overview">中文</a> |
+<a href="https://qwenlm.github.io/qwen-code-docs/de/users/overview">Deutsch</a> |
+<a href="https://qwenlm.github.io/qwen-code-docs/fr/users/overview">français</a> |
+<a href="https://qwenlm.github.io/qwen-code-docs/ja/users/overview">日本語</a> |
+<a href="https://qwenlm.github.io/qwen-code-docs/ru/users/overview">Русский</a> |
+<a href="https://qwenlm.github.io/qwen-code-docs/pt-BR/users/overview">Português (Brasil)</a>
 
 </div>
 
-<div align="center">
-  
-  <a href="https://qwenlm.github.io/qwen-code-docs/de/">Deutsch</a> | 
-  <a href="https://qwenlm.github.io/qwen-code-docs/fr">français</a> | 
-  <a href="https://qwenlm.github.io/qwen-code-docs/ja/">日本語</a> | 
-  <a href="https://qwenlm.github.io/qwen-code-docs/ru">Русский</a> | 
-  <a href="https://qwenlm.github.io/qwen-code-docs/zh/">中文</a>
-  
-</div>
+Qwen Code is an open-source AI agent for the terminal, optimized for [Qwen3-Coder](https://github.com/QwenLM/Qwen3-Coder). It helps you understand large codebases, automate tedious work, and ship faster.
 
-Qwen Code is a powerful command-line AI workflow tool adapted from [**Gemini CLI**](https://github.com/google-gemini/gemini-cli), specifically optimized for [Qwen3-Coder](https://github.com/QwenLM/Qwen3-Coder) models. It enhances your development workflow with advanced code understanding, automated tasks, and intelligent assistance.
+![](https://gw.alicdn.com/imgextra/i1/O1CN01D2DviS1wwtEtMwIzJ_!!6000000006373-2-tps-1600-900.png)
 
-## 💡 Free Options Available
+## Why Qwen Code?
 
-Get started with Qwen Code at no cost using any of these free options:
-
-### 🔥 Qwen OAuth (Recommended)
-
-- **2,000 requests per day** with no token limits
-- **60 requests per minute** rate limit
-- Simply run `qwen` and authenticate with your qwen.ai account
-- Automatic credential management and refresh
-- Use `/auth` command to switch to Qwen OAuth if you have initialized with OpenAI compatible mode
-
-### 🌏 Regional Free Tiers
-
-- **Mainland China**: ModelScope offers **2,000 free API calls per day**
-- **International**: OpenRouter provides **up to 1,000 free API calls per day** worldwide
-
-For detailed setup instructions, see [Authorization](#authorization).
-
-> [!WARNING]
-> **Token Usage Notice**: Qwen Code may issue multiple API calls per cycle, resulting in higher token usage (similar to Claude Code). We're actively optimizing API efficiency.
-
-## Key Features
-
-- **Code Understanding & Editing** - Query and edit large codebases beyond traditional context window limits
-- **Workflow Automation** - Automate operational tasks like handling pull requests and complex rebases
-- **Enhanced Parser** - Adapted parser specifically optimized for Qwen-Coder models
-- **Vision Model Support** - Automatically detect images in your input and seamlessly switch to vision-capable models for multimodal analysis
+- **OpenAI-compatible, OAuth free tier**: use an OpenAI-compatible API, or sign in with Qwen OAuth to get 2,000 free requests/day.
+- **Open-source, co-evolving**: both the framework and the Qwen3-Coder model are open-source—and they ship and evolve together.
+- **Agentic workflow, feature-rich**: rich built-in tools (Skills, SubAgents, Plan Mode) for a full agentic workflow and a Claude Code-like experience.
+- **Terminal-first, IDE-friendly**: built for developers who live in the command line, with optional integration for VS Code and Zed.
 
 ## Installation
 
-### Prerequisites
-
-Ensure you have [Node.js version 20](https://nodejs.org/en/download) or higher installed.
+#### Prerequisites
 
 ```bash
+# Node.js 20+
 curl -qL https://www.npmjs.com/install.sh | sh
 ```
 
-### Install from npm
+#### NPM (recommended)
 
 ```bash
 npm install -g @qwen-code/qwen-code@latest
-qwen --version
 ```
 
-### Install from source
-
-```bash
-git clone https://github.com/QwenLM/qwen-code.git
-cd qwen-code
-npm install
-npm install -g .
-```
-
-### Install globally with Homebrew (macOS/Linux)
+#### Homebrew (macOS, Linux)
 
 ```bash
 brew install qwen-code
 ```
 
-## VS Code Extension
-
-In addition to the CLI tool, Qwen Code also provides a **VS Code extension** that brings AI-powered coding assistance directly into your editor with features like file system operations, native diffing, interactive chat, and more.
-
-> 📦 The extension is currently in development. For installation, features, and development guide, see the [VS Code Extension README](./packages/vscode-ide-companion/README.md).
-
 ## Quick Start
 
 ```bash
-# Start Qwen Code
+# Start Qwen Code (interactive)
 qwen
 
-# Example commands
-> Explain this codebase structure
-> Help me refactor this function
-> Generate unit tests for this module
+# Then, in the session:
+/help
+/auth
 ```
 
-### Session Management
+On first use, you'll be prompted to sign in. You can run `/auth` anytime to switch authentication methods.
 
-Control your token usage with configurable session limits to optimize costs and performance.
+Example prompts:
 
-#### Configure Session Token Limit
-
-Create or edit `.qwen/settings.json` in your home directory:
-
-```json
-{
-  "sessionTokenLimit": 32000
-}
+```text
+What does this project do?
+Explain the codebase structure.
+Help me refactor this function.
+Generate unit tests for this module.
 ```
 
-#### Session Commands
-
-- **`/compress`** - Compress conversation history to continue within token limits
-- **`/clear`** - Clear all conversation history and start fresh
-- **`/stats`** - Check current token usage and limits
-
-> 📝 **Note**: Session token limit applies to a single conversation, not cumulative API calls.
-
-### Vision Model Configuration
-
-Qwen Code includes intelligent vision model auto-switching that detects images in your input and can automatically switch to vision-capable models for multimodal analysis. **This feature is enabled by default** - when you include images in your queries, you'll see a dialog asking how you'd like to handle the vision model switch.
-
-#### Skip the Switch Dialog (Optional)
-
-If you don't want to see the interactive dialog each time, configure the default behavior in your `.qwen/settings.json`:
-
-```json
-{
-  "experimental": {
-    "vlmSwitchMode": "once"
-  }
-}
-```
-
-**Available modes:**
-
-- **`"once"`** - Switch to vision model for this query only, then revert
-- **`"session"`** - Switch to vision model for the entire session
-- **`"persist"`** - Continue with current model (no switching)
-- **Not set** - Show interactive dialog each time (default)
-
-#### Command Line Override
-
-You can also set the behavior via command line:
-
-```bash
-# Switch once per query
-qwen --vlm-switch-mode once
-
-# Switch for entire session
-qwen --vlm-switch-mode session
-
-# Never switch automatically
-qwen --vlm-switch-mode persist
-```
-
-#### Disable Vision Models (Optional)
-
-To completely disable vision model support, add to your `.qwen/settings.json`:
-
-```json
-{
-  "experimental": {
-    "visionModelPreview": false
-  }
-}
-```
-
-> 💡 **Tip**: In YOLO mode (`--yolo`), vision switching happens automatically without prompts when images are detected.
-
-### Authorization
-
-Choose your preferred authentication method based on your needs:
-
-#### 1. Qwen OAuth (🚀 Recommended - Start in 30 seconds)
-
-The easiest way to get started - completely free with generous quotas:
-
-```bash
-# Just run this command and follow the browser authentication
-qwen
-```
-
-**What happens:**
-
-1. **Instant Setup**: CLI opens your browser automatically
-2. **One-Click Login**: Authenticate with your qwen.ai account
-3. **Automatic Management**: Credentials cached locally for future use
-4. **No Configuration**: Zero setup required - just start coding!
-
-**Free Tier Benefits:**
-
-- ✅ **2,000 requests/day** (no token counting needed)
-- ✅ **60 requests/minute** rate limit
-- ✅ **Automatic credential refresh**
-- ✅ **Zero cost** for individual users
-- ℹ️ **Note**: Model fallback may occur to maintain service quality
-
-#### 2. OpenAI-Compatible API
-
-Use API keys for OpenAI or other compatible providers:
-
-**Configuration Methods:**
-
-1. **Environment Variables**
-
-   ```bash
-   export OPENAI_API_KEY="your_api_key_here"
-   export OPENAI_BASE_URL="your_api_endpoint"
-   export OPENAI_MODEL="your_model_choice"
-   ```
-
-2. **Project `.env` File**
-   Create a `.env` file in your project root:
-   ```env
-   OPENAI_API_KEY=your_api_key_here
-   OPENAI_BASE_URL=your_api_endpoint
-   OPENAI_MODEL=your_model_choice
-   ```
-
-**API Provider Options**
-
-> ⚠️ **Regional Notice:**
->
-> - **Mainland China**: Use Alibaba Cloud Bailian or ModelScope
-> - **International**: Use Alibaba Cloud ModelStudio or OpenRouter
-
 <details>
-<summary><b>🇨🇳 For Users in Mainland China</b></summary>
+<summary>Click to watch a demo video</summary>
 
-**Option 1: Alibaba Cloud Bailian** ([Apply for API Key](https://bailian.console.aliyun.com/))
-
-```bash
-export OPENAI_API_KEY="your_api_key_here"
-export OPENAI_BASE_URL="https://dashscope.aliyuncs.com/compatible-mode/v1"
-export OPENAI_MODEL="qwen3-coder-plus"
-```
-
-**Option 2: ModelScope (Free Tier)** ([Apply for API Key](https://modelscope.cn/docs/model-service/API-Inference/intro))
-
-- ✅ **2,000 free API calls per day**
-- ⚠️ Connect your Aliyun account to avoid authentication errors
-
-```bash
-export OPENAI_API_KEY="your_api_key_here"
-export OPENAI_BASE_URL="https://api-inference.modelscope.cn/v1"
-export OPENAI_MODEL="Qwen/Qwen3-Coder-480B-A35B-Instruct"
-```
+<video src="https://cloud.video.taobao.com/vod/HLfyppnCHplRV9Qhz2xSqeazHeRzYtG-EYJnHAqtzkQ.mp4" controls>
+Your browser does not support the video tag.
+</video>
 
 </details>
 
-<details>
-<summary><b>🌍 For International Users</b></summary>
+## Authentication
 
-**Option 1: Alibaba Cloud ModelStudio** ([Apply for API Key](https://modelstudio.console.alibabacloud.com/))
+Qwen Code supports two authentication methods:
+
+- **Qwen OAuth (recommended & free)**: sign in with your `qwen.ai` account in a browser.
+- **OpenAI-compatible API**: use `OPENAI_API_KEY` (and optionally a custom base URL / model).
+
+#### Qwen OAuth (recommended)
+
+Start `qwen`, then run:
 
 ```bash
-export OPENAI_API_KEY="your_api_key_here"
-export OPENAI_BASE_URL="https://dashscope-intl.aliyuncs.com/compatible-mode/v1"
-export OPENAI_MODEL="qwen3-coder-plus"
+/auth
 ```
 
-**Option 2: OpenRouter (Free Tier Available)** ([Apply for API Key](https://openrouter.ai/))
+Choose **Qwen OAuth** and complete the browser flow. Your credentials are cached locally so you usually won't need to log in again.
+
+#### OpenAI-compatible API (API key)
+
+Environment variables (recommended for CI / headless environments):
 
 ```bash
-export OPENAI_API_KEY="your_api_key_here"
-export OPENAI_BASE_URL="https://openrouter.ai/api/v1"
-export OPENAI_MODEL="qwen/qwen3-coder:free"
+export OPENAI_API_KEY="your-api-key-here"
+export OPENAI_BASE_URL="https://api.openai.com/v1"  # optional
+export OPENAI_MODEL="gpt-4o"                        # optional
 ```
 
-</details>
+For details (including `.qwen/.env` loading and security notes), see the [authentication guide](https://qwenlm.github.io/qwen-code-docs/en/users/configuration/auth/).
 
-## Usage Examples
+## Usage
 
-### 🔍 Explore Codebases
+As an open-source terminal agent, you can use Qwen Code in four primary ways:
+
+1. Interactive mode (terminal UI)
+2. Headless mode (scripts, CI)
+3. IDE integration (VS Code, Zed)
+4. TypeScript SDK
+
+#### Interactive mode
 
 ```bash
 cd your-project/
 qwen
-
-# Architecture analysis
-> Describe the main pieces of this system's architecture
-> What are the key dependencies and how do they interact?
-> Find all API endpoints and their authentication methods
 ```
 
-### 💻 Code Development
+Run `qwen` in your project folder to launch the interactive terminal UI. Use `@` to reference local files (for example `@src/main.ts`).
+
+#### Headless mode
 
 ```bash
-# Refactoring
-> Refactor this function to improve readability and performance
-> Convert this class to use dependency injection
-> Split this large module into smaller, focused components
-
-# Code generation
-> Create a REST API endpoint for user management
-> Generate unit tests for the authentication module
-> Add error handling to all database operations
+cd your-project/
+qwen -p "your question"
 ```
 
-### 🔄 Automate Workflows
+Use `-p` to run Qwen Code without the interactive UI—ideal for scripts, automation, and CI/CD. Learn more: [Headless mode](https://qwenlm.github.io/qwen-code-docs/en/users/features/headless).
 
-```bash
-# Git automation
-> Analyze git commits from the last 7 days, grouped by feature
-> Create a changelog from recent commits
-> Find all TODO comments and create GitHub issues
+#### IDE integration
 
-# File operations
-> Convert all images in this directory to PNG format
-> Rename all test files to follow the *.test.ts pattern
-> Find and remove all console.log statements
-```
+Use Qwen Code inside your editor (VS Code and Zed):
 
-### 🐛 Debugging & Analysis
+- [Use in VS Code](https://qwenlm.github.io/qwen-code-docs/en/users/integration-vscode/)
+- [Use in Zed](https://qwenlm.github.io/qwen-code-docs/en/users/integration-zed/)
 
-```bash
-# Performance analysis
-> Identify performance bottlenecks in this React component
-> Find all N+1 query problems in the codebase
+#### TypeScript SDK
 
-# Security audit
-> Check for potential SQL injection vulnerabilities
-> Find all hardcoded credentials or API keys
-```
+Build on top of Qwen Code with the TypeScript SDK:
 
-## Popular Tasks
-
-### 📚 Understand New Codebases
-
-```text
-> What are the core business logic components?
-> What security mechanisms are in place?
-> How does the data flow through the system?
-> What are the main design patterns used?
-> Generate a dependency graph for this module
-```
-
-### 🔨 Code Refactoring & Optimization
-
-```text
-> What parts of this module can be optimized?
-> Help me refactor this class to follow SOLID principles
-> Add proper error handling and logging
-> Convert callbacks to async/await pattern
-> Implement caching for expensive operations
-```
-
-### 📝 Documentation & Testing
-
-```text
-> Generate comprehensive JSDoc comments for all public APIs
-> Write unit tests with edge cases for this component
-> Create API documentation in OpenAPI format
-> Add inline comments explaining complex algorithms
-> Generate a README for this module
-```
-
-### 🚀 Development Acceleration
-
-```text
-> Set up a new Express server with authentication
-> Create a React component with TypeScript and tests
-> Implement a rate limiter middleware
-> Add database migrations for new schema
-> Configure CI/CD pipeline for this project
-```
+- [Use the Qwen Code SDK](./packages/sdk-typescript/README.md)
 
 ## Commands & Shortcuts
 
@@ -386,6 +156,7 @@ qwen
 - `/clear` - Clear conversation history
 - `/compress` - Compress history to save tokens
 - `/stats` - Show current session information
+- `/bug` - Submit a bug report
 - `/exit` or `/quit` - Exit Qwen Code
 
 ### Keyboard Shortcuts
@@ -394,6 +165,19 @@ qwen
 - `Ctrl+D` - Exit (on empty line)
 - `Up/Down` - Navigate command history
 
+> Learn more about [Commands](https://qwenlm.github.io/qwen-code-docs/en/users/features/commands/)
+>
+> **Tip**: In YOLO mode (`--yolo`), vision switching happens automatically without prompts when images are detected. Learn more about [Approval Mode](https://qwenlm.github.io/qwen-code-docs/en/users/features/approval-mode/)
+
+## Configuration
+
+Qwen Code can be configured via `settings.json`, environment variables, and CLI flags.
+
+- **User settings**: `~/.qwen/settings.json`
+- **Project settings**: `.qwen/settings.json`
+
+See [settings](https://qwenlm.github.io/qwen-code-docs/en/users/configuration/settings/) for available options and precedence.
+
 ## Benchmark Results
 
 ### Terminal-Bench Performance
@@ -403,24 +187,18 @@ qwen
 | Qwen Code | Qwen3-Coder-480A35 | 37.5%    |
 | Qwen Code | Qwen3-Coder-30BA3B | 31.3%    |
 
-## Development & Contributing
+## Ecosystem
 
-See [CONTRIBUTING.md](./CONTRIBUTING.md) to learn how to contribute to the project.
+Looking for a graphical interface?
 
-For detailed authentication setup, see the [authentication guide](./docs/cli/authentication.md).
+- [**Gemini CLI Desktop**](https://github.com/Piebald-AI/gemini-cli-desktop) A cross-platform desktop/web/mobile UI for Qwen Code
 
 ## Troubleshooting
 
-If you encounter issues, check the [troubleshooting guide](docs/troubleshooting.md).
+If you encounter issues, check the [troubleshooting guide](https://qwenlm.github.io/qwen-code-docs/en/users/support/troubleshooting/).
+
+To report a bug from within the CLI, run `/bug` and include a short title and repro steps.
 
 ## Acknowledgments
 
 This project is based on [Google Gemini CLI](https://github.com/google-gemini/gemini-cli). We acknowledge and appreciate the excellent work of the Gemini CLI team. Our main contribution focuses on parser-level adaptations to better support Qwen-Coder models.
-
-## License
-
-[LICENSE](./LICENSE)
-
-## Star History
-
-[![Star History Chart](https://api.star-history.com/svg?repos=QwenLM/qwen-code&type=Date)](https://www.star-history.com/#QwenLM/qwen-code&Date)

docs/users/ide-integration/ide-companion-spec.md

@@ -16,16 +16,15 @@ The plugin **MUST** run a local HTTP server that implements the **Model Context
 - **Endpoint:** The server should expose a single endpoint (e.g., `/mcp`) for all MCP communication.
 - **Port:** The server **MUST** listen on a dynamically assigned port (i.e., listen on port `0`).
 
-### 2. Discovery Mechanism: The Port File
+### 2. Discovery Mechanism: The Lock File
 
-For Qwen Code to connect, it needs to discover which IDE instance it's running in and what port your server is using. The plugin **MUST** facilitate this by creating a "discovery file."
+For Qwen Code to connect, it needs to discover what port your server is using. The plugin **MUST** facilitate this by creating a "lock file" and setting the port environment variable.
 
-- **How the CLI Finds the File:** The CLI determines the Process ID (PID) of the IDE it's running in by traversing the process tree. It then looks for a discovery file that contains this PID in its name.
-- **File Location:** The file must be created in a specific directory: `os.tmpdir()/qwen/ide/`. Your plugin must create this directory if it doesn't exist.
+- **How the CLI Finds the File:** The CLI reads the port from `QWEN_CODE_IDE_SERVER_PORT`, then reads `~/.qwen/ide/<PORT>.lock`. (Legacy fallbacks exist for older extensions; see note below.)
+- **File Location:** The file must be created in a specific directory: `~/.qwen/ide/`. Your plugin must create this directory if it doesn't exist.
 - **File Naming Convention:** The filename is critical and **MUST** follow the pattern:
-  `qwen-code-ide-server-${PID}-${PORT}.json`
-  - `${PID}`: The process ID of the parent IDE process. Your plugin must determine this PID and include it in the filename.
-  - `${PORT}`: The port your MCP server is listening on.
+  `<PORT>.lock`
+  - `<PORT>`: The port your MCP server is listening on.
 - **File Content & Workspace Validation:** The file **MUST** contain a JSON object with the following structure:
 
   ```json
@@ -33,21 +32,20 @@ For Qwen Code to connect, it needs to discover which IDE instance it's running i
     "port": 12345,
     "workspacePath": "/path/to/project1:/path/to/project2",
     "authToken": "a-very-secret-token",
-    "ideInfo": {
-      "name": "vscode",
-      "displayName": "VS Code"
-    }
+    "ppid": 1234,
+    "ideName": "VS Code"
   }
   ```
   - `port` (number, required): The port of the MCP server.
   - `workspacePath` (string, required): A list of all open workspace root paths, delimited by the OS-specific path separator (`:` for Linux/macOS, `;` for Windows). The CLI uses this path to ensure it's running in the same project folder that's open in the IDE. If the CLI's current working directory is not a sub-directory of `workspacePath`, the connection will be rejected. Your plugin **MUST** provide the correct, absolute path(s) to the root of the open workspace(s).
   - `authToken` (string, required): A secret token for securing the connection. The CLI will include this token in an `Authorization: Bearer <token>` header on all requests.
-  - `ideInfo` (object, required): Information about the IDE.
-    - `name` (string, required): A short, lowercase identifier for the IDE (e.g., `vscode`, `jetbrains`).
-    - `displayName` (string, required): A user-friendly name for the IDE (e.g., `VS Code`, `JetBrains IDE`).
+  - `ppid` (number, required): The parent process ID of the IDE process.
+  - `ideName` (string, required): A user-friendly name for the IDE (e.g., `VS Code`, `JetBrains IDE`).
 
 - **Authentication:** To secure the connection, the plugin **MUST** generate a unique, secret token and include it in the discovery file. The CLI will then include this token in the `Authorization` header for all requests to the MCP server (e.g., `Authorization: Bearer a-very-secret-token`). Your server **MUST** validate this token on every request and reject any that are unauthorized.
-- **Tie-Breaking with Environment Variables (Recommended):** For the most reliable experience, your plugin **SHOULD** both create the discovery file and set the `QWEN_CODE_IDE_SERVER_PORT` environment variable in the integrated terminal. The file serves as the primary discovery mechanism, but the environment variable is crucial for tie-breaking. If a user has multiple IDE windows open for the same workspace, the CLI uses the `QWEN_CODE_IDE_SERVER_PORT` variable to identify and connect to the correct window's server.
+- **Environment Variables (Required):** Your plugin **MUST** set `QWEN_CODE_IDE_SERVER_PORT` in the integrated terminal so the CLI can locate the correct `<PORT>.lock` file.
+
+**Legacy note:** For extensions older than v0.5.1, Qwen Code may fall back to reading JSON files in the system temp directory named `qwen-code-ide-server-<PID>.json` or `qwen-code-ide-server-<PORT>.json`. New integrations should not rely on these legacy files.
 
 ## II. The Context Interface
 

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "@qwen-code/qwen-code",
-  "version": "0.5.1",
+  "version": "0.6.0",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@qwen-code/qwen-code",
-      "version": "0.5.1",
+      "version": "0.6.0",
       "workspaces": [
         "packages/*"
       ],
@@ -568,7 +568,6 @@
         }
       ],
       "license": "MIT",
-      "peer": true,
       "engines": {
         "node": ">=18"
       },
@@ -592,7 +591,6 @@
         }
       ],
       "license": "MIT",
-      "peer": true,
       "engines": {
         "node": ">=18"
       }
@@ -2157,7 +2155,6 @@
       "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.9.0.tgz",
       "integrity": "sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==",
       "license": "Apache-2.0",
-      "peer": true,
       "engines": {
         "node": ">=8.0.0"
       }
@@ -3671,7 +3668,6 @@
       "resolved": "https://registry.npmjs.org/@testing-library/dom/-/dom-10.4.1.tgz",
       "integrity": "sha512-o4PXJQidqJl82ckFaXUeoAW+XysPLauYI43Abki5hABd853iMhitooc6znOnczgbTYmEP6U6/y1ZyKAIsvMKGg==",
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "@babel/code-frame": "^7.10.4",
         "@babel/runtime": "^7.12.5",
@@ -4142,7 +4138,6 @@
       "integrity": "sha512-AwAfQ2Wa5bCx9WP8nZL2uMZWod7J7/JSplxbTmBQ5ms6QpqNYm672H0Vu9ZVKVngQ+ii4R/byguVEUZQyeg44g==",
       "devOptional": true,
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "csstype": "^3.0.2"
       }
@@ -4153,7 +4148,6 @@
       "integrity": "sha512-4hOiT/dwO8Ko0gV1m/TJZYk3y0KBnY9vzDh7W+DH17b2HFSOGgdj33dhihPeuy3l0q23+4e+hoXHV6hCC4dCXw==",
       "dev": true,
       "license": "MIT",
-      "peer": true,
       "peerDependencies": {
         "@types/react": "^19.0.0"
       }
@@ -4359,7 +4353,6 @@
       "integrity": "sha512-6sMvZePQrnZH2/cJkwRpkT7DxoAWh+g6+GFRK6bV3YQo7ogi3SX5rgF6099r5Q53Ma5qeT7LGmOmuIutF4t3lA==",
       "dev": true,
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "@typescript-eslint/scope-manager": "8.35.0",
         "@typescript-eslint/types": "8.35.0",
@@ -5135,7 +5128,6 @@
       "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz",
       "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==",
       "license": "MIT",
-      "peer": true,
       "bin": {
         "acorn": "bin/acorn"
       },
@@ -5530,7 +5522,8 @@
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz",
       "integrity": "sha512-PCVAQswWemu6UdxsDFFX/+gVeYqKAod3D3UVm91jHwynguOwAvYPhx8nNlM++NqRcK6CxxpUafjmhIdKiHibqg==",
-      "license": "MIT"
+      "license": "MIT",
+      "peer": true
     },
     "node_modules/array-includes": {
       "version": "3.1.9",
@@ -6865,6 +6858,7 @@
       "resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.4.tgz",
       "integrity": "sha512-FveZTNuGw04cxlAiWbzi6zTAL/lhehaWbTtgluJh4/E95DqMwTmha3KZN1aAWA8cFIhHzMZUvLevkw5Rqk+tSQ==",
       "license": "MIT",
+      "peer": true,
       "dependencies": {
         "safe-buffer": "5.2.1"
       },
@@ -7982,7 +7976,6 @@
       "integrity": "sha512-GsGizj2Y1rCWDu6XoEekL3RLilp0voSePurjZIkxL3wlm5o5EC9VpgaP7lrCvjnkuLvzFBQWB3vWB3K5KQTveQ==",
       "dev": true,
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "@eslint-community/eslint-utils": "^4.2.0",
         "@eslint-community/regexpp": "^4.12.1",
@@ -8518,6 +8511,7 @@
       "resolved": "https://registry.npmjs.org/express/-/express-4.21.2.tgz",
       "integrity": "sha512-28HqgMZAmih1Czt9ny7qr6ek2qddF4FclbMzwhCREB6OFfH+rXAnuNCwo1/wFvrtbgsQDb4kSbX9de9lFbrXnA==",
       "license": "MIT",
+      "peer": true,
       "dependencies": {
         "accepts": "~1.3.8",
         "array-flatten": "1.1.1",
@@ -8579,6 +8573,7 @@
       "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.1.tgz",
       "integrity": "sha512-6DnInpx7SJ2AK3+CTUE/ZM0vWTUboZCegxhC2xiIydHR9jNuTAASBrfEpHhiGOZw/nX51bHt6YQl8jsGo4y/0w==",
       "license": "MIT",
+      "peer": true,
       "engines": {
         "node": ">= 0.6"
       }
@@ -8588,6 +8583,7 @@
       "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
       "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==",
       "license": "MIT",
+      "peer": true,
       "dependencies": {
         "ms": "2.0.0"
       }
@@ -8597,6 +8593,7 @@
       "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz",
       "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==",
       "license": "MIT",
+      "peer": true,
       "engines": {
         "node": ">= 0.8"
       }
@@ -8763,6 +8760,7 @@
       "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.3.1.tgz",
       "integrity": "sha512-6BN9trH7bp3qvnrRyzsBz+g3lZxTNZTbVO2EV1CS0WIcDbawYVdYvGflME/9QP0h0pYlCDBCTjYa9nZzMDpyxQ==",
       "license": "MIT",
+      "peer": true,
       "dependencies": {
         "debug": "2.6.9",
         "encodeurl": "~2.0.0",
@@ -8781,6 +8779,7 @@
       "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
       "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==",
       "license": "MIT",
+      "peer": true,
       "dependencies": {
         "ms": "2.0.0"
       }
@@ -8789,13 +8788,15 @@
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
       "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==",
-      "license": "MIT"
+      "license": "MIT",
+      "peer": true
     },
     "node_modules/finalhandler/node_modules/statuses": {
       "version": "2.0.1",
       "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz",
       "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==",
       "license": "MIT",
+      "peer": true,
       "engines": {
         "node": ">= 0.8"
       }
@@ -9909,7 +9910,6 @@
       "resolved": "https://registry.npmjs.org/ink/-/ink-6.2.3.tgz",
       "integrity": "sha512-fQkfEJjKbLXIcVWEE3MvpYSnwtbbmRsmeNDNz1pIuOFlwE+UF2gsy228J36OXKZGWJWZJKUigphBSqCNMcARtg==",
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "@alcalzone/ansi-tokenize": "^0.2.0",
         "ansi-escapes": "^7.0.0",
@@ -11864,6 +11864,7 @@
       "resolved": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz",
       "integrity": "sha512-iclAHeNqNm68zFtnZ0e+1L2yUIdvzNoauKU4WBA3VvH/vPFieF7qfRlwUZU+DA9P9bPXIS90ulxoUoCH23sV2w==",
       "license": "MIT",
+      "peer": true,
       "engines": {
         "node": ">= 0.6"
       }
@@ -13162,7 +13163,8 @@
       "version": "0.1.12",
       "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.12.tgz",
       "integrity": "sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==",
-      "license": "MIT"
+      "license": "MIT",
+      "peer": true
     },
     "node_modules/path-type": {
       "version": "3.0.0",
@@ -13821,7 +13823,6 @@
       "resolved": "https://registry.npmjs.org/react/-/react-19.1.0.tgz",
       "integrity": "sha512-FS+XFBNvn3GTAWq26joslQgWNoFu08F4kl0J4CgdNKADkdSGXQyTCnKteIAJy96Br6YbpEU1LSzV5dYtjMkMDg==",
       "license": "MIT",
-      "peer": true,
       "engines": {
         "node": ">=0.10.0"
       }
@@ -13832,7 +13833,6 @@
       "integrity": "sha512-cq/o30z9W2Wb4rzBefjv5fBalHU0rJGZCHAkf/RHSBWSSYwh8PlQTqqOJmgIIbBtpj27T6FIPXeomIjZtCNVqA==",
       "devOptional": true,
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "shell-quote": "^1.6.1",
         "ws": "^7"
@@ -13866,7 +13866,6 @@
       "integrity": "sha512-Xs1hdnE+DyKgeHJeJznQmYMIBG3TKIHJJT95Q58nHLSrElKlGQqDTR2HQ9fx5CN/Gk6Vh/kupBTDLU11/nDk/g==",
       "dev": true,
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "scheduler": "^0.26.0"
       },
@@ -15932,7 +15931,6 @@
       "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==",
       "dev": true,
       "license": "MIT",
-      "peer": true,
       "engines": {
         "node": ">=12"
       },
@@ -16112,8 +16110,7 @@
       "version": "2.8.1",
       "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz",
       "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==",
-      "license": "0BSD",
-      "peer": true
+      "license": "0BSD"
     },
     "node_modules/tsx": {
       "version": "4.20.3",
@@ -16121,7 +16118,6 @@
       "integrity": "sha512-qjbnuR9Tr+FJOMBqJCW5ehvIo/buZq7vH7qD7JziU98h6l3qGy0a/yPFjwO+y0/T7GFpNgNAvEcPPVfyT8rrPQ==",
       "dev": true,
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "esbuild": "~0.25.0",
         "get-tsconfig": "^4.7.5"
@@ -16316,7 +16312,6 @@
       "integrity": "sha512-p1diW6TqL9L07nNxvRMM7hMMw4c5XOo/1ibL4aAIGmSAt9slTE1Xgw5KWuof2uTOvCg9BY7ZRi+GaF+7sfgPeQ==",
       "dev": true,
       "license": "Apache-2.0",
-      "peer": true,
       "bin": {
         "tsc": "bin/tsc",
         "tsserver": "bin/tsserver"
@@ -16391,6 +16386,7 @@
       "version": "7.15.0",
       "resolved": "https://registry.npmjs.org/undici/-/undici-7.15.0.tgz",
       "integrity": "sha512-7oZJCPvvMvTd0OlqWsIxTuItTpJBpU1tcbVl24FMn3xt3+VSunwUasmfPJRE57oNO1KsZ4PgA1xTdAX4hq8NyQ==",
+      "dev": true,
       "license": "MIT",
       "engines": {
         "node": ">=20.18.1"
@@ -16623,6 +16619,7 @@
       "resolved": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz",
       "integrity": "sha512-pMZTvIkT1d+TFGvDOqodOclx0QWkkgi6Tdoa8gC8ffGAAqz9pzPTZWAybbsHHoED/ztMtkv/VoYTYyShUn81hA==",
       "license": "MIT",
+      "peer": true,
       "engines": {
         "node": ">= 0.4.0"
       }
@@ -16678,7 +16675,6 @@
       "integrity": "sha512-ixXJB1YRgDIw2OszKQS9WxGHKwLdCsbQNkpJN171udl6szi/rIySHL6/Os3s2+oE4P/FLD4dxg4mD7Wust+u5g==",
       "dev": true,
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "esbuild": "^0.25.0",
         "fdir": "^6.4.6",
@@ -16792,7 +16788,6 @@
       "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==",
       "dev": true,
       "license": "MIT",
-      "peer": true,
       "engines": {
         "node": ">=12"
       },
@@ -16806,7 +16801,6 @@
       "integrity": "sha512-LUCP5ev3GURDysTWiP47wRRUpLKMOfPh+yKTx3kVIEiu5KOMeqzpnYNsKyOoVrULivR8tLcks4+lga33Whn90A==",
       "dev": true,
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "@types/chai": "^5.2.2",
         "@vitest/expect": "3.2.4",
@@ -17485,7 +17479,6 @@
       "resolved": "https://registry.npmjs.org/zod/-/zod-3.25.76.tgz",
       "integrity": "sha512-gzUt/qt81nXsFGKIFcC3YnfEAx5NkunCfnDlvuBSSFS02bcXu4Lmea0AFIUwbLWxWPx3d9p8S5QoaujKcNQxcQ==",
       "license": "MIT",
-      "peer": true,
       "funding": {
         "url": "https://github.com/sponsors/colinhacks"
       }
@@ -17501,7 +17494,7 @@
     },
     "packages/cli": {
       "name": "@qwen-code/qwen-code",
-      "version": "0.5.1",
+      "version": "0.6.0",
       "dependencies": {
         "@google/genai": "1.16.0",
         "@iarna/toml": "^2.2.5",
@@ -17532,7 +17525,7 @@
         "strip-ansi": "^7.1.0",
         "strip-json-comments": "^3.1.1",
         "tar": "^7.5.2",
-        "undici": "^7.10.0",
+        "undici": "^6.22.0",
         "update-notifier": "^7.3.1",
         "wrap-ansi": "9.0.2",
         "yargs": "^17.7.2",
@@ -17614,9 +17607,18 @@
         "url": "https://github.com/sponsors/sindresorhus"
       }
     },
+    "packages/cli/node_modules/undici": {
+      "version": "6.22.0",
+      "resolved": "https://registry.npmjs.org/undici/-/undici-6.22.0.tgz",
+      "integrity": "sha512-hU/10obOIu62MGYjdskASR3CUAiYaFTtC9Pa6vHyf//mAipSvSQg6od2CnJswq7fvzNS3zJhxoRkgNVaHurWKw==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=18.17"
+      }
+    },
     "packages/core": {
       "name": "@qwen-code/qwen-code-core",
-      "version": "0.5.1",
+      "version": "0.6.0",
       "hasInstallScript": true,
       "dependencies": {
         "@google/genai": "1.16.0",
@@ -17659,7 +17661,7 @@
         "simple-git": "^3.28.0",
         "strip-ansi": "^7.1.0",
         "tiktoken": "^1.0.21",
-        "undici": "^7.10.0",
+        "undici": "^6.22.0",
         "uuid": "^9.0.1",
         "ws": "^8.18.0"
       },
@@ -17747,7 +17749,6 @@
       "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
       "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
       "license": "MIT",
-      "peer": true,
       "engines": {
         "node": ">=12"
       },
@@ -17755,12 +17756,22 @@
         "url": "https://github.com/sponsors/jonschlinkert"
       }
     },
+    "packages/core/node_modules/undici": {
+      "version": "6.22.0",
+      "resolved": "https://registry.npmjs.org/undici/-/undici-6.22.0.tgz",
+      "integrity": "sha512-hU/10obOIu62MGYjdskASR3CUAiYaFTtC9Pa6vHyf//mAipSvSQg6od2CnJswq7fvzNS3zJhxoRkgNVaHurWKw==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=18.17"
+      }
+    },
     "packages/sdk-typescript": {
       "name": "@qwen-code/sdk",
-      "version": "0.5.1",
+      "version": "0.6.0",
       "license": "Apache-2.0",
       "dependencies": {
-        "@modelcontextprotocol/sdk": "^1.0.4"
+        "@modelcontextprotocol/sdk": "^1.0.4",
+        "tiktoken": "^1.0.21"
       },
       "devDependencies": {
         "@types/node": "^20.14.0",
@@ -20186,7 +20197,7 @@
     },
     "packages/test-utils": {
       "name": "@qwen-code/qwen-code-test-utils",
-      "version": "0.5.1",
+      "version": "0.6.0",
       "dev": true,
       "license": "Apache-2.0",
       "devDependencies": {
@@ -20198,7 +20209,7 @@
     },
     "packages/vscode-ide-companion": {
       "name": "qwen-code-vscode-ide-companion",
-      "version": "0.5.1",
+      "version": "0.6.0",
       "license": "LICENSE",
       "dependencies": {
         "@modelcontextprotocol/sdk": "^1.15.1",
@@ -20218,7 +20229,7 @@
         "@types/react": "^19.1.8",
         "@types/react-dom": "^19.1.6",
         "@types/semver": "^7.7.1",
-        "@types/vscode": "^1.99.0",
+        "@types/vscode": "^1.85.0",
         "@typescript-eslint/eslint-plugin": "^8.31.1",
         "@typescript-eslint/parser": "^8.31.1",
         "@vscode/vsce": "^3.6.0",
@@ -20233,7 +20244,7 @@
         "vitest": "^3.2.4"
       },
       "engines": {
-        "vscode": "^1.99.0"
+        "vscode": "^1.85.0"
       }
     },
     "packages/vscode-ide-companion/node_modules/@types/react": {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@qwen-code/qwen-code",
-  "version": "0.5.1",
+  "version": "0.6.0",
   "engines": {
     "node": ">=20.0.0"
   },
@@ -13,7 +13,7 @@
     "url": "git+https://github.com/QwenLM/qwen-code.git"
   },
   "config": {
-    "sandboxImageUri": "ghcr.io/qwenlm/qwen-code:0.5.1"
+    "sandboxImageUri": "ghcr.io/qwenlm/qwen-code:0.6.0"
   },
   "scripts": {
     "start": "cross-env node scripts/start.js",

packages/cli/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@qwen-code/qwen-code",
-  "version": "0.5.1",
+  "version": "0.6.0",
   "description": "Qwen Code",
   "repository": {
     "type": "git",
@@ -33,7 +33,7 @@
     "dist"
   ],
   "config": {
-    "sandboxImageUri": "ghcr.io/qwenlm/qwen-code:0.5.1"
+    "sandboxImageUri": "ghcr.io/qwenlm/qwen-code:0.6.0"
   },
   "dependencies": {
     "@google/genai": "1.16.0",
@@ -64,7 +64,7 @@
     "strip-ansi": "^7.1.0",
     "strip-json-comments": "^3.1.1",
     "tar": "^7.5.2",
-    "undici": "^7.10.0",
+    "undici": "^6.22.0",
     "extract-zip": "^2.0.1",
     "update-notifier": "^7.3.1",
     "wrap-ansi": "9.0.2",

packages/core/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@qwen-code/qwen-code-core",
-  "version": "0.5.1",
+  "version": "0.6.0",
   "description": "Qwen Code Core",
   "repository": {
     "type": "git",
@@ -63,7 +63,7 @@
     "simple-git": "^3.28.0",
     "strip-ansi": "^7.1.0",
     "tiktoken": "^1.0.21",
-    "undici": "^7.10.0",
+    "undici": "^6.22.0",
     "uuid": "^9.0.1",
     "ws": "^8.18.0"
   },

packages/core/src/config/storage.ts

@@ -15,6 +15,7 @@ export const OAUTH_FILE = 'oauth_creds.json';
 const TMP_DIR_NAME = 'tmp';
 const BIN_DIR_NAME = 'bin';
 const PROJECT_DIR_NAME = 'projects';
+const IDE_DIR_NAME = 'ide';
 
 export class Storage {
   private readonly targetDir: string;
@@ -59,6 +60,10 @@ export class Storage {
     return path.join(Storage.getGlobalQwenDir(), TMP_DIR_NAME);
   }
 
+  static getGlobalIdeDir(): string {
+    return path.join(Storage.getGlobalQwenDir(), IDE_DIR_NAME);
+  }
+
   static getGlobalBinDir(): string {
     return path.join(Storage.getGlobalQwenDir(), BIN_DIR_NAME);
   }

packages/core/src/ide/ide-client.test.ts

@@ -32,6 +32,7 @@ vi.mock('node:fs', async (importOriginal) => {
       ...actual.promises,
       readFile: vi.fn(),
       readdir: vi.fn(),
+      stat: vi.fn(),
     },
     realpathSync: (p: string) => p,
     existsSync: () => false,
@@ -68,6 +69,7 @@ describe('IdeClient', () => {
       command: 'test-ide',
     });
     vi.mocked(os.tmpdir).mockReturnValue('/tmp');
+    vi.mocked(os.homedir).mockReturnValue('/home/test');
 
     // Mock MCP client and transports
     mockClient = {
@@ -97,19 +99,15 @@ describe('IdeClient', () => {
 
   describe('connect', () => {
     it('should connect using HTTP when port is provided in config file', async () => {
+      process.env['QWEN_CODE_IDE_SERVER_PORT'] = '8080';
       const config = { port: '8080' };
       vi.mocked(fs.promises.readFile).mockResolvedValue(JSON.stringify(config));
-      (
-        vi.mocked(fs.promises.readdir) as Mock<
-          (path: fs.PathLike) => Promise<string[]>
-        >
-      ).mockResolvedValue([]);
 
       const ideClient = await IdeClient.getInstance();
       await ideClient.connect();
 
       expect(fs.promises.readFile).toHaveBeenCalledWith(
-        path.join('/tmp', 'qwen-code-ide-server-12345.json'),
+        path.join('/home/test', '.qwen', 'ide', '8080.lock'),
         'utf8',
       );
       expect(StreamableHTTPClientTransport).toHaveBeenCalledWith(
@@ -120,16 +118,13 @@ describe('IdeClient', () => {
       expect(ideClient.getConnectionStatus().status).toBe(
         IDEConnectionStatus.Connected,
       );
+      delete process.env['QWEN_CODE_IDE_SERVER_PORT'];
     });
 
     it('should connect using stdio when stdio config is provided in file', async () => {
+      process.env['QWEN_CODE_IDE_SERVER_PORT'] = '8080';
       const config = { stdio: { command: 'test-cmd', args: ['--foo'] } };
       vi.mocked(fs.promises.readFile).mockResolvedValue(JSON.stringify(config));
-      (
-        vi.mocked(fs.promises.readdir) as Mock<
-          (path: fs.PathLike) => Promise<string[]>
-        >
-      ).mockResolvedValue([]);
 
       const ideClient = await IdeClient.getInstance();
       await ideClient.connect();
@@ -142,19 +137,16 @@ describe('IdeClient', () => {
       expect(ideClient.getConnectionStatus().status).toBe(
         IDEConnectionStatus.Connected,
       );
+      delete process.env['QWEN_CODE_IDE_SERVER_PORT'];
     });
 
     it('should prioritize port over stdio when both are in config file', async () => {
+      process.env['QWEN_CODE_IDE_SERVER_PORT'] = '8080';
       const config = {
         port: '8080',
         stdio: { command: 'test-cmd', args: ['--foo'] },
       };
       vi.mocked(fs.promises.readFile).mockResolvedValue(JSON.stringify(config));
-      (
-        vi.mocked(fs.promises.readdir) as Mock<
-          (path: fs.PathLike) => Promise<string[]>
-        >
-      ).mockResolvedValue([]);
 
       const ideClient = await IdeClient.getInstance();
       await ideClient.connect();
@@ -164,6 +156,7 @@ describe('IdeClient', () => {
       expect(ideClient.getConnectionStatus().status).toBe(
         IDEConnectionStatus.Connected,
       );
+      delete process.env['QWEN_CODE_IDE_SERVER_PORT'];
     });
 
     it('should connect using HTTP when port is provided in environment variables', async () => {
@@ -263,7 +256,8 @@ describe('IdeClient', () => {
   });
 
   describe('getConnectionConfigFromFile', () => {
-    it('should return config from the specific pid file if it exists', async () => {
+    it('should return config from the env port lock file if it exists', async () => {
+      process.env['QWEN_CODE_IDE_SERVER_PORT'] = '1234';
       const config = { port: '1234', workspacePath: '/test/workspace' };
       vi.mocked(fs.promises.readFile).mockResolvedValue(JSON.stringify(config));
 
@@ -277,18 +271,14 @@ describe('IdeClient', () => {
 
       expect(result).toEqual(config);
       expect(fs.promises.readFile).toHaveBeenCalledWith(
-        path.join('/tmp', 'qwen-code-ide-server-12345.json'),
+        path.join('/home/test', '.qwen', 'ide', '1234.lock'),
         'utf8',
       );
+      delete process.env['QWEN_CODE_IDE_SERVER_PORT'];
     });
 
     it('should return undefined if no config files are found', async () => {
       vi.mocked(fs.promises.readFile).mockRejectedValue(new Error('not found'));
-      (
-        vi.mocked(fs.promises.readdir) as Mock<
-          (path: fs.PathLike) => Promise<string[]>
-        >
-      ).mockResolvedValue([]);
 
       const ideClient = await IdeClient.getInstance();
       const result = await (
@@ -300,20 +290,15 @@ describe('IdeClient', () => {
       expect(result).toBeUndefined();
     });
 
-    it('should find and parse a single config file with the new naming scheme', async () => {
-      const config = { port: '5678', workspacePath: '/test/workspace' };
-      vi.mocked(fs.promises.readFile).mockRejectedValueOnce(
-        new Error('not found'),
-      ); // For old path
-      (
-        vi.mocked(fs.promises.readdir) as Mock<
-          (path: fs.PathLike) => Promise<string[]>
-        >
-      ).mockResolvedValue(['qwen-code-ide-server-12345-123.json']);
-      vi.mocked(fs.promises.readFile).mockResolvedValue(JSON.stringify(config));
-      vi.spyOn(IdeClient, 'validateWorkspacePath').mockReturnValue({
-        isValid: true,
-      });
+    it('should read legacy pid config when available', async () => {
+      const config = {
+        port: '5678',
+        workspacePath: '/test/workspace',
+        ppid: 12345,
+      };
+      vi.mocked(fs.promises.readFile).mockResolvedValueOnce(
+        JSON.stringify(config),
+      );
 
       const ideClient = await IdeClient.getInstance();
       const result = await (
@@ -324,110 +309,18 @@ describe('IdeClient', () => {
 
       expect(result).toEqual(config);
       expect(fs.promises.readFile).toHaveBeenCalledWith(
-        path.join('/tmp/gemini/ide', 'qwen-code-ide-server-12345-123.json'),
+        path.join('/tmp', 'qwen-code-ide-server-12345.json'),
         'utf8',
       );
     });
 
-    it('should filter out configs with invalid workspace paths', async () => {
-      const validConfig = {
-        port: '5678',
-        workspacePath: '/test/workspace',
-      };
-      const invalidConfig = {
-        port: '1111',
-        workspacePath: '/invalid/workspace',
-      };
-      vi.mocked(fs.promises.readFile).mockRejectedValueOnce(
-        new Error('not found'),
-      );
-      (
-        vi.mocked(fs.promises.readdir) as Mock<
-          (path: fs.PathLike) => Promise<string[]>
-        >
-      ).mockResolvedValue([
-        'qwen-code-ide-server-12345-111.json',
-        'qwen-code-ide-server-12345-222.json',
-      ]);
-      vi.mocked(fs.promises.readFile)
-        .mockResolvedValueOnce(JSON.stringify(invalidConfig))
-        .mockResolvedValueOnce(JSON.stringify(validConfig));
-
-      const validateSpy = vi
-        .spyOn(IdeClient, 'validateWorkspacePath')
-        .mockReturnValueOnce({ isValid: false })
-        .mockReturnValueOnce({ isValid: true });
-
-      const ideClient = await IdeClient.getInstance();
-      const result = await (
-        ideClient as unknown as {
-          getConnectionConfigFromFile: () => Promise<unknown>;
-        }
-      ).getConnectionConfigFromFile();
-
-      expect(result).toEqual(validConfig);
-      expect(validateSpy).toHaveBeenCalledWith(
-        '/invalid/workspace',
-        '/test/workspace/sub-dir',
-      );
-      expect(validateSpy).toHaveBeenCalledWith(
-        '/test/workspace',
-        '/test/workspace/sub-dir',
-      );
-    });
-
-    it('should return the first valid config when multiple workspaces are valid', async () => {
-      const config1 = { port: '1111', workspacePath: '/test/workspace' };
-      const config2 = { port: '2222', workspacePath: '/test/workspace2' };
-      vi.mocked(fs.promises.readFile).mockRejectedValueOnce(
-        new Error('not found'),
-      );
-      (
-        vi.mocked(fs.promises.readdir) as Mock<
-          (path: fs.PathLike) => Promise<string[]>
-        >
-      ).mockResolvedValue([
-        'qwen-code-ide-server-12345-111.json',
-        'qwen-code-ide-server-12345-222.json',
-      ]);
-      vi.mocked(fs.promises.readFile)
-        .mockResolvedValueOnce(JSON.stringify(config1))
-        .mockResolvedValueOnce(JSON.stringify(config2));
-      vi.spyOn(IdeClient, 'validateWorkspacePath').mockReturnValue({
-        isValid: true,
-      });
-
-      const ideClient = await IdeClient.getInstance();
-      const result = await (
-        ideClient as unknown as {
-          getConnectionConfigFromFile: () => Promise<unknown>;
-        }
-      ).getConnectionConfigFromFile();
-
-      expect(result).toEqual(config1);
-    });
-
-    it('should prioritize the config matching the port from the environment variable', async () => {
+    it('should fall back to legacy port file when pid file is missing', async () => {
       process.env['QWEN_CODE_IDE_SERVER_PORT'] = '2222';
-      const config1 = { port: '1111', workspacePath: '/test/workspace' };
       const config2 = { port: '2222', workspacePath: '/test/workspace2' };
-      vi.mocked(fs.promises.readFile).mockRejectedValueOnce(
-        new Error('not found'),
-      );
-      (
-        vi.mocked(fs.promises.readdir) as Mock<
-          (path: fs.PathLike) => Promise<string[]>
-        >
-      ).mockResolvedValue([
-        'qwen-code-ide-server-12345-111.json',
-        'qwen-code-ide-server-12345-222.json',
-      ]);
       vi.mocked(fs.promises.readFile)
-        .mockResolvedValueOnce(JSON.stringify(config1))
+        .mockRejectedValueOnce(new Error('not found')) // ~/.qwen/ide/<port>.lock
+        .mockRejectedValueOnce(new Error('not found')) // legacy pid file
         .mockResolvedValueOnce(JSON.stringify(config2));
-      vi.spyOn(IdeClient, 'validateWorkspacePath').mockReturnValue({
-        isValid: true,
-      });
 
       const ideClient = await IdeClient.getInstance();
       const result = await (
@@ -437,28 +330,23 @@ describe('IdeClient', () => {
       ).getConnectionConfigFromFile();
 
       expect(result).toEqual(config2);
+      expect(fs.promises.readFile).toHaveBeenCalledWith(
+        path.join('/tmp', 'qwen-code-ide-server-12345.json'),
+        'utf8',
+      );
+      expect(fs.promises.readFile).toHaveBeenCalledWith(
+        path.join('/tmp', 'qwen-code-ide-server-2222.json'),
+        'utf8',
+      );
       delete process.env['QWEN_CODE_IDE_SERVER_PORT'];
     });
 
-    it('should handle invalid JSON in one of the config files', async () => {
-      const validConfig = { port: '2222', workspacePath: '/test/workspace' };
-      vi.mocked(fs.promises.readFile).mockRejectedValueOnce(
-        new Error('not found'),
-      );
-      (
-        vi.mocked(fs.promises.readdir) as Mock<
-          (path: fs.PathLike) => Promise<string[]>
-        >
-      ).mockResolvedValue([
-        'qwen-code-ide-server-12345-111.json',
-        'qwen-code-ide-server-12345-222.json',
-      ]);
+    it('should fall back to legacy config when env lock file has invalid JSON', async () => {
+      process.env['QWEN_CODE_IDE_SERVER_PORT'] = '3333';
+      const config = { port: '1111', workspacePath: '/test/workspace' };
       vi.mocked(fs.promises.readFile)
         .mockResolvedValueOnce('invalid json')
-        .mockResolvedValueOnce(JSON.stringify(validConfig));
-      vi.spyOn(IdeClient, 'validateWorkspacePath').mockReturnValue({
-        isValid: true,
-      });
+        .mockResolvedValueOnce(JSON.stringify(config));
 
       const ideClient = await IdeClient.getInstance();
       const result = await (
@@ -467,96 +355,7 @@ describe('IdeClient', () => {
         }
       ).getConnectionConfigFromFile();
 
-      expect(result).toEqual(validConfig);
-    });
-
-    it('should return undefined if readdir throws an error', async () => {
-      vi.mocked(fs.promises.readFile).mockRejectedValueOnce(
-        new Error('not found'),
-      );
-      vi.mocked(fs.promises.readdir).mockRejectedValue(
-        new Error('readdir failed'),
-      );
-
-      const ideClient = await IdeClient.getInstance();
-      const result = await (
-        ideClient as unknown as {
-          getConnectionConfigFromFile: () => Promise<unknown>;
-        }
-      ).getConnectionConfigFromFile();
-
-      expect(result).toBeUndefined();
-    });
-
-    it('should ignore files with invalid names', async () => {
-      const validConfig = { port: '3333', workspacePath: '/test/workspace' };
-      vi.mocked(fs.promises.readFile).mockRejectedValueOnce(
-        new Error('not found'),
-      );
-      (
-        vi.mocked(fs.promises.readdir) as Mock<
-          (path: fs.PathLike) => Promise<string[]>
-        >
-      ).mockResolvedValue([
-        'qwen-code-ide-server-12345-111.json', // valid
-        'not-a-config-file.txt', // invalid
-        'qwen-code-ide-server-asdf.json', // invalid
-      ]);
-      vi.mocked(fs.promises.readFile).mockResolvedValueOnce(
-        JSON.stringify(validConfig),
-      );
-      vi.spyOn(IdeClient, 'validateWorkspacePath').mockReturnValue({
-        isValid: true,
-      });
-
-      const ideClient = await IdeClient.getInstance();
-      const result = await (
-        ideClient as unknown as {
-          getConnectionConfigFromFile: () => Promise<unknown>;
-        }
-      ).getConnectionConfigFromFile();
-
-      expect(result).toEqual(validConfig);
-      expect(fs.promises.readFile).toHaveBeenCalledWith(
-        path.join('/tmp/gemini/ide', 'qwen-code-ide-server-12345-111.json'),
-        'utf8',
-      );
-      expect(fs.promises.readFile).not.toHaveBeenCalledWith(
-        path.join('/tmp/gemini/ide', 'not-a-config-file.txt'),
-        'utf8',
-      );
-    });
-
-    it('should match env port string to a number port in the config', async () => {
-      process.env['QWEN_CODE_IDE_SERVER_PORT'] = '3333';
-      const config1 = { port: 1111, workspacePath: '/test/workspace' };
-      const config2 = { port: 3333, workspacePath: '/test/workspace2' };
-      vi.mocked(fs.promises.readFile).mockRejectedValueOnce(
-        new Error('not found'),
-      );
-      (
-        vi.mocked(fs.promises.readdir) as Mock<
-          (path: fs.PathLike) => Promise<string[]>
-        >
-      ).mockResolvedValue([
-        'qwen-code-ide-server-12345-111.json',
-        'qwen-code-ide-server-12345-222.json',
-      ]);
-      vi.mocked(fs.promises.readFile)
-        .mockResolvedValueOnce(JSON.stringify(config1))
-        .mockResolvedValueOnce(JSON.stringify(config2));
-      vi.spyOn(IdeClient, 'validateWorkspacePath').mockReturnValue({
-        isValid: true,
-      });
-
-      const ideClient = await IdeClient.getInstance();
-      const result = await (
-        ideClient as unknown as {
-          getConnectionConfigFromFile: () => Promise<unknown>;
-        }
-      ).getConnectionConfigFromFile();
-
-      expect(result).toEqual(config2);
+      expect(result).toEqual(config);
       delete process.env['QWEN_CODE_IDE_SERVER_PORT'];
     });
   });

packages/core/src/ide/ide-client.ts

@@ -8,6 +8,7 @@ import * as fs from 'node:fs';
 import { isSubpath } from '../utils/paths.js';
 import { detectIde, type IdeInfo } from '../ide/detect-ide.js';
 import { ideContextStore } from './ideContext.js';
+import { Storage } from '../config/storage.js';
 import {
   IdeContextNotificationSchema,
   IdeDiffAcceptedNotificationSchema,
@@ -572,98 +573,103 @@ export class IdeClient {
     | (ConnectionConfig & { workspacePath?: string; ideInfo?: IdeInfo })
     | undefined
   > {
-    if (!this.ideProcessInfo) {
-      return undefined;
-    }
-
-    // For backwards compatability
-    try {
-      const portFile = path.join(
-        os.tmpdir(),
-        `qwen-code-ide-server-${this.ideProcessInfo.pid}.json`,
-      );
-      const portFileContents = await fs.promises.readFile(portFile, 'utf8');
-      return JSON.parse(portFileContents);
-    } catch (_) {
-      // For newer extension versions, the file name matches the pattern
-      // /^qwen-code-ide-server-${pid}-\d+\.json$/. If multiple IDE
-      // windows are open, multiple files matching the pattern are expected to
-      // exist.
-    }
-
-    const portFileDir = path.join(os.tmpdir(), 'gemini', 'ide');
-    let portFiles;
-    try {
-      portFiles = await fs.promises.readdir(portFileDir);
-    } catch (e) {
-      logger.debug('Failed to read IDE connection directory:', e);
-      return undefined;
-    }
-
-    if (!portFiles) {
-      return undefined;
-    }
-
-    const fileRegex = new RegExp(
-      `^qwen-code-ide-server-${this.ideProcessInfo.pid}-\\d+\\.json$`,
-    );
-    const matchingFiles = portFiles
-      .filter((file) => fileRegex.test(file))
-      .sort();
-    if (matchingFiles.length === 0) {
-      return undefined;
-    }
-
-    let fileContents: string[];
-    try {
-      fileContents = await Promise.all(
-        matchingFiles.map((file) =>
-          fs.promises.readFile(path.join(portFileDir, file), 'utf8'),
-        ),
-      );
-    } catch (e) {
-      logger.debug('Failed to read IDE connection config file(s):', e);
-      return undefined;
-    }
-    const parsedContents = fileContents.map((content) => {
-      try {
-        return JSON.parse(content);
-      } catch (e) {
-        logger.debug('Failed to parse JSON from config file: ', e);
-        return undefined;
-      }
-    });
-
-    const validWorkspaces = parsedContents.filter((content) => {
-      if (!content) {
-        return false;
-      }
-      const { isValid } = IdeClient.validateWorkspacePath(
-        content.workspacePath,
-        process.cwd(),
-      );
-      return isValid;
-    });
-
-    if (validWorkspaces.length === 0) {
-      return undefined;
-    }
-
-    if (validWorkspaces.length === 1) {
-      return validWorkspaces[0];
-    }
-
     const portFromEnv = this.getPortFromEnv();
     if (portFromEnv) {
-      const matchingPort = validWorkspaces.find(
-        (content) => String(content.port) === portFromEnv,
-      );
-      if (matchingPort) {
-        return matchingPort;
+      try {
+        const ideDir = Storage.getGlobalIdeDir();
+        const lockFile = path.join(ideDir, `${portFromEnv}.lock`);
+        const lockFileContents = await fs.promises.readFile(lockFile, 'utf8');
+        return JSON.parse(lockFileContents);
+      } catch (_) {
+        // Fall through to legacy discovery.
       }
     }
 
-    return validWorkspaces[0];
+    // Legacy discovery for VSCode extension < v0.5.1.
+    return this.getLegacyConnectionConfig(portFromEnv);
+  }
+
+  // Legacy connection files were written in the global temp directory.
+  private async getLegacyConnectionConfig(
+    portFromEnv?: string,
+  ): Promise<
+    | (ConnectionConfig & { workspacePath?: string; ideInfo?: IdeInfo })
+    | undefined
+  > {
+    if (this.ideProcessInfo) {
+      try {
+        const portFile = path.join(
+          os.tmpdir(),
+          `qwen-code-ide-server-${this.ideProcessInfo.pid}.json`,
+        );
+        const portFileContents = await fs.promises.readFile(portFile, 'utf8');
+        return JSON.parse(portFileContents);
+      } catch (_) {
+        // For older/newer extension versions, the file name matches the pattern
+        // /^qwen-code-ide-server-${pid}-\d+\.json$/. If multiple IDE
+        // windows are open, multiple files matching the pattern are expected to
+        // exist.
+      }
+    }
+
+    if (portFromEnv) {
+      try {
+        const portFile = path.join(
+          os.tmpdir(),
+          `qwen-code-ide-server-${portFromEnv}.json`,
+        );
+        const portFileContents = await fs.promises.readFile(portFile, 'utf8');
+        return JSON.parse(portFileContents);
+      } catch (_) {
+        // Ignore and fall through.
+      }
+    }
+
+    return undefined;
+  }
+
+  protected async getAllConnectionConfigs(
+    ideDir: string,
+  ): Promise<
+    ConnectionConfig & Array<{ workspacePath?: string; ideInfo?: IdeInfo }>
+  > {
+    const fileRegex = new RegExp('^\\d+\\.lock$');
+    let lockFiles: string[];
+    try {
+      lockFiles = (await fs.promises.readdir(ideDir)).filter((file) =>
+        fileRegex.test(file),
+      );
+    } catch (e) {
+      logger.debug('Failed to read IDE connection directory:', e);
+      return [];
+    }
+
+    const fileContents = await Promise.all(
+      lockFiles.map(async (file) => {
+        const fullPath = path.join(ideDir, file);
+        try {
+          const stat = await fs.promises.stat(fullPath);
+          const content = await fs.promises.readFile(fullPath, 'utf8');
+          try {
+            const parsed = JSON.parse(content);
+            return { file, mtimeMs: stat.mtimeMs, parsed };
+          } catch (e) {
+            logger.debug('Failed to parse JSON from lock file: ', e);
+            return { file, mtimeMs: stat.mtimeMs, parsed: undefined };
+          }
+        } catch (e) {
+          // If we can't stat/read the file, treat it as very old so it doesn't
+          // win ties, and skip parsing by returning undefined content.
+          logger.debug('Failed to read/stat IDE lock file:', e);
+          return { file, mtimeMs: -Infinity, parsed: undefined };
+        }
+      }),
+    );
+
+    return fileContents
+      .filter(({ parsed }) => parsed !== undefined)
+      .sort((a, b) => b.mtimeMs - a.mtimeMs)
+      .map(({ parsed }) => parsed);
   }
 
   private createProxyAwareFetch() {

packages/core/src/ide/process-utils.test.ts

@@ -50,7 +50,7 @@ describe('getIdeProcessInfo', () => {
       expect(result).toEqual({ pid: 700, command: '/usr/lib/vscode/code' });
     });
 
-    it('should return parent process info if grandparent lookup fails', async () => {
+    it('should return shell process info if grandparent lookup fails', async () => {
       (os.platform as Mock).mockReturnValue('linux');
       mockedExec
         .mockResolvedValueOnce({ stdout: '800 /bin/bash' }) // pid 1000 -> ppid 800 (shell)
@@ -63,134 +63,96 @@ describe('getIdeProcessInfo', () => {
   });
 
   describe('on Windows', () => {
-    it('should traverse up and find the great-grandchild of the root process', async () => {
+    it('should return great-grandparent process using heuristic', async () => {
       (os.platform as Mock).mockReturnValue('win32');
-      const processInfoMap = new Map([
-        [
-          1000,
-          {
-            stdout:
-              '{"Name":"node.exe","ParentProcessId":900,"CommandLine":"node.exe"}',
-          },
-        ],
-        [
-          900,
-          {
-            stdout:
-              '{"Name":"powershell.exe","ParentProcessId":800,"CommandLine":"powershell.exe"}',
-          },
-        ],
-        [
-          800,
-          {
-            stdout:
-              '{"Name":"code.exe","ParentProcessId":700,"CommandLine":"code.exe"}',
-          },
-        ],
-        [
-          700,
-          {
-            stdout:
-              '{"Name":"wininit.exe","ParentProcessId":0,"CommandLine":"wininit.exe"}',
-          },
-        ],
-      ]);
-      mockedExec.mockImplementation((command: string) => {
-        const pidMatch = command.match(/ProcessId=(\d+)/);
-        if (pidMatch) {
-          const pid = parseInt(pidMatch[1], 10);
-          return Promise.resolve(processInfoMap.get(pid));
+
+      const processes = [
+        {
+          ProcessId: 1000,
+          ParentProcessId: 900,
+          Name: 'node.exe',
+          CommandLine: 'node.exe',
+        },
+        {
+          ProcessId: 900,
+          ParentProcessId: 800,
+          Name: 'powershell.exe',
+          CommandLine: 'powershell.exe',
+        },
+        {
+          ProcessId: 800,
+          ParentProcessId: 700,
+          Name: 'code.exe',
+          CommandLine: 'code.exe',
+        },
+        {
+          ProcessId: 700,
+          ParentProcessId: 0,
+          Name: 'wininit.exe',
+          CommandLine: 'wininit.exe',
+        },
+      ];
+
+      mockedExec.mockImplementation((file: string, _args: string[]) => {
+        if (file === 'powershell') {
+          return Promise.resolve({ stdout: JSON.stringify(processes) });
         }
-        return Promise.reject(new Error('Invalid command for mock'));
+        return Promise.resolve({ stdout: '' });
       });
 
       const result = await getIdeProcessInfo();
+      // Process chain: 1000 (node.exe) -> 900 (powershell.exe) -> 800 (code.exe) -> 700 (wininit.exe)
+      // ancestors = [1000, 900, 800, 700], length = 4
+      // Heuristic: return ancestors[length-3] = ancestors[1] = 900 (powershell.exe)
       expect(result).toEqual({ pid: 900, command: 'powershell.exe' });
     });
 
-    it('should handle non-existent process gracefully', async () => {
+    it('should handle empty process list gracefully', async () => {
       (os.platform as Mock).mockReturnValue('win32');
-      mockedExec
-        .mockResolvedValueOnce({ stdout: '' }) // Non-existent PID returns empty due to -ErrorAction SilentlyContinue
-        .mockResolvedValueOnce({
-          stdout:
-            '{"Name":"fallback.exe","ParentProcessId":0,"CommandLine":"fallback.exe"}',
-        }); // Fallback call
+      mockedExec.mockResolvedValue({ stdout: '[]' });
 
       const result = await getIdeProcessInfo();
-      expect(result).toEqual({ pid: 1000, command: 'fallback.exe' });
+      // Should return current pid and empty command because process not found in map
+      expect(result).toEqual({ pid: 1000, command: '' });
     });
 
     it('should handle malformed JSON output gracefully', async () => {
       (os.platform as Mock).mockReturnValue('win32');
-      mockedExec
-        .mockResolvedValueOnce({ stdout: '{"invalid":json}' }) // Malformed JSON
-        .mockResolvedValueOnce({
-          stdout:
-            '{"Name":"fallback.exe","ParentProcessId":0,"CommandLine":"fallback.exe"}',
-        }); // Fallback call
+      mockedExec.mockResolvedValue({ stdout: '{"invalid":json}' });
 
       const result = await getIdeProcessInfo();
-      expect(result).toEqual({ pid: 1000, command: 'fallback.exe' });
+      expect(result).toEqual({ pid: 1000, command: '' });
     });
 
-    it('should handle PowerShell errors without crashing the process chain', async () => {
+    it('should return last ancestor if chain is too short', async () => {
       (os.platform as Mock).mockReturnValue('win32');
-      const processInfoMap = new Map([
-        [1000, { stdout: '' }], // First process doesn't exist (empty due to -ErrorAction)
-        [
-          1001,
-          {
-            stdout:
-              '{"Name":"parent.exe","ParentProcessId":800,"CommandLine":"parent.exe"}',
-          },
-        ],
-        [
-          800,
-          {
-            stdout:
-              '{"Name":"ide.exe","ParentProcessId":0,"CommandLine":"ide.exe"}',
-          },
-        ],
-      ]);
 
-      // Mock the process.pid to test traversal with missing processes
-      Object.defineProperty(process, 'pid', {
-        value: 1001,
-        configurable: true,
-      });
+      const processes = [
+        {
+          ProcessId: 1000,
+          ParentProcessId: 900,
+          Name: 'node.exe',
+          CommandLine: 'node.exe',
+        },
+        {
+          ProcessId: 900,
+          ParentProcessId: 0,
+          Name: 'explorer.exe',
+          CommandLine: 'explorer.exe',
+        },
+      ];
 
-      mockedExec.mockImplementation((command: string) => {
-        const pidMatch = command.match(/ProcessId=(\d+)/);
-        if (pidMatch) {
-          const pid = parseInt(pidMatch[1], 10);
-          return Promise.resolve(processInfoMap.get(pid) || { stdout: '' });
+      mockedExec.mockImplementation((file: string, _args: string[]) => {
+        if (file === 'powershell') {
+          return Promise.resolve({ stdout: JSON.stringify(processes) });
         }
-        return Promise.reject(new Error('Invalid command for mock'));
+        return Promise.resolve({ stdout: '' });
       });
 
       const result = await getIdeProcessInfo();
-      // Should return the current process command since traversal continues despite missing processes
-      expect(result).toEqual({ pid: 1001, command: 'parent.exe' });
-
-      // Reset process.pid
-      Object.defineProperty(process, 'pid', {
-        value: 1000,
-        configurable: true,
-      });
-    });
-
-    it('should handle partial JSON data with defaults', async () => {
-      (os.platform as Mock).mockReturnValue('win32');
-      mockedExec
-        .mockResolvedValueOnce({ stdout: '{"Name":"partial.exe"}' }) // Missing ParentProcessId, defaults to 0
-        .mockResolvedValueOnce({
-          stdout:
-            '{"Name":"root.exe","ParentProcessId":0,"CommandLine":"root.exe"}',
-        }); // Get grandparent info
-
-      const result = await getIdeProcessInfo();
-      expect(result).toEqual({ pid: 1000, command: 'root.exe' });
+      // ancestors = [1000, 900], length = 2 (< 3)
+      // Heuristic: return ancestors[length-1] = ancestors[1] = 900 (explorer.exe)
+      expect(result).toEqual({ pid: 900, command: 'explorer.exe' });
     });
   });
 });

packages/core/src/ide/process-utils.ts

@@ -4,74 +4,43 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-import { exec } from 'node:child_process';
+import { exec, execFile } from 'node:child_process';
 import { promisify } from 'node:util';
 import os from 'node:os';
 import path from 'node:path';
 
 const execAsync = promisify(exec);
+const execFileAsync = promisify(execFile);
 
 const MAX_TRAVERSAL_DEPTH = 32;
 
-/**
- * Fetches the parent process ID, name, and command for a given process ID.
- *
- * @param pid The process ID to inspect.
- * @returns A promise that resolves to the parent's PID, name, and command.
- */
 async function getProcessInfo(pid: number): Promise<{
   parentPid: number;
   name: string;
   command: string;
 }> {
+  // Only used for Unix systems (macOS and Linux)
   try {
-    const platform = os.platform();
-    if (platform === 'win32') {
-      const powershellCommand = [
-        '$p = Get-CimInstance Win32_Process',
-        `-Filter 'ProcessId=${pid}'`,
-        '-ErrorAction SilentlyContinue;',
-        'if ($p) {',
-        '@{Name=$p.Name;ParentProcessId=$p.ParentProcessId;CommandLine=$p.CommandLine}',
-        '| ConvertTo-Json',
-        '}',
-      ].join(' ');
-      const { stdout } = await execAsync(`powershell "${powershellCommand}"`);
-      const output = stdout.trim();
-      if (!output) return { parentPid: 0, name: '', command: '' };
-      const {
-        Name = '',
-        ParentProcessId = 0,
-        CommandLine = '',
-      } = JSON.parse(output);
-      return {
-        parentPid: ParentProcessId,
-        name: Name,
-        command: CommandLine ?? '',
-      };
-    } else {
-      const command = `ps -o ppid=,command= -p ${pid}`;
-      const { stdout } = await execAsync(command);
-      const trimmedStdout = stdout.trim();
-      if (!trimmedStdout) {
-        return { parentPid: 0, name: '', command: '' };
-      }
-      const ppidString = trimmedStdout.split(/\s+/)[0];
-      const parentPid = parseInt(ppidString, 10);
-      const fullCommand = trimmedStdout.substring(ppidString.length).trim();
-      const processName = path.basename(fullCommand.split(' ')[0]);
-      return {
-        parentPid: isNaN(parentPid) ? 1 : parentPid,
-        name: processName,
-        command: fullCommand,
-      };
+    const command = `ps -o ppid=,command= -p ${pid}`;
+    const { stdout } = await execAsync(command);
+    const trimmedStdout = stdout.trim();
+    if (!trimmedStdout) {
+      return { parentPid: 0, name: '', command: '' };
     }
+    const parts = trimmedStdout.split(/\s+/);
+    const ppidString = parts[0];
+    const parentPid = parseInt(ppidString, 10);
+    const fullCommand = trimmedStdout.substring(ppidString.length).trim();
+    const processName = path.basename(fullCommand.split(' ')[0]);
+    return {
+      parentPid: isNaN(parentPid) ? 1 : parentPid,
+      name: processName,
+      command: fullCommand,
+    };
   } catch (_e) {
-    console.debug(`Failed to get process info for pid ${pid}:`, _e);
     return { parentPid: 0, name: '', command: '' };
   }
 }
-
 /**
  * Finds the IDE process info on Unix-like systems.
  *
@@ -106,15 +75,15 @@ async function getIdeProcessInfoForUnix(): Promise<{
         } catch {
           // Ignore if getting grandparent fails, we'll just use the parent pid.
         }
-        const { command } = await getProcessInfo(idePid);
-        return { pid: idePid, command };
+        const { command: ideCommand } = await getProcessInfo(idePid);
+        return { pid: idePid, command: ideCommand };
       }
 
       if (parentPid <= 1) {
         break; // Reached the root
       }
       currentPid = parentPid;
-    } catch {
+    } catch (_e) {
       // Process in chain died
       break;
     }
@@ -124,50 +93,104 @@ async function getIdeProcessInfoForUnix(): Promise<{
   return { pid: currentPid, command };
 }
 
+interface ProcessInfo {
+  pid: number;
+  parentPid: number;
+  name: string;
+  command: string;
+}
+
+interface RawProcessInfo {
+  ProcessId?: number;
+  ParentProcessId?: number;
+  Name?: string;
+  CommandLine?: string;
+}
+
 /**
- * Finds the IDE process info on Windows.
- *
- * The strategy is to find the great-grandchild of the root process.
- *
- * @returns A promise that resolves to the PID and command of the IDE process.
+ * Fetches the entire process table on Windows.
  */
+async function getProcessTableWindows(): Promise<Map<number, ProcessInfo>> {
+  const processMap = new Map<number, ProcessInfo>();
+  try {
+    const powershellCommand =
+      'Get-CimInstance Win32_Process | Select-Object ProcessId,ParentProcessId,Name,CommandLine | ConvertTo-Json -Compress';
+    const { stdout } = await execFileAsync(
+      'powershell',
+      ['-NoProfile', '-NonInteractive', '-Command', powershellCommand],
+      { maxBuffer: 10 * 1024 * 1024 },
+    );
+
+    if (!stdout.trim()) {
+      return processMap;
+    }
+
+    let processes: RawProcessInfo | RawProcessInfo[];
+    try {
+      processes = JSON.parse(stdout);
+    } catch (_e) {
+      return processMap;
+    }
+
+    if (!Array.isArray(processes)) {
+      processes = [processes];
+    }
+
+    for (const p of processes) {
+      if (p && typeof p.ProcessId === 'number') {
+        processMap.set(p.ProcessId, {
+          pid: p.ProcessId,
+          parentPid: p.ParentProcessId || 0,
+          name: p.Name || '',
+          command: p.CommandLine || '',
+        });
+      }
+    }
+  } catch (_e) {
+    // Fallback or error handling if PowerShell fails
+  }
+  return processMap;
+}
+
 async function getIdeProcessInfoForWindows(): Promise<{
   pid: number;
   command: string;
 }> {
-  let currentPid = process.pid;
-  let previousPid = process.pid;
+  // Fetch the entire process table in one go.
+  const processMap = await getProcessTableWindows();
 
-  for (let i = 0; i < MAX_TRAVERSAL_DEPTH; i++) {
-    try {
-      const { parentPid } = await getProcessInfo(currentPid);
+  const myPid = process.pid;
+  const myProc = processMap.get(myPid);
 
-      if (parentPid > 0) {
-        try {
-          const { parentPid: grandParentPid } = await getProcessInfo(parentPid);
-          if (grandParentPid === 0) {
-            // We've found the grandchild of the root (`currentPid`). The IDE
-            // process is its child, which we've stored in `previousPid`.
-            const { command } = await getProcessInfo(previousPid);
-            return { pid: previousPid, command };
-          }
-        } catch {
-          // getting grandparent failed, proceed
-        }
-      }
+  if (!myProc) {
+    // Fallback: return current process info if snapshot fails
+    return { pid: myPid, command: '' };
+  }
 
-      if (parentPid <= 0) {
-        break; // Reached the root
-      }
-      previousPid = currentPid;
-      currentPid = parentPid;
-    } catch {
-      // Process in chain died
+  // Perform tree traversal in memory
+  const ancestors: ProcessInfo[] = [];
+  let curr: ProcessInfo | undefined = myProc;
+
+  for (let i = 0; i < MAX_TRAVERSAL_DEPTH && curr; i++) {
+    ancestors.push(curr);
+
+    if (curr.parentPid === 0 || !processMap.has(curr.parentPid)) {
+      // Parent process not in map, stop traversal
       break;
     }
+    curr = processMap.get(curr.parentPid);
   }
-  const { command } = await getProcessInfo(currentPid);
-  return { pid: currentPid, command };
+
+  // Use heuristic: return the great-grandparent (ancestors[length-3])
+  if (ancestors.length >= 3) {
+    const target = ancestors[ancestors.length - 3];
+    return { pid: target.pid, command: target.command };
+  } else if (ancestors.length > 0) {
+    const target = ancestors[ancestors.length - 1];
+    return { pid: target.pid, command: target.command };
+  }
+
+  return { pid: myPid, command: myProc.command };
 }
 
 /**

packages/sdk-typescript/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@qwen-code/sdk",
-  "version": "0.1.1",
+  "version": "0.6.0",
   "description": "TypeScript SDK for programmatic access to qwen-code CLI",
   "main": "./dist/index.cjs",
   "module": "./dist/index.mjs",

packages/sdk-typescript/src/utils/cliPath.ts

@@ -150,48 +150,49 @@ export function parseExecutableSpec(executableSpec?: string): {
   }
 
   // Check for runtime prefix (e.g., 'bun:/path/to/cli.js')
+  // Use whitelist mechanism: only treat as runtime spec if prefix matches supported runtimes
+  const supportedRuntimes = ['node', 'bun', 'tsx', 'deno'];
   const runtimeMatch = executableSpec.match(/^([^:]+):(.+)$/);
+
   if (runtimeMatch) {
     const [, runtime, filePath] = runtimeMatch;
-    if (!runtime || !filePath) {
-      throw new Error(`Invalid runtime specification: '${executableSpec}'`);
+
+    // Only process as runtime specification if it matches a supported runtime
+    if (runtime && supportedRuntimes.includes(runtime)) {
+      if (!filePath) {
+        throw new Error(`Invalid runtime specification: '${executableSpec}'`);
+      }
+
+      if (!validateRuntimeAvailability(runtime)) {
+        throw new Error(
+          `Runtime '${runtime}' is not available on this system. Please install it first.`,
+        );
+      }
+
+      const resolvedPath = path.resolve(filePath);
+
+      if (!fs.existsSync(resolvedPath)) {
+        throw new Error(
+          `Executable file not found at '${resolvedPath}' for runtime '${runtime}'. ` +
+            'Please check the file path and ensure the file exists.',
+        );
+      }
+
+      if (!validateFileExtensionForRuntime(resolvedPath, runtime)) {
+        const ext = path.extname(resolvedPath);
+        throw new Error(
+          `File extension '${ext}' is not compatible with runtime '${runtime}'. ` +
+            `Expected extensions for ${runtime}: ${getExpectedExtensions(runtime).join(', ')}`,
+        );
+      }
+
+      return {
+        runtime,
+        executablePath: resolvedPath,
+        isExplicitRuntime: true,
+      };
     }
-
-    const supportedRuntimes = ['node', 'bun', 'tsx', 'deno'];
-    if (!supportedRuntimes.includes(runtime)) {
-      throw new Error(
-        `Unsupported runtime '${runtime}'. Supported runtimes: ${supportedRuntimes.join(', ')}`,
-      );
-    }
-
-    if (!validateRuntimeAvailability(runtime)) {
-      throw new Error(
-        `Runtime '${runtime}' is not available on this system. Please install it first.`,
-      );
-    }
-
-    const resolvedPath = path.resolve(filePath);
-
-    if (!fs.existsSync(resolvedPath)) {
-      throw new Error(
-        `Executable file not found at '${resolvedPath}' for runtime '${runtime}'. ` +
-          'Please check the file path and ensure the file exists.',
-      );
-    }
-
-    if (!validateFileExtensionForRuntime(resolvedPath, runtime)) {
-      const ext = path.extname(resolvedPath);
-      throw new Error(
-        `File extension '${ext}' is not compatible with runtime '${runtime}'. ` +
-          `Expected extensions for ${runtime}: ${getExpectedExtensions(runtime).join(', ')}`,
-      );
-    }
-
-    return {
-      runtime,
-      executablePath: resolvedPath,
-      isExplicitRuntime: true,
-    };
+    // If not a supported runtime, fall through to treat as file path (e.g., Windows paths like 'D:\path\to\cli.js')
   }
 
   // Check if it's a command name (no path separators) or a file path

packages/sdk-typescript/test/unit/cliPath.test.ts

@@ -125,12 +125,43 @@ describe('CLI Path Utilities', () => {
         });
       });
 
-      it('should throw for invalid runtime prefix format', () => {
+      it('should treat non-whitelisted runtime prefixes as command names', () => {
+        // With whitelist approach, 'invalid:format' is not recognized as a runtime spec
+        // so it's treated as a command name, which fails validation due to the colon
         expect(() => parseExecutableSpec('invalid:format')).toThrow(
-          'Unsupported runtime',
+          'Invalid command name',
         );
       });
 
+      it('should treat Windows drive letters as file paths, not runtime specs', () => {
+        mockFs.existsSync.mockReturnValue(true);
+
+        // Test various Windows drive letters
+        const windowsPaths = [
+          'C:\\path\\to\\cli.js',
+          'D:\\path\\to\\cli.js',
+          'E:\\Users\\dev\\qwen\\cli.js',
+        ];
+
+        for (const winPath of windowsPaths) {
+          const result = parseExecutableSpec(winPath);
+
+          expect(result.isExplicitRuntime).toBe(false);
+          expect(result.runtime).toBeUndefined();
+          expect(result.executablePath).toBe(path.resolve(winPath));
+        }
+      });
+
+      it('should handle Windows paths with forward slashes', () => {
+        mockFs.existsSync.mockReturnValue(true);
+
+        const result = parseExecutableSpec('C:/path/to/cli.js');
+
+        expect(result.isExplicitRuntime).toBe(false);
+        expect(result.runtime).toBeUndefined();
+        expect(result.executablePath).toBe(path.resolve('C:/path/to/cli.js'));
+      });
+
       it('should throw when runtime-prefixed file does not exist', () => {
         mockFs.existsSync.mockReturnValue(false);
 
@@ -453,6 +484,41 @@ describe('CLI Path Utilities', () => {
         originalInput: `bun:${bundlePath}`,
       });
     });
+
+    it('should handle Windows paths with drive letters', () => {
+      const windowsPath = 'D:\\path\\to\\cli.js';
+      const result = prepareSpawnInfo(windowsPath);
+
+      expect(result).toEqual({
+        command: process.execPath,
+        args: [path.resolve(windowsPath)],
+        type: 'node',
+        originalInput: windowsPath,
+      });
+    });
+
+    it('should handle Windows paths with TypeScript files', () => {
+      const windowsPath = 'C:\\Users\\dev\\qwen\\index.ts';
+      const result = prepareSpawnInfo(windowsPath);
+
+      expect(result).toEqual({
+        command: 'tsx',
+        args: [path.resolve(windowsPath)],
+        type: 'tsx',
+        originalInput: windowsPath,
+      });
+    });
+
+    it('should not confuse Windows drive letters with runtime prefixes', () => {
+      // Ensure 'D:' is not treated as a runtime specification
+      const windowsPath = 'D:\\workspace\\project\\cli.js';
+      const result = prepareSpawnInfo(windowsPath);
+
+      // Should use node runtime based on .js extension, not treat 'D' as runtime
+      expect(result.type).toBe('node');
+      expect(result.command).toBe(process.execPath);
+      expect(result.args).toEqual([path.resolve(windowsPath)]);
+    });
   });
 
   describe('error cases', () => {
@@ -472,21 +538,39 @@ describe('CLI Path Utilities', () => {
       );
     });
 
-    it('should provide helpful error for invalid runtime specification', () => {
+    it('should treat non-whitelisted runtime prefixes as command names', () => {
+      // With whitelist approach, 'invalid:spec' is not recognized as a runtime spec
+      // so it's treated as a command name, which fails validation due to the colon
       expect(() => prepareSpawnInfo('invalid:spec')).toThrow(
-        'Unsupported runtime',
+        'Invalid command name',
+      );
+    });
+
+    it('should handle Windows paths correctly even when file is missing', () => {
+      mockFs.existsSync.mockReturnValue(false);
+
+      expect(() => prepareSpawnInfo('D:\\missing\\cli.js')).toThrow(
+        'Executable file not found at',
+      );
+      // Should not throw 'Invalid command name' error (which would happen if 'D:' was treated as invalid command)
+      expect(() => prepareSpawnInfo('D:\\missing\\cli.js')).not.toThrow(
+        'Invalid command name',
       );
     });
   });
 
   describe('comprehensive validation', () => {
     describe('runtime validation', () => {
-      it('should reject unsupported runtimes', () => {
-        expect(() =>
-          parseExecutableSpec('unsupported:/path/to/file.js'),
-        ).toThrow(
-          "Unsupported runtime 'unsupported'. Supported runtimes: node, bun, tsx, deno",
-        );
+      it('should treat unsupported runtime prefixes as file paths', () => {
+        mockFs.existsSync.mockReturnValue(true);
+
+        // With whitelist approach, 'unsupported:' is not recognized as a runtime spec
+        // so 'unsupported:/path/to/file.js' is treated as a file path
+        const result = parseExecutableSpec('unsupported:/path/to/file.js');
+
+        // Should be treated as a file path, not a runtime specification
+        expect(result.isExplicitRuntime).toBe(false);
+        expect(result.runtime).toBeUndefined();
       });
 
       it('should validate runtime availability for explicit runtime specs', () => {

packages/test-utils/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@qwen-code/qwen-code-test-utils",
-  "version": "0.5.1",
+  "version": "0.6.0",
   "private": true,
   "main": "src/index.ts",
   "license": "Apache-2.0",

packages/vscode-ide-companion/package.json

@@ -2,7 +2,7 @@
   "name": "qwen-code-vscode-ide-companion",
   "displayName": "Qwen Code Companion",
   "description": "Enable Qwen Code with direct access to your VS Code workspace.",
-  "version": "0.5.1",
+  "version": "0.6.0",
   "publisher": "qwenlm",
   "icon": "assets/icon.png",
   "repository": {
@@ -11,7 +11,7 @@
     "directory": "packages/vscode-ide-companion"
   },
   "engines": {
-    "vscode": "^1.99.0"
+    "vscode": "^1.85.0"
   },
   "license": "LICENSE",
   "preview": true,
@@ -137,7 +137,7 @@
     "@types/react": "^19.1.8",
     "@types/react-dom": "^19.1.6",
     "@types/semver": "^7.7.1",
-    "@types/vscode": "^1.99.0",
+    "@types/vscode": "^1.85.0",
     "@typescript-eslint/eslint-plugin": "^8.31.1",
     "@typescript-eslint/parser": "^8.31.1",
     "@vscode/vsce": "^3.6.0",

packages/vscode-ide-companion/src/ide-server.test.ts

@@ -27,13 +27,14 @@ vi.mock('node:fs/promises', () => ({
   writeFile: vi.fn(() => Promise.resolve(undefined)),
   unlink: vi.fn(() => Promise.resolve(undefined)),
   chmod: vi.fn(() => Promise.resolve(undefined)),
+  mkdir: vi.fn(() => Promise.resolve(undefined)),
 }));
 
 vi.mock('node:os', async (importOriginal) => {
   const actual = await importOriginal<typeof os>();
   return {
     ...actual,
-    tmpdir: vi.fn(() => '/tmp'),
+    homedir: vi.fn(() => '/home/test'),
   };
 });
 
@@ -128,30 +129,24 @@ describe('IDEServer', () => {
     );
 
     const port = getPortFromMock(replaceMock);
-    const expectedPortFile = path.join(
-      '/tmp',
-      `qwen-code-ide-server-${port}.json`,
-    );
-    const expectedPpidPortFile = path.join(
-      '/tmp',
-      `qwen-code-ide-server-${process.ppid}.json`,
+    const expectedLockFile = path.join(
+      '/home/test',
+      '.qwen',
+      'ide',
+      `${port}.lock`,
     );
     const expectedContent = JSON.stringify({
       port: parseInt(port, 10),
       workspacePath: expectedWorkspacePaths,
       ppid: process.ppid,
       authToken: 'test-auth-token',
+      ideName: 'VS Code',
     });
     expect(fs.writeFile).toHaveBeenCalledWith(
-      expectedPortFile,
+      expectedLockFile,
       expectedContent,
     );
-    expect(fs.writeFile).toHaveBeenCalledWith(
-      expectedPpidPortFile,
-      expectedContent,
-    );
-    expect(fs.chmod).toHaveBeenCalledWith(expectedPortFile, 0o600);
-    expect(fs.chmod).toHaveBeenCalledWith(expectedPpidPortFile, 0o600);
+    expect(fs.chmod).toHaveBeenCalledWith(expectedLockFile, 0o600);
   });
 
   it('should set a single folder path', async () => {
@@ -166,30 +161,24 @@ describe('IDEServer', () => {
     );
 
     const port = getPortFromMock(replaceMock);
-    const expectedPortFile = path.join(
-      '/tmp',
-      `qwen-code-ide-server-${port}.json`,
-    );
-    const expectedPpidPortFile = path.join(
-      '/tmp',
-      `qwen-code-ide-server-${process.ppid}.json`,
+    const expectedLockFile = path.join(
+      '/home/test',
+      '.qwen',
+      'ide',
+      `${port}.lock`,
     );
     const expectedContent = JSON.stringify({
       port: parseInt(port, 10),
       workspacePath: '/foo/bar',
       ppid: process.ppid,
       authToken: 'test-auth-token',
+      ideName: 'VS Code',
     });
     expect(fs.writeFile).toHaveBeenCalledWith(
-      expectedPortFile,
+      expectedLockFile,
       expectedContent,
     );
-    expect(fs.writeFile).toHaveBeenCalledWith(
-      expectedPpidPortFile,
-      expectedContent,
-    );
-    expect(fs.chmod).toHaveBeenCalledWith(expectedPortFile, 0o600);
-    expect(fs.chmod).toHaveBeenCalledWith(expectedPpidPortFile, 0o600);
+    expect(fs.chmod).toHaveBeenCalledWith(expectedLockFile, 0o600);
   });
 
   it('should set an empty string if no folders are open', async () => {
@@ -204,30 +193,24 @@ describe('IDEServer', () => {
     );
 
     const port = getPortFromMock(replaceMock);
-    const expectedPortFile = path.join(
-      '/tmp',
-      `qwen-code-ide-server-${port}.json`,
-    );
-    const expectedPpidPortFile = path.join(
-      '/tmp',
-      `qwen-code-ide-server-${process.ppid}.json`,
+    const expectedLockFile = path.join(
+      '/home/test',
+      '.qwen',
+      'ide',
+      `${port}.lock`,
     );
     const expectedContent = JSON.stringify({
       port: parseInt(port, 10),
       workspacePath: '',
       ppid: process.ppid,
       authToken: 'test-auth-token',
+      ideName: 'VS Code',
     });
     expect(fs.writeFile).toHaveBeenCalledWith(
-      expectedPortFile,
+      expectedLockFile,
       expectedContent,
     );
-    expect(fs.writeFile).toHaveBeenCalledWith(
-      expectedPpidPortFile,
-      expectedContent,
-    );
-    expect(fs.chmod).toHaveBeenCalledWith(expectedPortFile, 0o600);
-    expect(fs.chmod).toHaveBeenCalledWith(expectedPpidPortFile, 0o600);
+    expect(fs.chmod).toHaveBeenCalledWith(expectedLockFile, 0o600);
   });
 
   it('should update the path when workspace folders change', async () => {
@@ -256,30 +239,24 @@ describe('IDEServer', () => {
     );
 
     const port = getPortFromMock(replaceMock);
-    const expectedPortFile = path.join(
-      '/tmp',
-      `qwen-code-ide-server-${port}.json`,
-    );
-    const expectedPpidPortFile = path.join(
-      '/tmp',
-      `qwen-code-ide-server-${process.ppid}.json`,
+    const expectedLockFile = path.join(
+      '/home/test',
+      '.qwen',
+      'ide',
+      `${port}.lock`,
     );
     const expectedContent = JSON.stringify({
       port: parseInt(port, 10),
       workspacePath: expectedWorkspacePaths,
       ppid: process.ppid,
       authToken: 'test-auth-token',
+      ideName: 'VS Code',
     });
     expect(fs.writeFile).toHaveBeenCalledWith(
-      expectedPortFile,
+      expectedLockFile,
       expectedContent,
     );
-    expect(fs.writeFile).toHaveBeenCalledWith(
-      expectedPpidPortFile,
-      expectedContent,
-    );
-    expect(fs.chmod).toHaveBeenCalledWith(expectedPortFile, 0o600);
-    expect(fs.chmod).toHaveBeenCalledWith(expectedPpidPortFile, 0o600);
+    expect(fs.chmod).toHaveBeenCalledWith(expectedLockFile, 0o600);
 
     // Simulate removing a folder
     vscodeMock.workspace.workspaceFolders = [{ uri: { fsPath: '/baz/qux' } }];
@@ -294,36 +271,26 @@ describe('IDEServer', () => {
       workspacePath: '/baz/qux',
       ppid: process.ppid,
       authToken: 'test-auth-token',
+      ideName: 'VS Code',
     });
     expect(fs.writeFile).toHaveBeenCalledWith(
-      expectedPortFile,
+      expectedLockFile,
       expectedContent2,
     );
-    expect(fs.writeFile).toHaveBeenCalledWith(
-      expectedPpidPortFile,
-      expectedContent2,
-    );
-    expect(fs.chmod).toHaveBeenCalledWith(expectedPortFile, 0o600);
-    expect(fs.chmod).toHaveBeenCalledWith(expectedPpidPortFile, 0o600);
+    expect(fs.chmod).toHaveBeenCalledWith(expectedLockFile, 0o600);
   });
 
-  it('should clear env vars and delete port file on stop', async () => {
+  it('should clear env vars and delete lock file on stop', async () => {
     await ideServer.start(mockContext);
     const replaceMock = mockContext.environmentVariableCollection.replace;
     const port = getPortFromMock(replaceMock);
-    const portFile = path.join('/tmp', `qwen-code-ide-server-${port}.json`);
-    const ppidPortFile = path.join(
-      '/tmp',
-      `qwen-code-ide-server-${process.ppid}.json`,
-    );
-    expect(fs.writeFile).toHaveBeenCalledWith(portFile, expect.any(String));
-    expect(fs.writeFile).toHaveBeenCalledWith(ppidPortFile, expect.any(String));
+    const lockFile = path.join('/home/test', '.qwen', 'ide', `${port}.lock`);
+    expect(fs.writeFile).toHaveBeenCalledWith(lockFile, expect.any(String));
 
     await ideServer.stop();
 
     expect(mockContext.environmentVariableCollection.clear).toHaveBeenCalled();
-    expect(fs.unlink).toHaveBeenCalledWith(portFile);
-    expect(fs.unlink).toHaveBeenCalledWith(ppidPortFile);
+    expect(fs.unlink).toHaveBeenCalledWith(lockFile);
   });
 
   it.skipIf(process.platform !== 'win32')(
@@ -344,30 +311,24 @@ describe('IDEServer', () => {
       );
 
       const port = getPortFromMock(replaceMock);
-      const expectedPortFile = path.join(
-        '/tmp',
-        `qwen-code-ide-server-${port}.json`,
-      );
-      const expectedPpidPortFile = path.join(
-        '/tmp',
-        `qwen-code-ide-server-${process.ppid}.json`,
+      const expectedLockFile = path.join(
+        '/home/test',
+        '.qwen',
+        'ide',
+        `${port}.lock`,
       );
       const expectedContent = JSON.stringify({
         port: parseInt(port, 10),
         workspacePath: expectedWorkspacePaths,
         ppid: process.ppid,
         authToken: 'test-auth-token',
+        ideName: 'VS Code',
       });
       expect(fs.writeFile).toHaveBeenCalledWith(
-        expectedPortFile,
+        expectedLockFile,
         expectedContent,
       );
-      expect(fs.writeFile).toHaveBeenCalledWith(
-        expectedPpidPortFile,
-        expectedContent,
-      );
-      expect(fs.chmod).toHaveBeenCalledWith(expectedPortFile, 0o600);
-      expect(fs.chmod).toHaveBeenCalledWith(expectedPpidPortFile, 0o600);
+      expect(fs.chmod).toHaveBeenCalledWith(expectedLockFile, 0o600);
     },
   );
 
@@ -379,7 +340,7 @@ describe('IDEServer', () => {
       port = (ideServer as unknown as { port: number }).port;
     });
 
-    it('should allow request without auth token for backwards compatibility', async () => {
+    it('should reject request without auth token', async () => {
       const response = await fetch(`http://localhost:${port}/mcp`, {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
@@ -390,7 +351,9 @@ describe('IDEServer', () => {
           id: 1,
         }),
       });
-      expect(response.status).not.toBe(401);
+      expect(response.status).toBe(401);
+      const body = await response.text();
+      expect(body).toBe('Unauthorized');
     });
 
     it('should allow request with valid auth token', async () => {
@@ -550,6 +513,7 @@ describe('IDEServer HTTP endpoints', () => {
         headers: {
           Host: `localhost:${port}`,
           'Content-Type': 'application/json',
+          Authorization: 'Bearer test-auth-token',
         },
       },
       JSON.stringify({ jsonrpc: '2.0', method: 'initialize' }),

packages/vscode-ide-companion/src/ide-server.ts

@@ -10,6 +10,7 @@ import {
   IdeContextNotificationSchema,
   OpenDiffRequestSchema,
 } from '@qwen-code/qwen-code-core/src/ide/types.js';
+import { detectIdeFromEnv } from '@qwen-code/qwen-code-core/src/ide/detect-ide.js';
 import { isInitializeRequest } from '@modelcontextprotocol/sdk/types.js';
 import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
 import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js';
@@ -38,12 +39,24 @@ class CORSError extends Error {
 const MCP_SESSION_ID_HEADER = 'mcp-session-id';
 const IDE_SERVER_PORT_ENV_VAR = 'QWEN_CODE_IDE_SERVER_PORT';
 const IDE_WORKSPACE_PATH_ENV_VAR = 'QWEN_CODE_IDE_WORKSPACE_PATH';
+const QWEN_DIR = '.qwen';
+const IDE_DIR = 'ide';
+
+async function getGlobalIdeDir(): Promise<string> {
+  const homeDir = os.homedir();
+  // Prefer home dir, but fall back to tmpdir if unavailable (matches core Storage behavior).
+  const baseDir = homeDir
+    ? path.join(homeDir, QWEN_DIR)
+    : path.join(os.tmpdir(), QWEN_DIR);
+  const ideDir = path.join(baseDir, IDE_DIR);
+  await fs.mkdir(ideDir, { recursive: true });
+  return ideDir;
+}
 
 interface WritePortAndWorkspaceArgs {
   context: vscode.ExtensionContext;
   port: number;
-  portFile: string;
-  ppidPortFile: string;
+  lockFile: string;
   authToken: string;
   log: (message: string) => void;
 }
@@ -51,8 +64,7 @@ interface WritePortAndWorkspaceArgs {
 async function writePortAndWorkspace({
   context,
   port,
-  portFile,
-  ppidPortFile,
+  lockFile,
   authToken,
   log,
 }: WritePortAndWorkspaceArgs): Promise<void> {
@@ -71,26 +83,24 @@ async function writePortAndWorkspace({
     workspacePath,
   );
 
+  const ideInfo = detectIdeFromEnv();
   const content = JSON.stringify({
     port,
     workspacePath,
     ppid: process.ppid,
     authToken,
+    ideName: ideInfo.displayName,
   });
 
-  log(`Writing port file to: ${portFile}`);
-  log(`Writing ppid port file to: ${ppidPortFile}`);
+  log(`Writing IDE lock file to: ${lockFile}`);
 
   try {
-    await Promise.all([
-      fs.writeFile(portFile, content).then(() => fs.chmod(portFile, 0o600)),
-      fs
-        .writeFile(ppidPortFile, content)
-        .then(() => fs.chmod(ppidPortFile, 0o600)),
-    ]);
+    await fs.mkdir(path.dirname(lockFile), { recursive: true });
+    await fs.writeFile(lockFile, content);
+    await fs.chmod(lockFile, 0o600);
   } catch (err) {
     const message = err instanceof Error ? err.message : String(err);
-    log(`Failed to write port to file: ${message}`);
+    log(`Failed to write IDE lock file: ${message}`);
   }
 }
 
@@ -121,8 +131,7 @@ export class IDEServer {
   private server: HTTPServer | undefined;
   private context: vscode.ExtensionContext | undefined;
   private log: (message: string) => void;
-  private portFile: string | undefined;
-  private ppidPortFile: string | undefined;
+  private lockFile: string | undefined;
   private port: number | undefined;
   private authToken: string | undefined;
   private transports: { [sessionId: string]: StreamableHTTPServerTransport } =
@@ -174,19 +183,24 @@ export class IDEServer {
 
       app.use((req, res, next) => {
         const authHeader = req.headers.authorization;
-        if (authHeader) {
-          const parts = authHeader.split(' ');
-          if (parts.length !== 2 || parts[0] !== 'Bearer') {
-            this.log('Malformed Authorization header. Rejecting request.');
-            res.status(401).send('Unauthorized');
-            return;
-          }
-          const token = parts[1];
-          if (token !== this.authToken) {
-            this.log('Invalid auth token provided. Rejecting request.');
-            res.status(401).send('Unauthorized');
-            return;
-          }
+        if (!authHeader) {
+          this.log('Missing Authorization header. Rejecting request.');
+          res.status(401).send('Unauthorized');
+          return;
+        }
+
+        const parts = authHeader.split(' ');
+        if (parts.length !== 2 || parts[0] !== 'Bearer') {
+          this.log('Malformed Authorization header. Rejecting request.');
+          res.status(401).send('Unauthorized');
+          return;
+        }
+
+        const token = parts[1];
+        if (token !== this.authToken) {
+          this.log('Invalid auth token provided. Rejecting request.');
+          res.status(401).send('Unauthorized');
+          return;
         }
         next();
       });
@@ -327,22 +341,21 @@ export class IDEServer {
         const address = (this.server as HTTPServer).address();
         if (address && typeof address !== 'string') {
           this.port = address.port;
-          this.portFile = path.join(
-            os.tmpdir(),
-            `qwen-code-ide-server-${this.port}.json`,
-          );
-          this.ppidPortFile = path.join(
-            os.tmpdir(),
-            `qwen-code-ide-server-${process.ppid}.json`,
-          );
+          try {
+            const ideDir = await getGlobalIdeDir();
+            // Name the lock file by port to support multiple server instances.
+            this.lockFile = path.join(ideDir, `${this.port}.lock`);
+          } catch (err) {
+            const message = err instanceof Error ? err.message : String(err);
+            this.log(`Failed to determine IDE lock directory: ${message}`);
+          }
           this.log(`IDE server listening on http://127.0.0.1:${this.port}`);
 
-          if (this.authToken) {
+          if (this.authToken && this.lockFile) {
             await writePortAndWorkspace({
               context,
               port: this.port,
-              portFile: this.portFile,
-              ppidPortFile: this.ppidPortFile,
+              lockFile: this.lockFile,
               authToken: this.authToken,
               log: this.log,
             });
@@ -371,15 +384,13 @@ export class IDEServer {
       this.context &&
       this.server &&
       this.port &&
-      this.portFile &&
-      this.ppidPortFile &&
+      this.lockFile &&
       this.authToken
     ) {
       await writePortAndWorkspace({
         context: this.context,
         port: this.port,
-        portFile: this.portFile,
-        ppidPortFile: this.ppidPortFile,
+        lockFile: this.lockFile,
         authToken: this.authToken,
         log: this.log,
       });
@@ -405,16 +416,9 @@ export class IDEServer {
     if (this.context) {
       this.context.environmentVariableCollection.clear();
     }
-    if (this.portFile) {
+    if (this.lockFile) {
       try {
-        await fs.unlink(this.portFile);
-      } catch (_err) {
-        // Ignore errors if the file doesn't exist.
-      }
-    }
-    if (this.ppidPortFile) {
-      try {
-        await fs.unlink(this.ppidPortFile);
+        await fs.unlink(this.lockFile);
       } catch (_err) {
         // Ignore errors if the file doesn't exist.
       }