fix: release workflow failure

chore: Adjusted docs directory structure

.github/CODEOWNERS

@@ -1,7 +0,0 @@
-# By default, require reviews from the release approvers for all files.
-* @google-gemini/gemini-cli-askmode-approvers
-
-# The following files don't need reviews from the release approvers.
-# These patterns override the rule above.
-**/*.md
-/docs/

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -1,6 +1,6 @@
 name: 'Bug Report'
 description: 'Report a bug to help us improve Qwen Code'
-labels: ['kind/bug', 'status/need-triage']
+labels: ['type/bug', 'status/needs-triage']
 body:
   - type: 'markdown'
     attributes:

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -1,8 +1,8 @@
 name: 'Feature Request'
 description: 'Suggest an idea for this project'
 labels:
-  - 'kind/enhancement'
-  - 'status/need-triage'
+  - 'type/feature-request'
+  - 'status/needs-triage'
 body:
   - type: 'markdown'
     attributes:

.github/scripts/pr-triage.sh

@@ -19,42 +19,20 @@ process_pr() {
     local PR_NUMBER=$1
     echo "🔄 Processing PR #${PR_NUMBER}"
 
-    # Get PR body with error handling
-    local PR_BODY
-    if ! PR_BODY=$(gh pr view "${PR_NUMBER}" --repo "${GITHUB_REPOSITORY}" --json body -q .body 2>/dev/null); then
-        echo "   ⚠️ Could not fetch PR #${PR_NUMBER} details"
-        return 1
-    fi
-
-    # Look for issue references using multiple patterns
-    local ISSUE_NUMBER=""
-
-    # Pattern 1: Direct reference like #123
-    if [[ -z "${ISSUE_NUMBER}" ]]; then
-        ISSUE_NUMBER=$(echo "${PR_BODY}" | grep -oE '#[0-9]+' | head -1 | sed 's/#//' 2>/dev/null || echo "")
-    fi
-
-    # Pattern 2: Closes/Fixes/Resolves patterns (case-insensitive)
-    if [[ -z "${ISSUE_NUMBER}" ]]; then
-        ISSUE_NUMBER=$(echo "${PR_BODY}" | grep -iE '(closes?|fixes?|resolves?) #[0-9]+' | grep -oE '#[0-9]+' | head -1 | sed 's/#//' 2>/dev/null || echo "")
+    # Get closing issue number with error handling
+    local ISSUE_NUMBER
+    if ! ISSUE_NUMBER=$(gh pr view "${PR_NUMBER}" --repo "${GITHUB_REPOSITORY}" --json closingIssuesReferences -q '.closingIssuesReferences.nodes[0].number' 2>/dev/null); then
+        echo "   ⚠️ Could not fetch closing issue for PR #${PR_NUMBER}"
     fi
 
     if [[ -z "${ISSUE_NUMBER}" ]]; then
-        echo "⚠️  No linked issue found for PR #${PR_NUMBER}, adding status/need-issue label"
-        if ! gh pr edit "${PR_NUMBER}" --repo "${GITHUB_REPOSITORY}" --add-label "status/need-issue" 2>/dev/null; then
-            echo "   ⚠️ Failed to add label (may already exist or have permission issues)"
-        fi
-        # Add PR number to the list
-        if [[ -z "${PRS_NEEDING_COMMENT}" ]]; then
-            PRS_NEEDING_COMMENT="${PR_NUMBER}"
-        else
-            PRS_NEEDING_COMMENT="${PRS_NEEDING_COMMENT},${PR_NUMBER}"
-        fi
-        echo "needs_comment=true" >> "${GITHUB_OUTPUT}"
+        echo "ℹ️  No linked issue found for PR #${PR_NUMBER} - this is acceptable for independent contributions"
+        # We no longer require PRs to have linked issues
+        # Independent valuable contributions are encouraged
     else
         echo "🔗 Found linked issue #${ISSUE_NUMBER}"
 
-        # Remove status/need-issue label if present
+        # Remove status/need-issue label if present (legacy cleanup)
         if ! gh pr edit "${PR_NUMBER}" --repo "${GITHUB_REPOSITORY}" --remove-label "status/need-issue" 2>/dev/null; then
             echo "   status/need-issue label not present or could not be removed"
         fi
@@ -99,7 +77,7 @@ process_pr() {
         local LABELS_TO_REMOVE=""
         for label in "${PR_LABEL_ARRAY[@]}"; do
             if [[ -n "${label}" ]] && [[ " ${ISSUE_LABEL_ARRAY[*]} " != *" ${label} "* ]]; then
-                # Don't remove status/need-issue since we already handled it
+                # Don't remove status/need-issue since we already handled it (legacy cleanup)
                 if [[ "${label}" != "status/need-issue" ]]; then
                     if [[ -z "${LABELS_TO_REMOVE}" ]]; then
                         LABELS_TO_REMOVE="${label}"
@@ -118,14 +96,7 @@ process_pr() {
             fi
         fi
 
-        if [[ -n "${LABELS_TO_REMOVE}" ]]; then
-            echo "➖ Removing labels: ${LABELS_TO_REMOVE}"
-            if ! gh pr edit "${PR_NUMBER}" --repo "${GITHUB_REPOSITORY}" --remove-label "${LABELS_TO_REMOVE}" 2>/dev/null; then
-                echo "   ⚠️ Failed to remove some labels"
-            fi
-        fi
-
-        if [[ -z "${LABELS_TO_ADD}" ]] && [[ -z "${LABELS_TO_REMOVE}" ]]; then
+        if [[ -z "${LABELS_TO_ADD}" ]]; then
             echo "✅ Labels already synchronized"
         fi
         echo "needs_comment=false" >> "${GITHUB_OUTPUT}"

.github/workflows/check-issue-completeness.yml

@@ -0,0 +1,201 @@
+name: 'Check Issue Completeness'
+
+on:
+  issues:
+    types:
+      - 'opened'
+      - 'edited'
+
+permissions:
+  contents: 'read'
+  issues: 'write'
+
+jobs:
+  check-issue-info:
+    timeout-minutes: 2
+    if: |-
+      ${{ github.repository == 'QwenLM/qwen-code' && contains(github.event.issue.labels.*.name, 'type/bug') }}
+    runs-on: 'ubuntu-latest'
+    steps:
+      - name: 'Check for Client Information'
+        id: 'check_info'
+        env:
+          ISSUE_BODY: '${{ github.event.issue.body }}'
+        run: |-
+          echo "Checking issue body for required information..."
+
+          # Convert issue body to lowercase for case-insensitive matching
+          ISSUE_BODY_LOWER=$(echo "$ISSUE_BODY" | tr '[:upper:]' '[:lower:]')
+
+          # Initialize flags
+          HAS_VERSION=false
+          HAS_OS_INFO=false
+          HAS_AUTH_METHOD=false
+          HAS_ABOUT_OUTPUT=false
+          MISSING_INFO=()
+
+          # Check for /about command output by looking for its characteristic fields
+          # The /about output contains: CLI Version, Git Commit, Model, Sandbox, OS, Auth Method
+          if echo "$ISSUE_BODY_LOWER" | grep -qE 'cli version.*[0-9]+\.[0-9]+\.[0-9]+'; then
+            HAS_ABOUT_OUTPUT=true
+            HAS_VERSION=true
+          fi
+
+          # If full /about output is not detected, check individual components
+          if [ "$HAS_ABOUT_OUTPUT" = false ]; then
+            # Check for version information (various formats)
+            if echo "$ISSUE_BODY_LOWER" | grep -qE '(cli version|version|v)[[:space:]]*[0-9]+\.[0-9]+\.[0-9]+'; then
+              HAS_VERSION=true
+            fi
+
+            # Check for OS information
+            if echo "$ISSUE_BODY_LOWER" | grep -qE '(^os[[:space:]]|macos|windows|linux|ubuntu|debian|fedora|arch|darwin|win32|platform)'; then
+              HAS_OS_INFO=true
+            fi
+
+            # Check for Auth Method information
+            if echo "$ISSUE_BODY_LOWER" | grep -qE '(auth method|authentication|login|qwen-oauth|api.?config|oauth)'; then
+              HAS_AUTH_METHOD=true
+            fi
+          else
+            # If /about output is present, assume it contains OS and auth info
+            HAS_OS_INFO=true
+            HAS_AUTH_METHOD=true
+          fi
+
+          # Determine what's missing
+          if [ "$HAS_ABOUT_OUTPUT" = false ]; then
+            if [ "$HAS_VERSION" = false ]; then
+              MISSING_INFO+=("Qwen Code version")
+            fi
+            if [ "$HAS_OS_INFO" = false ]; then
+              MISSING_INFO+=("operating system information")
+            fi
+            if [ "$HAS_AUTH_METHOD" = false ]; then
+              MISSING_INFO+=("authentication/login method")
+            fi
+            # Suggest providing /about output for completeness
+            if [ "$HAS_VERSION" = false ] || [ "$HAS_OS_INFO" = false ] || [ "$HAS_AUTH_METHOD" = false ]; then
+              MISSING_INFO+=("full output of the \`/about\` command (recommended)")
+            fi
+          fi
+
+          # Set output variables
+          if [ ${#MISSING_INFO[@]} -eq 0 ]; then
+            echo "info_complete=true" >> "$GITHUB_OUTPUT"
+            echo "All required information is present."
+          else
+            echo "info_complete=false" >> "$GITHUB_OUTPUT"
+            # Join array elements with comma
+            MISSING_LIST=$(IFS=','; echo "${MISSING_INFO[*]}")
+            echo "missing_info=$MISSING_LIST" >> "$GITHUB_OUTPUT"
+            echo "Missing information: $MISSING_LIST"
+          fi
+
+      - name: 'Comment on Issue if Information is Missing'
+        if: |-
+          ${{ steps.check_info.outputs.info_complete == 'false' }}
+        uses: 'actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea' # ratchet:actions/github-script@v7
+        env:
+          MISSING_INFO: '${{ steps.check_info.outputs.missing_info }}'
+        with:
+          github-token: '${{ secrets.GITHUB_TOKEN }}'
+          script: |
+            const missingInfo = process.env.MISSING_INFO.split(',');
+            const missingList = missingInfo.map(item => `- ${item}`).join('\n');
+
+            const comments = await github.rest.issues.listComments({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              issue_number: context.issue.number,
+            });
+
+            const botComment = comments.data.find(comment =>
+              comment.user.type === 'Bot' &&
+              comment.body.includes('Missing Required Information')
+            );
+
+            const commentBody = `### ⚠️ Missing Required Information
+
+            Thank you for reporting this issue! To help us investigate and resolve this problem more effectively, we need some additional information:
+
+            ${missingList}
+
+            ### How to provide this information:
+
+            Please run the following command and paste the complete output:
+
+            \`\`\`bash
+            qwen
+            # Then in the interactive CLI, run:
+            /about
+            \`\`\`
+
+            The output should look like:
+            \`\`\`
+            CLI Version             0.0.14
+            Git Commit              9a0cb64a
+            Model                   coder-model
+            Sandbox                 no sandbox
+            OS                      darwin
+            Auth Method             qwen-oauth
+            \`\`\`
+
+            Once you provide this information, we'll be able to assist you better. Thank you! 🙏`;
+
+            if (botComment) {
+              await github.rest.issues.updateComment({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                comment_id: botComment.id,
+                body: commentBody
+              });
+              console.log('Updated existing comment about missing information.');
+            } else {
+              await github.rest.issues.createComment({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                issue_number: context.issue.number,
+                body: commentBody
+              });
+              console.log('Created new comment about missing information.');
+            }
+
+      - name: 'Add status/need-information Label'
+        if: |-
+          ${{ steps.check_info.outputs.info_complete == 'false' }}
+        uses: 'actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea' # ratchet:actions/github-script@v7
+        with:
+          github-token: '${{ secrets.GITHUB_TOKEN }}'
+          script: |
+            await github.rest.issues.addLabels({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              issue_number: context.issue.number,
+              labels: ['status/need-information']
+            });
+            console.log('Added status/need-information label.');
+
+      - name: 'Remove status/need-information Label if Complete'
+        if: |-
+          ${{ steps.check_info.outputs.info_complete == 'true' }}
+        uses: 'actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea' # ratchet:actions/github-script@v7
+        continue-on-error: true
+        with:
+          github-token: '${{ secrets.GITHUB_TOKEN }}'
+          script: |
+            try {
+              await github.rest.issues.removeLabel({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                issue_number: context.issue.number,
+                name: 'status/need-information'
+              });
+              console.log('Removed status/need-information label as information is now complete.');
+            } catch (error) {
+              if (error.status === 404) {
+                console.log('Label not found on issue, nothing to remove.');
+              } else {
+                throw error;
+              }
+            }

.github/workflows/ci.yml

@@ -12,6 +12,13 @@ on:
       - 'main'
       - 'release/**'
   merge_group:
+  workflow_dispatch:
+    inputs:
+      branch_ref:
+        description: 'Branch to run on'
+        required: true
+        default: 'main'
+        type: 'string'
 
 concurrency:
   group: '${{ github.workflow }}-${{ github.head_ref || github.ref }}'
@@ -33,222 +40,48 @@ env:
   YAMLLINT_VERSION: '1.35.1'
 
 jobs:
-  #
-  # Lint: GitHub Actions
-  #
-  lint_github_actions:
-    name: 'Lint (GitHub Actions)'
+  lint:
+    name: 'Lint'
     runs-on: 'ubuntu-latest'
     steps:
       - name: 'Checkout'
         uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' # ratchet:actions/checkout@v5
         with:
-          fetch-depth: 1
-
-      - name: 'Install shellcheck' # Actionlint uses shellcheck
-        run: |-
-          mkdir -p "${RUNNER_TEMP}/shellcheck"
-          curl -sSLo "${RUNNER_TEMP}/.shellcheck.txz" "https://github.com/koalaman/shellcheck/releases/download/v${SHELLCHECK_VERSION}/shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz"
-          tar -xf "${RUNNER_TEMP}/.shellcheck.txz" -C "${RUNNER_TEMP}/shellcheck" --strip-components=1
-          echo "${RUNNER_TEMP}/shellcheck" >> "${GITHUB_PATH}"
-
-      - name: 'Install actionlint'
-        run: |-
-          mkdir -p "${RUNNER_TEMP}/actionlint"
-          curl -sSLo "${RUNNER_TEMP}/.actionlint.tgz" "https://github.com/rhysd/actionlint/releases/download/v${ACTIONLINT_VERSION}/actionlint_${ACTIONLINT_VERSION}_linux_amd64.tar.gz"
-          tar -xzf "${RUNNER_TEMP}/.actionlint.tgz" -C "${RUNNER_TEMP}/actionlint"
-          echo "${RUNNER_TEMP}/actionlint" >> "${GITHUB_PATH}"
-
-      # For actionlint, we specifically ignore shellcheck rules that are
-      # annoying or unhelpful. See the shellcheck action for a description.
-      - name: 'Run actionlint'
-        run: |-
-          actionlint \
-            -color \
-            -format '{{range $err := .}}::error file={{$err.Filepath}},line={{$err.Line}},col={{$err.Column}}::{{$err.Filepath}}@{{$err.Line}} {{$err.Message}}%0A```%0A{{replace $err.Snippet "\\n" "%0A"}}%0A```\n{{end}}' \
-            -ignore 'SC2002:' \
-            -ignore 'SC2016:' \
-            -ignore 'SC2129:' \
-            -ignore 'label ".+" is unknown'
-
-      - name: 'Run ratchet'
-        uses: 'sethvargo/ratchet@8b4ca256dbed184350608a3023620f267f0a5253' # ratchet:sethvargo/ratchet@v0.11.4
-        with:
-          files: |-
-            .github/workflows/*.yml
-            .github/actions/**/*.yml
-
-  #
-  # Lint: Javascript
-  #
-  lint_javascript:
-    name: 'Lint (Javascript)'
-    runs-on: 'ubuntu-latest'
-    steps:
-      - name: 'Checkout'
-        uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' # ratchet:actions/checkout@v5
-        with:
-          fetch-depth: 1
+          ref: '${{ github.event.inputs.branch_ref || github.ref }}'
+          fetch-depth: 0
 
       - name: 'Set up Node.js'
         uses: 'actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020' # ratchet:actions/setup-node@v4.4.0
         with:
           node-version-file: '.nvmrc'
           cache: 'npm'
-          cache-dependency-path: 'package-lock.json'
-          registry-url: 'https://registry.npmjs.org/'
-
-      - name: 'Configure npm for rate limiting'
-        run: |-
-          npm config set fetch-retry-mintimeout 20000
-          npm config set fetch-retry-maxtimeout 120000
-          npm config set fetch-retries 5
-          npm config set fetch-timeout 300000
 
       - name: 'Install dependencies'
-        run: |-
-          npm ci --prefer-offline --no-audit --progress=false
+        run: 'npm ci'
 
-      - name: 'Run formatter check'
-        run: |-
-          npm run format
-          git diff --exit-code
+      - name: 'Check lockfile'
+        run: 'npm run check:lockfile'
 
-      - name: 'Run linter'
-        run: |-
-          npm run lint:ci
+      - name: 'Install linters'
+        run: 'node scripts/lint.js --setup'
 
-      - name: 'Run linter on integration tests'
-        run: |-
-          npx eslint integration-tests --max-warnings 0
+      - name: 'Run ESLint'
+        run: 'node scripts/lint.js --eslint'
 
-      - name: 'Run formatter on integration tests'
-        run: |-
-          npx prettier --check integration-tests
-          git diff --exit-code
+      - name: 'Run actionlint'
+        run: 'node scripts/lint.js --actionlint'
 
-      - name: 'Build project'
-        run: |-
-          npm run build
-
-      - name: 'Run type check'
-        run: |-
-          npm run typecheck
-
-  #
-  # Lint: Shell
-  #
-  lint_shell:
-    name: 'Lint (Shell)'
-    runs-on: 'ubuntu-latest'
-    steps:
-      - name: 'Checkout'
-        uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' # ratchet:actions/checkout@v5
-        with:
-          fetch-depth: 1
-
-      - name: 'Install shellcheck'
-        run: |-
-          mkdir -p "${RUNNER_TEMP}/shellcheck"
-          curl -sSLo "${RUNNER_TEMP}/.shellcheck.txz" "https://github.com/koalaman/shellcheck/releases/download/v${SHELLCHECK_VERSION}/shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz"
-          tar -xf "${RUNNER_TEMP}/.shellcheck.txz" -C "${RUNNER_TEMP}/shellcheck" --strip-components=1
-          echo "${RUNNER_TEMP}/shellcheck" >> "${GITHUB_PATH}"
-
-      - name: 'Install shellcheck problem matcher'
-        run: |-
-          cat > "${RUNNER_TEMP}/shellcheck/problem-matcher-lint-shell.json" <<"EOF"
-          {
-            "problemMatcher": [
-              {
-                "owner": "lint_shell",
-                "pattern": [
-                  {
-                    "regexp": "^(.*):(\\\\d+):(\\\\d+):\\\\s+(?:fatal\\\\s+)?(warning|error):\\\\s+(.*)$",
-                    "file": 1,
-                    "line": 2,
-                    "column": 3,
-                    "severity": 4,
-                    "message": 5
-                  }
-                ]
-              }
-            ]
-          }
-          EOF
-          echo "::add-matcher::${RUNNER_TEMP}/shellcheck/problem-matcher-lint-shell.json"
-
-      # Note that only warning and error severity show up in the github files
-      # page. So we replace 'style' and 'note' with 'warning' to make it show
-      # up.
-      #
-      # We also try and find all bash scripts even if they don't have an
-      # explicit extension.
-      #
-      # We explicitly ignore the following rules:
-      #
-      # - SC2002: This rule suggests using "cmd < file" instead of "cat | cmd".
-      #   While < is more efficient, pipes are much more readable and expected.
-      #
-      # - SC2129: This rule suggests grouping multiple writes to a file in
-      #   braces like "{ cmd1; cmd2; } >> file". This is unexpected and less
-      #   readable.
-      #
-      # - SC2310: This is an optional warning that only appears with "set -e"
-      #   and when a command is used as a conditional.
       - name: 'Run shellcheck'
-        run: |-
-          git ls-files | grep -E '^([^.]+|.*\.(sh|zsh|bash))$' | grep -v '^integration-tests/terminal-bench/ci-tasks/' | xargs file --mime-type \
-            | grep "text/x-shellscript" | awk '{ print substr($1, 1, length($1)-1) }' \
-            | xargs shellcheck \
-              --check-sourced \
-              --enable=all \
-              --exclude=SC2002,SC2129,SC2310 \
-              --severity=style \
-              --format=gcc \
-              --color=never | sed -e 's/note:/warning:/g' -e 's/style:/warning:/g'
-
-  #
-  # Lint: YAML
-  #
-  lint_yaml:
-    name: 'Lint (YAML)'
-    runs-on: 'ubuntu-latest'
-    steps:
-      - name: 'Checkout'
-        uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' # ratchet:actions/checkout@v5
-        with:
-          fetch-depth: 1
-
-      - name: 'Setup Python'
-        uses: 'actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065' # ratchet:actions/setup-python@v5
-        with:
-          python-version: '3'
-
-      - name: 'Install yamllint'
-        run: |-
-          pip install --user "yamllint==${YAMLLINT_VERSION}"
+        run: 'node scripts/lint.js --shellcheck'
 
       - name: 'Run yamllint'
-        run: |-
-          git ls-files | grep -E '\.(yaml|yml)' | grep -v '^integration-tests/terminal-bench/ci-tasks/' | xargs yamllint --format github
+        run: 'node scripts/lint.js --yamllint'
 
-  #
-  # Lint: All
-  #
-  # This is a virtual job that other jobs depend on to wait for all linters to
-  # finish. It's also used to ensure linting happens on CI via required
-  # workflows.
-  lint:
-    name: 'Lint'
-    needs:
-      - 'lint_github_actions'
-      - 'lint_javascript'
-      - 'lint_shell'
-      - 'lint_yaml'
-    runs-on: 'ubuntu-latest'
-    steps:
-      - run: |-
-          echo 'All linters finished!'
+      - name: 'Run Prettier'
+        run: 'node scripts/lint.js --prettier'
+
+      - name: 'Run sensitive keyword linter'
+        run: 'node scripts/lint.js --sensitive-keywords'
 
   #
   # Test: Node

.github/workflows/gemini-self-assign-issue.yml

@@ -50,7 +50,8 @@ jobs:
 
             // Search for open issues already assigned to the commenter in this repo
             const { data: assignedIssues } = await github.rest.search.issuesAndPullRequests({
-              q: `is:issue repo:${owner}/${repo} assignee:${commenter} is:open`
+              q: `is:issue repo:${owner}/${repo} assignee:${commenter} is:open`,
+              advanced_search: true
             });
 
             if (assignedIssues.total_count >= MAX_ISSUES_ASSIGNED) {

.github/workflows/qwen-automated-issue-triage.yml

@@ -16,7 +16,7 @@ on:
         type: 'number'
 
 concurrency:
-  group: '${{ github.workflow }}-${{ github.event.issue.number }}'
+  group: '${{ github.workflow }}-${{ github.event.issue.number || github.event.inputs.issue_number }}'
   cancel-in-progress: true
 
 defaults:
@@ -29,6 +29,7 @@ permissions:
   issues: 'write'
   statuses: 'write'
   packages: 'read'
+  actions: 'write' # Required for cancelling a workflow run
 
 jobs:
   triage-issue:
@@ -62,29 +63,29 @@ jobs:
             ## Role
 
             You are an issue triage assistant. Analyze the current GitHub issue
-            and identify the most appropriate existing labels. Use the available
+            and identify the most appropriate existing labels by only using the provided data. Use the available
             tools to gather information; do not ask for information to be
-            provided. Do not remove labels titled help wanted or good first issue.
+            provided. Do not remove the following labels titled maintainer,  help wanted or good first issue.
 
             ## Steps
 
             1. Run: `gh label list --repo ${{ github.repository }} --limit 100` to get all available labels.
             2. Use shell command `echo` to check the issue title and body provided in the environment variables: "${ISSUE_TITLE}" and "${ISSUE_BODY}".
             3. Ignore any existing priorities or tags on the issue. Just report your findings.
-            4. Select the most relevant labels from the existing labels, focusing on kind/*, area/*, sub-area/* and priority/*. For area/* and kind/* limit yourself to only the single most applicable label in each case.
+            4. Select the most relevant labels from the existing labels, focusing on type/*, category/*, scope/*, status/* and priority/*. For category/* and type/* limit yourself to only the single most applicable label in each case.
             6. Apply the selected labels to this issue using: `gh issue edit ${{ github.event.issue.number }} --repo ${{ github.repository }} --add-label "label1,label2"`.
             7. For each issue please check if CLI version is present, this is usually in the output of the /about command  and will look like 0.1.5 for anything more than 6 versions older than the most recent should add the status/need-retesting label.
             8. If you see that the issue doesn't look like it has sufficient information recommend the status/need-information label.
-            9. Use Area definitions mentioned below to help you narrow down issues.
+            9. Use Category and Scope definitions mentioned below to help you narrow down issues.
 
             ## Guidelines
 
             - Only use labels that already exist in the repository
             - Do not add comments or modify the issue content
             - Triage only the current issue
-            - Identify only one area/ label
-            - Identify only one kind/ label
-            - Identify all applicable sub-area/* and priority/* labels based on the issue content. It's ok to have multiple of these
+            - Identify only one category/ label
+            - Identify only one type/ label
+            - Identify all applicable scope/*, status/* and priority/* labels based on the issue content. It's ok to have multiple of these
             - Once you categorize the issue if it needs information bump down the priority by 1 eg.. a p0 would become a p1 a p1 would become a p2. P2 and P3 can stay as is in this scenario
             - Reference all shell variables as "${VAR}" (with quotes and braces)
             - Output only valid JSON format
@@ -92,23 +93,29 @@ jobs:
 
             Categorization Guidelines:
             P0: Critical / Blocker
-            - A P0 bug is a catastrophic failure that demands immediate attention. It represents a complete showstopper for a significant portion of users or for the development process itself.
+            - A P0 bug is a catastrophic failure that demands immediate attention.
+            - To be a P0 it means almost all users are running into this issue and it is blocking users from being able to use the product.
+            - You would see this in the form of many comments from different developers on the bug.
+            - It represents a complete showstopper for a significant portion of users or for the development process itself.
             Impact:
             - Blocks development or testing for the entire team.
             - Major security vulnerability that could compromise user data or system integrity.
             - Causes data loss or corruption with no workaround.
             - Crashes the application or makes a core feature completely unusable for all or most users in a production environment. Will it cause severe quality degration? Is it preventing contributors from contributing to the repository or is it a release blocker?
             Qualifier: Is the main function of the software broken?
-            Example: The gemini auth login command fails with an unrecoverable error, preventing any user from authenticating and using the rest of the CLI.
+            Example: The qwen auth login command fails with an unrecoverable error, preventing any user from authenticating and using the rest of the CLI.
             P1: High
-            - A P1 bug is a serious issue that significantly degrades the user experience or impacts a core feature. While not a complete blocker, it's a major problem that needs a fast resolution. Feature requests are almost never P1.
+            - A P1 bug is a serious issue that significantly degrades the user experience or impacts a core feature.
+            - While not a complete blocker, it's a major problem that needs a fast resolution. Feature requests are almost never P1.
+            - Once again this would be affecting many users.
+            - You would see this in the form of comments from different developers on the bug.
             Impact:
             - A core feature is broken or behaving incorrectly for a large number of users or large number of use cases.
             - Review the bug details and comments to try figure out if this issue affects a large set of use cases or if it's a narrow set of use cases.
             - Severe performance degradation making the application frustratingly slow.
             - No straightforward workaround exists, or the workaround is difficult and non-obvious.
             Qualifier: Is a key feature unusable or giving very wrong results?
-            Example: The gemini -p "..." command consistently returns a malformed JSON response or an empty result, making the CLI's primary generation feature unreliable.
+            Example: Qwen Code enters a loop when making read-many-files tool call. I am unable to break out of the loop and qwen doesn't follow instructions subsequently.
             P2: Medium
             - A P2 bug is a moderately impactful issue. It's a noticeable problem but doesn't prevent the use of the software's main functionality.
             Impact:
@@ -127,45 +134,55 @@ jobs:
             Things you should know:
             - If users are talking about issues where the model gets downgraded from pro to flash then i want you to categorize that as a performance issue
             - This product is designed to use different models eg.. using pro, downgrading to flash etc. when users report that they dont expect the model to change those would be categorized as feature requests.
-            Definition of Areas
-            area/ux:
-            - Issues concerning user-facing elements like command usability, interactive features, help docs, and perceived performance.
-            - I am seeing my screen flicker when using Gemini CLI
-            - I am seeing the output malformed
-            - Theme changes aren't taking effect
-            - My keyboard inputs arent' being recognzied
-            area/platform:
-            - Issues related to installation, packaging, OS compatibility (Windows, macOS, Linux), and the underlying CLI framework.
-            area/background: Issues related to long-running background tasks, daemons, and autonomous or proactive agent features.
-            area/models:
-            - i am not getting a response that is reasonable or expected. this can include things like
-            - I am calling a tool and the tool is not performing as expected.
-            - i am expecting a tool to be called and it is not getting called ,
-            - Including experience when using
-            - built-in tools (e.g., web search, code interpreter, read file, writefile, etc..),
-            - Function calling issues should be under this area
-            - i am getting responses from the model that are malformed.
-            - Issues concerning Gemini quality of response and inference,
-            - Issues talking about unnecessary token consumption.
-            - Issues talking about Model getting stuck in a loop be watchful as this could be the root cause for issues that otherwise seem like model performance issues.
-            - Memory compression
-            - unexpected responses,
-            - poor quality of generated code
-            area/tools:
-            - These are primarily issues related to Model Context Protocol
-            - These are issues that mention MCP support
-            - feature requests asking for support for new tools.
-            area/core: Issues with fundamental components like command parsing, configuration management, session state, and the main API client logic. Introducing multi-modality
-            area/contribution: Issues related to improving the developer contribution experience, such as CI/CD pipelines, build scripts, and test automation infrastructure.
-            area/authentication: Issues related to user identity, login flows, API key handling, credential storage, and access token management, unable to sign in selecting wrong authentication path etc..
-            area/security-privacy: Issues concerning vulnerability patching, dependency security, data sanitization, privacy controls, and preventing unauthorized data access.
-            area/extensibility: Issues related to the plugin system, extension APIs, or making the CLI's functionality available in other applications, github actions, ide support etc..
-            area/performance: Issues focused on model performance
-            - Issues with running out of capacity,
-            - 429 errors etc..
-            - could also pertain to latency,
-            - other general software performance like, memory usage, CPU consumption, and algorithmic efficiency.
-            - Switching models from one to the other unexpectedly.
+            Definition of Categories and Scopes
+
+            category/cli: Command line interface and interaction
+            - Issues with interactive CLI features, command parsing, keyboard shortcuts
+            - Related scopes: scope/commands, scope/interactive, scope/non-interactive, scope/keybindings
+
+            category/core: Core engine and logic
+            - Issues with fundamental components, content generation, session management
+            - Related scopes: scope/content-generation, scope/token-management, scope/session-management, scope/model-switching
+
+            category/ui: User interface and display
+            - Issues with themes, UI components, rendering, markdown display
+            - Related scopes: scope/themes, scope/components, scope/rendering, scope/markdown
+
+            category/authentication: Authentication and authorization
+            - Issues with login flows, API keys, OAuth, credential storage
+            - Related scopes: scope/oauth, scope/api-keys, scope/token-storage
+
+            category/tools: Tool integration and execution
+            - Issues with MCP, shell execution, file operations, web search, memory, git integration
+            - Related scopes: scope/mcp, scope/shell, scope/file-operations, scope/web-search, scope/memory, scope/git
+
+            category/configuration: Configuration management
+            - Issues with settings, extensions, trusted folders, sandbox configuration
+            - Related scopes: scope/settings, scope/extensions, scope/trusted-folders, scope/sandbox
+
+            category/integration: External integrations
+            - Issues with IDE integration, VSCode extension, Zed integration, GitHub Actions
+            - Related scopes: scope/ide, scope/vscode, scope/zed, scope/github-actions
+
+            category/platform: Platform compatibility
+            - Issues with installation, OS compatibility, packaging
+            - Related scopes: scope/installation, scope/macos, scope/windows, scope/linux, scope/packaging
+
+            category/performance: Performance and optimization
+            - Issues with latency, memory usage, model performance, caching
+            - Related scopes: scope/latency, scope/memory-usage, scope/model-performance, scope/caching
+
+            category/security: Security and privacy
+            - Issues with data privacy, credential security, vulnerabilities
+            - Related scopes: scope/data-privacy, scope/credential-security, scope/vulnerability
+
+            category/telemetry: Telemetry and analytics
+            - Issues with metrics collection, logging, analytics
+            - Related scopes: scope/metrics, scope/logging, scope/analytics
+
+            category/development: Development experience
+            - Issues with build system, testing, CI/CD, documentation
+            - Related scopes: scope/build-system, scope/testing, scope/ci-cd, scope/documentation
 
       - name: 'Post Issue Analysis Failure Comment'
         if: |-

.github/workflows/qwen-scheduled-issue-triage.yml

@@ -43,7 +43,7 @@ jobs:
 
           echo '🏷️ Finding issues that need triage...'
           NEED_TRIAGE_ISSUES="$(gh issue list --repo "${GITHUB_REPOSITORY}" \
-            --search 'is:open is:issue label:"status/needs-triage"' --json number,title,body)"
+            --search "is:open is:issue label:\"status/need-triage\""  --limit 1000 --json number,title,body)"
 
           echo '🔄 Merging and deduplicating issues...'
           ISSUES="$(echo "${NO_LABEL_ISSUES}" "${NEED_TRIAGE_ISSUES}" | jq -c -s 'add | unique_by(.number)')"
@@ -84,16 +84,16 @@ jobs:
             2. Use shell command `echo` to check environment variable for issues to triage: $ISSUES_TO_TRIAGE (JSON array of issues)
             3. Review the issue title, body and any comments provided in the environment variables.
             4. Ignore any existing priorities or tags on the issue.
-            5. Select the most relevant labels from the existing labels, focusing on kind/*, area/*, sub-area/* and priority/*.
+            5. Select the most relevant labels from the existing labels, focusing on type/*, category/*, scope/*, status/* and priority/*.
             6. Get the list of labels already on the issue using `gh issue view ISSUE_NUMBER --repo ${{ github.repository }} --json labels -t '{{range .labels}}{{.name}}{{"\n"}}{{end}}'
-            7. For area/* and kind/* limit yourself to only the single most applicable label in each case.
+            7. For category/* and type/* limit yourself to only the single most applicable label in each case.
             8. Give me a single short paragraph about why you are selecting each label in the process. use the format Issue ID: , Title, Label applied:, Label removed, ovearll explanation
             9. Parse the JSON array from step 2 and for EACH INDIVIDUAL issue, apply appropriate labels using separate commands:
               - `gh issue edit ISSUE_NUMBER --repo ${{ github.repository }} --add-label "label1"`
               - `gh issue edit ISSUE_NUMBER --repo ${{ github.repository }} --add-label "label2"`
               - Continue for each label separately
               - IMPORTANT: Label each issue individually, one command per issue, one label at a time if needed.
-              - Make sure after you apply labels there is only one area/* and one kind/* label per issue.
+              - Make sure after you apply labels there is only one category/* and one type/* label per issue.
               - To do this look for labels found in step 6 that no longer apply remove them one at a time using
               - `gh issue edit ISSUE_NUMBER --repo ${{ github.repository }} --remove-label "label-name1"`
               - `gh issue edit ISSUE_NUMBER --repo ${{ github.repository }} --remove-label "label-name2"`
@@ -111,16 +111,19 @@ jobs:
             - Do not include any explanation or additional text, just the JSON
             - Only use labels that already exist in the repository.
               - Do not add comments or modify the issue content.
-              - Do not remove labels titled help wanted or good first issue.
+              - Do not remove the following labels maintainer, help wanted or good first issue.
               - Triage only the current issue.
-              - Identify only one area/ label
-              - Identify only one kind/ label (Do not apply kind/duplicate or kind/parent-issue)
-              - Identify all applicable sub-area/* and priority/* labels based on the issue content. It's ok to have multiple of these.
+              - Identify only one category/ label
+              - Identify only one type/ label (Do not apply type/duplicate or type/parent-issue)
+              - Identify all applicable scope/*, status/* and priority/* labels based on the issue content. It's ok to have multiple of these.
               - Once you categorize the issue if it needs information bump down the priority by 1 eg.. a p0 would become a p1 a p1 would become a p2. P2 and P3 can stay as is in this scenario.
             Categorization Guidelines:
             P0: Critical / Blocker
-              - A P0 bug is a catastrophic failure that demands immediate attention. It represents a complete showstopper for a significant portion of users or for the development process itself.
-              Impact:
+              - A P0 bug is a catastrophic failure that demands immediate attention.
+              - To be a P0 it means almost all users are running into this issue and it is blocking users from being able to use the product.
+              - You would see this in the form of many comments from different developers on the bug.
+              - It represents a complete showstopper for a significant portion of users or for the development process itself.
+            Impact:
               - Blocks development or testing for the entire team.
               - Major security vulnerability that could compromise user data or system integrity.
               - Causes data loss or corruption with no workaround.
@@ -129,15 +132,17 @@ jobs:
               Qualifier: Is the main function of the software broken?
               Example: The gemini auth login command fails with an unrecoverable error, preventing any user from authenticating and using the rest of the CLI.
             P1: High
-              - A P1 bug is a serious issue that significantly degrades the user experience or impacts a core feature. While not a complete blocker, it's a major problem that needs a fast resolution.
-              - Feature requests are almost never P1.
+              - A P1 bug is a serious issue that significantly degrades the user experience or impacts a core feature.
+              - While not a complete blocker, it's a major problem that needs a fast resolution. Feature requests are almost never P1.
+              - Once again this would be affecting many users.
+              - You would see this in the form of comments from different developers on the bug.
               Impact:
               - A core feature is broken or behaving incorrectly for a large number of users or large number of use cases.
               - Review the bug details and comments to try figure out if this issue affects a large set of use cases or if it's a narrow set of use cases.
               - Severe performance degradation making the application frustratingly slow.
               - No straightforward workaround exists, or the workaround is difficult and non-obvious.
               Qualifier: Is a key feature unusable or giving very wrong results?
-              Example: The gemini -p "..." command consistently returns a malformed JSON response or an empty result, making the CLI's primary generation feature unreliable.
+              Example: Gemini CLI enters a loop when making read-many-files tool call. I am unable to break out of the loop and gemini doesn't follow instructions subsequently.
             P2: Medium
               - A P2 bug is a moderately impactful issue. It's a noticeable problem but doesn't prevent the use of the software's main functionality.
               Impact:
@@ -157,48 +162,52 @@ jobs:
               - If users are talking about issues where the model gets downgraded from pro to flash then i want you to categorize that as a performance issue
               - This product is designed to use different models eg.. using pro, downgrading to flash etc.
               - When users report that they dont expect the model to change those would be categorized as feature requests.
-            Definition of Areas
-            area/ux:
-              - Issues concerning user-facing elements like command usability, interactive features, help docs, and perceived performance.
-              - I am seeing my screen flicker when using Gemini CLI
-              - I am seeing the output malformed
-              - Theme changes aren't taking effect
-              - My keyboard inputs arent' being recognzied
-            area/platform:
-              - Issues related to installation, packaging, OS compatibility (Windows, macOS, Linux), and the underlying CLI framework.
-            area/background: Issues related to long-running background tasks, daemons, and autonomous or proactive agent features.
-            area/models:
-              - i am not getting a response that is reasonable or expected. this can include things like
-              - I am calling a tool and the tool is not performing as expected.
-              - i am expecting a tool to be called and it is not getting called ,
-              - Including experience when using
-              - built-in tools (e.g., web search, code interpreter, read file, writefile, etc..),
-              - Function calling issues should be under this area
-              - i am getting responses from the model that are malformed.
-              - Issues concerning Gemini quality of response and inference,
-              - Issues talking about unnecessary token consumption.
-              - Issues talking about Model getting stuck in a loop be watchful as this could be the root cause for issues that otherwise seem like model performance issues.
-              - Memory compression
-              - unexpected responses,
-              - poor quality of generated code
-            area/tools:
-              - These are primarily issues related to Model Context Protocol
-              - These are issues that mention MCP support
-              - feature requests asking for support for new tools.
-            area/core:
-              - Issues with fundamental components like command parsing, configuration management, session state, and the main API client logic. Introducing multi-modality
-            area/contribution:
-              - Issues related to improving the developer contribution experience, such as CI/CD pipelines, build scripts, and test automation infrastructure.
-            area/authentication:
-              -  Issues related to user identity, login flows, API key handling, credential storage, and access token management, unable to sign in selecting wrong authentication path etc..
-            area/security-privacy:
-              - Issues concerning vulnerability patching, dependency security, data sanitization, privacy controls, and preventing unauthorized data access.
-            area/extensibility:
-              - Issues related to the plugin system, extension APIs, or making the CLI's functionality available in other applications, github actions, ide support etc..
-            area/performance:
-              - Issues focused on model performance
-              - Issues with running out of capacity,
-              - 429 errors etc..
-              - could also pertain to latency,
-              - other general software performance like, memory usage, CPU consumption, and algorithmic efficiency.
-              - Switching models from one to the other unexpectedly.
+            Definition of Categories and Scopes
+
+            category/cli: Command line interface and interaction
+            - Issues with interactive CLI features, command parsing, keyboard shortcuts
+            - Related scopes: scope/commands, scope/interactive, scope/non-interactive, scope/keybindings
+
+            category/core: Core engine and logic
+            - Issues with fundamental components, content generation, session management
+            - Related scopes: scope/content-generation, scope/token-management, scope/session-management, scope/model-switching
+
+            category/ui: User interface and display
+            - Issues with themes, UI components, rendering, markdown display
+            - Related scopes: scope/themes, scope/components, scope/rendering, scope/markdown
+
+            category/authentication: Authentication and authorization
+            - Issues with login flows, API keys, OAuth, credential storage
+            - Related scopes: scope/oauth, scope/api-keys, scope/token-storage
+
+            category/tools: Tool integration and execution
+            - Issues with MCP, shell execution, file operations, web search, memory, git integration
+            - Related scopes: scope/mcp, scope/shell, scope/file-operations, scope/web-search, scope/memory, scope/git
+
+            category/configuration: Configuration management
+            - Issues with settings, extensions, trusted folders, sandbox configuration
+            - Related scopes: scope/settings, scope/extensions, scope/trusted-folders, scope/sandbox
+
+            category/integration: External integrations
+            - Issues with IDE integration, VSCode extension, Zed integration, GitHub Actions
+            - Related scopes: scope/ide, scope/vscode, scope/zed, scope/github-actions
+
+            category/platform: Platform compatibility
+            - Issues with installation, OS compatibility, packaging
+            - Related scopes: scope/installation, scope/macos, scope/windows, scope/linux, scope/packaging
+
+            category/performance: Performance and optimization
+            - Issues with latency, memory usage, model performance, caching
+            - Related scopes: scope/latency, scope/memory-usage, scope/model-performance, scope/caching
+
+            category/security: Security and privacy
+            - Issues with data privacy, credential security, vulnerabilities
+            - Related scopes: scope/data-privacy, scope/credential-security, scope/vulnerability
+
+            category/telemetry: Telemetry and analytics
+            - Issues with metrics collection, logging, analytics
+            - Related scopes: scope/metrics, scope/logging, scope/analytics
+
+            category/development: Development experience
+            - Issues with build system, testing, CI/CD, documentation
+            - Related scopes: scope/build-system, scope/testing, scope/ci-cd, scope/documentation

.github/workflows/release.yml

@@ -101,15 +101,27 @@ jobs:
       - name: 'Get the version'
         id: 'version'
         run: |
-          VERSION_JSON=$(node scripts/get-release-version.js)
+          VERSION_ARGS=()
+          if [[ "${IS_NIGHTLY}" == "true" ]]; then
+            VERSION_ARGS+=(--type=nightly)
+          elif [[ "${IS_PREVIEW}" == "true" ]]; then
+            VERSION_ARGS+=(--type=preview)
+            if [[ -n "${MANUAL_VERSION}" ]]; then
+              VERSION_ARGS+=("--preview_version_override=${MANUAL_VERSION}")
+            fi
+          else
+            VERSION_ARGS+=(--type=stable)
+            if [[ -n "${MANUAL_VERSION}" ]]; then
+              VERSION_ARGS+=("--stable_version_override=${MANUAL_VERSION}")
+            fi
+          fi
+
+          VERSION_JSON=$(node scripts/get-release-version.js "${VERSION_ARGS[@]}")
           echo "RELEASE_TAG=$(echo "$VERSION_JSON" | jq -r .releaseTag)" >> "$GITHUB_OUTPUT"
           echo "RELEASE_VERSION=$(echo "$VERSION_JSON" | jq -r .releaseVersion)" >> "$GITHUB_OUTPUT"
           echo "NPM_TAG=$(echo "$VERSION_JSON" | jq -r .npmTag)" >> "$GITHUB_OUTPUT"
 
-          # Get the previous tag for release notes generation
-          CURRENT_TAG=$(echo "$VERSION_JSON" | jq -r .releaseTag)
-          PREVIOUS_TAG=$(node scripts/get-previous-tag.js "$CURRENT_TAG" || echo "")
-          echo "PREVIOUS_TAG=${PREVIOUS_TAG}" >> "$GITHUB_OUTPUT"
+          echo "PREVIOUS_RELEASE_TAG=$(echo "$VERSION_JSON" | jq -r .previousReleaseTag)" >> "$GITHUB_OUTPUT"
         env:
           GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
           IS_NIGHTLY: '${{ steps.vars.outputs.is_nightly }}'
@@ -155,7 +167,11 @@ jobs:
           RELEASE_TAG: '${{ steps.version.outputs.RELEASE_TAG }}'
         run: |-
           git add package.json package-lock.json packages/*/package.json
-          git commit -m "chore(release): ${RELEASE_TAG}"
+          if git diff --staged --quiet; then
+            echo "No version changes to commit"
+          else
+            git commit -m "chore(release): ${RELEASE_TAG}"
+          fi
           if [[ "${IS_DRY_RUN}" == "false" ]]; then
             echo "Pushing release branch to remote..."
             git push --set-upstream origin "${BRANCH_NAME}" --follow-tags
@@ -163,9 +179,9 @@ jobs:
             echo "Dry run enabled. Skipping push."
           fi
 
-      - name: 'Build and Prepare Packages'
+      - name: 'Build Bundle and Prepare Package'
         run: |-
-          npm run build:packages
+          npm run bundle
           npm run prepare:package
 
       - name: 'Configure npm for publishing'
@@ -175,20 +191,10 @@ jobs:
           registry-url: 'https://registry.npmjs.org'
           scope: '@qwen-code'
 
-      - name: 'Publish @qwen-code/qwen-code-core'
-        run: |-
-          npm publish --workspace=@qwen-code/qwen-code-core --access public --tag=${{ steps.version.outputs.NPM_TAG }} ${{ steps.vars.outputs.is_dry_run == 'true' && '--dry-run' || '' }}
-        env:
-          NODE_AUTH_TOKEN: '${{ secrets.NPM_TOKEN }}'
-
-      - name: 'Install latest core package'
-        if: |-
-          ${{ steps.vars.outputs.is_dry_run == 'false' }}
-        run: 'npm install @qwen-code/qwen-code-core@${{ steps.version.outputs.RELEASE_VERSION }} --workspace=@qwen-code/qwen-code --save-exact'
-
       - name: 'Publish @qwen-code/qwen-code'
+        working-directory: 'dist'
         run: |-
-          npm publish --workspace=@qwen-code/qwen-code --access public --tag=${{ steps.version.outputs.NPM_TAG }} ${{ steps.vars.outputs.is_dry_run == 'true' && '--dry-run' || '' }}
+          npm publish --access public --tag=${{ steps.version.outputs.NPM_TAG }} ${{ steps.vars.outputs.is_dry_run == 'true' && '--dry-run' || '' }}
         env:
           NODE_AUTH_TOKEN: '${{ secrets.NPM_TOKEN }}'
 
@@ -199,13 +205,13 @@ jobs:
           GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
           RELEASE_BRANCH: '${{ steps.release_branch.outputs.BRANCH_NAME }}'
           RELEASE_TAG: '${{ steps.version.outputs.RELEASE_TAG }}'
-          PREVIOUS_TAG: '${{ steps.version.outputs.PREVIOUS_TAG }}'
+          PREVIOUS_RELEASE_TAG: '${{ steps.version.outputs.PREVIOUS_RELEASE_TAG }}'
         run: |-
           gh release create "${RELEASE_TAG}" \
-            bundle/gemini.js \
+            dist/cli.js \
             --target "$RELEASE_BRANCH" \
             --title "Release ${RELEASE_TAG}" \
-            --notes-start-tag "$PREVIOUS_TAG" \
+            --notes-start-tag "$PREVIOUS_RELEASE_TAG" \
             --generate-notes
 
       - name: 'Create Issue on Failure'

.gitignore

@@ -3,14 +3,21 @@
 .env~
 
 # gemini-cli settings
-.gemini/
-!gemini/config.yaml
+# We want to keep the .gemini in the root of the repo and ignore any .gemini
+# in subdirectories. In our root .gemini we want to allow for version control
+# for subcommands.
+**/.gemini/
+!/.gemini/
+.gemini/*
+!.gemini/config.yaml
+!.gemini/commands/
 
 # Note: .gemini-clipboard/ is NOT in gitignore so Gemini can access pasted images
 
 # Dependency directory
 node_modules
 bower_components
+package-lock.json
 
 # Editors
 .idea
@@ -48,4 +55,5 @@ logs/
 # GHA credentials
 gha-creds-*.json
 
-QWEN.md
+# Log files
+patch_output.log

.husky/pre-commit

@@ -0,0 +1,9 @@
+npm run pre-commit || {
+  echo ''
+  echo '===================================================='
+  echo 'pre-commit checks failed. in case of emergency, run:'
+  echo ''
+  echo 'git commit --no-verify'
+  echo '===================================================='
+  exit 1
+}

.vscode/launch.json

@@ -108,6 +108,17 @@
       "request": "attach",
       "skipFiles": ["<node_internals>/**"],
       "type": "node"
+    },
+    {
+      "type": "node",
+      "request": "launch",
+      "name": "Debug Current TS File",
+      "runtimeExecutable": "npx",
+      "runtimeArgs": ["tsx", "${file}"],
+      "skipFiles": ["<node_internals>/**"],
+      "cwd": "${workspaceFolder}",
+      "console": "integratedTerminal",
+      "env": {}
     }
   ],
   "inputs": [

.vscode/settings.json

@@ -12,5 +12,6 @@
   },
   "[javascript]": {
     "editor.defaultFormatter": "esbenp.prettier-vscode"
-  }
+  },
+  "vitest.disableWorkspaceWarning": true
 }

.yamllint.yml

@@ -86,3 +86,5 @@ ignore:
   - 'thirdparty/'
   - 'third_party/'
   - 'vendor/'
+  - 'node_modules/'
+  - 'integration-tests/terminal-bench/'

CHANGELOG.md

@@ -1,5 +1,24 @@
 # Changelog
 
+## 0.0.14
+
+- Added plan mode support for task planning
+- Fixed unreliable editCorrector that injects extra escape characters
+- Fixed task tool dynamic updates
+- Added Qwen3-VL-Plus token limits (256K input, 32K output) and highres support
+- Enhanced dashScope cache control
+
+## 0.0.13
+
+- Added YOLO mode support for automatic vision model switching with CLI arguments and environment variables.
+- Fixed ripgrep lazy loading to resolve VS Code IDE companion startup issues.
+- Fixed authentication hang when selecting Qwen OAuth.
+- Added OpenAI and Qwen OAuth authentication support to Zed ACP integration.
+- Fixed output token limit for Qwen models.
+- Fixed Markdown list display issues on Windows.
+- Enhanced vision model instructions and documentation.
+- Improved authentication method compatibility across different IDE integrations.
+
 ## 0.0.12
 
 - Added vision model support for Qwen-OAuth authentication.

CONTRIBUTING.md

@@ -136,7 +136,7 @@ To start the Gemini CLI from the source code (after building), run the following
 npm start
 ```
 
-If you'd like to run the source build outside of the gemini-cli folder you can utilize `npm link path/to/gemini-cli/packages/cli` (see: [docs](https://docs.npmjs.com/cli/v9/commands/npm-link)) or `alias gemini="node path/to/gemini-cli/packages/cli"` to run with `gemini`
+If you'd like to run the source build outside of the gemini-cli folder, you can utilize `npm link path/to/gemini-cli/packages/cli` (see: [docs](https://docs.npmjs.com/cli/v9/commands/npm-link)) or `alias gemini="node path/to/gemini-cli/packages/cli"` to run with `gemini`
 
 ### Running Tests
 

LICENSE

@@ -200,4 +200,4 @@
    distributed under the License is distributed on an "AS IS" BASIS,
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
-   limitations under the License.
+   limitations under the License.

docs/_meta.ts

@@ -0,0 +1,10 @@
+export default {
+  index: 'Welcome to Qwen Code',
+  cli: 'CLI',
+  core: 'Core',
+  tools: 'Tools',
+  features: 'Features',
+  'ide-integration': 'IDE Integration',
+  development: 'Development',
+  support: 'Support',
+};

docs/cli/_meta.ts

@@ -0,0 +1,35 @@
+export default {
+  index: 'Introduction',
+  authentication: 'Authentication',
+  'openai-auth': 'OpenAI Authentication',
+  commands: 'Commands',
+  configuration: 'Configuration',
+  'configuration-v1': 'Configuration (v1)',
+  themes: 'Themes',
+  tutorials: 'Tutorials',
+  'keyboard-shortcuts': 'Keyboard Shortcuts',
+  'trusted-folders': 'Trusted Folders',
+  'qwen-ignore': 'Ignoring Files',
+  Uninstall: 'Uninstall',
+};
+
+/**
+ * 
+ *  { "label": "Introduction", "slug": "docs/cli" },
+      { "label": "Authentication", "slug": "docs/cli/authentication" },
+      { "label": "Commands", "slug": "docs/cli/commands" },
+      { "label": "Configuration", "slug": "docs/cli/configuration" },
+      { "label": "Checkpointing", "slug": "docs/checkpointing" },
+      { "label": "Extensions", "slug": "docs/extension" },
+      { "label": "Headless Mode", "slug": "docs/headless" },
+      { "label": "IDE Integration", "slug": "docs/ide-integration" },
+      {
+        "label": "IDE Companion Spec",
+        "slug": "docs/ide-companion-spec"
+      },
+      { "label": "Telemetry", "slug": "docs/telemetry" },
+      { "label": "Themes", "slug": "docs/cli/themes" },
+      { "label": "Token Caching", "slug": "docs/cli/token-caching" },
+      { "label": "Trusted Folders", "slug": "docs/trusted-folders" },
+      { "label": "Tutorials", "slug": "docs/cli/tutorials" }
+ */

docs/cli/authentication.md

@@ -131,13 +131,7 @@ OpenAI-compatible API method if configured:
 
 **Example for headless environments:**
 
-```bash
-export OPENAI_API_KEY="your-api-key"
-export OPENAI_BASE_URL="https://api-inference.modelscope.cn/v1"
-export OPENAI_MODEL="Qwen/Qwen3-Coder-480B-A35B-Instruct"
+If none of these environment variables are set in a non-interactive session, the CLI will exit with an error.
 
-# Run Qwen Code
-qwen
-```
-
-If no API key is set in a non-interactive session, the CLI will exit with an error prompting you to configure authentication.
+For comprehensive guidance on using Qwen COde programmatically and in
+automation workflows, see the [Headless Mode Guide](../headless.md).

docs/cli/commands.md

@@ -9,7 +9,7 @@ Slash commands provide meta-level control over the CLI itself.
 ### Built-in Commands
 
 - **`/bug`**
-  - **Description:** File an issue about Qwen Code. By default, the issue is filed within the GitHub repository for Qwen Code. The string you enter after `/bug` will become the headline for the bug being filed. The default `/bug` behavior can be modified using the `bugCommand` setting in your `.qwen/settings.json` files.
+  - **Description:** File an issue about Qwen Code. By default, the issue is filed within the GitHub repository for Qwen Code. The string you enter after `/bug` will become the headline for the bug being filed. The default `/bug` behavior can be modified using the `advanced.bugCommand` setting in your `.qwen/settings.json` files.
 
 - **`/chat`**
   - **Description:** Save and resume conversation history for branching conversation state interactively, or resuming a previous state from a later session.
@@ -30,6 +30,9 @@ Slash commands provide meta-level control over the CLI itself.
     - **`delete`**
       - **Description:** Deletes a saved conversation checkpoint.
       - **Usage:** `/chat delete <tag>`
+    - **`share`**
+      - **Description** Writes the current conversation to a provided Markdown or JSON file.
+      - **Usage** `/chat share file.md` or `/chat share file.json`. If no filename is provided, then the CLI will generate one.
 
 - **`/clear`**
   - **Description:** Clear the terminal screen, including the visible session history and scrollback within the CLI. The underlying session data (for history recall) might be preserved depending on the exact implementation, but the visual display is cleared.
@@ -63,17 +66,6 @@ Slash commands provide meta-level control over the CLI itself.
       - **Description:** Display all directories added by `/directory add` and `--include-directories`.
       - **Usage:** `/directory show`
 
-- **`/directory`** (or **`/dir`**)
-  - **Description:** Manage workspace directories for multi-directory support.
-  - **Sub-commands:**
-    - **`add`**:
-      - **Description:** Add a directory to the workspace. The path can be absolute or relative to the current working directory. Moreover, the reference from home directory is supported as well.
-      - **Usage:** `/directory add <path1>,<path2>`
-      - **Note:** Disabled in restrictive sandbox profiles. If you're using that, use `--include-directories` when starting the session instead.
-    - **`show`**:
-      - **Description:** Display all directories added by `/directory add` and `--include-directories`.
-      - **Usage:** `/directory show`
-
 - **`/editor`**
   - **Description:** Open a dialog for selecting supported editors.
 
@@ -105,6 +97,20 @@ Slash commands provide meta-level control over the CLI itself.
       - **Description:** Reload the hierarchical instructional memory from all context files (default: `QWEN.md`) found in the configured locations (global, project/ancestors, and sub-directories). This updates the model with the latest context content.
     - **Note:** For more details on how context files contribute to hierarchical memory, see the [CLI Configuration documentation](./configuration.md#context-files-hierarchical-instructional-context).
 
+- **`/model`**
+  - **Description:** Switch the model for the current session. Opens a dialog to select from available models based on your authentication type.
+  - **Usage:** `/model`
+  - **Features:**
+    - Shows a dialog with all available models for your current authentication type
+    - Displays model descriptions and capabilities (e.g., vision support)
+    - Changes the model for the current session only
+    - Supports both Qwen models (via OAuth) and OpenAI models (via API key)
+  - **Available Models:**
+    - **Qwen Coder:** The latest Qwen Coder model from Alibaba Cloud ModelStudio (version: qwen3-coder-plus-2025-09-23)
+    - **Qwen Vision:** The latest Qwen Vision model from Alibaba Cloud ModelStudio (version: qwen3-vl-plus-2025-09-23) - supports image analysis
+    - **OpenAI Models:** Available when using OpenAI authentication (configured via `OPENAI_MODEL` environment variable)
+  - **Note:** Model selection is session-specific and does not persist across different Qwen Code sessions. To set a default model, use the `model.name` setting in your configuration.
+
 - **`/restore`**
   - **Description:** Restores the project files to the state they were in just before a tool was executed. This is particularly useful for undoing file edits made by a tool. If run without a tool call ID, it will list available checkpoints to restore from.
   - **Usage:** `/restore [tool_call_id]`
@@ -124,6 +130,18 @@ Slash commands provide meta-level control over the CLI itself.
 - **`/auth`**
   - **Description:** Open a dialog that lets you change the authentication method.
 
+- **`/approval-mode`**
+  - **Description:** Change the approval mode for tool usage.
+  - **Usage:** `/approval-mode [mode] [--session|--project|--user]`
+  - **Available Modes:**
+    - **`plan`**: Analyze only; do not modify files or execute commands
+    - **`default`**: Require approval for file edits or shell commands
+    - **`auto-edit`**: Automatically approve file edits
+    - **`yolo`**: Automatically approve all tools
+  - **Examples:**
+    - `/approval-mode plan --project` (persist plan mode for this project)
+    - `/approval-mode yolo --user` (persist YOLO mode for this user across projects)
+
 - **`/about`**
   - **Description:** Show version info. Please share this information when filing issues.
 
@@ -150,9 +168,6 @@ Slash commands provide meta-level control over the CLI itself.
     - **`nodesc`** or **`nodescriptions`**:
       - **Description:** Hide tool descriptions, showing only the tool names.
 
-- **`/privacy`**
-  - **Description:** Display the Privacy Notice and allow users to select whether they consent to the collection of their data for service improvement purposes.
-
 - **`/quit-confirm`**
   - **Description:** Show a confirmation dialog before exiting Qwen Code, allowing you to choose how to handle your current session.
   - **Usage:** `/quit-confirm`
@@ -423,6 +438,16 @@ That's it! You can now run your command in the CLI. First, you might add a file
 
 Qwen Code will then execute the multi-line prompt defined in your TOML file.
 
+## Input Prompt Shortcuts
+
+These shortcuts apply directly to the input prompt for text manipulation.
+
+- **Undo:**
+  - **Keyboard shortcut:** Press **Ctrl+z** to undo the last action in the input prompt.
+
+- **Redo:**
+  - **Keyboard shortcut:** Press **Ctrl+Shift+Z** to redo the last undone action in the input prompt.
+
 ## At commands (`@`)
 
 At commands are used to include the content of files or directories as part of your prompt to the model. These commands include git-aware filtering.
@@ -438,7 +463,7 @@ At commands are used to include the content of files or directories as part of y
     - If a path to a directory is provided, the command attempts to read the content of files within that directory and any subdirectories.
     - Spaces in paths should be escaped with a backslash (e.g., `@My\ Documents/file.txt`).
     - The command uses the `read_many_files` tool internally. The content is fetched and then inserted into your query before being sent to the model.
-    - **Git-aware filtering:** By default, git-ignored files (like `node_modules/`, `dist/`, `.env`, `.git/`) are excluded. This behavior can be changed via the `fileFiltering` settings.
+    - **Git-aware filtering:** By default, git-ignored files (like `node_modules/`, `dist/`, `.env`, `.git/`) are excluded. This behavior can be changed via the `context.fileFiltering` settings.
     - **File types:** The command is intended for text-based files. While it might attempt to read any file, binary files or very large files might be skipped or truncated by the underlying `read_many_files` tool to ensure performance and relevance. The tool indicates if files were skipped.
   - **Output:** The CLI will show a tool call message indicating that `read_many_files` was used, along with a message detailing the status and the path(s) that were processed.
 

docs/cli/configuration-v1.md

@@ -0,0 +1,670 @@
+# Qwen Code Configuration
+
+Qwen Code offers several ways to configure its behavior, including environment variables, command-line arguments, and settings files. This document outlines the different configuration methods and available settings.
+
+## Configuration layers
+
+Configuration is applied in the following order of precedence (lower numbers are overridden by higher numbers):
+
+1.  **Default values:** Hardcoded defaults within the application.
+2.  **System defaults file:** System-wide default settings that can be overridden by other settings files.
+3.  **User settings file:** Global settings for the current user.
+4.  **Project settings file:** Project-specific settings.
+5.  **System settings file:** System-wide settings that override all other settings files.
+6.  **Environment variables:** System-wide or session-specific variables, potentially loaded from `.env` files.
+7.  **Command-line arguments:** Values passed when launching the CLI.
+
+## Settings files
+
+Qwen Code uses JSON settings files for persistent configuration. There are four locations for these files:
+
+- **System defaults file:**
+  - **Location:** `/etc/qwen-code/system-defaults.json` (Linux), `C:\ProgramData\qwen-code\system-defaults.json` (Windows) or `/Library/Application Support/QwenCode/system-defaults.json` (macOS). The path can be overridden using the `QWEN_CODE_SYSTEM_DEFAULTS_PATH` environment variable.
+  - **Scope:** Provides a base layer of system-wide default settings. These settings have the lowest precedence and are intended to be overridden by user, project, or system override settings.
+- **User settings file:**
+  - **Location:** `~/.qwen/settings.json` (where `~` is your home directory).
+  - **Scope:** Applies to all Qwen Code sessions for the current user.
+- **Project settings file:**
+  - **Location:** `.qwen/settings.json` within your project's root directory.
+  - **Scope:** Applies only when running Qwen Code from that specific project. Project settings override user settings.
+
+- **System settings file:**
+  - **Location:** `/etc/qwen-code/settings.json` (Linux), `C:\ProgramData\qwen-code\settings.json` (Windows) or `/Library/Application Support/QwenCode/settings.json` (macOS). The path can be overridden using the `QWEN_CODE_SYSTEM_SETTINGS_PATH` environment variable.
+  - **Scope:** Applies to all Qwen Code sessions on the system, for all users. System settings override user and project settings. May be useful for system administrators at enterprises to have controls over users' Qwen Code setups.
+
+**Note on environment variables in settings:** String values within your `settings.json` files can reference environment variables using either `$VAR_NAME` or `${VAR_NAME}` syntax. These variables will be automatically resolved when the settings are loaded. For example, if you have an environment variable `MY_API_TOKEN`, you could use it in `settings.json` like this: `"apiKey": "$MY_API_TOKEN"`.
+
+### The `.qwen` directory in your project
+
+In addition to a project settings file, a project's `.qwen` directory can contain other project-specific files related to Qwen Code's operation, such as:
+
+- [Custom sandbox profiles](#sandboxing) (e.g., `.qwen/sandbox-macos-custom.sb`, `.qwen/sandbox.Dockerfile`).
+
+### Available settings in `settings.json`:
+
+- **`contextFileName`** (string or array of strings):
+  - **Description:** Specifies the filename for context files (e.g., `QWEN.md`, `AGENTS.md`). Can be a single filename or a list of accepted filenames.
+  - **Default:** `QWEN.md`
+  - **Example:** `"contextFileName": "AGENTS.md"`
+
+- **`bugCommand`** (object):
+  - **Description:** Overrides the default URL for the `/bug` command.
+  - **Default:** `"urlTemplate": "https://github.com/QwenLM/qwen-code/issues/new?template=bug_report.yml&title={title}&info={info}"`
+  - **Properties:**
+    - **`urlTemplate`** (string): A URL that can contain `{title}` and `{info}` placeholders.
+  - **Example:**
+    ```json
+    "bugCommand": {
+      "urlTemplate": "https://bug.example.com/new?title={title}&info={info}"
+    }
+    ```
+
+- **`fileFiltering`** (object):
+  - **Description:** Controls git-aware file filtering behavior for @ commands and file discovery tools.
+  - **Default:** `"respectGitIgnore": true, "enableRecursiveFileSearch": true`
+  - **Properties:**
+    - **`respectGitIgnore`** (boolean): Whether to respect .gitignore patterns when discovering files. When set to `true`, git-ignored files (like `node_modules/`, `dist/`, `.env`) are automatically excluded from @ commands and file listing operations.
+    - **`enableRecursiveFileSearch`** (boolean): Whether to enable searching recursively for filenames under the current tree when completing @ prefixes in the prompt.
+    - **`disableFuzzySearch`** (boolean): When `true`, disables the fuzzy search capabilities when searching for files, which can improve performance on projects with a large number of files.
+  - **Example:**
+    ```json
+    "fileFiltering": {
+      "respectGitIgnore": true,
+      "enableRecursiveFileSearch": false,
+      "disableFuzzySearch": true
+    }
+    ```
+
+### Troubleshooting File Search Performance
+
+If you are experiencing performance issues with file searching (e.g., with `@` completions), especially in projects with a very large number of files, here are a few things you can try in order of recommendation:
+
+1.  **Use `.qwenignore`:** Create a `.qwenignore` file in your project root to exclude directories that contain a large number of files that you don't need to reference (e.g., build artifacts, logs, `node_modules`). Reducing the total number of files crawled is the most effective way to improve performance.
+
+2.  **Disable Fuzzy Search:** If ignoring files is not enough, you can disable fuzzy search by setting `disableFuzzySearch` to `true` in your `settings.json` file. This will use a simpler, non-fuzzy matching algorithm, which can be faster.
+
+3.  **Disable Recursive File Search:** As a last resort, you can disable recursive file search entirely by setting `enableRecursiveFileSearch` to `false`. This will be the fastest option as it avoids a recursive crawl of your project. However, it means you will need to type the full path to files when using `@` completions.
+
+- **`coreTools`** (array of strings):
+  - **Description:** Allows you to specify a list of core tool names that should be made available to the model. This can be used to restrict the set of built-in tools. See [Built-in Tools](../core/tools-api.md#built-in-tools) for a list of core tools. You can also specify command-specific restrictions for tools that support it, like the `ShellTool`. For example, `"coreTools": ["ShellTool(ls -l)"]` will only allow the `ls -l` command to be executed.
+  - **Default:** All tools available for use by the model.
+  - **Example:** `"coreTools": ["ReadFileTool", "GlobTool", "ShellTool(ls)"]`.
+
+- **`allowedTools`** (array of strings):
+  - **Default:** `undefined`
+  - **Description:** A list of tool names that will bypass the confirmation dialog. This is useful for tools that you trust and use frequently. The match semantics are the same as `coreTools`.
+  - **Example:** `"allowedTools": ["ShellTool(git status)"]`.
+
+- **`excludeTools`** (array of strings):
+  - **Description:** Allows you to specify a list of core tool names that should be excluded from the model. A tool listed in both `excludeTools` and `coreTools` is excluded. You can also specify command-specific restrictions for tools that support it, like the `ShellTool`. For example, `"excludeTools": ["ShellTool(rm -rf)"]` will block the `rm -rf` command.
+  - **Default**: No tools excluded.
+  - **Example:** `"excludeTools": ["run_shell_command", "findFiles"]`.
+  - **Security Note:** Command-specific restrictions in
+    `excludeTools` for `run_shell_command` are based on simple string matching and can be easily bypassed. This feature is **not a security mechanism** and should not be relied upon to safely execute untrusted code. It is recommended to use `coreTools` to explicitly select commands
+    that can be executed.
+
+- **`allowMCPServers`** (array of strings):
+  - **Description:** Allows you to specify a list of MCP server names that should be made available to the model. This can be used to restrict the set of MCP servers to connect to. Note that this will be ignored if `--allowed-mcp-server-names` is set.
+  - **Default:** All MCP servers are available for use by the model.
+  - **Example:** `"allowMCPServers": ["myPythonServer"]`.
+  - **Security Note:** This uses simple string matching on MCP server names, which can be modified. If you're a system administrator looking to prevent users from bypassing this, consider configuring the `mcpServers` at the system settings level such that the user will not be able to configure any MCP servers of their own. This should not be used as an airtight security mechanism.
+
+- **`excludeMCPServers`** (array of strings):
+  - **Description:** Allows you to specify a list of MCP server names that should be excluded from the model. A server listed in both `excludeMCPServers` and `allowMCPServers` is excluded. Note that this will be ignored if `--allowed-mcp-server-names` is set.
+  - **Default**: No MCP servers excluded.
+  - **Example:** `"excludeMCPServers": ["myNodeServer"]`.
+  - **Security Note:** This uses simple string matching on MCP server names, which can be modified. If you're a system administrator looking to prevent users from bypassing this, consider configuring the `mcpServers` at the system settings level such that the user will not be able to configure any MCP servers of their own. This should not be used as an airtight security mechanism.
+
+- **`autoAccept`** (boolean):
+  - **Description:** Controls whether the CLI automatically accepts and executes tool calls that are considered safe (e.g., read-only operations) without explicit user confirmation. If set to `true`, the CLI will bypass the confirmation prompt for tools deemed safe.
+  - **Default:** `false`
+  - **Example:** `"autoAccept": true`
+
+- **`theme`** (string):
+  - **Description:** Sets the visual [theme](./themes.md) for Qwen Code.
+  - **Default:** `"Default"`
+  - **Example:** `"theme": "GitHub"`
+
+- **`vimMode`** (boolean):
+  - **Description:** Enables or disables vim mode for input editing. When enabled, the input area supports vim-style navigation and editing commands with NORMAL and INSERT modes. The vim mode status is displayed in the footer and persists between sessions.
+  - **Default:** `false`
+  - **Example:** `"vimMode": true`
+
+- **`sandbox`** (boolean or string):
+  - **Description:** Controls whether and how to use sandboxing for tool execution. If set to `true`, Qwen Code uses a pre-built `qwen-code-sandbox` Docker image. For more information, see [Sandboxing](#sandboxing).
+  - **Default:** `false`
+  - **Example:** `"sandbox": "docker"`
+
+- **`toolDiscoveryCommand`** (string):
+  - **Description:** **Align with Gemini CLI.** Defines a custom shell command for discovering tools from your project. The shell command must return on `stdout` a JSON array of [function declarations](https://ai.google.dev/gemini-api/docs/function-calling#function-declarations). Tool wrappers are optional.
+  - **Default:** Empty
+  - **Example:** `"toolDiscoveryCommand": "bin/get_tools"`
+
+- **`toolCallCommand`** (string):
+  - **Description:** **Align with Gemini CLI.** Defines a custom shell command for calling a specific tool that was discovered using `toolDiscoveryCommand`. The shell command must meet the following criteria:
+    - It must take function `name` (exactly as in [function declaration](https://ai.google.dev/gemini-api/docs/function-calling#function-declarations)) as first command line argument.
+    - It must read function arguments as JSON on `stdin`, analogous to [`functionCall.args`](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/inference#functioncall).
+    - It must return function output as JSON on `stdout`, analogous to [`functionResponse.response.content`](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/inference#functionresponse).
+  - **Default:** Empty
+  - **Example:** `"toolCallCommand": "bin/call_tool"`
+
+- **`mcpServers`** (object):
+  - **Description:** Configures connections to one or more Model-Context Protocol (MCP) servers for discovering and using custom tools. Qwen Code attempts to connect to each configured MCP server to discover available tools. If multiple MCP servers expose a tool with the same name, the tool names will be prefixed with the server alias you defined in the configuration (e.g., `serverAlias__actualToolName`) to avoid conflicts. Note that the system might strip certain schema properties from MCP tool definitions for compatibility. At least one of `command`, `url`, or `httpUrl` must be provided. If multiple are specified, the order of precedence is `httpUrl`, then `url`, then `command`.
+  - **Default:** Empty
+  - **Properties:**
+    - **`<SERVER_NAME>`** (object): The server parameters for the named server.
+      - `command` (string, optional): The command to execute to start the MCP server via standard I/O.
+      - `args` (array of strings, optional): Arguments to pass to the command.
+      - `env` (object, optional): Environment variables to set for the server process.
+      - `cwd` (string, optional): The working directory in which to start the server.
+      - `url` (string, optional): The URL of an MCP server that uses Server-Sent Events (SSE) for communication.
+      - `httpUrl` (string, optional): The URL of an MCP server that uses streamable HTTP for communication.
+      - `headers` (object, optional): A map of HTTP headers to send with requests to `url` or `httpUrl`.
+      - `timeout` (number, optional): Timeout in milliseconds for requests to this MCP server.
+      - `trust` (boolean, optional): Trust this server and bypass all tool call confirmations.
+      - `description` (string, optional): A brief description of the server, which may be used for display purposes.
+      - `includeTools` (array of strings, optional): List of tool names to include from this MCP server. When specified, only the tools listed here will be available from this server (whitelist behavior). If not specified, all tools from the server are enabled by default.
+      - `excludeTools` (array of strings, optional): List of tool names to exclude from this MCP server. Tools listed here will not be available to the model, even if they are exposed by the server. **Note:** `excludeTools` takes precedence over `includeTools` - if a tool is in both lists, it will be excluded.
+  - **Example:**
+    ```json
+    "mcpServers": {
+      "myPythonServer": {
+        "command": "python",
+        "args": ["mcp_server.py", "--port", "8080"],
+        "cwd": "./mcp_tools/python",
+        "timeout": 5000,
+        "includeTools": ["safe_tool", "file_reader"],
+      },
+      "myNodeServer": {
+        "command": "node",
+        "args": ["mcp_server.js"],
+        "cwd": "./mcp_tools/node",
+        "excludeTools": ["dangerous_tool", "file_deleter"]
+      },
+      "myDockerServer": {
+        "command": "docker",
+        "args": ["run", "-i", "--rm", "-e", "API_KEY", "ghcr.io/foo/bar"],
+        "env": {
+          "API_KEY": "$MY_API_TOKEN"
+        }
+      },
+      "mySseServer": {
+        "url": "http://localhost:8081/events",
+        "headers": {
+          "Authorization": "Bearer $MY_SSE_TOKEN"
+        },
+        "description": "An example SSE-based MCP server."
+      },
+      "myStreamableHttpServer": {
+        "httpUrl": "http://localhost:8082/stream",
+        "headers": {
+          "X-API-Key": "$MY_HTTP_API_KEY"
+        },
+        "description": "An example Streamable HTTP-based MCP server."
+      }
+    }
+    ```
+
+- **`checkpointing`** (object):
+  - **Description:** Configures the checkpointing feature, which allows you to save and restore conversation and file states. See the [Checkpointing documentation](../checkpointing.md) for more details.
+  - **Default:** `{"enabled": false}`
+  - **Properties:**
+    - **`enabled`** (boolean): When `true`, the `/restore` command is available.
+
+- **`preferredEditor`** (string):
+  - **Description:** Specifies the preferred editor to use for viewing diffs.
+  - **Default:** `vscode`
+  - **Example:** `"preferredEditor": "vscode"`
+
+- **`telemetry`** (object)
+  - **Description:** Configures logging and metrics collection for Qwen Code. For more information, see [Telemetry](../telemetry.md).
+  - **Default:** `{"enabled": false, "target": "local", "otlpEndpoint": "http://localhost:4317", "logPrompts": true}`
+  - **Properties:**
+    - **`enabled`** (boolean): Whether or not telemetry is enabled.
+    - **`target`** (string): The destination for collected telemetry. Supported values are `local` and `gcp`.
+    - **`otlpEndpoint`** (string): The endpoint for the OTLP Exporter.
+    - **`logPrompts`** (boolean): Whether or not to include the content of user prompts in the logs.
+  - **Example:**
+    ```json
+    "telemetry": {
+      "enabled": true,
+      "target": "local",
+      "otlpEndpoint": "http://localhost:16686",
+      "logPrompts": false
+    }
+    ```
+- **`usageStatisticsEnabled`** (boolean):
+  - **Description:** Enables or disables the collection of usage statistics. See [Usage Statistics](#usage-statistics) for more information.
+  - **Default:** `true`
+  - **Example:**
+    ```json
+    "usageStatisticsEnabled": false
+    ```
+
+- **`hideTips`** (boolean):
+  - **Description:** Enables or disables helpful tips in the CLI interface.
+  - **Default:** `false`
+  - **Example:**
+
+    ```json
+    "hideTips": true
+    ```
+
+- **`hideBanner`** (boolean):
+  - **Description:** Enables or disables the startup banner (ASCII art logo) in the CLI interface.
+  - **Default:** `false`
+  - **Example:**
+
+    ```json
+    "hideBanner": true
+    ```
+
+- **`maxSessionTurns`** (number):
+  - **Description:** Sets the maximum number of turns for a session. If the session exceeds this limit, the CLI will stop processing and start a new chat.
+  - **Default:** `-1` (unlimited)
+  - **Example:**
+    ```json
+    "maxSessionTurns": 10
+    ```
+
+- **`summarizeToolOutput`** (object):
+  - **Description:** Enables or disables the summarization of tool output. You can specify the token budget for the summarization using the `tokenBudget` setting.
+  - Note: Currently only the `run_shell_command` tool is supported.
+  - **Default:** `{}` (Disabled by default)
+  - **Example:**
+    ```json
+    "summarizeToolOutput": {
+      "run_shell_command": {
+        "tokenBudget": 2000
+      }
+    }
+    ```
+
+- **`excludedProjectEnvVars`** (array of strings):
+  - **Description:** Specifies environment variables that should be excluded from being loaded from project `.env` files. This prevents project-specific environment variables (like `DEBUG=true`) from interfering with the CLI behavior. Variables from `.qwen/.env` files are never excluded.
+  - **Default:** `["DEBUG", "DEBUG_MODE"]`
+  - **Example:**
+    ```json
+    "excludedProjectEnvVars": ["DEBUG", "DEBUG_MODE", "NODE_ENV"]
+    ```
+
+- **`includeDirectories`** (array of strings):
+  - **Description:** Specifies an array of additional absolute or relative paths to include in the workspace context. Missing directories will be skipped with a warning by default. Paths can use `~` to refer to the user's home directory. This setting can be combined with the `--include-directories` command-line flag.
+  - **Default:** `[]`
+  - **Example:**
+    ```json
+    "includeDirectories": [
+      "/path/to/another/project",
+      "../shared-library",
+      "~/common-utils"
+    ]
+    ```
+
+- **`loadMemoryFromIncludeDirectories`** (boolean):
+  - **Description:** Controls the behavior of the `/memory refresh` command. If set to `true`, `QWEN.md` files should be loaded from all directories that are added. If set to `false`, `QWEN.md` should only be loaded from the current directory.
+  - **Default:** `false`
+  - **Example:**
+    ```json
+    "loadMemoryFromIncludeDirectories": true
+    ```
+
+- **`tavilyApiKey`** (string):
+  - **Description:** API key for Tavily web search service. Required to enable the `web_search` tool functionality. If not configured, the web search tool will be disabled and skipped.
+  - **Default:** `undefined` (web search disabled)
+  - **Example:** `"tavilyApiKey": "tvly-your-api-key-here"`
+- **`chatCompression`** (object):
+  - **Description:** Controls the settings for chat history compression, both automatic and
+    when manually invoked through the /compress command.
+  - **Properties:**
+    - **`contextPercentageThreshold`** (number): A value between 0 and 1 that specifies the token threshold for compression as a percentage of the model's total token limit. For example, a value of `0.6` will trigger compression when the chat history exceeds 60% of the token limit.
+  - **Example:**
+    ```json
+    "chatCompression": {
+      "contextPercentageThreshold": 0.6
+    }
+    ```
+
+- **`showLineNumbers`** (boolean):
+  - **Description:** Controls whether line numbers are displayed in code blocks in the CLI output.
+  - **Default:** `true`
+  - **Example:**
+    ```json
+    "showLineNumbers": false
+    ```
+
+- **`accessibility`** (object):
+  - **Description:** Configures accessibility features for the CLI.
+  - **Properties:**
+    - **`screenReader`** (boolean): Enables screen reader mode, which adjusts the TUI for better compatibility with screen readers. This can also be enabled with the `--screen-reader` command-line flag, which will take precedence over the setting.
+    - **`disableLoadingPhrases`** (boolean): Disables the display of loading phrases during operations.
+  - **Default:** `{"screenReader": false, "disableLoadingPhrases": false}`
+  - **Example:**
+    ```json
+    "accessibility": {
+      "screenReader": true,
+      "disableLoadingPhrases": true
+    }
+    ```
+
+- **`skipNextSpeakerCheck`** (boolean):
+  - **Description:** Skips the next speaker check after text responses. When enabled, the system bypasses analyzing whether the AI should continue speaking.
+  - **Default:** `false`
+  - **Example:**
+    ```json
+    "skipNextSpeakerCheck": true
+    ```
+
+- **`skipLoopDetection`** (boolean):
+  - **Description:** Disables all loop detection checks (streaming and LLM-based). Loop detection prevents infinite loops in AI responses but can generate false positives that interrupt legitimate workflows. Enable this option if you experience frequent false positive loop detection interruptions.
+  - **Default:** `false`
+  - **Example:**
+    ```json
+    "skipLoopDetection": true
+    ```
+
+- **`approvalMode`** (string):
+  - **Description:** Sets the default approval mode for tool usage. Accepted values are:
+    - `plan`: Analyze only, do not modify files or execute commands.
+    - `default`: Require approval before file edits or shell commands run.
+    - `auto-edit`: Automatically approve file edits.
+    - `yolo`: Automatically approve all tool calls.
+  - **Default:** `"default"`
+  - **Example:**
+    ```json
+    "approvalMode": "plan"
+    ```
+
+### Example `settings.json`:
+
+```json
+{
+  "theme": "GitHub",
+  "sandbox": "docker",
+  "toolDiscoveryCommand": "bin/get_tools",
+  "toolCallCommand": "bin/call_tool",
+  "tavilyApiKey": "$TAVILY_API_KEY",
+  "mcpServers": {
+    "mainServer": {
+      "command": "bin/mcp_server.py"
+    },
+    "anotherServer": {
+      "command": "node",
+      "args": ["mcp_server.js", "--verbose"]
+    }
+  },
+  "telemetry": {
+    "enabled": true,
+    "target": "local",
+    "otlpEndpoint": "http://localhost:4317",
+    "logPrompts": true
+  },
+  "usageStatisticsEnabled": true,
+  "hideTips": false,
+  "hideBanner": false,
+  "skipNextSpeakerCheck": false,
+  "skipLoopDetection": false,
+  "maxSessionTurns": 10,
+  "summarizeToolOutput": {
+    "run_shell_command": {
+      "tokenBudget": 100
+    }
+  },
+  "excludedProjectEnvVars": ["DEBUG", "DEBUG_MODE", "NODE_ENV"],
+  "includeDirectories": ["path/to/dir1", "~/path/to/dir2", "../path/to/dir3"],
+  "loadMemoryFromIncludeDirectories": true
+}
+```
+
+## Shell History
+
+The CLI keeps a history of shell commands you run. To avoid conflicts between different projects, this history is stored in a project-specific directory within your user's home folder.
+
+- **Location:** `~/.qwen/tmp/<project_hash>/shell_history`
+  - `<project_hash>` is a unique identifier generated from your project's root path.
+  - The history is stored in a file named `shell_history`.
+
+## Environment Variables & `.env` Files
+
+Environment variables are a common way to configure applications, especially for sensitive information like API keys or for settings that might change between environments. For authentication setup, see the [Authentication documentation](./authentication.md) which covers all available authentication methods.
+
+The CLI automatically loads environment variables from an `.env` file. The loading order is:
+
+1.  `.env` file in the current working directory.
+2.  If not found, it searches upwards in parent directories until it finds an `.env` file or reaches the project root (identified by a `.git` folder) or the home directory.
+3.  If still not found, it looks for `~/.env` (in the user's home directory).
+
+**Environment Variable Exclusion:** Some environment variables (like `DEBUG` and `DEBUG_MODE`) are automatically excluded from project `.env` files by default to prevent interference with the CLI behavior. Variables from `.qwen/.env` files are never excluded. You can customize this behavior using the `excludedProjectEnvVars` setting in your `settings.json` file.
+
+- **`OPENAI_API_KEY`**:
+  - One of several available [authentication methods](./authentication.md).
+  - Set this in your shell profile (e.g., `~/.bashrc`, `~/.zshrc`) or an `.env` file.
+- **`OPENAI_BASE_URL`**:
+  - One of several available [authentication methods](./authentication.md).
+  - Set this in your shell profile (e.g., `~/.bashrc`, `~/.zshrc`) or an `.env` file.
+- **`OPENAI_MODEL`**:
+  - Specifies the default OPENAI model to use.
+  - Overrides the hardcoded default
+  - Example: `export OPENAI_MODEL="qwen3-coder-plus"`
+- **`GEMINI_SANDBOX`**:
+  - Alternative to the `sandbox` setting in `settings.json`.
+  - Accepts `true`, `false`, `docker`, `podman`, or a custom command string.
+- **`SEATBELT_PROFILE`** (macOS specific):
+  - Switches the Seatbelt (`sandbox-exec`) profile on macOS.
+  - `permissive-open`: (Default) Restricts writes to the project folder (and a few other folders, see `packages/cli/src/utils/sandbox-macos-permissive-open.sb`) but allows other operations.
+  - `strict`: Uses a strict profile that declines operations by default.
+  - `<profile_name>`: Uses a custom profile. To define a custom profile, create a file named `sandbox-macos-<profile_name>.sb` in your project's `.qwen/` directory (e.g., `my-project/.qwen/sandbox-macos-custom.sb`).
+- **`DEBUG` or `DEBUG_MODE`** (often used by underlying libraries or the CLI itself):
+  - Set to `true` or `1` to enable verbose debug logging, which can be helpful for troubleshooting.
+  - **Note:** These variables are automatically excluded from project `.env` files by default to prevent interference with the CLI behavior. Use `.qwen/.env` files if you need to set these for Qwen Code specifically.
+- **`NO_COLOR`**:
+  - Set to any value to disable all color output in the CLI.
+- **`CLI_TITLE`**:
+  - Set to a string to customize the title of the CLI.
+- **`CODE_ASSIST_ENDPOINT`**:
+  - Specifies the endpoint for the code assist server.
+  - This is useful for development and testing.
+- **`TAVILY_API_KEY`**:
+  - Your API key for the Tavily web search service.
+  - Required to enable the `web_search` tool functionality.
+  - If not configured, the web search tool will be disabled and skipped.
+  - Example: `export TAVILY_API_KEY="tvly-your-api-key-here"`
+
+## Command-Line Arguments
+
+Arguments passed directly when running the CLI can override other configurations for that specific session.
+
+- **`--model <model_name>`** (**`-m <model_name>`**):
+  - Specifies the Qwen model to use for this session.
+  - Example: `npm start -- --model qwen3-coder-plus`
+- **`--prompt <your_prompt>`** (**`-p <your_prompt>`**):
+  - Used to pass a prompt directly to the command. This invokes Qwen Code in a non-interactive mode.
+- **`--prompt-interactive <your_prompt>`** (**`-i <your_prompt>`**):
+  - Starts an interactive session with the provided prompt as the initial input.
+  - The prompt is processed within the interactive session, not before it.
+  - Cannot be used when piping input from stdin.
+  - Example: `qwen -i "explain this code"`
+- **`--sandbox`** (**`-s`**):
+  - Enables sandbox mode for this session.
+- **`--sandbox-image`**:
+  - Sets the sandbox image URI.
+- **`--debug`** (**`-d`**):
+  - Enables debug mode for this session, providing more verbose output.
+- **`--all-files`** (**`-a`**):
+  - If set, recursively includes all files within the current directory as context for the prompt.
+- **`--help`** (or **`-h`**):
+  - Displays help information about command-line arguments.
+- **`--show-memory-usage`**:
+  - Displays the current memory usage.
+- **`--yolo`**:
+  - Enables YOLO mode, which automatically approves all tool calls.
+- **`--approval-mode <mode>`**:
+  - Sets the approval mode for tool calls. Supported modes:
+    - `plan`: Analyze only—do not modify files or execute commands.
+    - `default`: Require approval for file edits or shell commands (default behavior).
+    - `auto-edit`: Automatically approve edit tools (edit, write_file) while prompting for others.
+    - `yolo`: Automatically approve all tool calls (equivalent to `--yolo`).
+  - Cannot be used together with `--yolo`. Use `--approval-mode=yolo` instead of `--yolo` for the new unified approach.
+  - Example: `qwen --approval-mode auto-edit`
+- **`--allowed-tools <tool1,tool2,...>`**:
+  - A comma-separated list of tool names that will bypass the confirmation dialog.
+  - Example: `qwen --allowed-tools "ShellTool(git status)"`
+- **`--telemetry`**:
+  - Enables [telemetry](../telemetry.md).
+- **`--telemetry-target`**:
+  - Sets the telemetry target. See [telemetry](../telemetry.md) for more information.
+- **`--telemetry-otlp-endpoint`**:
+  - Sets the OTLP endpoint for telemetry. See [telemetry](../telemetry.md) for more information.
+- **`--telemetry-otlp-protocol`**:
+  - Sets the OTLP protocol for telemetry (`grpc` or `http`). Defaults to `grpc`. See [telemetry](../telemetry.md) for more information.
+- **`--telemetry-log-prompts`**:
+  - Enables logging of prompts for telemetry. See [telemetry](../telemetry.md) for more information.
+- **`--checkpointing`**:
+  - Enables [checkpointing](../checkpointing.md).
+- **`--extensions <extension_name ...>`** (**`-e <extension_name ...>`**):
+  - Specifies a list of extensions to use for the session. If not provided, all available extensions are used.
+  - Use the special term `qwen -e none` to disable all extensions.
+  - Example: `qwen -e my-extension -e my-other-extension`
+- **`--list-extensions`** (**`-l`**):
+  - Lists all available extensions and exits.
+- **`--proxy`**:
+  - Sets the proxy for the CLI.
+  - Example: `--proxy http://localhost:7890`.
+- **`--include-directories <dir1,dir2,...>`**:
+  - Includes additional directories in the workspace for multi-directory support.
+  - Can be specified multiple times or as comma-separated values.
+  - 5 directories can be added at maximum.
+  - Example: `--include-directories /path/to/project1,/path/to/project2` or `--include-directories /path/to/project1 --include-directories /path/to/project2`
+- **`--screen-reader`**:
+  - Enables screen reader mode for accessibility.
+- **`--version`**:
+  - Displays the version of the CLI.
+- **`--openai-logging`**:
+  - Enables logging of OpenAI API calls for debugging and analysis. This flag overrides the `enableOpenAILogging` setting in `settings.json`.
+- **`--tavily-api-key <api_key>`**:
+  - Sets the Tavily API key for web search functionality for this session.
+  - Example: `qwen --tavily-api-key tvly-your-api-key-here`
+
+## Context Files (Hierarchical Instructional Context)
+
+While not strictly configuration for the CLI's _behavior_, context files (defaulting to `QWEN.md` but configurable via the `contextFileName` setting) are crucial for configuring the _instructional context_ (also referred to as "memory"). This powerful feature allows you to give project-specific instructions, coding style guides, or any relevant background information to the AI, making its responses more tailored and accurate to your needs. The CLI includes UI elements, such as an indicator in the footer showing the number of loaded context files, to keep you informed about the active context.
+
+- **Purpose:** These Markdown files contain instructions, guidelines, or context that you want the Qwen model to be aware of during your interactions. The system is designed to manage this instructional context hierarchically.
+
+### Example Context File Content (e.g., `QWEN.md`)
+
+Here's a conceptual example of what a context file at the root of a TypeScript project might contain:
+
+```markdown
+# Project: My Awesome TypeScript Library
+
+## General Instructions:
+
+- When generating new TypeScript code, please follow the existing coding style.
+- Ensure all new functions and classes have JSDoc comments.
+- Prefer functional programming paradigms where appropriate.
+- All code should be compatible with TypeScript 5.0 and Node.js 20+.
+
+## Coding Style:
+
+- Use 2 spaces for indentation.
+- Interface names should be prefixed with `I` (e.g., `IUserService`).
+- Private class members should be prefixed with an underscore (`_`).
+- Always use strict equality (`===` and `!==`).
+
+## Specific Component: `src/api/client.ts`
+
+- This file handles all outbound API requests.
+- When adding new API call functions, ensure they include robust error handling and logging.
+- Use the existing `fetchWithRetry` utility for all GET requests.
+
+## Regarding Dependencies:
+
+- Avoid introducing new external dependencies unless absolutely necessary.
+- If a new dependency is required, please state the reason.
+```
+
+This example demonstrates how you can provide general project context, specific coding conventions, and even notes about particular files or components. The more relevant and precise your context files are, the better the AI can assist you. Project-specific context files are highly encouraged to establish conventions and context.
+
+- **Hierarchical Loading and Precedence:** The CLI implements a sophisticated hierarchical memory system by loading context files (e.g., `QWEN.md`) from several locations. Content from files lower in this list (more specific) typically overrides or supplements content from files higher up (more general). The exact concatenation order and final context can be inspected using the `/memory show` command. The typical loading order is:
+  1.  **Global Context File:**
+      - Location: `~/.qwen/<contextFileName>` (e.g., `~/.qwen/QWEN.md` in your user home directory).
+      - Scope: Provides default instructions for all your projects.
+  2.  **Project Root & Ancestors Context Files:**
+      - Location: The CLI searches for the configured context file in the current working directory and then in each parent directory up to either the project root (identified by a `.git` folder) or your home directory.
+      - Scope: Provides context relevant to the entire project or a significant portion of it.
+  3.  **Sub-directory Context Files (Contextual/Local):**
+      - Location: The CLI also scans for the configured context file in subdirectories _below_ the current working directory (respecting common ignore patterns like `node_modules`, `.git`, etc.). The breadth of this search is limited to 200 directories by default, but can be configured with a `memoryDiscoveryMaxDirs` field in your `settings.json` file.
+      - Scope: Allows for highly specific instructions relevant to a particular component, module, or subsection of your project.
+- **Concatenation & UI Indication:** The contents of all found context files are concatenated (with separators indicating their origin and path) and provided as part of the system prompt. The CLI footer displays the count of loaded context files, giving you a quick visual cue about the active instructional context.
+- **Importing Content:** You can modularize your context files by importing other Markdown files using the `@path/to/file.md` syntax. For more details, see the [Memory Import Processor documentation](../core/memport.md).
+- **Commands for Memory Management:**
+  - Use `/memory refresh` to force a re-scan and reload of all context files from all configured locations. This updates the AI's instructional context.
+  - Use `/memory show` to display the combined instructional context currently loaded, allowing you to verify the hierarchy and content being used by the AI.
+  - See the [Commands documentation](./commands.md#memory) for full details on the `/memory` command and its sub-commands (`show` and `refresh`).
+
+By understanding and utilizing these configuration layers and the hierarchical nature of context files, you can effectively manage the AI's memory and tailor Qwen Code's responses to your specific needs and projects.
+
+## Sandboxing
+
+Qwen Code can execute potentially unsafe operations (like shell commands and file modifications) within a sandboxed environment to protect your system.
+
+Sandboxing is disabled by default, but you can enable it in a few ways:
+
+- Using `--sandbox` or `-s` flag.
+- Setting `GEMINI_SANDBOX` environment variable.
+- Sandbox is enabled when using `--yolo` or `--approval-mode=yolo` by default.
+
+By default, it uses a pre-built `qwen-code-sandbox` Docker image.
+
+For project-specific sandboxing needs, you can create a custom Dockerfile at `.qwen/sandbox.Dockerfile` in your project's root directory. This Dockerfile can be based on the base sandbox image:
+
+```dockerfile
+FROM qwen-code-sandbox
+
+# Add your custom dependencies or configurations here
+# For example:
+# RUN apt-get update && apt-get install -y some-package
+# COPY ./my-config /app/my-config
+```
+
+When `.qwen/sandbox.Dockerfile` exists, you can use `BUILD_SANDBOX` environment variable when running Qwen Code to automatically build the custom sandbox image:
+
+```bash
+BUILD_SANDBOX=1 qwen -s
+```
+
+## Usage Statistics
+
+To help us improve Qwen Code, we collect anonymized usage statistics. This data helps us understand how the CLI is used, identify common issues, and prioritize new features.
+
+**What we collect:**
+
+- **Tool Calls:** We log the names of the tools that are called, whether they succeed or fail, and how long they take to execute. We do not collect the arguments passed to the tools or any data returned by them.
+- **API Requests:** We log the model used for each request, the duration of the request, and whether it was successful. We do not collect the content of the prompts or responses.
+- **Session Information:** We collect information about the configuration of the CLI, such as the enabled tools and the approval mode.
+
+**What we DON'T collect:**
+
+- **Personally Identifiable Information (PII):** We do not collect any personal information, such as your name, email address, or API keys.
+- **Prompt and Response Content:** We do not log the content of your prompts or the responses from the model.
+- **File Content:** We do not log the content of any files that are read or written by the CLI.
+
+**How to opt out:**
+
+You can opt out of usage statistics collection at any time by setting the `usageStatisticsEnabled` property to `false` in your `settings.json` file:
+
+```json
+{
+  "usageStatisticsEnabled": false
+}
+```
+
+Note: When usage statistics are enabled, events are sent to an Alibaba Cloud RUM collection endpoint.
+
+- **`enableWelcomeBack`** (boolean):
+  - **Description:** Show welcome back dialog when returning to a project with conversation history.
+  - **Default:** `true`
+  - **Category:** UI
+  - **Requires Restart:** No
+  - **Example:** `"enableWelcomeBack": false`
+  - **Details:** When enabled, Qwen Code will automatically detect if you're returning to a project with a previously generated project summary (`.qwen/PROJECT_SUMMARY.md`) and show a dialog allowing you to continue your previous conversation or start fresh. This feature integrates with the `/chat summary` command and quit confirmation dialog. See the [Welcome Back documentation](./welcome-back.md) for more details.

docs/cli/configuration.md

@@ -1,5 +1,11 @@
 # Qwen Code Configuration
 
+**Note on New Configuration Format**
+
+The format of the `settings.json` file has been updated to a new, more organized structure. The old format will be migrated automatically.
+
+For details on the previous format, please see the [v1 Configuration documentation](./configuration-v1.md).
+
 Qwen Code offers several ways to configure its behavior, including environment variables, command-line arguments, and settings files. This document outlines the different configuration methods and available settings.
 
 ## Configuration layers
@@ -40,337 +46,317 @@ In addition to a project settings file, a project's `.qwen` directory can contai
 
 - [Custom sandbox profiles](#sandboxing) (e.g., `.qwen/sandbox-macos-custom.sb`, `.qwen/sandbox.Dockerfile`).
 
-### Available settings in `settings.json`:
+### Available settings in `settings.json`
 
-- **`contextFileName`** (string or array of strings):
-  - **Description:** Specifies the filename for context files (e.g., `QWEN.md`, `AGENTS.md`). Can be a single filename or a list of accepted filenames.
-  - **Default:** `QWEN.md`
-  - **Example:** `"contextFileName": "AGENTS.md"`
+Settings are organized into categories. All settings should be placed within their corresponding top-level category object in your `settings.json` file.
 
-- **`bugCommand`** (object):
-  - **Description:** Overrides the default URL for the `/bug` command.
-  - **Default:** `"urlTemplate": "https://github.com/QwenLM/qwen-code/issues/new?template=bug_report.yml&title={title}&info={info}"`
-  - **Properties:**
-    - **`urlTemplate`** (string): A URL that can contain `{title}` and `{info}` placeholders.
-  - **Example:**
-    ```json
-    "bugCommand": {
-      "urlTemplate": "https://bug.example.com/new?title={title}&info={info}"
-    }
-    ```
+#### `general`
 
-- **`fileFiltering`** (object):
-  - **Description:** Controls git-aware file filtering behavior for @ commands and file discovery tools.
-  - **Default:** `"respectGitIgnore": true, "enableRecursiveFileSearch": true`
-  - **Properties:**
-    - **`respectGitIgnore`** (boolean): Whether to respect .gitignore patterns when discovering files. When set to `true`, git-ignored files (like `node_modules/`, `dist/`, `.env`) are automatically excluded from @ commands and file listing operations.
-    - **`enableRecursiveFileSearch`** (boolean): Whether to enable searching recursively for filenames under the current tree when completing @ prefixes in the prompt.
-    - **`disableFuzzySearch`** (boolean): When `true`, disables the fuzzy search capabilities when searching for files, which can improve performance on projects with a large number of files.
-  - **Example:**
-    ```json
-    "fileFiltering": {
-      "respectGitIgnore": true,
-      "enableRecursiveFileSearch": false,
-      "disableFuzzySearch": true
-    }
-    ```
-
-### Troubleshooting File Search Performance
-
-If you are experiencing performance issues with file searching (e.g., with `@` completions), especially in projects with a very large number of files, here are a few things you can try in order of recommendation:
-
-1.  **Use `.qwenignore`:** Create a `.qwenignore` file in your project root to exclude directories that contain a large number of files that you don't need to reference (e.g., build artifacts, logs, `node_modules`). Reducing the total number of files crawled is the most effective way to improve performance.
-
-2.  **Disable Fuzzy Search:** If ignoring files is not enough, you can disable fuzzy search by setting `disableFuzzySearch` to `true` in your `settings.json` file. This will use a simpler, non-fuzzy matching algorithm, which can be faster.
-
-3.  **Disable Recursive File Search:** As a last resort, you can disable recursive file search entirely by setting `enableRecursiveFileSearch` to `false`. This will be the fastest option as it avoids a recursive crawl of your project. However, it means you will need to type the full path to files when using `@` completions.
-
-- **`coreTools`** (array of strings):
-  - **Description:** Allows you to specify a list of core tool names that should be made available to the model. This can be used to restrict the set of built-in tools. See [Built-in Tools](../core/tools-api.md#built-in-tools) for a list of core tools. You can also specify command-specific restrictions for tools that support it, like the `ShellTool`. For example, `"coreTools": ["ShellTool(ls -l)"]` will only allow the `ls -l` command to be executed.
-  - **Default:** All tools available for use by the model.
-  - **Example:** `"coreTools": ["ReadFileTool", "GlobTool", "ShellTool(ls)"]`.
-
-- **`allowedTools`** (array of strings):
+- **`general.preferredEditor`** (string):
+  - **Description:** The preferred editor to open files in.
   - **Default:** `undefined`
-  - **Description:** A list of tool names that will bypass the confirmation dialog. This is useful for tools that you trust and use frequently. The match semantics are the same as `coreTools`.
-  - **Example:** `"allowedTools": ["ShellTool(git status)"]`.
 
-- **`excludeTools`** (array of strings):
-  - **Description:** Allows you to specify a list of core tool names that should be excluded from the model. A tool listed in both `excludeTools` and `coreTools` is excluded. You can also specify command-specific restrictions for tools that support it, like the `ShellTool`. For example, `"excludeTools": ["ShellTool(rm -rf)"]` will block the `rm -rf` command.
-  - **Default**: No tools excluded.
-  - **Example:** `"excludeTools": ["run_shell_command", "findFiles"]`.
-  - **Security Note:** Command-specific restrictions in
-    `excludeTools` for `run_shell_command` are based on simple string matching and can be easily bypassed. This feature is **not a security mechanism** and should not be relied upon to safely execute untrusted code. It is recommended to use `coreTools` to explicitly select commands
-    that can be executed.
-
-- **`allowMCPServers`** (array of strings):
-  - **Description:** Allows you to specify a list of MCP server names that should be made available to the model. This can be used to restrict the set of MCP servers to connect to. Note that this will be ignored if `--allowed-mcp-server-names` is set.
-  - **Default:** All MCP servers are available for use by the model.
-  - **Example:** `"allowMCPServers": ["myPythonServer"]`.
-  - **Security Note:** This uses simple string matching on MCP server names, which can be modified. If you're a system administrator looking to prevent users from bypassing this, consider configuring the `mcpServers` at the system settings level such that the user will not be able to configure any MCP servers of their own. This should not be used as an airtight security mechanism.
-
-- **`excludeMCPServers`** (array of strings):
-  - **Description:** Allows you to specify a list of MCP server names that should be excluded from the model. A server listed in both `excludeMCPServers` and `allowMCPServers` is excluded. Note that this will be ignored if `--allowed-mcp-server-names` is set.
-  - **Default**: No MCP servers excluded.
-  - **Example:** `"excludeMCPServers": ["myNodeServer"]`.
-  - **Security Note:** This uses simple string matching on MCP server names, which can be modified. If you're a system administrator looking to prevent users from bypassing this, consider configuring the `mcpServers` at the system settings level such that the user will not be able to configure any MCP servers of their own. This should not be used as an airtight security mechanism.
-
-- **`autoAccept`** (boolean):
-  - **Description:** Controls whether the CLI automatically accepts and executes tool calls that are considered safe (e.g., read-only operations) without explicit user confirmation. If set to `true`, the CLI will bypass the confirmation prompt for tools deemed safe.
+- **`general.vimMode`** (boolean):
+  - **Description:** Enable Vim keybindings.
   - **Default:** `false`
-  - **Example:** `"autoAccept": true`
 
-- **`theme`** (string):
-  - **Description:** Sets the visual [theme](./themes.md) for Qwen Code.
-  - **Default:** `"Default"`
-  - **Example:** `"theme": "GitHub"`
-
-- **`vimMode`** (boolean):
-  - **Description:** Enables or disables vim mode for input editing. When enabled, the input area supports vim-style navigation and editing commands with NORMAL and INSERT modes. The vim mode status is displayed in the footer and persists between sessions.
+- **`general.disableAutoUpdate`** (boolean):
+  - **Description:** Disable automatic updates.
   - **Default:** `false`
-  - **Example:** `"vimMode": true`
 
-- **`sandbox`** (boolean or string):
-  - **Description:** Controls whether and how to use sandboxing for tool execution. If set to `true`, Qwen Code uses a pre-built `qwen-code-sandbox` Docker image. For more information, see [Sandboxing](#sandboxing).
+- **`general.disableUpdateNag`** (boolean):
+  - **Description:** Disable update notification prompts.
   - **Default:** `false`
-  - **Example:** `"sandbox": "docker"`
 
-- **`toolDiscoveryCommand`** (string):
-  - **Description:** **Align with Gemini CLI.** Defines a custom shell command for discovering tools from your project. The shell command must return on `stdout` a JSON array of [function declarations](https://ai.google.dev/gemini-api/docs/function-calling#function-declarations). Tool wrappers are optional.
-  - **Default:** Empty
-  - **Example:** `"toolDiscoveryCommand": "bin/get_tools"`
+- **`general.checkpointing.enabled`** (boolean):
+  - **Description:** Enable session checkpointing for recovery.
+  - **Default:** `false`
 
-- **`toolCallCommand`** (string):
-  - **Description:** **Align with Gemini CLI.** Defines a custom shell command for calling a specific tool that was discovered using `toolDiscoveryCommand`. The shell command must meet the following criteria:
+#### `output`
+
+- **`output.format`** (string):
+  - **Description:** The format of the CLI output.
+  - **Default:** `"text"`
+  - **Values:** `"text"`, `"json"`
+
+#### `ui`
+
+- **`ui.theme`** (string):
+  - **Description:** The color theme for the UI. See [Themes](./themes.md) for available options.
+  - **Default:** `undefined`
+
+- **`ui.customThemes`** (object):
+  - **Description:** Custom theme definitions.
+  - **Default:** `{}`
+
+- **`ui.hideWindowTitle`** (boolean):
+  - **Description:** Hide the window title bar.
+  - **Default:** `false`
+
+- **`ui.hideTips`** (boolean):
+  - **Description:** Hide helpful tips in the UI.
+  - **Default:** `false`
+
+- **`ui.hideBanner`** (boolean):
+  - **Description:** Hide the application banner.
+  - **Default:** `false`
+
+- **`ui.hideFooter`** (boolean):
+  - **Description:** Hide the footer from the UI.
+  - **Default:** `false`
+
+- **`ui.showMemoryUsage`** (boolean):
+  - **Description:** Display memory usage information in the UI.
+  - **Default:** `false`
+
+- **`ui.showLineNumbers`** (boolean):
+  - **Description:** Show line numbers in the chat.
+  - **Default:** `false`
+
+- **`ui.showCitations`** (boolean):
+  - **Description:** Show citations for generated text in the chat.
+  - **Default:** `true`
+
+- **`enableWelcomeBack`** (boolean):
+  - **Description:** Show welcome back dialog when returning to a project with conversation history.
+  - **Default:** `true`
+
+- **`ui.accessibility.disableLoadingPhrases`** (boolean):
+  - **Description:** Disable loading phrases for accessibility.
+  - **Default:** `false`
+
+- **`ui.customWittyPhrases`** (array of strings):
+  - **Description:** A list of custom phrases to display during loading states. When provided, the CLI will cycle through these phrases instead of the default ones.
+  - **Default:** `[]`
+
+#### `ide`
+
+- **`ide.enabled`** (boolean):
+  - **Description:** Enable IDE integration mode.
+  - **Default:** `false`
+
+- **`ide.hasSeenNudge`** (boolean):
+  - **Description:** Whether the user has seen the IDE integration nudge.
+  - **Default:** `false`
+
+#### `privacy`
+
+- **`privacy.usageStatisticsEnabled`** (boolean):
+  - **Description:** Enable collection of usage statistics.
+  - **Default:** `true`
+
+#### `model`
+
+- **`model.name`** (string):
+  - **Description:** The Qwen model to use for conversations.
+  - **Default:** `undefined`
+
+- **`model.maxSessionTurns`** (number):
+  - **Description:** Maximum number of user/model/tool turns to keep in a session. -1 means unlimited.
+  - **Default:** `-1`
+
+- **`model.summarizeToolOutput`** (object):
+  - **Description:** Enables or disables the summarization of tool output. You can specify the token budget for the summarization using the `tokenBudget` setting. Note: Currently only the `run_shell_command` tool is supported. For example `{"run_shell_command": {"tokenBudget": 2000}}`
+  - **Default:** `undefined`
+
+- **`model.chatCompression.contextPercentageThreshold`** (number):
+  - **Description:** Sets the threshold for chat history compression as a percentage of the model's total token limit. This is a value between 0 and 1 that applies to both automatic compression and the manual `/compress` command. For example, a value of `0.6` will trigger compression when the chat history exceeds 60% of the token limit.
+  - **Default:** `0.7`
+
+- **`model.skipNextSpeakerCheck`** (boolean):
+  - **Description:** Skip the next speaker check.
+  - **Default:** `false`
+
+- **`model.skipLoopDetection`**(boolean):
+  - **Description:** Disables loop detection checks. Loop detection prevents infinite loops in AI responses but can generate false positives that interrupt legitimate workflows. Enable this option if you experience frequent false positive loop detection interruptions.
+  - **Default:** `false`
+
+#### `context`
+
+- **`context.fileName`** (string or array of strings):
+  - **Description:** The name of the context file(s).
+  - **Default:** `undefined`
+
+- **`context.importFormat`** (string):
+  - **Description:** The format to use when importing memory.
+  - **Default:** `undefined`
+
+- **`context.discoveryMaxDirs`** (number):
+  - **Description:** Maximum number of directories to search for memory.
+  - **Default:** `200`
+
+- **`context.includeDirectories`** (array):
+  - **Description:** Additional directories to include in the workspace context. Missing directories will be skipped with a warning.
+  - **Default:** `[]`
+
+- **`context.loadFromIncludeDirectories`** (boolean):
+  - **Description:** Controls the behavior of the `/memory refresh` command. If set to `true`, `QWEN.md` files should be loaded from all directories that are added. If set to `false`, `QWEN.md` should only be loaded from the current directory.
+  - **Default:** `false`
+
+- **`context.fileFiltering.respectGitIgnore`** (boolean):
+  - **Description:** Respect .gitignore files when searching.
+  - **Default:** `true`
+
+- **`context.fileFiltering.respectQwenIgnore`** (boolean):
+  - **Description:** Respect .qwenignore files when searching.
+  - **Default:** `true`
+
+- **`context.fileFiltering.enableRecursiveFileSearch`** (boolean):
+  - **Description:** Whether to enable searching recursively for filenames under the current tree when completing `@` prefixes in the prompt.
+  - **Default:** `true`
+
+#### `tools`
+
+- **`tools.sandbox`** (boolean or string):
+  - **Description:** Sandbox execution environment (can be a boolean or a path string).
+  - **Default:** `undefined`
+
+- **`tools.shell.enableInteractiveShell`** (boolean):
+
+  Use `node-pty` for an interactive shell experience. Fallback to `child_process` still applies. Defaults to `false`.
+
+- **`tools.core`** (array of strings):
+  - **Description:** This can be used to restrict the set of built-in tools [with an allowlist](./enterprise.md#restricting-tool-access). See [Built-in Tools](../core/tools-api.md#built-in-tools) for a list of core tools. The match semantics are the same as `tools.allowed`.
+  - **Default:** `undefined`
+
+- **`tools.exclude`** (array of strings):
+  - **Description:** Tool names to exclude from discovery.
+  - **Default:** `undefined`
+
+- **`tools.allowed`** (array of strings):
+  - **Description:** A list of tool names that will bypass the confirmation dialog. This is useful for tools that you trust and use frequently. For example, `["run_shell_command(git)", "run_shell_command(npm test)"]` will skip the confirmation dialog to run any `git` and `npm test` commands. See [Shell Tool command restrictions](../tools/shell.md#command-restrictions) for details on prefix matching, command chaining, etc.
+  - **Default:** `undefined`
+
+- **`tools.approvalMode`** (string):
+  - **Description:** Sets the default approval mode for tool usage. Accepted values are:
+    - `plan`: Analyze only, do not modify files or execute commands.
+    - `default`: Require approval before file edits or shell commands run.
+    - `auto-edit`: Automatically approve file edits.
+    - `yolo`: Automatically approve all tool calls.
+  - **Default:** `default`
+
+- **`tools.discoveryCommand`** (string):
+  - **Description:** Command to run for tool discovery.
+  - **Default:** `undefined`
+
+- **`tools.callCommand`** (string):
+  - **Description:** Defines a custom shell command for calling a specific tool that was discovered using `tools.discoveryCommand`. The shell command must meet the following criteria:
     - It must take function `name` (exactly as in [function declaration](https://ai.google.dev/gemini-api/docs/function-calling#function-declarations)) as first command line argument.
     - It must read function arguments as JSON on `stdin`, analogous to [`functionCall.args`](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/inference#functioncall).
     - It must return function output as JSON on `stdout`, analogous to [`functionResponse.response.content`](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/inference#functionresponse).
-  - **Default:** Empty
-  - **Example:** `"toolCallCommand": "bin/call_tool"`
+  - **Default:** `undefined`
 
-- **`mcpServers`** (object):
-  - **Description:** Configures connections to one or more Model-Context Protocol (MCP) servers for discovering and using custom tools. Qwen Code attempts to connect to each configured MCP server to discover available tools. If multiple MCP servers expose a tool with the same name, the tool names will be prefixed with the server alias you defined in the configuration (e.g., `serverAlias__actualToolName`) to avoid conflicts. Note that the system might strip certain schema properties from MCP tool definitions for compatibility. At least one of `command`, `url`, or `httpUrl` must be provided. If multiple are specified, the order of precedence is `httpUrl`, then `url`, then `command`.
-  - **Default:** Empty
-  - **Properties:**
-    - **`<SERVER_NAME>`** (object): The server parameters for the named server.
-      - `command` (string, optional): The command to execute to start the MCP server via standard I/O.
-      - `args` (array of strings, optional): Arguments to pass to the command.
-      - `env` (object, optional): Environment variables to set for the server process.
-      - `cwd` (string, optional): The working directory in which to start the server.
-      - `url` (string, optional): The URL of an MCP server that uses Server-Sent Events (SSE) for communication.
-      - `httpUrl` (string, optional): The URL of an MCP server that uses streamable HTTP for communication.
-      - `headers` (object, optional): A map of HTTP headers to send with requests to `url` or `httpUrl`.
-      - `timeout` (number, optional): Timeout in milliseconds for requests to this MCP server.
-      - `trust` (boolean, optional): Trust this server and bypass all tool call confirmations.
-      - `description` (string, optional): A brief description of the server, which may be used for display purposes.
-      - `includeTools` (array of strings, optional): List of tool names to include from this MCP server. When specified, only the tools listed here will be available from this server (whitelist behavior). If not specified, all tools from the server are enabled by default.
-      - `excludeTools` (array of strings, optional): List of tool names to exclude from this MCP server. Tools listed here will not be available to the model, even if they are exposed by the server. **Note:** `excludeTools` takes precedence over `includeTools` - if a tool is in both lists, it will be excluded.
-  - **Example:**
-    ```json
-    "mcpServers": {
-      "myPythonServer": {
-        "command": "python",
-        "args": ["mcp_server.py", "--port", "8080"],
-        "cwd": "./mcp_tools/python",
-        "timeout": 5000,
-        "includeTools": ["safe_tool", "file_reader"],
-      },
-      "myNodeServer": {
-        "command": "node",
-        "args": ["mcp_server.js"],
-        "cwd": "./mcp_tools/node",
-        "excludeTools": ["dangerous_tool", "file_deleter"]
-      },
-      "myDockerServer": {
-        "command": "docker",
-        "args": ["run", "-i", "--rm", "-e", "API_KEY", "ghcr.io/foo/bar"],
-        "env": {
-          "API_KEY": "$MY_API_TOKEN"
-        }
-      },
-      "mySseServer": {
-        "url": "http://localhost:8081/events",
-        "headers": {
-          "Authorization": "Bearer $MY_SSE_TOKEN"
-        },
-        "description": "An example SSE-based MCP server."
-      },
-      "myStreamableHttpServer": {
-        "httpUrl": "http://localhost:8082/stream",
-        "headers": {
-          "X-API-Key": "$MY_HTTP_API_KEY"
-        },
-        "description": "An example Streamable HTTP-based MCP server."
-      }
-    }
-    ```
+#### `mcp`
 
-- **`checkpointing`** (object):
-  - **Description:** Configures the checkpointing feature, which allows you to save and restore conversation and file states. See the [Checkpointing documentation](../checkpointing.md) for more details.
-  - **Default:** `{"enabled": false}`
-  - **Properties:**
-    - **`enabled`** (boolean): When `true`, the `/restore` command is available.
+- **`mcp.serverCommand`** (string):
+  - **Description:** Command to start an MCP server.
+  - **Default:** `undefined`
 
-- **`preferredEditor`** (string):
-  - **Description:** Specifies the preferred editor to use for viewing diffs.
-  - **Default:** `vscode`
-  - **Example:** `"preferredEditor": "vscode"`
+- **`mcp.allowed`** (array of strings):
+  - **Description:** An allowlist of MCP servers to allow.
+  - **Default:** `undefined`
 
-- **`telemetry`** (object)
-  - **Description:** Configures logging and metrics collection for Qwen Code. For more information, see [Telemetry](../telemetry.md).
-  - **Default:** `{"enabled": false, "target": "local", "otlpEndpoint": "http://localhost:4317", "logPrompts": true}`
-  - **Properties:**
-    - **`enabled`** (boolean): Whether or not telemetry is enabled.
-    - **`target`** (string): The destination for collected telemetry. Supported values are `local` and `gcp`.
-    - **`otlpEndpoint`** (string): The endpoint for the OTLP Exporter.
-    - **`logPrompts`** (boolean): Whether or not to include the content of user prompts in the logs.
-  - **Example:**
-    ```json
-    "telemetry": {
-      "enabled": true,
-      "target": "local",
-      "otlpEndpoint": "http://localhost:16686",
-      "logPrompts": false
-    }
-    ```
-- **`usageStatisticsEnabled`** (boolean):
-  - **Description:** Enables or disables the collection of usage statistics. See [Usage Statistics](#usage-statistics) for more information.
-  - **Default:** `true`
-  - **Example:**
-    ```json
-    "usageStatisticsEnabled": false
-    ```
+- **`mcp.excluded`** (array of strings):
+  - **Description:** A denylist of MCP servers to exclude.
+  - **Default:** `undefined`
 
-- **`hideTips`** (boolean):
-  - **Description:** Enables or disables helpful tips in the CLI interface.
+#### `security`
+
+- **`security.folderTrust.enabled`** (boolean):
+  - **Description:** Setting to track whether Folder trust is enabled.
   - **Default:** `false`
-  - **Example:**
 
-    ```json
-    "hideTips": true
-    ```
+- **`security.auth.selectedType`** (string):
+  - **Description:** The currently selected authentication type.
+  - **Default:** `undefined`
 
-- **`hideBanner`** (boolean):
-  - **Description:** Enables or disables the startup banner (ASCII art logo) in the CLI interface.
+- **`security.auth.enforcedType`** (string):
+  - **Description:** The required auth type (useful for enterprises).
+  - **Default:** `undefined`
+
+- **`security.auth.useExternal`** (boolean):
+  - **Description:** Whether to use an external authentication flow.
+  - **Default:** `undefined`
+
+#### `advanced`
+
+- **`advanced.autoConfigureMemory`** (boolean):
+  - **Description:** Automatically configure Node.js memory limits.
   - **Default:** `false`
-  - **Example:**
 
-    ```json
-    "hideBanner": true
-    ```
+- **`advanced.dnsResolutionOrder`** (string):
+  - **Description:** The DNS resolution order.
+  - **Default:** `undefined`
 
-- **`maxSessionTurns`** (number):
-  - **Description:** Sets the maximum number of turns for a session. If the session exceeds this limit, the CLI will stop processing and start a new chat.
-  - **Default:** `-1` (unlimited)
-  - **Example:**
-    ```json
-    "maxSessionTurns": 10
-    ```
+- **`advanced.excludedEnvVars`** (array of strings):
+  - **Description:** Environment variables to exclude from project context.
+  - **Default:** `["DEBUG","DEBUG_MODE"]`
 
-- **`summarizeToolOutput`** (object):
-  - **Description:** Enables or disables the summarization of tool output. You can specify the token budget for the summarization using the `tokenBudget` setting.
-  - Note: Currently only the `run_shell_command` tool is supported.
-  - **Default:** `{}` (Disabled by default)
-  - **Example:**
-    ```json
-    "summarizeToolOutput": {
-      "run_shell_command": {
-        "tokenBudget": 2000
-      }
-    }
-    ```
+- **`advanced.bugCommand`** (object):
+  - **Description:** Configuration for the bug report command.
+  - **Default:** `undefined`
 
-- **`excludedProjectEnvVars`** (array of strings):
-  - **Description:** Specifies environment variables that should be excluded from being loaded from project `.env` files. This prevents project-specific environment variables (like `DEBUG=true`) from interfering with the CLI behavior. Variables from `.qwen/.env` files are never excluded.
-  - **Default:** `["DEBUG", "DEBUG_MODE"]`
-  - **Example:**
-    ```json
-    "excludedProjectEnvVars": ["DEBUG", "DEBUG_MODE", "NODE_ENV"]
-    ```
-
-- **`includeDirectories`** (array of strings):
-  - **Description:** Specifies an array of additional absolute or relative paths to include in the workspace context. Missing directories will be skipped with a warning by default. Paths can use `~` to refer to the user's home directory. This setting can be combined with the `--include-directories` command-line flag.
-  - **Default:** `[]`
-  - **Example:**
-    ```json
-    "includeDirectories": [
-      "/path/to/another/project",
-      "../shared-library",
-      "~/common-utils"
-    ]
-    ```
-
-- **`loadMemoryFromIncludeDirectories`** (boolean):
-  - **Description:** Controls the behavior of the `/memory refresh` command. If set to `true`, `QWEN.md` files should be loaded from all directories that are added. If set to `false`, `QWEN.md` should only be loaded from the current directory.
-  - **Default:** `false`
-  - **Example:**
-    ```json
-    "loadMemoryFromIncludeDirectories": true
-    ```
-
-- **`tavilyApiKey`** (string):
+- **`advanced.tavilyApiKey`** (string):
   - **Description:** API key for Tavily web search service. Required to enable the `web_search` tool functionality. If not configured, the web search tool will be disabled and skipped.
-  - **Default:** `undefined` (web search disabled)
-  - **Example:** `"tavilyApiKey": "tvly-your-api-key-here"`
-- **`chatCompression`** (object):
-  - **Description:** Controls the settings for chat history compression, both automatic and
-    when manually invoked through the /compress command.
-  - **Properties:**
-    - **`contextPercentageThreshold`** (number): A value between 0 and 1 that specifies the token threshold for compression as a percentage of the model's total token limit. For example, a value of `0.6` will trigger compression when the chat history exceeds 60% of the token limit.
-  - **Example:**
-    ```json
-    "chatCompression": {
-      "contextPercentageThreshold": 0.6
-    }
-    ```
+  - **Default:** `undefined`
 
-- **`showLineNumbers`** (boolean):
-  - **Description:** Controls whether line numbers are displayed in code blocks in the CLI output.
-  - **Default:** `true`
-  - **Example:**
-    ```json
-    "showLineNumbers": false
-    ```
+#### `mcpServers`
 
-- **`accessibility`** (object):
-  - **Description:** Configures accessibility features for the CLI.
-  - **Properties:**
-    - **`screenReader`** (boolean): Enables screen reader mode, which adjusts the TUI for better compatibility with screen readers. This can also be enabled with the `--screen-reader` command-line flag, which will take precedence over the setting.
-    - **`disableLoadingPhrases`** (boolean): Disables the display of loading phrases during operations.
-  - **Default:** `{"screenReader": false, "disableLoadingPhrases": false}`
-  - **Example:**
-    ```json
-    "accessibility": {
-      "screenReader": true,
-      "disableLoadingPhrases": true
-    }
-    ```
+Configures connections to one or more Model-Context Protocol (MCP) servers for discovering and using custom tools. Qwen Code attempts to connect to each configured MCP server to discover available tools. If multiple MCP servers expose a tool with the same name, the tool names will be prefixed with the server alias you defined in the configuration (e.g., `serverAlias__actualToolName`) to avoid conflicts. Note that the system might strip certain schema properties from MCP tool definitions for compatibility. At least one of `command`, `url`, or `httpUrl` must be provided. If multiple are specified, the order of precedence is `httpUrl`, then `url`, then `command`.
 
-- **`skipNextSpeakerCheck`** (boolean):
-  - **Description:** Skips the next speaker check after text responses. When enabled, the system bypasses analyzing whether the AI should continue speaking.
-  - **Default:** `false`
-  - **Example:**
-    ```json
-    "skipNextSpeakerCheck": true
-    ```
+- **`mcpServers.<SERVER_NAME>`** (object): The server parameters for the named server.
+  - `command` (string, optional): The command to execute to start the MCP server via standard I/O.
+  - `args` (array of strings, optional): Arguments to pass to the command.
+  - `env` (object, optional): Environment variables to set for the server process.
+  - `cwd` (string, optional): The working directory in which to start the server.
+  - `url` (string, optional): The URL of an MCP server that uses Server-Sent Events (SSE) for communication.
+  - `httpUrl` (string, optional): The URL of an MCP server that uses streamable HTTP for communication.
+  - `headers` (object, optional): A map of HTTP headers to send with requests to `url` or `httpUrl`.
+  - `timeout` (number, optional): Timeout in milliseconds for requests to this MCP server.
+  - `trust` (boolean, optional): Trust this server and bypass all tool call confirmations.
+  - `description` (string, optional): A brief description of the server, which may be used for display purposes.
+  - `includeTools` (array of strings, optional): List of tool names to include from this MCP server. When specified, only the tools listed here will be available from this server (allowlist behavior). If not specified, all tools from the server are enabled by default.
+  - `excludeTools` (array of strings, optional): List of tool names to exclude from this MCP server. Tools listed here will not be available to the model, even if they are exposed by the server. **Note:** `excludeTools` takes precedence over `includeTools` - if a tool is in both lists, it will be excluded.
 
-- **`skipLoopDetection`** (boolean):
-  - **Description:** Disables all loop detection checks (streaming and LLM-based). Loop detection prevents infinite loops in AI responses but can generate false positives that interrupt legitimate workflows. Enable this option if you experience frequent false positive loop detection interruptions.
-  - **Default:** `false`
-  - **Example:**
-    ```json
-    "skipLoopDetection": true
-    ```
+#### `telemetry`
 
-### Example `settings.json`:
+Configures logging and metrics collection for Qwen Code. For more information, see [Telemetry](../telemetry.md).
+
+- **Properties:**
+  - **`enabled`** (boolean): Whether or not telemetry is enabled.
+  - **`target`** (string): The destination for collected telemetry. Supported values are `local` and `gcp`.
+  - **`otlpEndpoint`** (string): The endpoint for the OTLP Exporter.
+  - **`otlpProtocol`** (string): The protocol for the OTLP Exporter (`grpc` or `http`).
+  - **`logPrompts`** (boolean): Whether or not to include the content of user prompts in the logs.
+  - **`outfile`** (string): The file to write telemetry to when `target` is `local`.
+  - **`useCollector`** (boolean): Whether to use an external OTLP collector.
+
+### Example `settings.json`
+
+Here is an example of a `settings.json` file with the nested structure, new as of v0.3.0:
 
 ```json
 {
-  "theme": "GitHub",
-  "sandbox": "docker",
-  "toolDiscoveryCommand": "bin/get_tools",
-  "toolCallCommand": "bin/call_tool",
-  "tavilyApiKey": "$TAVILY_API_KEY",
+  "general": {
+    "vimMode": true,
+    "preferredEditor": "code"
+  },
+  "ui": {
+    "theme": "GitHub",
+    "hideBanner": true,
+    "hideTips": false,
+    "customWittyPhrases": [
+      "You forget a thousand things every day. Make sure this is one of ’em",
+      "Connecting to AGI"
+    ]
+  },
+  "tools": {
+    "approvalMode": "yolo",
+    "sandbox": "docker",
+    "discoveryCommand": "bin/get_tools",
+    "callCommand": "bin/call_tool",
+    "exclude": ["write_file"]
+  },
   "mcpServers": {
     "mainServer": {
       "command": "bin/mcp_server.py"
@@ -386,20 +372,29 @@ If you are experiencing performance issues with file searching (e.g., with `@` c
     "otlpEndpoint": "http://localhost:4317",
     "logPrompts": true
   },
-  "usageStatisticsEnabled": true,
-  "hideTips": false,
-  "hideBanner": false,
-  "skipNextSpeakerCheck": false,
-  "skipLoopDetection": false,
-  "maxSessionTurns": 10,
-  "summarizeToolOutput": {
-    "run_shell_command": {
-      "tokenBudget": 100
+  "privacy": {
+    "usageStatisticsEnabled": true
+  },
+  "model": {
+    "name": "qwen3-coder-plus",
+    "maxSessionTurns": 10,
+    "summarizeToolOutput": {
+      "run_shell_command": {
+        "tokenBudget": 100
+      }
     }
   },
-  "excludedProjectEnvVars": ["DEBUG", "DEBUG_MODE", "NODE_ENV"],
-  "includeDirectories": ["path/to/dir1", "~/path/to/dir2", "../path/to/dir3"],
-  "loadMemoryFromIncludeDirectories": true
+  "context": {
+    "fileName": ["CONTEXT.md", "QWEN.md"],
+    "includeDirectories": ["path/to/dir1", "~/path/to/dir2", "../path/to/dir3"],
+    "loadFromIncludeDirectories": true,
+    "fileFiltering": {
+      "respectGitIgnore": false
+    }
+  },
+  "advanced": {
+    "excludedEnvVars": ["DEBUG", "DEBUG_MODE", "NODE_ENV"]
+  }
 }
 ```
 
@@ -421,7 +416,7 @@ The CLI automatically loads environment variables from an `.env` file. The loadi
 2.  If not found, it searches upwards in parent directories until it finds an `.env` file or reaches the project root (identified by a `.git` folder) or the home directory.
 3.  If still not found, it looks for `~/.env` (in the user's home directory).
 
-**Environment Variable Exclusion:** Some environment variables (like `DEBUG` and `DEBUG_MODE`) are automatically excluded from project `.env` files by default to prevent interference with the CLI behavior. Variables from `.qwen/.env` files are never excluded. You can customize this behavior using the `excludedProjectEnvVars` setting in your `settings.json` file.
+**Environment Variable Exclusion:** Some environment variables (like `DEBUG` and `DEBUG_MODE`) are automatically excluded from project `.env` files by default to prevent interference with the CLI behavior. Variables from `.qwen/.env` files are never excluded. You can customize this behavior using the `advanced.excludedEnvVars` setting in your `settings.json` file.
 
 - **`OPENAI_API_KEY`**:
   - One of several available [authentication methods](./authentication.md).
@@ -433,6 +428,27 @@ The CLI automatically loads environment variables from an `.env` file. The loadi
   - Specifies the default OPENAI model to use.
   - Overrides the hardcoded default
   - Example: `export OPENAI_MODEL="qwen3-coder-plus"`
+- **`GEMINI_TELEMETRY_ENABLED`**:
+  - Set to `true` or `1` to enable telemetry. Any other value is treated as disabling it.
+  - Overrides the `telemetry.enabled` setting.
+- **`GEMINI_TELEMETRY_TARGET`**:
+  - Sets the telemetry target (`local` or `gcp`).
+  - Overrides the `telemetry.target` setting.
+- **`GEMINI_TELEMETRY_OTLP_ENDPOINT`**:
+  - Sets the OTLP endpoint for telemetry.
+  - Overrides the `telemetry.otlpEndpoint` setting.
+- **`GEMINI_TELEMETRY_OTLP_PROTOCOL`**:
+  - Sets the OTLP protocol (`grpc` or `http`).
+  - Overrides the `telemetry.otlpProtocol` setting.
+- **`GEMINI_TELEMETRY_LOG_PROMPTS`**:
+  - Set to `true` or `1` to enable or disable logging of user prompts. Any other value is treated as disabling it.
+  - Overrides the `telemetry.logPrompts` setting.
+- **`GEMINI_TELEMETRY_OUTFILE`**:
+  - Sets the file path to write telemetry to when the target is `local`.
+  - Overrides the `telemetry.outfile` setting.
+- **`GEMINI_TELEMETRY_USE_COLLECTOR`**:
+  - Set to `true` or `1` to enable or disable using an external OTLP collector. Any other value is treated as disabling it.
+  - Overrides the `telemetry.useCollector` setting.
 - **`GEMINI_SANDBOX`**:
   - Alternative to the `sandbox` setting in `settings.json`.
   - Accepts `true`, `false`, `docker`, `podman`, or a custom command string.
@@ -448,9 +464,6 @@ The CLI automatically loads environment variables from an `.env` file. The loadi
   - Set to any value to disable all color output in the CLI.
 - **`CLI_TITLE`**:
   - Set to a string to customize the title of the CLI.
-- **`CODE_ASSIST_ENDPOINT`**:
-  - Specifies the endpoint for the code assist server.
-  - This is useful for development and testing.
 - **`TAVILY_API_KEY`**:
   - Your API key for the Tavily web search service.
   - Required to enable the `web_search` tool functionality.
@@ -466,11 +479,18 @@ Arguments passed directly when running the CLI can override other configurations
   - Example: `npm start -- --model qwen3-coder-plus`
 - **`--prompt <your_prompt>`** (**`-p <your_prompt>`**):
   - Used to pass a prompt directly to the command. This invokes Qwen Code in a non-interactive mode.
+  - For scripting examples, use the `--output-format json` flag to get structured output.
 - **`--prompt-interactive <your_prompt>`** (**`-i <your_prompt>`**):
   - Starts an interactive session with the provided prompt as the initial input.
   - The prompt is processed within the interactive session, not before it.
   - Cannot be used when piping input from stdin.
   - Example: `qwen -i "explain this code"`
+- **`--output-format <format>`**:
+  - **Description:** Specifies the format of the CLI output for non-interactive mode.
+  - **Values:**
+    - `text`: (Default) The standard human-readable output.
+    - `json`: A machine-readable JSON output.
+  - **Note:** For structured output and scripting, use the `--output-format json` flag.
 - **`--sandbox`** (**`-s`**):
   - Enables sandbox mode for this session.
 - **`--sandbox-image`**:
@@ -486,12 +506,13 @@ Arguments passed directly when running the CLI can override other configurations
 - **`--yolo`**:
   - Enables YOLO mode, which automatically approves all tool calls.
 - **`--approval-mode <mode>`**:
-  - Sets the approval mode for tool calls. Available modes:
-    - `default`: Prompt for approval on each tool call (default behavior)
-    - `auto_edit`: Automatically approve edit tools (edit, write_file) while prompting for others
-    - `yolo`: Automatically approve all tool calls (equivalent to `--yolo`)
+  - Sets the approval mode for tool calls. Supported modes:
+    - `plan`: Analyze only—do not modify files or execute commands.
+    - `default`: Require approval for file edits or shell commands (default behavior).
+    - `auto-edit`: Automatically approve edit tools (edit, write_file) while prompting for others.
+    - `yolo`: Automatically approve all tool calls (equivalent to `--yolo`).
   - Cannot be used together with `--yolo`. Use `--approval-mode=yolo` instead of `--yolo` for the new unified approach.
-  - Example: `qwen --approval-mode auto_edit`
+  - Example: `qwen --approval-mode auto-edit`
 - **`--allowed-tools <tool1,tool2,...>`**:
   - A comma-separated list of tool names that will bypass the confirmation dialog.
   - Example: `qwen --allowed-tools "ShellTool(git status)"`
@@ -522,7 +543,7 @@ Arguments passed directly when running the CLI can override other configurations
   - 5 directories can be added at maximum.
   - Example: `--include-directories /path/to/project1,/path/to/project2` or `--include-directories /path/to/project1 --include-directories /path/to/project2`
 - **`--screen-reader`**:
-  - Enables screen reader mode for accessibility.
+  - Enables screen reader mode, which adjusts the TUI for better compatibility with screen readers.
 - **`--version`**:
   - Displays the version of the CLI.
 - **`--openai-logging`**:
@@ -533,7 +554,7 @@ Arguments passed directly when running the CLI can override other configurations
 
 ## Context Files (Hierarchical Instructional Context)
 
-While not strictly configuration for the CLI's _behavior_, context files (defaulting to `QWEN.md` but configurable via the `contextFileName` setting) are crucial for configuring the _instructional context_ (also referred to as "memory"). This powerful feature allows you to give project-specific instructions, coding style guides, or any relevant background information to the AI, making its responses more tailored and accurate to your needs. The CLI includes UI elements, such as an indicator in the footer showing the number of loaded context files, to keep you informed about the active context.
+While not strictly configuration for the CLI's _behavior_, context files (defaulting to `QWEN.md` but configurable via the `context.fileName` setting) are crucial for configuring the _instructional context_ (also referred to as "memory"). This powerful feature allows you to give project-specific instructions, coding style guides, or any relevant background information to the AI, making its responses more tailored and accurate to your needs. The CLI includes UI elements, such as an indicator in the footer showing the number of loaded context files, to keep you informed about the active context.
 
 - **Purpose:** These Markdown files contain instructions, guidelines, or context that you want the Qwen model to be aware of during your interactions. The system is designed to manage this instructional context hierarchically.
 
@@ -574,13 +595,13 @@ This example demonstrates how you can provide general project context, specific
 
 - **Hierarchical Loading and Precedence:** The CLI implements a sophisticated hierarchical memory system by loading context files (e.g., `QWEN.md`) from several locations. Content from files lower in this list (more specific) typically overrides or supplements content from files higher up (more general). The exact concatenation order and final context can be inspected using the `/memory show` command. The typical loading order is:
   1.  **Global Context File:**
-      - Location: `~/.qwen/<contextFileName>` (e.g., `~/.qwen/QWEN.md` in your user home directory).
+      - Location: `~/.qwen/<configured-context-filename>` (e.g., `~/.qwen/QWEN.md` in your user home directory).
       - Scope: Provides default instructions for all your projects.
   2.  **Project Root & Ancestors Context Files:**
       - Location: The CLI searches for the configured context file in the current working directory and then in each parent directory up to either the project root (identified by a `.git` folder) or your home directory.
       - Scope: Provides context relevant to the entire project or a significant portion of it.
   3.  **Sub-directory Context Files (Contextual/Local):**
-      - Location: The CLI also scans for the configured context file in subdirectories _below_ the current working directory (respecting common ignore patterns like `node_modules`, `.git`, etc.). The breadth of this search is limited to 200 directories by default, but can be configured with a `memoryDiscoveryMaxDirs` field in your `settings.json` file.
+      - Location: The CLI also scans for the configured context file in subdirectories _below_ the current working directory (respecting common ignore patterns like `node_modules`, `.git`, etc.). The breadth of this search is limited to 200 directories by default, but can be configured with the `context.discoveryMaxDirs` setting in your `settings.json` file.
       - Scope: Allows for highly specific instructions relevant to a particular component, module, or subsection of your project.
 - **Concatenation & UI Indication:** The contents of all found context files are concatenated (with separators indicating their origin and path) and provided as part of the system prompt. The CLI footer displays the count of loaded context files, giving you a quick visual cue about the active instructional context.
 - **Importing Content:** You can modularize your context files by importing other Markdown files using the `@path/to/file.md` syntax. For more details, see the [Memory Import Processor documentation](../core/memport.md).
@@ -638,20 +659,14 @@ To help us improve Qwen Code, we collect anonymized usage statistics. This data
 
 **How to opt out:**
 
-You can opt out of usage statistics collection at any time by setting the `usageStatisticsEnabled` property to `false` in your `settings.json` file:
+You can opt out of usage statistics collection at any time by setting the `usageStatisticsEnabled` property to `false` under the `privacy` category in your `settings.json` file:
 
 ```json
 {
-  "usageStatisticsEnabled": false
+  "privacy": {
+    "usageStatisticsEnabled": false
+  }
 }
 ```
 
 Note: When usage statistics are enabled, events are sent to an Alibaba Cloud RUM collection endpoint.
-
-- **`enableWelcomeBack`** (boolean):
-  - **Description:** Show welcome back dialog when returning to a project with conversation history.
-  - **Default:** `true`
-  - **Category:** UI
-  - **Requires Restart:** No
-  - **Example:** `"enableWelcomeBack": false`
-  - **Details:** When enabled, Qwen Code will automatically detect if you're returning to a project with a previously generated project summary (`.qwen/PROJECT_SUMMARY.md`) and show a dialog allowing you to continue your previous conversation or start fresh. This feature integrates with the `/chat summary` command and quit confirmation dialog. See the [Welcome Back documentation](./welcome-back.md) for more details.

docs/cli/index.md

@@ -1,16 +1,14 @@
 # Qwen Code CLI
 
-Within Qwen Code, `packages/cli` is the frontend for users to send and receive prompts with Qwen and other AI models and their associated tools. For a general overview of Qwen Code, see the [main documentation page](../index.md).
+Within Qwen Code, `packages/cli` is the frontend for users to send and receive prompts with Qwen and other AI models and their associated tools. For a general overview of Qwen Code
 
 ## Navigating this section
 
 - **[Authentication](./authentication.md):** A guide to setting up authentication with Qwen OAuth and OpenAI-compatible providers.
 - **[Commands](./commands.md):** A reference for Qwen Code CLI commands (e.g., `/help`, `/tools`, `/theme`).
 - **[Configuration](./configuration.md):** A guide to tailoring Qwen Code CLI behavior using configuration files.
-- **[Token Caching](./token-caching.md):** Optimize API costs through token caching.
 - **[Themes](./themes.md)**: A guide to customizing the CLI's appearance with different themes.
 - **[Tutorials](tutorials.md)**: A tutorial showing how to use Qwen Code to automate a development task.
-- **[Welcome Back](./welcome-back.md)**: Learn about the Welcome Back feature that helps you resume work seamlessly across sessions.
 
 ## Non-interactive mode
 
@@ -22,8 +20,10 @@ The following example pipes a command to Qwen Code from your terminal:
 echo "What is fine tuning?" | qwen
 ```
 
-Qwen Code executes the command and prints the output to your terminal. Note that you can achieve the same behavior by using the `--prompt` or `-p` flag. For example:
+You can also use the `--prompt` or `-p` flag:
 
 ```bash
 qwen -p "What is fine tuning?"
 ```
+
+For comprehensive documentation on headless usage, scripting, automation, and advanced examples, see the **[Headless Mode](../headless.md)** guide.

docs/cli/keyboard-shortcuts.md

@@ -4,16 +4,16 @@ This document lists the available keyboard shortcuts in Qwen Code.
 
 ## General
 
-| Shortcut | Description                                                                                                           |
-| -------- | --------------------------------------------------------------------------------------------------------------------- |
-| `Esc`    | Close dialogs and suggestions.                                                                                        |
-| `Ctrl+C` | Cancel the ongoing request and clear the input. Press twice to exit the application.                                  |
-| `Ctrl+D` | Exit the application if the input is empty. Press twice to confirm.                                                   |
-| `Ctrl+L` | Clear the screen.                                                                                                     |
-| `Ctrl+O` | Toggle the display of the debug console.                                                                              |
-| `Ctrl+S` | Allows long responses to print fully, disabling truncation. Use your terminal's scrollback to view the entire output. |
-| `Ctrl+T` | Toggle the display of tool descriptions.                                                                              |
-| `Ctrl+Y` | Toggle auto-approval (YOLO mode) for all tool calls.                                                                  |
+| Shortcut    | Description                                                                                                           |
+| ----------- | --------------------------------------------------------------------------------------------------------------------- |
+| `Esc`       | Close dialogs and suggestions.                                                                                        |
+| `Ctrl+C`    | Cancel the ongoing request and clear the input. Press twice to exit the application.                                  |
+| `Ctrl+D`    | Exit the application if the input is empty. Press twice to confirm.                                                   |
+| `Ctrl+L`    | Clear the screen.                                                                                                     |
+| `Ctrl+O`    | Toggle the display of the debug console.                                                                              |
+| `Ctrl+S`    | Allows long responses to print fully, disabling truncation. Use your terminal's scrollback to view the entire output. |
+| `Ctrl+T`    | Toggle the display of tool descriptions.                                                                              |
+| `Shift+Tab` | Cycle approval modes (`plan` → `default` → `auto-edit` → `yolo`).                                                     |
 
 ## Input Prompt
 

docs/cli/themes.md

@@ -46,25 +46,14 @@ Add a `customThemes` block to your user, project, or system `settings.json` file
 
 ```json
 {
-  "customThemes": {
-    "MyCustomTheme": {
-      "name": "MyCustomTheme",
-      "type": "custom",
-      "Background": "#181818",
-      "Foreground": "#F8F8F2",
-      "LightBlue": "#82AAFF",
-      "AccentBlue": "#61AFEF",
-      "AccentPurple": "#C678DD",
-      "AccentCyan": "#56B6C2",
-      "AccentGreen": "#98C379",
-      "AccentYellow": "#E5C07B",
-      "AccentRed": "#E06C75",
-      "Comment": "#5C6370",
-      "Gray": "#ABB2BF",
-      "DiffAdded": "#A6E3A1",
-      "DiffRemoved": "#F38BA8",
-      "DiffModified": "#89B4FA",
-      "GradientColors": ["#4796E4", "#847ACE", "#C3677F"]
+  "ui": {
+    "customThemes": {
+      "MyCustomTheme": {
+        "name": "MyCustomTheme",
+        "type": "custom",
+        "Background": "#181818",
+        ...
+      }
     }
   }
 }
@@ -115,7 +104,9 @@ To load a theme from a file, set the `theme` property in your `settings.json` to
 
 ```json
 {
-  "theme": "/path/to/your/theme.json"
+  "ui": {
+    "theme": "/path/to/your/theme.json"
+  }
 }
 ```
 
@@ -154,7 +145,7 @@ The theme file must be a valid JSON file that follows the same structure as a cu
 ### Using Your Custom Theme
 
 - Select your custom theme using the `/theme` command in Qwen Code. Your custom theme will appear in the theme selection dialog.
-- Or, set it as the default by adding `"theme": "MyCustomTheme"` to your `settings.json`.
+- Or, set it as the default by adding `"theme": "MyCustomTheme"` to the `ui` object in your `settings.json`.
 - Custom themes can be set at the user, project, or system level, and follow the same [configuration precedence](./configuration.md) as other settings.
 
 ---

docs/cli/trusted-folders.md

@@ -0,0 +1,61 @@
+# Trusted Folders
+
+The Trusted Folders feature is a security setting that gives you control over which projects can use the full capabilities of the Qwen Code. It prevents potentially malicious code from running by asking you to approve a folder before the CLI loads any project-specific configurations from it.
+
+## Enabling the Feature
+
+The Trusted Folders feature is **disabled by default**. To use it, you must first enable it in your settings.
+
+Add the following to your user `settings.json` file:
+
+```json
+{
+  "security": {
+    "folderTrust": {
+      "enabled": true
+    }
+  }
+}
+```
+
+## How It Works: The Trust Dialog
+
+Once the feature is enabled, the first time you run the Qwen Code from a folder, a dialog will automatically appear, prompting you to make a choice:
+
+- **Trust folder**: Grants full trust to the current folder (e.g., `my-project`).
+- **Trust parent folder**: Grants trust to the parent directory (e.g., `safe-projects`), which automatically trusts all of its subdirectories as well. This is useful if you keep all your safe projects in one place.
+- **Don't trust**: Marks the folder as untrusted. The CLI will operate in a restricted "safe mode."
+
+Your choice is saved in a central file (`~/.qwen/trustedFolders.json`), so you will only be asked once per folder.
+
+## Why Trust Matters: The Impact of an Untrusted Workspace
+
+When a folder is **untrusted**, the Qwen Code runs in a restricted "safe mode" to protect you. In this mode, the following features are disabled:
+
+1.  **Workspace Settings are Ignored**: The CLI will **not** load the `.qwen/settings.json` file from the project. This prevents the loading of custom tools and other potentially dangerous configurations.
+
+2.  **Environment Variables are Ignored**: The CLI will **not** load any `.env` files from the project.
+
+3.  **Extension Management is Restricted**: You **cannot install, update, or uninstall** extensions.
+
+4.  **Tool Auto-Acceptance is Disabled**: You will always be prompted before any tool is run, even if you have auto-acceptance enabled globally.
+
+5.  **Automatic Memory Loading is Disabled**: The CLI will not automatically load files into context from directories specified in local settings.
+
+Granting trust to a folder unlocks the full functionality of the Qwen Code for that workspace.
+
+## Managing Your Trust Settings
+
+If you need to change a decision or see all your settings, you have a couple of options:
+
+- **Change the Current Folder's Trust**: Run the `/permissions` command from within the CLI. This will bring up the same interactive dialog, allowing you to change the trust level for the current folder.
+
+- **View All Trust Rules**: To see a complete list of all your trusted and untrusted folder rules, you can inspect the contents of the `~/.qwen/trustedFolders.json` file in your home directory.
+
+## The Trust Check Process (Advanced)
+
+For advanced users, it's helpful to know the exact order of operations for how trust is determined:
+
+1.  **IDE Trust Signal**: If you are using the [IDE Integration](./ide-integration.md), the CLI first asks the IDE if the workspace is trusted. The IDE's response takes highest priority.
+
+2.  **Local Trust File**: If the IDE is not connected, the CLI checks the central `~/.qwen/trustedFolders.json` file.

docs/core/memport.md

@@ -147,7 +147,7 @@ Processes import statements in context file content.
 - `debugMode` (boolean, optional): Whether to enable debug logging (default: false)
 - `importState` (ImportState, optional): State tracking for circular import prevention
 
-**Returns:** Promise<ProcessImportsResult> - Object containing processed content and import tree
+**Returns:** Promise&lt;ProcessImportsResult&gt; - Object containing processed content and import tree
 
 ### `ProcessImportsResult`
 
@@ -187,7 +187,7 @@ Finds the project root by searching for a `.git` directory upwards from the give
 
 - `startDir` (string): The directory to start searching from
 
-**Returns:** Promise<string> - The project root directory (or the start directory if no `.git` is found)
+**Returns:** Promise&lt;string&gt; - The project root directory (or the start directory if no `.git` is found)
 
 ## Best Practices
 

docs/core/tools-api.md

@@ -23,8 +23,8 @@ The Qwen Code core (`packages/core`) features a robust system for defining, regi
 - **Tool Registry (`tool-registry.ts`):** A class (`ToolRegistry`) responsible for:
   - **Registering Tools:** Holding a collection of all available built-in tools (e.g., `ReadFileTool`, `ShellTool`).
   - **Discovering Tools:** It can also discover tools dynamically:
-    - **Command-based Discovery:** If `toolDiscoveryCommand` is configured in settings, this command is executed. It's expected to output JSON describing custom tools, which are then registered as `DiscoveredTool` instances.
-    - **MCP-based Discovery:** If `mcpServerCommand` is configured, the registry can connect to a Model Context Protocol (MCP) server to list and register tools (`DiscoveredMCPTool`).
+    - **Command-based Discovery:** If `tools.toolDiscoveryCommand` is configured in settings, this command is executed. It's expected to output JSON describing custom tools, which are then registered as `DiscoveredTool` instances.
+    - **MCP-based Discovery:** If `mcp.mcpServerCommand` is configured, the registry can connect to a Model Context Protocol (MCP) server to list and register tools (`DiscoveredMCPTool`).
   - **Providing Schemas:** Exposing the `FunctionDeclaration` schemas of all registered tools to the model, so it knows what tools are available and how to use them.
   - **Retrieving Tools:** Allowing the core to get a specific tool by name for execution.
 
@@ -69,7 +69,7 @@ Each of these tools extends `BaseTool` and implements the required methods for i
 
 While direct programmatic registration of new tools by users isn't explicitly detailed as a primary workflow in the provided files for typical end-users, the architecture supports extension through:
 
-- **Command-based Discovery:** Advanced users or project administrators can define a `toolDiscoveryCommand` in `settings.json`. This command, when run by the core, should output a JSON array of `FunctionDeclaration` objects. The core will then make these available as `DiscoveredTool` instances. The corresponding `toolCallCommand` would then be responsible for actually executing these custom tools.
+- **Command-based Discovery:** Advanced users or project administrators can define a `tools.toolDiscoveryCommand` in `settings.json`. This command, when run by the core, should output a JSON array of `FunctionDeclaration` objects. The core will then make these available as `DiscoveredTool` instances. The corresponding `tools.toolCallCommand` would then be responsible for actually executing these custom tools.
 - **MCP Server(s):** For more complex scenarios, one or more MCP servers can be set up and configured via the `mcpServers` setting in `settings.json`. The core can then discover and use tools exposed by these servers. As mentioned, if you have multiple MCP servers, the tool names will be prefixed with the server name from your configuration (e.g., `serverAlias__actualToolName`).
 
 This tool system provides a flexible and powerful way to augment the model's capabilities, making Qwen Code a versatile assistant for a wide range of tasks.

docs/development/_meta.ts

@@ -0,0 +1,8 @@
+export default {
+  architecture: 'Architecture',
+  npm: 'NPM',
+  deployment: 'Deployment',
+  telemetry: 'Telemetry',
+  'integration-tests': 'Integration Tests',
+  'issue-and-pr-automation': 'Issue and PR Automation',
+};

docs/development/integration-tests.md

@@ -20,7 +20,7 @@ npm run test:e2e
 
 ## Running a specific set of tests
 
-To run a subset of test files, you can use `npm run <integration test command> <file_name1> ....` where <integration test command> is either `test:e2e` or `test:integration*` and `<file_name>` is any of the `.test.js` files in the `integration-tests/` directory. For example, the following command runs `list_directory.test.js` and `write_file.test.js`:
+To run a subset of test files, you can use `npm run <integration test command> <file_name1> ....` where &lt;integration test command&gt; is either `test:e2e` or `test:integration*` and `<file_name>` is any of the `.test.js` files in the `integration-tests/` directory. For example, the following command runs `list_directory.test.js` and `write_file.test.js`:
 
 ```bash
 npm run test:e2e list_directory write_file

docs/development/issue-and-pr-automation.md

@@ -16,10 +16,10 @@ Here is a breakdown of the specific automation workflows that run in our reposit
 
 This is the first bot you will interact with when you create an issue. Its job is to perform an initial analysis and apply the correct labels.
 
-- **Workflow File**: `.github/workflows/gemini-automated-issue-triage.yml`
+- **Workflow File**: `.github/workflows/qwen-automated-issue-triage.yml`
 - **When it runs**: Immediately after an issue is created or reopened.
 - **What it does**:
-  - It uses a Gemini model to analyze the issue's title and body against a detailed set of guidelines.
+  - It uses a Qwen model to analyze the issue's title and body against a detailed set of guidelines.
   - **Applies one `area/*` label**: Categorizes the issue into a functional area of the project (e.g., `area/ux`, `area/models`, `area/platform`).
   - **Applies one `kind/*` label**: Identifies the type of issue (e.g., `kind/bug`, `kind/enhancement`, `kind/question`).
   - **Applies one `priority/*` label**: Assigns a priority from P0 (critical) to P3 (low) based on the described impact.
@@ -47,7 +47,7 @@ This workflow ensures that all changes meet our quality standards before they ca
 
 This workflow runs periodically to ensure all open PRs are correctly linked to issues and have consistent labels.
 
-- **Workflow File**: `.github/workflows/gemini-scheduled-pr-triage.yml`
+- **Workflow File**: `.github/workflows/qwen-scheduled-pr-triage.yml`
 - **When it runs**: Every 15 minutes on all open pull requests.
 - **What it does**:
   - **Checks for a linked issue**: The bot scans your PR description for a keyword that links it to an issue (e.g., `Fixes #123`, `Closes #456`).
@@ -61,11 +61,11 @@ This workflow runs periodically to ensure all open PRs are correctly linked to i
 
 This is a fallback workflow to ensure that no issue gets missed by the triage process.
 
-- **Workflow File**: `.github/workflows/gemini-scheduled-issue-triage.yml`
+- **Workflow File**: `.github/workflows/qwen-scheduled-issue-triage.yml`
 - **When it runs**: Every hour on all open issues.
 - **What it does**:
   - It actively seeks out issues that either have no labels at all or still have the `status/need-triage` label.
-  - It then triggers the same powerful Gemini-based analysis as the initial triage bot to apply the correct labels.
+  - It then triggers the same powerful QwenCode-based analysis as the initial triage bot to apply the correct labels.
 - **What you should do**:
   - You typically don't need to do anything. This workflow is a safety net to ensure every issue is eventually categorized, even if the initial triage fails.
 

docs/development/telemetry.md

@@ -0,0 +1,369 @@
+# Observability with OpenTelemetry
+
+Learn how to enable and setup OpenTelemetry for Qwen Code.
+
+- [Observability with OpenTelemetry](#observability-with-opentelemetry)
+  - [Key Benefits](#key-benefits)
+  - [OpenTelemetry Integration](#opentelemetry-integration)
+  - [Configuration](#configuration)
+  - [Google Cloud Telemetry](#google-cloud-telemetry)
+    - [Prerequisites](#prerequisites)
+    - [Direct Export (Recommended)](#direct-export-recommended)
+    - [Collector-Based Export (Advanced)](#collector-based-export-advanced)
+  - [Local Telemetry](#local-telemetry)
+    - [File-based Output (Recommended)](#file-based-output-recommended)
+    - [Collector-Based Export (Advanced)](#collector-based-export-advanced-1)
+  - [Logs and Metrics](#logs-and-metrics)
+    - [Logs](#logs)
+    - [Metrics](#metrics)
+
+## Key Benefits
+
+- **🔍 Usage Analytics**: Understand interaction patterns and feature adoption
+  across your team
+- **⚡ Performance Monitoring**: Track response times, token consumption, and
+  resource utilization
+- **🐛 Real-time Debugging**: Identify bottlenecks, failures, and error patterns
+  as they occur
+- **📊 Workflow Optimization**: Make informed decisions to improve
+  configurations and processes
+- **🏢 Enterprise Governance**: Monitor usage across teams, track costs, ensure
+  compliance, and integrate with existing monitoring infrastructure
+
+## OpenTelemetry Integration
+
+Built on **[OpenTelemetry]** — the vendor-neutral, industry-standard
+observability framework — Qwen Code's observability system provides:
+
+- **Universal Compatibility**: Export to any OpenTelemetry backend (Google
+  Cloud, Jaeger, Prometheus, Datadog, etc.)
+- **Standardized Data**: Use consistent formats and collection methods across
+  your toolchain
+- **Future-Proof Integration**: Connect with existing and future observability
+  infrastructure
+- **No Vendor Lock-in**: Switch between backends without changing your
+  instrumentation
+
+[OpenTelemetry]: https://opentelemetry.io/
+
+## Configuration
+
+All telemetry behavior is controlled through your `.qwen/settings.json` file.
+These settings can be overridden by environment variables or CLI flags.
+
+| Setting        | Environment Variable             | CLI Flag                                                 | Description                                       | Values            | Default                 |
+| -------------- | -------------------------------- | -------------------------------------------------------- | ------------------------------------------------- | ----------------- | ----------------------- |
+| `enabled`      | `GEMINI_TELEMETRY_ENABLED`       | `--telemetry` / `--no-telemetry`                         | Enable or disable telemetry                       | `true`/`false`    | `false`                 |
+| `target`       | `GEMINI_TELEMETRY_TARGET`        | `--telemetry-target <local\|gcp>`                        | Where to send telemetry data                      | `"gcp"`/`"local"` | `"local"`               |
+| `otlpEndpoint` | `GEMINI_TELEMETRY_OTLP_ENDPOINT` | `--telemetry-otlp-endpoint <URL>`                        | OTLP collector endpoint                           | URL string        | `http://localhost:4317` |
+| `otlpProtocol` | `GEMINI_TELEMETRY_OTLP_PROTOCOL` | `--telemetry-otlp-protocol <grpc\|http>`                 | OTLP transport protocol                           | `"grpc"`/`"http"` | `"grpc"`                |
+| `outfile`      | `GEMINI_TELEMETRY_OUTFILE`       | `--telemetry-outfile <path>`                             | Save telemetry to file (overrides `otlpEndpoint`) | file path         | -                       |
+| `logPrompts`   | `GEMINI_TELEMETRY_LOG_PROMPTS`   | `--telemetry-log-prompts` / `--no-telemetry-log-prompts` | Include prompts in telemetry logs                 | `true`/`false`    | `true`                  |
+| `useCollector` | `GEMINI_TELEMETRY_USE_COLLECTOR` | -                                                        | Use external OTLP collector (advanced)            | `true`/`false`    | `false`                 |
+
+**Note on boolean environment variables:** For the boolean settings (`enabled`,
+`logPrompts`, `useCollector`), setting the corresponding environment variable to
+`true` or `1` will enable the feature. Any other value will disable it.
+
+For detailed information about all configuration options, see the
+[Configuration Guide](./cli/configuration.md).
+
+## Google Cloud Telemetry
+
+### Prerequisites
+
+Before using either method below, complete these steps:
+
+1. Set your Google Cloud project ID:
+   - For telemetry in a separate project from inference:
+     ```bash
+     export OTLP_GOOGLE_CLOUD_PROJECT="your-telemetry-project-id"
+     ```
+   - For telemetry in the same project as inference:
+     ```bash
+     export GOOGLE_CLOUD_PROJECT="your-project-id"
+     ```
+
+2. Authenticate with Google Cloud:
+   - If using a user account:
+     ```bash
+     gcloud auth application-default login
+     ```
+   - If using a service account:
+     ```bash
+     export GOOGLE_APPLICATION_CREDENTIALS="/path/to/your/service-account.json"
+     ```
+3. Make sure your account or service account has these IAM roles:
+   - Cloud Trace Agent
+   - Monitoring Metric Writer
+   - Logs Writer
+
+4. Enable the required Google Cloud APIs (if not already enabled):
+   ```bash
+   gcloud services enable \
+     cloudtrace.googleapis.com \
+     monitoring.googleapis.com \
+     logging.googleapis.com \
+     --project="$OTLP_GOOGLE_CLOUD_PROJECT"
+   ```
+
+### Direct Export (Recommended)
+
+Sends telemetry directly to Google Cloud services. No collector needed.
+
+1. Enable telemetry in your `.qwen/settings.json`:
+   ```json
+   {
+     "telemetry": {
+       "enabled": true,
+       "target": "gcp"
+     }
+   }
+   ```
+2. Run Qwen Code and send prompts.
+3. View logs and metrics:
+   - Open the Google Cloud Console in your browser after sending prompts:
+     - Logs: https://console.cloud.google.com/logs/
+     - Metrics: https://console.cloud.google.com/monitoring/metrics-explorer
+     - Traces: https://console.cloud.google.com/traces/list
+
+### Collector-Based Export (Advanced)
+
+For custom processing, filtering, or routing, use an OpenTelemetry collector to
+forward data to Google Cloud.
+
+1. Configure your `.qwen/settings.json`:
+   ```json
+   {
+     "telemetry": {
+       "enabled": true,
+       "target": "gcp",
+       "useCollector": true
+     }
+   }
+   ```
+2. Run the automation script:
+   ```bash
+   npm run telemetry -- --target=gcp
+   ```
+   This will:
+   - Start a local OTEL collector that forwards to Google Cloud
+   - Configure your workspace
+   - Provide links to view traces, metrics, and logs in Google Cloud Console
+   - Save collector logs to `~/.qwen/tmp/<projectHash>/otel/collector-gcp.log`
+   - Stop collector on exit (e.g. `Ctrl+C`)
+3. Run Qwen Code and send prompts.
+4. View logs and metrics:
+   - Open the Google Cloud Console in your browser after sending prompts:
+     - Logs: https://console.cloud.google.com/logs/
+     - Metrics: https://console.cloud.google.com/monitoring/metrics-explorer
+     - Traces: https://console.cloud.google.com/traces/list
+   - Open `~/.qwen/tmp/<projectHash>/otel/collector-gcp.log` to view local
+     collector logs.
+
+## Local Telemetry
+
+For local development and debugging, you can capture telemetry data locally:
+
+### File-based Output (Recommended)
+
+1. Enable telemetry in your `.qwen/settings.json`:
+   ```json
+   {
+     "telemetry": {
+       "enabled": true,
+       "target": "local",
+       "otlpEndpoint": "",
+       "outfile": ".qwen/telemetry.log"
+     }
+   }
+   ```
+2. Run Qwen Code and send prompts.
+3. View logs and metrics in the specified file (e.g., `.qwen/telemetry.log`).
+
+### Collector-Based Export (Advanced)
+
+1. Run the automation script:
+   ```bash
+   npm run telemetry -- --target=local
+   ```
+   This will:
+   - Download and start Jaeger and OTEL collector
+   - Configure your workspace for local telemetry
+   - Provide a Jaeger UI at http://localhost:16686
+   - Save logs/metrics to `~/.qwen/tmp/<projectHash>/otel/collector.log`
+   - Stop collector on exit (e.g. `Ctrl+C`)
+2. Run Qwen Code and send prompts.
+3. View traces at http://localhost:16686 and logs/metrics in the collector log
+   file.
+
+## Logs and Metrics
+
+The following section describes the structure of logs and metrics generated for
+Qwen Code.
+
+- A `sessionId` is included as a common attribute on all logs and metrics.
+
+### Logs
+
+Logs are timestamped records of specific events. The following events are logged for Qwen Code:
+
+- `qwen-code.config`: This event occurs once at startup with the CLI's configuration.
+  - **Attributes**:
+    - `model` (string)
+    - `embedding_model` (string)
+    - `sandbox_enabled` (boolean)
+    - `core_tools_enabled` (string)
+    - `approval_mode` (string)
+    - `api_key_enabled` (boolean)
+    - `vertex_ai_enabled` (boolean)
+    - `code_assist_enabled` (boolean)
+    - `log_prompts_enabled` (boolean)
+    - `file_filtering_respect_git_ignore` (boolean)
+    - `debug_mode` (boolean)
+    - `mcp_servers` (string)
+    - `output_format` (string: "text" or "json")
+
+- `qwen-code.user_prompt`: This event occurs when a user submits a prompt.
+  - **Attributes**:
+    - `prompt_length` (int)
+    - `prompt_id` (string)
+    - `prompt` (string, this attribute is excluded if `log_prompts_enabled` is
+      configured to be `false`)
+    - `auth_type` (string)
+
+- `qwen-code.tool_call`: This event occurs for each function call.
+  - **Attributes**:
+    - `function_name`
+    - `function_args`
+    - `duration_ms`
+    - `success` (boolean)
+    - `decision` (string: "accept", "reject", "auto_accept", or "modify", if
+      applicable)
+    - `error` (if applicable)
+    - `error_type` (if applicable)
+    - `content_length` (int, if applicable)
+    - `metadata` (if applicable, dictionary of string -> any)
+
+- `qwen-code.file_operation`: This event occurs for each file operation.
+  - **Attributes**:
+    - `tool_name` (string)
+    - `operation` (string: "create", "read", "update")
+    - `lines` (int, if applicable)
+    - `mimetype` (string, if applicable)
+    - `extension` (string, if applicable)
+    - `programming_language` (string, if applicable)
+    - `diff_stat` (json string, if applicable): A JSON string with the following members:
+      - `ai_added_lines` (int)
+      - `ai_removed_lines` (int)
+      - `user_added_lines` (int)
+      - `user_removed_lines` (int)
+
+- `qwen-code.api_request`: This event occurs when making a request to Qwen API.
+  - **Attributes**:
+    - `model`
+    - `request_text` (if applicable)
+
+- `qwen-code.api_error`: This event occurs if the API request fails.
+  - **Attributes**:
+    - `model`
+    - `error`
+    - `error_type`
+    - `status_code`
+    - `duration_ms`
+    - `auth_type`
+
+- `qwen-code.api_response`: This event occurs upon receiving a response from Qwen API.
+  - **Attributes**:
+    - `model`
+    - `status_code`
+    - `duration_ms`
+    - `error` (optional)
+    - `input_token_count`
+    - `output_token_count`
+    - `cached_content_token_count`
+    - `thoughts_token_count`
+    - `tool_token_count`
+    - `response_text` (if applicable)
+    - `auth_type`
+
+- `qwen-code.tool_output_truncated`: This event occurs when the output of a tool call is too large and gets truncated.
+  - **Attributes**:
+    - `tool_name` (string)
+    - `original_content_length` (int)
+    - `truncated_content_length` (int)
+    - `threshold` (int)
+    - `lines` (int)
+    - `prompt_id` (string)
+
+- `qwen-code.malformed_json_response`: This event occurs when a `generateJson` response from Qwen API cannot be parsed as a json.
+  - **Attributes**:
+    - `model`
+
+- `qwen-code.flash_fallback`: This event occurs when Qwen Code switches to flash as fallback.
+  - **Attributes**:
+    - `auth_type`
+
+- `qwen-code.slash_command`: This event occurs when a user executes a slash command.
+  - **Attributes**:
+    - `command` (string)
+    - `subcommand` (string, if applicable)
+
+- `qwen-code.extension_enable`: This event occurs when an extension is enabled
+- `qwen-code.extension_install`: This event occurs when an extension is installed
+  - **Attributes**:
+    - `extension_name` (string)
+    - `extension_version` (string)
+    - `extension_source` (string)
+    - `status` (string)
+- `qwen-code.extension_uninstall`: This event occurs when an extension is uninstalled
+
+### Metrics
+
+Metrics are numerical measurements of behavior over time. The following metrics are collected for Qwen Code (metric names remain `qwen-code.*` for compatibility):
+
+- `qwen-code.session.count` (Counter, Int): Incremented once per CLI startup.
+
+- `qwen-code.tool.call.count` (Counter, Int): Counts tool calls.
+  - **Attributes**:
+    - `function_name`
+    - `success` (boolean)
+    - `decision` (string: "accept", "reject", or "modify", if applicable)
+    - `tool_type` (string: "mcp", or "native", if applicable)
+
+- `qwen-code.tool.call.latency` (Histogram, ms): Measures tool call latency.
+  - **Attributes**:
+    - `function_name`
+    - `decision` (string: "accept", "reject", or "modify", if applicable)
+
+- `qwen-code.api.request.count` (Counter, Int): Counts all API requests.
+  - **Attributes**:
+    - `model`
+    - `status_code`
+    - `error_type` (if applicable)
+
+- `qwen-code.api.request.latency` (Histogram, ms): Measures API request latency.
+  - **Attributes**:
+    - `model`
+
+- `qwen-code.token.usage` (Counter, Int): Counts the number of tokens used.
+  - **Attributes**:
+    - `model`
+    - `type` (string: "input", "output", "thought", "cache", or "tool")
+
+- `qwen-code.file.operation.count` (Counter, Int): Counts file operations.
+  - **Attributes**:
+    - `operation` (string: "create", "read", "update"): The type of file operation.
+    - `lines` (Int, if applicable): Number of lines in the file.
+    - `mimetype` (string, if applicable): Mimetype of the file.
+    - `extension` (string, if applicable): File extension of the file.
+    - `model_added_lines` (Int, if applicable): Number of lines added/changed by the model.
+    - `model_removed_lines` (Int, if applicable): Number of lines removed/changed by the model.
+    - `user_added_lines` (Int, if applicable): Number of lines added/changed by user in AI proposed changes.
+    - `user_removed_lines` (Int, if applicable): Number of lines removed/changed by user in AI proposed changes.
+    - `programming_language` (string, if applicable): The programming language of the file.
+
+- `qwen-code.chat_compression` (Counter, Int): Counts chat compression operations
+  - **Attributes**:
+    - `tokens_before`: (Int): Number of tokens in context prior to compression
+    - `tokens_after`: (Int): Number of tokens in context after compression

docs/extension.md

@@ -1,100 +0,0 @@
-# Qwen Code Extensions
-
-Qwen Code supports extensions that can be used to configure and extend its functionality.
-
-## How it works
-
-On startup, Qwen Code looks for extensions in two locations:
-
-1.  `<workspace>/.qwen/extensions`
-2.  `<home>/.qwen/extensions`
-
-Qwen Code loads all extensions from both locations. If an extension with the same name exists in both locations, the extension in the workspace directory takes precedence.
-
-Within each location, individual extensions exist as a directory that contains a `qwen-extension.json` file. For example:
-
-`<workspace>/.qwen/extensions/my-extension/qwen-extension.json`
-
-### `qwen-extension.json`
-
-The `qwen-extension.json` file contains the configuration for the extension. The file has the following structure:
-
-```json
-{
-  "name": "my-extension",
-  "version": "1.0.0",
-  "mcpServers": {
-    "my-server": {
-      "command": "node my-server.js"
-    }
-  },
-  "contextFileName": "QWEN.md",
-  "excludeTools": ["run_shell_command"]
-}
-```
-
-- `name`: The name of the extension. This is used to uniquely identify the extension and for conflict resolution when extension commands have the same name as user or project commands.
-- `version`: The version of the extension.
-- `mcpServers`: A map of MCP servers to configure. The key is the name of the server, and the value is the server configuration. These servers will be loaded on startup just like MCP servers configured in a [`settings.json` file](./cli/configuration.md). If both an extension and a `settings.json` file configure an MCP server with the same name, the server defined in the `settings.json` file takes precedence.
-- `contextFileName`: The name of the file that contains the context for the extension. This will be used to load the context from the workspace. If this property is not used but a `QWEN.md` file is present in your extension directory, then that file will be loaded.
-- `excludeTools`: An array of tool names to exclude from the model. You can also specify command-specific restrictions for tools that support it, like the `run_shell_command` tool. For example, `"excludeTools": ["run_shell_command(rm -rf)"]` will block the `rm -rf` command.
-
-When Qwen Code starts, it loads all the extensions and merges their configurations. If there are any conflicts, the workspace configuration takes precedence.
-
-## Extension Commands
-
-Extensions can provide [custom commands](./cli/commands.md#custom-commands) by placing TOML files in a `commands/` subdirectory within the extension directory. These commands follow the same format as user and project custom commands and use standard naming conventions.
-
-### Example
-
-An extension named `gcp` with the following structure:
-
-```
-.qwen/extensions/gcp/
-├── qwen-extension.json
-└── commands/
-    ├── deploy.toml
-    └── gcs/
-        └── sync.toml
-```
-
-Would provide these commands:
-
-- `/deploy` - Shows as `[gcp] Custom command from deploy.toml` in help
-- `/gcs:sync` - Shows as `[gcp] Custom command from sync.toml` in help
-
-### Conflict Resolution
-
-Extension commands have the lowest precedence. When a conflict occurs with user or project commands:
-
-1. **No conflict**: Extension command uses its natural name (e.g., `/deploy`)
-2. **With conflict**: Extension command is renamed with the extension prefix (e.g., `/gcp.deploy`)
-
-For example, if both a user and the `gcp` extension define a `deploy` command:
-
-- `/deploy` - Executes the user's deploy command
-- `/gcp.deploy` - Executes the extension's deploy command (marked with `[gcp]` tag)
-
-## Installing Extensions
-
-You can install extensions using the `install` command. This command allows you to install extensions from a Git repository or a local path.
-
-### Usage
-
-`qwen extensions install <source> | [options]`
-
-### Options
-
-- `source <url> positional argument`: The URL of a Git repository to install the extension from. The repository must contain a `qwen-extension.json` file in its root.
-- `--path <path>`: The path to a local directory to install as an extension. The directory must contain a `qwen-extension.json` file.
-
-# Variables
-
-Qwen Code extensions allow variable substitution in `qwen-extension.json`. This can be useful if e.g., you need the current directory to run an MCP server using `"cwd": "${extensionPath}${/}run.ts"`.
-
-**Supported variables:**
-
-| variable                   | description                                                                                                                                                   |
-| -------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `${extensionPath}`         | The fully-qualified path of the extension in the user's filesystem e.g., '/Users/username/.qwen/extensions/example-extension'. This will not unwrap symlinks. |
-| `${/} or ${pathSeparator}` | The path separator (differs per OS).                                                                                                                          |

docs/extensions/extension-releasing.md

@@ -0,0 +1,121 @@
+# Extension Releasing
+
+There are two primary ways of releasing extensions to users:
+
+- [Git repository](#releasing-through-a-git-repository)
+- [Github Releases](#releasing-through-github-releases)
+
+Git repository releases tend to be the simplest and most flexible approach, while GitHub releases can be more efficient on initial install as they are shipped as single archives instead of requiring a git clone which downloads each file individually. Github releases may also contain platform specific archives if you need to ship platform specific binary files.
+
+## Releasing through a git repository
+
+This is the most flexible and simple option. All you need to do us create a publicly accessible git repo (such as a public github repository) and then users can install your extension using `qwen extensions install <your-repo-uri>`, or for a GitHub repository they can use the simplified `qwen extensions install <org>/<repo>` format. They can optionally depend on a specific ref (branch/tag/commit) using the `--ref=<some-ref>` argument, this defaults to the default branch.
+
+Whenever commits are pushed to the ref that a user depends on, they will be prompted to update the extension. Note that this also allows for easy rollbacks, the HEAD commit is always treated as the latest version regardless of the actual version in the `qwen-extension.json` file.
+
+### Managing release channels using a git repository
+
+Users can depend on any ref from your git repo, such as a branch or tag, which allows you to manage multiple release channels.
+
+For instance, you can maintain a `stable` branch, which users can install this way `qwen extensions install <your-repo-uri> --ref=stable`. Or, you could make this the default by treating your default branch as your stable release branch, and doing development in a different branch (for instance called `dev`). You can maintain as many branches or tags as you like, providing maximum flexibility for you and your users.
+
+Note that these `ref` arguments can be tags, branches, or even specific commits, which allows users to depend on a specific version of your extension. It is up to you how you want to manage your tags and branches.
+
+### Example releasing flow using a git repo
+
+While there are many options for how you want to manage releases using a git flow, we recommend treating your default branch as your "stable" release branch. This means that the default behavior for `qwen extensions install <your-repo-uri>` is to be on the stable release branch.
+
+Lets say you want to maintain three standard release channels, `stable`, `preview`, and `dev`. You would do all your standard development in the `dev` branch. When you are ready to do a preview release, you merge that branch into your `preview` branch. When you are ready to promote your preview branch to stable, you merge `preview` into your stable branch (which might be your default branch or a different branch).
+
+You can also cherry pick changes from one branch into another using `git cherry-pick`, but do note that this will result in your branches having a slightly divergent history from each other, unless you force push changes to your branches on each release to restore the history to a clean slate (which may not be possible for the default branch depending on your repository settings). If you plan on doing cherry picks, you may want to avoid having your default branch be the stable branch to avoid force-pushing to the default branch which should generally be avoided.
+
+## Releasing through Github releases
+
+Qwen Code extensions can be distributed through [GitHub Releases](https://docs.github.com/en/repositories/releasing-projects-on-github/about-releases). This provides a faster and more reliable initial installation experience for users, as it avoids the need to clone the repository.
+
+Each release includes at least one archive file, which contains the full contents of the repo at the tag that it was linked to. Releases may also include [pre-built archives](#custom-pre-built-archives) if your extension requires some build step or has platform specific binaries attached to it.
+
+When checking for updates, qwen code will just look for the latest release on github (you must mark it as such when creating the release), unless the user installed a specific release by passing `--ref=<some-release-tag>`. We do not at this time support opting in to pre-release releases or semver.
+
+### Custom pre-built archives
+
+Custom archives must be attached directly to the github release as assets and must be fully self-contained. This means they should include the entire extension, see [archive structure](#archive-structure).
+
+If your extension is platform-independent, you can provide a single generic asset. In this case, there should be only one asset attached to the release.
+
+Custom archives may also be used if you want to develop your extension within a larger repository, you can build an archive which has a different layout from the repo itself (for instance it might just be an archive of a subdirectory containing the extension).
+
+#### Platform specific archives
+
+To ensure Qwen Code can automatically find the correct release asset for each platform, you must follow this naming convention. The CLI will search for assets in the following order:
+
+1.  **Platform and Architecture-Specific:** `{platform}.{arch}.{name}.{extension}`
+2.  **Platform-Specific:** `{platform}.{name}.{extension}`
+3.  **Generic:** If only one asset is provided, it will be used as a generic fallback.
+
+- `{name}`: The name of your extension.
+- `{platform}`: The operating system. Supported values are:
+  - `darwin` (macOS)
+  - `linux`
+  - `win32` (Windows)
+- `{arch}`: The architecture. Supported values are:
+  - `x64`
+  - `arm64`
+- `{extension}`: The file extension of the archive (e.g., `.tar.gz` or `.zip`).
+
+**Examples:**
+
+- `darwin.arm64.my-tool.tar.gz` (specific to Apple Silicon Macs)
+- `darwin.my-tool.tar.gz` (for all Macs)
+- `linux.x64.my-tool.tar.gz`
+- `win32.my-tool.zip`
+
+#### Archive structure
+
+Archives must be fully contained extensions and have all the standard requirements - specifically the `qwen-extension.json` file must be at the root of the archive.
+
+The rest of the layout should look exactly the same as a typical extension, see [extensions.md](extension.md).
+
+#### Example GitHub Actions workflow
+
+Here is an example of a GitHub Actions workflow that builds and releases a Qwen Code extension for multiple platforms:
+
+```yaml
+name: Release Extension
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '20'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Build extension
+        run: npm run build
+
+      - name: Create release assets
+        run: |
+          npm run package -- --platform=darwin --arch=arm64
+          npm run package -- --platform=linux --arch=x64
+          npm run package -- --platform=win32 --arch=x64
+
+      - name: Create GitHub Release
+        uses: softprops/action-gh-release@v1
+        with:
+          files: |
+            release/darwin.arm64.my-tool.tar.gz
+            release/linux.arm64.my-tool.tar.gz
+            release/win32.arm64.my-tool.zip
+```

docs/extensions/extension.md

@@ -0,0 +1,158 @@
+# Qwen Code Extensions
+
+Qwen Code extensions package prompts, MCP servers, and custom commands into a familiar and user-friendly format. With extensions, you can expand the capabilities of Qwen Code and share those capabilities with others. They are designed to be easily installable and shareable.
+
+## Extension management
+
+We offer a suite of extension management tools using `qwen extensions` commands.
+
+Note that these commands are not supported from within the CLI, although you can list installed extensions using the `/extensions list` subcommand.
+
+Note that all of these commands will only be reflected in active CLI sessions on restart.
+
+### Installing an extension
+
+You can install an extension using `qwen extensions install` with either a GitHub URL or a local path`.
+
+Note that we create a copy of the installed extension, so you will need to run `qwen extensions update` to pull in changes from both locally-defined extensions and those on GitHub.
+
+```
+qwen extensions install https://github.com/qwen-cli-extensions/security
+```
+
+This will install the Qwen Code Security extension, which offers support for a `/security:analyze` command.
+
+### Uninstalling an extension
+
+To uninstall, run `qwen extensions uninstall extension-name`, so, in the case of the install example:
+
+```
+qwen extensions uninstall qwen-cli-security
+```
+
+### Disabling an extension
+
+Extensions are, by default, enabled across all workspaces. You can disable an extension entirely or for specific workspace.
+
+For example, `qwen extensions disable extension-name` will disable the extension at the user level, so it will be disabled everywhere. `qwen extensions disable extension-name --scope=workspace` will only disable the extension in the current workspace.
+
+### Enabling an extension
+
+You can enable extensions using `qwen extensions enable extension-name`. You can also enable an extension for a specific workspace using `qwen extensions enable extension-name --scope=workspace` from within that workspace.
+
+This is useful if you have an extension disabled at the top-level and only enabled in specific places.
+
+### Updating an extension
+
+For extensions installed from a local path or a git repository, you can explicitly update to the latest version (as reflected in the `qwen-extension.json` `version` field) with `qwen extensions update extension-name`.
+
+You can update all extensions with:
+
+```
+qwen extensions update --all
+```
+
+## Extension creation
+
+We offer commands to make extension development easier.
+
+### Create a boilerplate extension
+
+We offer several example extensions `context`, `custom-commands`, `exclude-tools` and `mcp-server`. You can view these examples [here](https://github.com/QwenLM/qwen-code/tree/main/packages/cli/src/commands/extensions/examples).
+
+To copy one of these examples into a development directory using the type of your choosing, run:
+
+```
+qwen extensions new path/to/directory custom-commands
+```
+
+### Link a local extension
+
+The `qwen extensions link` command will create a symbolic link from the extension installation directory to the development path.
+
+This is useful so you don't have to run `qwen extensions update` every time you make changes you'd like to test.
+
+```
+qwen extensions link path/to/directory
+```
+
+## How it works
+
+On startup, Qwen Code looks for extensions in `<home>/.qwen/extensions`
+
+Extensions exist as a directory that contains a `qwen-extension.json` file. For example:
+
+`<home>/.qwen/extensions/my-extension/qwen-extension.json`
+
+### `qwen-extension.json`
+
+The `qwen-extension.json` file contains the configuration for the extension. The file has the following structure:
+
+```json
+{
+  "name": "my-extension",
+  "version": "1.0.0",
+  "mcpServers": {
+    "my-server": {
+      "command": "node my-server.js"
+    }
+  },
+  "contextFileName": "QWEN.md",
+  "excludeTools": ["run_shell_command"]
+}
+```
+
+- `name`: The name of the extension. This is used to uniquely identify the extension and for conflict resolution when extension commands have the same name as user or project commands. The name should be lowercase or numbers and use dashes instead of underscores or spaces. This is how users will refer to your extension in the CLI. Note that we expect this name to match the extension directory name.
+- `version`: The version of the extension.
+- `mcpServers`: A map of MCP servers to configure. The key is the name of the server, and the value is the server configuration. These servers will be loaded on startup just like MCP servers configured in a [`settings.json` file](./cli/configuration.md). If both an extension and a `settings.json` file configure an MCP server with the same name, the server defined in the `settings.json` file takes precedence.
+  - Note that all MCP server configuration options are supported except for `trust`.
+- `contextFileName`: The name of the file that contains the context for the extension. This will be used to load the context from the extension directory. If this property is not used but a `QWEN.md` file is present in your extension directory, then that file will be loaded.
+- `excludeTools`: An array of tool names to exclude from the model. You can also specify command-specific restrictions for tools that support it, like the `run_shell_command` tool. For example, `"excludeTools": ["run_shell_command(rm -rf)"]` will block the `rm -rf` command. Note that this differs from the MCP server `excludeTools` functionality, which can be listed in the MCP server config.
+
+When Qwen Code starts, it loads all the extensions and merges their configurations. If there are any conflicts, the workspace configuration takes precedence.
+
+### Custom commands
+
+Extensions can provide [custom commands](./cli/commands.md#custom-commands) by placing TOML files in a `commands/` subdirectory within the extension directory. These commands follow the same format as user and project custom commands and use standard naming conventions.
+
+**Example**
+
+An extension named `gcp` with the following structure:
+
+```
+.qwen/extensions/gcp/
+├── qwen-extension.json
+└── commands/
+    ├── deploy.toml
+    └── gcs/
+        └── sync.toml
+```
+
+Would provide these commands:
+
+- `/deploy` - Shows as `[gcp] Custom command from deploy.toml` in help
+- `/gcs:sync` - Shows as `[gcp] Custom command from sync.toml` in help
+
+### Conflict resolution
+
+Extension commands have the lowest precedence. When a conflict occurs with user or project commands:
+
+1. **No conflict**: Extension command uses its natural name (e.g., `/deploy`)
+2. **With conflict**: Extension command is renamed with the extension prefix (e.g., `/gcp.deploy`)
+
+For example, if both a user and the `gcp` extension define a `deploy` command:
+
+- `/deploy` - Executes the user's deploy command
+- `/gcp.deploy` - Executes the extension's deploy command (marked with `[gcp]` tag)
+
+## Variables
+
+Qwen Code extensions allow variable substitution in `qwen-extension.json`. This can be useful if e.g., you need the current directory to run an MCP server using `"cwd": "${extensionPath}${/}run.ts"`.
+
+**Supported variables:**
+
+| variable                   | description                                                                                                                                                   |
+| -------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `${extensionPath}`         | The fully-qualified path of the extension in the user's filesystem e.g., '/Users/username/.qwen/extensions/example-extension'. This will not unwrap symlinks. |
+| `${workspacePath}`         | The fully-qualified path of the current workspace.                                                                                                            |
+| `${/} or ${pathSeparator}` | The path separator (differs per OS).                                                                                                                          |

docs/extensions/getting-started-extensions.md

@@ -0,0 +1,213 @@
+# Getting Started with Qwen Code Extensions
+
+This guide will walk you through creating your first Qwen Code extension. You'll learn how to set up a new extension, add a custom tool via an MCP server, create a custom command, and provide context to the model with a `QWEN.md` file.
+
+## Prerequisites
+
+Before you start, make sure you have the Qwen Code installed and a basic understanding of Node.js and TypeScript.
+
+## Step 1: Create a New Extension
+
+The easiest way to start is by using one of the built-in templates. We'll use the `mcp-server` example as our foundation.
+
+Run the following command to create a new directory called `my-first-extension` with the template files:
+
+```bash
+qwen extensions new my-first-extension mcp-server
+```
+
+This will create a new directory with the following structure:
+
+```
+my-first-extension/
+├── example.ts
+├── qwen-extension.json
+├── package.json
+└── tsconfig.json
+```
+
+## Step 2: Understand the Extension Files
+
+Let's look at the key files in your new extension.
+
+### `qwen-extension.json`
+
+This is the manifest file for your extension. It tells Qwen Code how to load and use your extension.
+
+```json
+{
+  "name": "my-first-extension",
+  "version": "1.0.0",
+  "mcpServers": {
+    "nodeServer": {
+      "command": "node",
+      "args": ["${extensionPath}${/}dist${/}example.js"],
+      "cwd": "${extensionPath}"
+    }
+  }
+}
+```
+
+- `name`: The unique name for your extension.
+- `version`: The version of your extension.
+- `mcpServers`: This section defines one or more Model Context Protocol (MCP) servers. MCP servers are how you can add new tools for the model to use.
+  - `command`, `args`, `cwd`: These fields specify how to start your server. Notice the use of the `${extensionPath}` variable, which Qwen Code replaces with the absolute path to your extension's installation directory. This allows your extension to work regardless of where it's installed.
+
+### `example.ts`
+
+This file contains the source code for your MCP server. It's a simple Node.js server that uses the `@modelcontextprotocol/sdk`.
+
+```typescript
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+import { z } from 'zod';
+
+const server = new McpServer({
+  name: 'prompt-server',
+  version: '1.0.0',
+});
+
+// Registers a new tool named 'fetch_posts'
+server.registerTool(
+  'fetch_posts',
+  {
+    description: 'Fetches a list of posts from a public API.',
+    inputSchema: z.object({}).shape,
+  },
+  async () => {
+    const apiResponse = await fetch(
+      'https://jsonplaceholder.typicode.com/posts',
+    );
+    const posts = await apiResponse.json();
+    const response = { posts: posts.slice(0, 5) };
+    return {
+      content: [
+        {
+          type: 'text',
+          text: JSON.stringify(response),
+        },
+      ],
+    };
+  },
+);
+
+// ... (prompt registration omitted for brevity)
+
+const transport = new StdioServerTransport();
+await server.connect(transport);
+```
+
+This server defines a single tool called `fetch_posts` that fetches data from a public API.
+
+### `package.json` and `tsconfig.json`
+
+These are standard configuration files for a TypeScript project. The `package.json` file defines dependencies and a `build` script, and `tsconfig.json` configures the TypeScript compiler.
+
+## Step 3: Build and Link Your Extension
+
+Before you can use the extension, you need to compile the TypeScript code and link the extension to your Qwen Code installation for local development.
+
+1.  **Install dependencies:**
+
+    ```bash
+    cd my-first-extension
+    npm install
+    ```
+
+2.  **Build the server:**
+
+    ```bash
+    npm run build
+    ```
+
+    This will compile `example.ts` into `dist/example.js`, which is the file referenced in your `qwen-extension.json`.
+
+3.  **Link the extension:**
+
+    The `link` command creates a symbolic link from the Qwen Code extensions directory to your development directory. This means any changes you make will be reflected immediately without needing to reinstall.
+
+    ```bash
+    qwen extensions link .
+    ```
+
+Now, restart your Qwen Code session. The new `fetch_posts` tool will be available. You can test it by asking: "fetch posts".
+
+## Step 4: Add a Custom Command
+
+Custom commands provide a way to create shortcuts for complex prompts. Let's add a command that searches for a pattern in your code.
+
+1.  Create a `commands` directory and a subdirectory for your command group:
+
+    ```bash
+    mkdir -p commands/fs
+    ```
+
+2.  Create a file named `commands/fs/grep-code.toml`:
+
+    ```toml
+    prompt = """
+    Please summarize the findings for the pattern `{{args}}`.
+
+    Search Results:
+    !{grep -r {{args}} .}
+    """
+    ```
+
+    This command, `/fs:grep-code`, will take an argument, run the `grep` shell command with it, and pipe the results into a prompt for summarization.
+
+After saving the file, restart the Qwen Code. You can now run `/fs:grep-code "some pattern"` to use your new command.
+
+## Step 5: Add a Custom `QWEN.md`
+
+You can provide persistent context to the model by adding a `QWEN.md` file to your extension. This is useful for giving the model instructions on how to behave or information about your extension's tools. Note that you may not always need this for extensions built to expose commands and prompts.
+
+1.  Create a file named `QWEN.md` in the root of your extension directory:
+
+    ```markdown
+    # My First Extension Instructions
+
+    You are an expert developer assistant. When the user asks you to fetch posts, use the `fetch_posts` tool. Be concise in your responses.
+    ```
+
+2.  Update your `qwen-extension.json` to tell the CLI to load this file:
+
+    ```json
+    {
+      "name": "my-first-extension",
+      "version": "1.0.0",
+      "contextFileName": "QWEN.md",
+      "mcpServers": {
+        "nodeServer": {
+          "command": "node",
+          "args": ["${extensionPath}${/}dist${/}example.js"],
+          "cwd": "${extensionPath}"
+        }
+      }
+    }
+    ```
+
+Restart the CLI again. The model will now have the context from your `QWEN.md` file in every session where the extension is active.
+
+## Step 6: Releasing Your Extension
+
+Once you are happy with your extension, you can share it with others. The two primary ways of releasing extensions are via a Git repository or through GitHub Releases. Using a public Git repository is the simplest method.
+
+For detailed instructions on both methods, please refer to the [Extension Releasing Guide](extension-releasing.md).
+
+## Conclusion
+
+You've successfully created a Qwen Code extension! You learned how to:
+
+- Bootstrap a new extension from a template.
+- Add custom tools with an MCP server.
+- Create convenient custom commands.
+- Provide persistent context to the model.
+- Link your extension for local development.
+
+From here, you can explore more advanced features and build powerful new capabilities into the Qwen Code.

docs/features/_meta.ts

@@ -0,0 +1,8 @@
+export default {
+  subagents: 'Subagents',
+  checkpointing: 'Checkpointing',
+  sandbox: 'Sandbox Support',
+  headless: 'Headless Mode',
+  'welcome-back': 'Welcome Back',
+  'token-caching': 'Token Caching',
+};

docs/features/checkpointing.md

@@ -38,8 +38,10 @@ Add the following key to your `settings.json`:
 
 ```json
 {
-  "checkpointing": {
-    "enabled": true
+  "general": {
+    "checkpointing": {
+      "enabled": true
+    }
   }
 }
 ```

docs/features/headless.md

@@ -0,0 +1,308 @@
+# Headless Mode
+
+Headless mode allows you to run Qwen Code programmatically from command line
+scripts and automation tools without any interactive UI. This is ideal for
+scripting, automation, CI/CD pipelines, and building AI-powered tools.
+
+- [Headless Mode](#headless-mode)
+  - [Overview](#overview)
+  - [Basic Usage](#basic-usage)
+    - [Direct Prompts](#direct-prompts)
+    - [Stdin Input](#stdin-input)
+    - [Combining with File Input](#combining-with-file-input)
+  - [Output Formats](#output-formats)
+    - [Text Output (Default)](#text-output-default)
+    - [JSON Output](#json-output)
+      - [Response Schema](#response-schema)
+      - [Example Usage](#example-usage)
+    - [File Redirection](#file-redirection)
+  - [Configuration Options](#configuration-options)
+  - [Examples](#examples)
+    - [Code review](#code-review)
+    - [Generate commit messages](#generate-commit-messages)
+    - [API documentation](#api-documentation)
+    - [Batch code analysis](#batch-code-analysis)
+    - [Code review](#code-review-1)
+    - [Log analysis](#log-analysis)
+    - [Release notes generation](#release-notes-generation)
+    - [Model and tool usage tracking](#model-and-tool-usage-tracking)
+  - [Resources](#resources)
+
+## Overview
+
+The headless mode provides a headless interface to Qwen Code that:
+
+- Accepts prompts via command line arguments or stdin
+- Returns structured output (text or JSON)
+- Supports file redirection and piping
+- Enables automation and scripting workflows
+- Provides consistent exit codes for error handling
+
+## Basic Usage
+
+### Direct Prompts
+
+Use the `--prompt` (or `-p`) flag to run in headless mode:
+
+```bash
+qwen --prompt "What is machine learning?"
+```
+
+### Stdin Input
+
+Pipe input to Qwen Code from your terminal:
+
+```bash
+echo "Explain this code" | qwen
+```
+
+### Combining with File Input
+
+Read from files and process with Qwen Code:
+
+```bash
+cat README.md | qwen --prompt "Summarize this documentation"
+```
+
+## Output Formats
+
+### Text Output (Default)
+
+Standard human-readable output:
+
+```bash
+qwen -p "What is the capital of France?"
+```
+
+Response format:
+
+```
+The capital of France is Paris.
+```
+
+### JSON Output
+
+Returns structured data including response, statistics, and metadata. This
+format is ideal for programmatic processing and automation scripts.
+
+#### Response Schema
+
+The JSON output follows this high-level structure:
+
+```json
+{
+  "response": "string", // The main AI-generated content answering your prompt
+  "stats": {
+    // Usage metrics and performance data
+    "models": {
+      // Per-model API and token usage statistics
+      "[model-name]": {
+        "api": {
+          /* request counts, errors, latency */
+        },
+        "tokens": {
+          /* prompt, response, cached, total counts */
+        }
+      }
+    },
+    "tools": {
+      // Tool execution statistics
+      "totalCalls": "number",
+      "totalSuccess": "number",
+      "totalFail": "number",
+      "totalDurationMs": "number",
+      "totalDecisions": {
+        /* accept, reject, modify, auto_accept counts */
+      },
+      "byName": {
+        /* per-tool detailed stats */
+      }
+    },
+    "files": {
+      // File modification statistics
+      "totalLinesAdded": "number",
+      "totalLinesRemoved": "number"
+    }
+  },
+  "error": {
+    // Present only when an error occurred
+    "type": "string", // Error type (e.g., "ApiError", "AuthError")
+    "message": "string", // Human-readable error description
+    "code": "number" // Optional error code
+  }
+}
+```
+
+#### Example Usage
+
+```bash
+qwen -p "What is the capital of France?" --output-format json
+```
+
+Response:
+
+```json
+{
+  "response": "The capital of France is Paris.",
+  "stats": {
+    "models": {
+      "qwen3-coder-plus": {
+        "api": {
+          "totalRequests": 2,
+          "totalErrors": 0,
+          "totalLatencyMs": 5053
+        },
+        "tokens": {
+          "prompt": 24939,
+          "candidates": 20,
+          "total": 25113,
+          "cached": 21263,
+          "thoughts": 154,
+          "tool": 0
+        }
+      }
+    },
+    "tools": {
+      "totalCalls": 1,
+      "totalSuccess": 1,
+      "totalFail": 0,
+      "totalDurationMs": 1881,
+      "totalDecisions": {
+        "accept": 0,
+        "reject": 0,
+        "modify": 0,
+        "auto_accept": 1
+      },
+      "byName": {
+        "google_web_search": {
+          "count": 1,
+          "success": 1,
+          "fail": 0,
+          "durationMs": 1881,
+          "decisions": {
+            "accept": 0,
+            "reject": 0,
+            "modify": 0,
+            "auto_accept": 1
+          }
+        }
+      }
+    },
+    "files": {
+      "totalLinesAdded": 0,
+      "totalLinesRemoved": 0
+    }
+  }
+}
+```
+
+### File Redirection
+
+Save output to files or pipe to other commands:
+
+```bash
+# Save to file
+qwen -p "Explain Docker" > docker-explanation.txt
+qwen -p "Explain Docker" --output-format json > docker-explanation.json
+
+# Append to file
+qwen -p "Add more details" >> docker-explanation.txt
+
+# Pipe to other tools
+qwen -p "What is Kubernetes?" --output-format json | jq '.response'
+qwen -p "Explain microservices" | wc -w
+qwen -p "List programming languages" | grep -i "python"
+```
+
+## Configuration Options
+
+Key command-line options for headless usage:
+
+| Option                  | Description                        | Example                                          |
+| ----------------------- | ---------------------------------- | ------------------------------------------------ |
+| `--prompt`, `-p`        | Run in headless mode               | `qwen -p "query"`                                |
+| `--output-format`       | Specify output format (text, json) | `qwen -p "query" --output-format json`           |
+| `--model`, `-m`         | Specify the Qwen model             | `qwen -p "query" -m qwen3-coder-plus`            |
+| `--debug`, `-d`         | Enable debug mode                  | `qwen -p "query" --debug`                        |
+| `--all-files`, `-a`     | Include all files in context       | `qwen -p "query" --all-files`                    |
+| `--include-directories` | Include additional directories     | `qwen -p "query" --include-directories src,docs` |
+| `--yolo`, `-y`          | Auto-approve all actions           | `qwen -p "query" --yolo`                         |
+| `--approval-mode`       | Set approval mode                  | `qwen -p "query" --approval-mode auto_edit`      |
+
+For complete details on all available configuration options, settings files, and environment variables, see the [Configuration Guide](./cli/configuration.md).
+
+## Examples
+
+#### Code review
+
+```bash
+cat src/auth.py | qwen -p "Review this authentication code for security issues" > security-review.txt
+```
+
+#### Generate commit messages
+
+```bash
+result=$(git diff --cached | qwen -p "Write a concise commit message for these changes" --output-format json)
+echo "$result" | jq -r '.response'
+```
+
+#### API documentation
+
+```bash
+result=$(cat api/routes.js | qwen -p "Generate OpenAPI spec for these routes" --output-format json)
+echo "$result" | jq -r '.response' > openapi.json
+```
+
+#### Batch code analysis
+
+```bash
+for file in src/*.py; do
+    echo "Analyzing $file..."
+    result=$(cat "$file" | qwen -p "Find potential bugs and suggest improvements" --output-format json)
+    echo "$result" | jq -r '.response' > "reports/$(basename "$file").analysis"
+    echo "Completed analysis for $(basename "$file")" >> reports/progress.log
+done
+```
+
+#### Code review
+
+```bash
+result=$(git diff origin/main...HEAD | qwen -p "Review these changes for bugs, security issues, and code quality" --output-format json)
+echo "$result" | jq -r '.response' > pr-review.json
+```
+
+#### Log analysis
+
+```bash
+grep "ERROR" /var/log/app.log | tail -20 | qwen -p "Analyze these errors and suggest root cause and fixes" > error-analysis.txt
+```
+
+#### Release notes generation
+
+```bash
+result=$(git log --oneline v1.0.0..HEAD | qwen -p "Generate release notes from these commits" --output-format json)
+response=$(echo "$result" | jq -r '.response')
+echo "$response"
+echo "$response" >> CHANGELOG.md
+```
+
+#### Model and tool usage tracking
+
+```bash
+result=$(qwen -p "Explain this database schema" --include-directories db --output-format json)
+total_tokens=$(echo "$result" | jq -r '.stats.models // {} | to_entries | map(.value.tokens.total) | add // 0')
+models_used=$(echo "$result" | jq -r '.stats.models // {} | keys | join(", ") | if . == "" then "none" else . end')
+tool_calls=$(echo "$result" | jq -r '.stats.tools.totalCalls // 0')
+tools_used=$(echo "$result" | jq -r '.stats.tools.byName // {} | keys | join(", ") | if . == "" then "none" else . end')
+echo "$(date): $total_tokens tokens, $tool_calls tool calls ($tools_used) used with models: $models_used" >> usage.log
+echo "$result" | jq -r '.response' > schema-docs.md
+echo "Recent usage trends:"
+tail -5 usage.log
+```
+
+## Resources
+
+- [CLI Configuration](./cli/configuration.md) - Complete configuration guide
+- [Authentication](./cli/authentication.md) - Setup authentication
+- [Commands](./cli/commands.md) - Interactive commands reference
+- [Tutorials](./cli/tutorials.md) - Step-by-step automation guides

docs/features/sandbox.md

@@ -55,7 +55,9 @@ qwen -p "run the test suite"
 
 # Configure in settings.json
 {
-  "sandbox": "docker"
+  "tools": {
+    "sandbox": "docker"
+  }
 }
 ```
 
@@ -65,7 +67,7 @@ qwen -p "run the test suite"
 
 1. **Command flag**: `-s` or `--sandbox`
 2. **Environment variable**: `GEMINI_SANDBOX=true|docker|podman|sandbox-exec`
-3. **Settings file**: `"sandbox": true` in `settings.json`
+3. **Settings file**: `"sandbox": true` in the `tools` object of your `settings.json` file (e.g., `{"tools": {"sandbox": true}}`).
 
 ### macOS Seatbelt profiles
 

docs/ide-integration/_meta.ts

@@ -0,0 +1,4 @@
+export default {
+  'ide-integration': 'Introduction',
+  'ide-companion-spec': 'IDE Companion Spec',
+};

docs/ide-integration/ide-companion-spec.md

@@ -0,0 +1,184 @@
+# Qwen Code Companion Plugin: Interface Specification
+
+> Last Updated: September 15, 2025
+
+This document defines the contract for building a companion plugin to enable Qwen Code's IDE mode. For VS Code, these features (native diffing, context awareness) are provided by the official extension ([marketplace](https://marketplace.visualstudio.com/items?itemName=qwenlm.qwen-code-vscode-ide-companion)). This specification is for contributors who wish to bring similar functionality to other editors like JetBrains IDEs, Sublime Text, etc.
+
+## I. The Communication Interface
+
+Qwen Code and the IDE plugin communicate through a local communication channel.
+
+### 1. Transport Layer: MCP over HTTP
+
+The plugin **MUST** run a local HTTP server that implements the **Model Context Protocol (MCP)**.
+
+- **Protocol:** The server must be a valid MCP server. We recommend using an existing MCP SDK for your language of choice if available.
+- **Endpoint:** The server should expose a single endpoint (e.g., `/mcp`) for all MCP communication.
+- **Port:** The server **MUST** listen on a dynamically assigned port (i.e., listen on port `0`).
+
+### 2. Discovery Mechanism: The Port File
+
+For Qwen Code to connect, it needs to discover which IDE instance it's running in and what port your server is using. The plugin **MUST** facilitate this by creating a "discovery file."
+
+- **How the CLI Finds the File:** The CLI determines the Process ID (PID) of the IDE it's running in by traversing the process tree. It then looks for a discovery file that contains this PID in its name.
+- **File Location:** The file must be created in a specific directory: `os.tmpdir()/qwen/ide/`. Your plugin must create this directory if it doesn't exist.
+- **File Naming Convention:** The filename is critical and **MUST** follow the pattern:
+  `qwen-code-ide-server-${PID}-${PORT}.json`
+  - `${PID}`: The process ID of the parent IDE process. Your plugin must determine this PID and include it in the filename.
+  - `${PORT}`: The port your MCP server is listening on.
+- **File Content & Workspace Validation:** The file **MUST** contain a JSON object with the following structure:
+
+  ```json
+  {
+    "port": 12345,
+    "workspacePath": "/path/to/project1:/path/to/project2",
+    "authToken": "a-very-secret-token",
+    "ideInfo": {
+      "name": "vscode",
+      "displayName": "VS Code"
+    }
+  }
+  ```
+  - `port` (number, required): The port of the MCP server.
+  - `workspacePath` (string, required): A list of all open workspace root paths, delimited by the OS-specific path separator (`:` for Linux/macOS, `;` for Windows). The CLI uses this path to ensure it's running in the same project folder that's open in the IDE. If the CLI's current working directory is not a sub-directory of `workspacePath`, the connection will be rejected. Your plugin **MUST** provide the correct, absolute path(s) to the root of the open workspace(s).
+  - `authToken` (string, required): A secret token for securing the connection. The CLI will include this token in an `Authorization: Bearer <token>` header on all requests.
+  - `ideInfo` (object, required): Information about the IDE.
+    - `name` (string, required): A short, lowercase identifier for the IDE (e.g., `vscode`, `jetbrains`).
+    - `displayName` (string, required): A user-friendly name for the IDE (e.g., `VS Code`, `JetBrains IDE`).
+
+- **Authentication:** To secure the connection, the plugin **MUST** generate a unique, secret token and include it in the discovery file. The CLI will then include this token in the `Authorization` header for all requests to the MCP server (e.g., `Authorization: Bearer a-very-secret-token`). Your server **MUST** validate this token on every request and reject any that are unauthorized.
+- **Tie-Breaking with Environment Variables (Recommended):** For the most reliable experience, your plugin **SHOULD** both create the discovery file and set the `QWEN_CODE_IDE_SERVER_PORT` environment variable in the integrated terminal. The file serves as the primary discovery mechanism, but the environment variable is crucial for tie-breaking. If a user has multiple IDE windows open for the same workspace, the CLI uses the `QWEN_CODE_IDE_SERVER_PORT` variable to identify and connect to the correct window's server.
+
+## II. The Context Interface
+
+To enable context awareness, the plugin **MAY** provide the CLI with real-time information about the user's activity in the IDE.
+
+### `ide/contextUpdate` Notification
+
+The plugin **MAY** send an `ide/contextUpdate` [notification](https://modelcontextprotocol.io/specification/2025-06-18/basic/index#notifications) to the CLI whenever the user's context changes.
+
+- **Triggering Events:** This notification should be sent (with a recommended debounce of 50ms) when:
+  - A file is opened, closed, or focused.
+  - The user's cursor position or text selection changes in the active file.
+- **Payload (`IdeContext`):** The notification parameters **MUST** be an `IdeContext` object:
+
+  ```typescript
+  interface IdeContext {
+    workspaceState?: {
+      openFiles?: File[];
+      isTrusted?: boolean;
+    };
+  }
+
+  interface File {
+    // Absolute path to the file
+    path: string;
+    // Last focused Unix timestamp (for ordering)
+    timestamp: number;
+    // True if this is the currently focused file
+    isActive?: boolean;
+    cursor?: {
+      // 1-based line number
+      line: number;
+      // 1-based character number
+      character: number;
+    };
+    // The text currently selected by the user
+    selectedText?: string;
+  }
+  ```
+
+  **Note:** The `openFiles` list should only include files that exist on disk. Virtual files (e.g., unsaved files without a path, editor settings pages) **MUST** be excluded.
+
+### How the CLI Uses This Context
+
+After receiving the `IdeContext` object, the CLI performs several normalization and truncation steps before sending the information to the model.
+
+- **File Ordering:** The CLI uses the `timestamp` field to determine the most recently used files. It sorts the `openFiles` list based on this value. Therefore, your plugin **MUST** provide an accurate Unix timestamp for when a file was last focused.
+- **Active File:** The CLI considers only the most recent file (after sorting) to be the "active" file. It will ignore the `isActive` flag on all other files and clear their `cursor` and `selectedText` fields. Your plugin should focus on setting `isActive: true` and providing cursor/selection details only for the currently focused file.
+- **Truncation:** To manage token limits, the CLI truncates both the file list (to 10 files) and the `selectedText` (to 16KB).
+
+While the CLI handles the final truncation, it is highly recommended that your plugin also limits the amount of context it sends.
+
+## III. The Diffing Interface
+
+To enable interactive code modifications, the plugin **MAY** expose a diffing interface. This allows the CLI to request that the IDE open a diff view, showing proposed changes to a file. The user can then review, edit, and ultimately accept or reject these changes directly within the IDE.
+
+### `openDiff` Tool
+
+The plugin **MUST** register an `openDiff` tool on its MCP server.
+
+- **Description:** This tool instructs the IDE to open a modifiable diff view for a specific file.
+- **Request (`OpenDiffRequest`):** The tool is invoked via a `tools/call` request. The `arguments` field within the request's `params` **MUST** be an `OpenDiffRequest` object.
+
+  ```typescript
+  interface OpenDiffRequest {
+    // The absolute path to the file to be diffed.
+    filePath: string;
+    // The proposed new content for the file.
+    newContent: string;
+  }
+  ```
+
+- **Response (`CallToolResult`):** The tool **MUST** immediately return a `CallToolResult` to acknowledge the request and report whether the diff view was successfully opened.
+  - On Success: If the diff view was opened successfully, the response **MUST** contain empty content (i.e., `content: []`).
+  - On Failure: If an error prevented the diff view from opening, the response **MUST** have `isError: true` and include a `TextContent` block in the `content` array describing the error.
+
+  The actual outcome of the diff (acceptance or rejection) is communicated asynchronously via notifications.
+
+### `closeDiff` Tool
+
+The plugin **MUST** register a `closeDiff` tool on its MCP server.
+
+- **Description:** This tool instructs the IDE to close an open diff view for a specific file.
+- **Request (`CloseDiffRequest`):** The tool is invoked via a `tools/call` request. The `arguments` field within the request's `params` **MUST** be an `CloseDiffRequest` object.
+
+  ```typescript
+  interface CloseDiffRequest {
+    // The absolute path to the file whose diff view should be closed.
+    filePath: string;
+  }
+  ```
+
+- **Response (`CallToolResult`):** The tool **MUST** return a `CallToolResult`.
+  - On Success: If the diff view was closed successfully, the response **MUST** include a single **TextContent** block in the content array containing the file's final content before closing.
+  - On Failure: If an error prevented the diff view from closing, the response **MUST** have `isError: true` and include a `TextContent` block in the `content` array describing the error.
+
+### `ide/diffAccepted` Notification
+
+When the user accepts the changes in a diff view (e.g., by clicking an "Apply" or "Save" button), the plugin **MUST** send an `ide/diffAccepted` notification to the CLI.
+
+- **Payload:** The notification parameters **MUST** include the file path and the final content of the file. The content may differ from the original `newContent` if the user made manual edits in the diff view.
+
+  ```typescript
+  {
+    // The absolute path to the file that was diffed.
+    filePath: string;
+    // The full content of the file after acceptance.
+    content: string;
+  }
+  ```
+
+### `ide/diffRejected` Notification
+
+When the user rejects the changes (e.g., by closing the diff view without accepting), the plugin **MUST** send an `ide/diffRejected` notification to the CLI.
+
+- **Payload:** The notification parameters **MUST** include the file path of the rejected diff.
+
+  ```typescript
+  {
+    // The absolute path to the file that was diffed.
+    filePath: string;
+  }
+  ```
+
+## IV. The Lifecycle Interface
+
+The plugin **MUST** manage its resources and the discovery file correctly based on the IDE's lifecycle.
+
+- **On Activation (IDE startup/plugin enabled):**
+  1.  Start the MCP server.
+  2.  Create the discovery file.
+- **On Deactivation (IDE shutdown/plugin disabled):**
+  1.  Stop the MCP server.
+  2.  Delete the discovery file.

docs/ide-integration/ide-integration.md

@@ -2,7 +2,7 @@
 
 Qwen Code can integrate with your IDE to provide a more seamless and context-aware experience. This integration allows the CLI to understand your workspace better and enables powerful features like native in-editor diffing.
 
-Currently, the only supported IDE is [Visual Studio Code](https://code.visualstudio.com/) and other editors that support VS Code extensions.
+Currently, the only supported IDE is [Visual Studio Code](https://code.visualstudio.com/) and other editors that support VS Code extensions. To build support for other editors, see the [IDE Companion Extension Spec](./ide-companion-spec.md).
 
 ## Features
 

docs/index.md

@@ -1,40 +1,344 @@
 # Welcome to Qwen Code documentation
 
-This documentation provides a comprehensive guide to installing, using, and developing Qwen Code. This tool lets you interact with AI models through a command-line interface.
+Qwen Code is a powerful command-line AI workflow tool adapted from [**Gemini CLI**](https://github.com/google-gemini/gemini-cli) ([details](./README.gemini.md)), specifically optimized for [Qwen3-Coder](https://github.com/QwenLM/Qwen3-Coder) models. It enhances your development workflow with advanced code understanding, automated tasks, and intelligent assistance.
 
-## Overview
+## 🚀 Why Choose Qwen Code?
 
-Qwen Code brings the capabilities of advanced code models to your terminal in an interactive Read-Eval-Print Loop (REPL) environment. Qwen Code consists of a client-side application (`packages/cli`) that communicates with a local server (`packages/core`). Qwen Code also contains a variety of tools for tasks such as performing file system operations, running shells, and web fetching, which are managed by `packages/core`.
+- 🎯 **Free Tier:** Up to 60 requests/min and 2,000 requests/day with your [QwenChat](https://chat.qwen.ai/) account.
+- 🧠 **Advanced Model:** Specially optimized for [Qwen3-Coder](https://github.com/QwenLM/Qwen3-Coder) for superior code understanding and assistance.
+- 🏆 **Comprehensive Features:** Includes subagents, Plan Mode, TodoWrite, vision model support, and full OpenAI API compatibility—all seamlessly integrated.
+- 🔧 **Built-in & Extensible Tools:** Includes file system operations, shell command execution, web fetch/search, and more—all easily extended via the Model Context Protocol (MCP) for custom integrations.
+- 💻 **Developer-Centric:** Built for terminal-first workflows—perfect for command-line enthusiasts.
+- 🛡️ **Open Source:** Apache 2.0 licensed for maximum freedom and transparency.
 
-## Navigating the documentation
+## Installation
 
-This documentation is organized into the following sections:
+### Prerequisites
 
-- **[Execution and Deployment](./deployment.md):** Information for running Qwen Code.
-- **[Architecture Overview](./architecture.md):** Understand the high-level design of Qwen Code, including its components and how they interact.
-- **CLI Usage:** Documentation for `packages/cli`.
-  - **[CLI Introduction](./cli/index.md):** Overview of the command-line interface.
-  - **[Commands](./cli/commands.md):** Description of available CLI commands.
-  - **[Configuration](./cli/configuration.md):** Information on configuring the CLI.
-  - **[Checkpointing](./checkpointing.md):** Documentation for the checkpointing feature.
-  - **[Extensions](./extension.md):** How to extend the CLI with new functionality.
-  - **[IDE Integration](./ide-integration.md):** Connect the CLI to your editor.
-  - **[Telemetry](./telemetry.md):** Overview of telemetry in the CLI.
-- **Core Details:** Documentation for `packages/core`.
-  - **[Core Introduction](./core/index.md):** Overview of the core component.
-  - **[Tools API](./core/tools-api.md):** Information on how the core manages and exposes tools.
-- **Tools:**
-  - **[Tools Overview](./tools/index.md):** Overview of the available tools.
-  - **[File System Tools](./tools/file-system.md):** Documentation for the `read_file` and `write_file` tools.
-  - **[Multi-File Read Tool](./tools/multi-file.md):** Documentation for the `read_many_files` tool.
-  - **[Shell Tool](./tools/shell.md):** Documentation for the `run_shell_command` tool.
-  - **[Web Fetch Tool](./tools/web-fetch.md):** Documentation for the `web_fetch` tool.
-  - **[Web Search Tool](./tools/web-search.md):** Documentation for the `web_search` tool.
-  - **[Memory Tool](./tools/memory.md):** Documentation for the `save_memory` tool.
-- **[Subagents](./subagents.md):** Specialized AI assistants for focused tasks with comprehensive management, configuration, and usage guidance.
-- **[Contributing & Development Guide](../CONTRIBUTING.md):** Information for contributors and developers, including setup, building, testing, and coding conventions.
-- **[NPM](./npm.md):** Details on how the project's packages are structured
-- **[Troubleshooting Guide](./troubleshooting.md):** Find solutions to common problems and FAQs.
-- **[Terms of Service and Privacy Notice](./tos-privacy.md):** Information on the terms of service and privacy notices applicable to your use of Qwen Code.
+Ensure you have [Node.js version 20](https://nodejs.org/en/download) or higher installed.
 
-We hope this documentation helps you make the most of Qwen Code!
+```bash
+curl -qL https://www.npmjs.com/install.sh | sh
+```
+
+### Install from npm
+
+```bash
+npm install -g @qwen-code/qwen-code@latest
+qwen --version
+```
+
+### Install from source
+
+```bash
+git clone https://github.com/QwenLM/qwen-code.git
+cd qwen-code
+npm install
+npm install -g .
+```
+
+### Install globally with Homebrew (macOS/Linux)
+
+```bash
+brew install qwen-code
+```
+
+## Quick Start
+
+```bash
+# Start Qwen Code
+qwen
+
+# Example commands
+> Explain this codebase structure
+> Help me refactor this function
+> Generate unit tests for this module
+```
+
+### Session Management
+
+Control your token usage with configurable session limits to optimize costs and performance.
+
+#### Configure Session Token Limit
+
+Create or edit `.qwen/settings.json` in your home directory:
+
+```json
+{
+  "sessionTokenLimit": 32000
+}
+```
+
+#### Session Commands
+
+- **`/compress`** - Compress conversation history to continue within token limits
+- **`/clear`** - Clear all conversation history and start fresh
+- **`/stats`** - Check current token usage and limits
+
+> 📝 **Note**: Session token limit applies to a single conversation, not cumulative API calls.
+
+### Vision Model Configuration
+
+Qwen Code includes intelligent vision model auto-switching that detects images in your input and can automatically switch to vision-capable models for multimodal analysis. **This feature is enabled by default** - when you include images in your queries, you'll see a dialog asking how you'd like to handle the vision model switch.
+
+#### Skip the Switch Dialog (Optional)
+
+If you don't want to see the interactive dialog each time, configure the default behavior in your `.qwen/settings.json`:
+
+```json
+{
+  "experimental": {
+    "vlmSwitchMode": "once"
+  }
+}
+```
+
+**Available modes:**
+
+- **`"once"`** - Switch to vision model for this query only, then revert
+- **`"session"`** - Switch to vision model for the entire session
+- **`"persist"`** - Continue with current model (no switching)
+- **Not set** - Show interactive dialog each time (default)
+
+#### Command Line Override
+
+You can also set the behavior via command line:
+
+```bash
+# Switch once per query
+qwen --vlm-switch-mode once
+
+# Switch for entire session
+qwen --vlm-switch-mode session
+
+# Never switch automatically
+qwen --vlm-switch-mode persist
+```
+
+#### Disable Vision Models (Optional)
+
+To completely disable vision model support, add to your `.qwen/settings.json`:
+
+```json
+{
+  "experimental": {
+    "visionModelPreview": false
+  }
+}
+```
+
+> 💡 **Tip**: In YOLO mode (`--yolo`), vision switching happens automatically without prompts when images are detected.
+
+### Authorization
+
+Choose your preferred authentication method based on your needs:
+
+#### 1. Qwen OAuth (🚀 Recommended - Start in 30 seconds)
+
+The easiest way to get started - completely free with generous quotas:
+
+```bash
+# Just run this command and follow the browser authentication
+qwen
+```
+
+**What happens:**
+
+1. **Instant Setup**: CLI opens your browser automatically
+2. **One-Click Login**: Authenticate with your qwen.ai account
+3. **Automatic Management**: Credentials cached locally for future use
+4. **No Configuration**: Zero setup required - just start coding!
+
+**Free Tier Benefits:**
+
+- ✅ **2,000 requests/day** (no token counting needed)
+- ✅ **60 requests/minute** rate limit
+- ✅ **Automatic credential refresh**
+- ✅ **Zero cost** for individual users
+- ℹ️ **Note**: Model fallback may occur to maintain service quality
+
+#### 2. OpenAI-Compatible API
+
+Use API keys for OpenAI or other compatible providers:
+
+**Configuration Methods:**
+
+1. **Environment Variables**
+
+   ```bash
+   export OPENAI_API_KEY="your_api_key_here"
+   export OPENAI_BASE_URL="your_api_endpoint"
+   export OPENAI_MODEL="your_model_choice"
+   ```
+
+2. **Project `.env` File**
+   Create a `.env` file in your project root:
+   ```env
+   OPENAI_API_KEY=your_api_key_here
+   OPENAI_BASE_URL=your_api_endpoint
+   OPENAI_MODEL=your_model_choice
+   ```
+
+**API Provider Options**
+
+> ⚠️ **Regional Notice:**
+>
+> - **Mainland China**: Use Alibaba Cloud Bailian or ModelScope
+> - **International**: Use Alibaba Cloud ModelStudio or OpenRouter
+
+<details>
+<summary><b>🇨🇳 For Users in Mainland China</b></summary>
+
+**Option 1: Alibaba Cloud Bailian** ([Apply for API Key](https://bailian.console.aliyun.com/))
+
+```bash
+export OPENAI_API_KEY="your_api_key_here"
+export OPENAI_BASE_URL="https://dashscope.aliyuncs.com/compatible-mode/v1"
+export OPENAI_MODEL="qwen3-coder-plus"
+```
+
+**Option 2: ModelScope (Free Tier)** ([Apply for API Key](https://modelscope.cn/docs/model-service/API-Inference/intro))
+
+- ✅ **2,000 free API calls per day**
+- ⚠️ Connect your Aliyun account to avoid authentication errors
+
+```bash
+export OPENAI_API_KEY="your_api_key_here"
+export OPENAI_BASE_URL="https://api-inference.modelscope.cn/v1"
+export OPENAI_MODEL="Qwen/Qwen3-Coder-480B-A35B-Instruct"
+```
+
+</details>
+
+<details>
+<summary><b>🌍 For International Users</b></summary>
+
+**Option 1: Alibaba Cloud ModelStudio** ([Apply for API Key](https://modelstudio.console.alibabacloud.com/))
+
+```bash
+export OPENAI_API_KEY="your_api_key_here"
+export OPENAI_BASE_URL="https://dashscope-intl.aliyuncs.com/compatible-mode/v1"
+export OPENAI_MODEL="qwen3-coder-plus"
+```
+
+**Option 2: OpenRouter (Free Tier Available)** ([Apply for API Key](https://openrouter.ai/))
+
+```bash
+export OPENAI_API_KEY="your_api_key_here"
+export OPENAI_BASE_URL="https://openrouter.ai/api/v1"
+export OPENAI_MODEL="qwen/qwen3-coder:free"
+```
+
+</details>
+
+## Usage Examples
+
+### 🔍 Explore Codebases
+
+```bash
+cd your-project/
+qwen
+
+# Architecture analysis
+> Describe the main pieces of this system's architecture
+> What are the key dependencies and how do they interact?
+> Find all API endpoints and their authentication methods
+```
+
+### 💻 Code Development
+
+```bash
+# Refactoring
+> Refactor this function to improve readability and performance
+> Convert this class to use dependency injection
+> Split this large module into smaller, focused components
+
+# Code generation
+> Create a REST API endpoint for user management
+> Generate unit tests for the authentication module
+> Add error handling to all database operations
+```
+
+### 🔄 Automate Workflows
+
+```bash
+# Git automation
+> Analyze git commits from the last 7 days, grouped by feature
+> Create a changelog from recent commits
+> Find all TODO comments and create GitHub issues
+
+# File operations
+> Convert all images in this directory to PNG format
+> Rename all test files to follow the *.test.ts pattern
+> Find and remove all console.log statements
+```
+
+### 🐛 Debugging & Analysis
+
+```bash
+# Performance analysis
+> Identify performance bottlenecks in this React component
+> Find all N+1 query problems in the codebase
+
+# Security audit
+> Check for potential SQL injection vulnerabilities
+> Find all hardcoded credentials or API keys
+```
+
+## Popular Tasks
+
+### 📚 Understand New Codebases
+
+```text
+> What are the core business logic components?
+> What security mechanisms are in place?
+> How does the data flow through the system?
+> What are the main design patterns used?
+> Generate a dependency graph for this module
+```
+
+### 🔨 Code Refactoring & Optimization
+
+```text
+> What parts of this module can be optimized?
+> Help me refactor this class to follow SOLID principles
+> Add proper error handling and logging
+> Convert callbacks to async/await pattern
+> Implement caching for expensive operations
+```
+
+### 📝 Documentation & Testing
+
+```text
+> Generate comprehensive JSDoc comments for all public APIs
+> Write unit tests with edge cases for this component
+> Create API documentation in OpenAPI format
+> Add inline comments explaining complex algorithms
+> Generate a README for this module
+```
+
+### 🚀 Development Acceleration
+
+```text
+> Set up a new Express server with authentication
+> Create a React component with TypeScript and tests
+> Implement a rate limiter middleware
+> Add database migrations for new schema
+> Configure CI/CD pipeline for this project
+```
+
+## Commands & Shortcuts
+
+### Session Commands
+
+- `/help` - Display available commands
+- `/clear` - Clear conversation history
+- `/compress` - Compress history to save tokens
+- `/stats` - Show current session information
+- `/exit` or `/quit` - Exit Qwen Code
+
+### Keyboard Shortcuts
+
+- `Ctrl+C` - Cancel current operation
+- `Ctrl+D` - Exit (on empty line)
+- `Up/Down` - Navigate command history

docs/mermaid/context.mmd

@@ -0,0 +1,103 @@
+graph LR
+    %% --- Style Definitions ---
+    classDef new fill:#98fb98,color:#000
+    classDef changed fill:#add8e6,color:#000
+    classDef unchanged fill:#f0f0f0,color:#000
+
+    %% --- Subgraphs ---
+    subgraph "Context Providers"
+        direction TB
+        A["gemini.tsx"]
+        B["AppContainer.tsx"]
+    end
+
+    subgraph "Contexts"
+        direction TB
+        CtxSession["SessionContext"]
+        CtxVim["VimModeContext"]
+        CtxSettings["SettingsContext"]
+        CtxApp["AppContext"]
+        CtxConfig["ConfigContext"]
+        CtxUIState["UIStateContext"]
+        CtxUIActions["UIActionsContext"]
+    end
+
+    subgraph "Component Consumers"
+        direction TB
+        ConsumerApp["App"]
+        ConsumerAppContainer["AppContainer"]
+        ConsumerAppHeader["AppHeader"]
+        ConsumerDialogManager["DialogManager"]
+        ConsumerHistoryItem["HistoryItemDisplay"]
+        ConsumerComposer["Composer"]
+        ConsumerMainContent["MainContent"]
+        ConsumerNotifications["Notifications"]
+    end
+
+    %% --- Provider -> Context Connections ---
+    A -.-> CtxSession
+    A -.-> CtxVim
+    A -.-> CtxSettings
+
+    B -.-> CtxApp
+    B -.-> CtxConfig
+    B -.-> CtxUIState
+    B -.-> CtxUIActions
+    B -.-> CtxSettings
+
+    %% --- Context -> Consumer Connections ---
+    CtxSession -.-> ConsumerAppContainer
+    CtxSession -.-> ConsumerApp
+
+    CtxVim -.-> ConsumerAppContainer
+    CtxVim -.-> ConsumerComposer
+    CtxVim -.-> ConsumerApp
+
+    CtxSettings -.-> ConsumerAppContainer
+    CtxSettings -.-> ConsumerAppHeader
+    CtxSettings -.-> ConsumerDialogManager
+    CtxSettings -.-> ConsumerApp
+
+    CtxApp -.-> ConsumerAppHeader
+    CtxApp -.-> ConsumerNotifications
+
+    CtxConfig -.-> ConsumerAppHeader
+    CtxConfig -.-> ConsumerHistoryItem
+    CtxConfig -.-> ConsumerComposer
+    CtxConfig -.-> ConsumerDialogManager
+
+
+
+    CtxUIState -.-> ConsumerApp
+    CtxUIState -.-> ConsumerMainContent
+    CtxUIState -.-> ConsumerComposer
+    CtxUIState -.-> ConsumerDialogManager
+
+    CtxUIActions -.-> ConsumerComposer
+    CtxUIActions -.-> ConsumerDialogManager
+
+    %% --- Apply Styles ---
+    %% New Elements (Green)
+    class B,CtxApp,CtxConfig,CtxUIState,CtxUIActions,ConsumerAppHeader,ConsumerDialogManager,ConsumerComposer,ConsumerMainContent,ConsumerNotifications new
+
+    %% Heavily Changed Elements (Blue)
+    class A,ConsumerApp,ConsumerAppContainer,ConsumerHistoryItem changed
+
+    %% Mostly Unchanged Elements (Gray)
+    class CtxSession,CtxVim,CtxSettings unchanged
+
+    %% --- Link Styles ---
+    %% CtxSession (Red)
+    linkStyle 0,8,9 stroke:#e57373,stroke-width:2px
+    %% CtxVim (Orange)
+    linkStyle 1,10,11,12 stroke:#ffb74d,stroke-width:2px
+    %% CtxSettings (Yellow)
+    linkStyle 2,7,13,14,15,16 stroke:#fff176,stroke-width:2px
+    %% CtxApp (Green)
+    linkStyle 3,17,18 stroke:#81c784,stroke-width:2px
+    %% CtxConfig (Blue)
+    linkStyle 4,19,20,21,22 stroke:#64b5f6,stroke-width:2px
+    %% CtxUIState (Indigo)
+    linkStyle 5,23,24,25,26 stroke:#7986cb,stroke-width:2px
+    %% CtxUIActions (Violet)
+    linkStyle 6,27,28 stroke:#ba68c8,stroke-width:2px

docs/mermaid/render-path.mmd

@@ -0,0 +1,64 @@
+graph TD
+    %% --- Style Definitions ---
+    classDef new fill:#98fb98,color:#000
+    classDef changed fill:#add8e6,color:#000
+    classDef unchanged fill:#f0f0f0,color:#000
+    classDef dispatcher fill:#f9e79f,color:#000,stroke:#333,stroke-width:1px
+    classDef container fill:#f5f5f5,color:#000,stroke:#ccc
+
+    %% --- Component Tree ---
+    subgraph "Entry Point"
+      A["gemini.tsx"]
+    end
+
+    subgraph "State & Logic Wrapper"
+      B["AppContainer.tsx"]
+    end
+
+    subgraph "Primary Layout"
+      C["App.tsx"]
+    end
+
+    A -.-> B
+    B -.-> C
+
+    subgraph "UI Containers"
+        direction LR
+        C -.-> D["MainContent"]
+        C -.-> G["Composer"]
+        C -.-> F["DialogManager"]
+        C -.-> E["Notifications"]
+    end
+
+    subgraph "MainContent"
+        direction TB
+        D -.-> H["AppHeader"]
+        D -.-> I["HistoryItemDisplay"]:::dispatcher
+        D -.-> L["ShowMoreLines"]
+    end
+
+    subgraph "Composer"
+        direction TB
+        G -.-> K_Prompt["InputPrompt"]
+        G -.-> K_Footer["Footer"]
+    end
+
+    subgraph "DialogManager"
+        F -.-> J["Various Dialogs<br>(Auth, Theme, Settings, etc.)"]
+    end
+
+    %% --- Apply Styles ---
+    class B,D,E,F,G,H,J,K_Prompt,L new
+    class A,C,I changed
+    class K_Footer unchanged
+
+    %% --- Link Styles ---
+    %% MainContent Branch (Blue)
+    linkStyle 2,6,7,8 stroke:#64b5f6,stroke-width:2px
+    %% Composer Branch (Green)
+    linkStyle 3,9,10 stroke:#81c784,stroke-width:2px
+    %% DialogManager Branch (Orange)
+    linkStyle 4,11 stroke:#ffb74d,stroke-width:2px
+    %% Notifications Branch (Violet)
+    linkStyle 5 stroke:#ba68c8,stroke-width:2px
+

docs/sidebar.json

@@ -0,0 +1,68 @@
+[
+  {
+    "label": "Overview",
+    "items": [
+      { "label": "Welcome", "slug": "docs" },
+      { "label": "Execution and Deployment", "slug": "docs/deployment" },
+      { "label": "Architecture Overview", "slug": "docs/architecture" }
+    ]
+  },
+  {
+    "label": "CLI",
+    "items": [
+      { "label": "Introduction", "slug": "docs/cli" },
+      { "label": "Authentication", "slug": "docs/cli/authentication" },
+      { "label": "Commands", "slug": "docs/cli/commands" },
+      { "label": "Configuration", "slug": "docs/cli/configuration" },
+      { "label": "Checkpointing", "slug": "docs/checkpointing" },
+      { "label": "Extensions", "slug": "docs/extension" },
+      { "label": "Headless Mode", "slug": "docs/headless" },
+      { "label": "IDE Integration", "slug": "docs/ide-integration" },
+      {
+        "label": "IDE Companion Spec",
+        "slug": "docs/ide-companion-spec"
+      },
+      { "label": "Telemetry", "slug": "docs/telemetry" },
+      { "label": "Themes", "slug": "docs/cli/themes" },
+      { "label": "Token Caching", "slug": "docs/cli/token-caching" },
+      { "label": "Trusted Folders", "slug": "docs/trusted-folders" },
+      { "label": "Tutorials", "slug": "docs/cli/tutorials" }
+    ]
+  },
+  {
+    "label": "Core",
+    "items": [
+      { "label": "Introduction", "slug": "docs/core" },
+      { "label": "Tools API", "slug": "docs/core/tools-api" },
+      { "label": "Memory Import Processor", "slug": "docs/core/memport" }
+    ]
+  },
+  {
+    "label": "Tools",
+    "items": [
+      { "label": "Overview", "slug": "docs/tools" },
+      { "label": "File System", "slug": "docs/tools/file-system" },
+      { "label": "Multi-File Read", "slug": "docs/tools/multi-file" },
+      { "label": "Shell", "slug": "docs/tools/shell" },
+      { "label": "Web Fetch", "slug": "docs/tools/web-fetch" },
+      { "label": "Web Search", "slug": "docs/tools/web-search" },
+      { "label": "Memory", "slug": "docs/tools/memory" },
+      { "label": "MCP Servers", "slug": "docs/tools/mcp-server" },
+      { "label": "Sandboxing", "slug": "docs/sandbox" }
+    ]
+  },
+  {
+    "label": "Development",
+    "items": [
+      { "label": "NPM", "slug": "docs/npm" },
+      { "label": "Releases", "slug": "docs/releases" }
+    ]
+  },
+  {
+    "label": "Support",
+    "items": [
+      { "label": "Troubleshooting", "slug": "docs/troubleshooting" },
+      { "label": "Terms of Service", "slug": "docs/tos-privacy" }
+    ]
+  }
+]

docs/support/_meta.ts

@@ -0,0 +1,4 @@
+export default {
+  troubleshooting: 'Troubleshooting',
+  'tos-privacy': 'Terms of Service',
+};

docs/support/troubleshooting.md

@@ -62,7 +62,7 @@ This guide provides solutions to common issues and debugging tips, including top
 - **DEBUG mode not working from project .env file**
   - **Issue:** Setting `DEBUG=true` in a project's `.env` file doesn't enable debug mode for the CLI.
   - **Cause:** The `DEBUG` and `DEBUG_MODE` variables are automatically excluded from project `.env` files to prevent interference with the CLI behavior.
-  - **Solution:** Use a `.qwen/.env` file instead, or configure the `excludedProjectEnvVars` setting in your `settings.json` to exclude fewer variables.
+  - **Solution:** Use a `.qwen/.env` file instead, or configure the `advanced.excludedEnvVars` setting in your `settings.json` to exclude fewer variables.
 
 ## IDE Companion not connecting
 

docs/telemetry.md

@@ -1,281 +0,0 @@
-# Qwen Code Observability Guide
-
-Telemetry provides data about Qwen Code's performance, health, and usage. By enabling it, you can monitor operations, debug issues, and optimize tool usage through traces, metrics, and structured logs.
-
-Qwen Code's telemetry system is built on the **[OpenTelemetry] (OTEL)** standard, allowing you to send data to any compatible backend.
-
-[OpenTelemetry]: https://opentelemetry.io/
-
-## Enabling telemetry
-
-You can enable telemetry in multiple ways. Configuration is primarily managed via the [`.qwen/settings.json` file](./cli/configuration.md) and environment variables, but CLI flags can override these settings for a specific session.
-
-### Order of precedence
-
-The following lists the precedence for applying telemetry settings, with items listed higher having greater precedence:
-
-1.  **CLI flags (for `qwen` command):**
-    - `--telemetry` / `--no-telemetry`: Overrides `telemetry.enabled`.
-    - `--telemetry-target <local|gcp>`: Overrides `telemetry.target`.
-    - `--telemetry-otlp-endpoint <URL>`: Overrides `telemetry.otlpEndpoint`.
-    - `--telemetry-log-prompts` / `--no-telemetry-log-prompts`: Overrides `telemetry.logPrompts`.
-    - `--telemetry-outfile <path>`: Redirects telemetry output to a file. See [Exporting to a file](#exporting-to-a-file).
-
-1.  **Environment variables:**
-    - `OTEL_EXPORTER_OTLP_ENDPOINT`: Overrides `telemetry.otlpEndpoint`.
-
-1.  **Workspace settings file (`.qwen/settings.json`):** Values from the `telemetry` object in this project-specific file.
-
-1.  **User settings file (`~/.qwen/settings.json`):** Values from the `telemetry` object in this global user file.
-
-1.  **Defaults:** applied if not set by any of the above.
-    - `telemetry.enabled`: `false`
-    - `telemetry.target`: `local`
-    - `telemetry.otlpEndpoint`: `http://localhost:4317`
-    - `telemetry.logPrompts`: `true`
-
-**For the `npm run telemetry -- --target=<gcp|local>` script:**
-The `--target` argument to this script _only_ overrides the `telemetry.target` for the duration and purpose of that script (i.e., choosing which collector to start). It does not permanently change your `settings.json`. The script will first look at `settings.json` for a `telemetry.target` to use as its default.
-
-### Example settings
-
-The following code can be added to your workspace (`.qwen/settings.json`) or user (`~/.qwen/settings.json`) settings to enable telemetry and send the output to Google Cloud:
-
-```json
-{
-  "telemetry": {
-    "enabled": true,
-    "target": "gcp"
-  },
-  "sandbox": false
-}
-```
-
-### Exporting to a file
-
-You can export all telemetry data to a file for local inspection.
-
-To enable file export, use the `--telemetry-outfile` flag with a path to your desired output file. This must be run using `--telemetry-target=local`.
-
-```bash
-# Set your desired output file path
-TELEMETRY_FILE=".qwen/telemetry.log"
-
-# Run Qwen Code with local telemetry
-# NOTE: --telemetry-otlp-endpoint="" is required to override the default
-# OTLP exporter and ensure telemetry is written to the local file.
-qwen --telemetry \
-  --telemetry-target=local \
-  --telemetry-otlp-endpoint="" \
-  --telemetry-outfile="$TELEMETRY_FILE" \
-  --prompt "What is OpenTelemetry?"
-```
-
-## Running an OTEL Collector
-
-An OTEL Collector is a service that receives, processes, and exports telemetry data.
-The CLI can send data using either the OTLP/gRPC or OTLP/HTTP protocol.
-You can specify which protocol to use via the `--telemetry-otlp-protocol` flag
-or the `telemetry.otlpProtocol` setting in your `settings.json` file. See the
-[configuration docs](./cli/configuration.md#--telemetry-otlp-protocol) for more
-details.
-
-Learn more about OTEL exporter standard configuration in [documentation][otel-config-docs].
-
-[otel-config-docs]: https://opentelemetry.io/docs/languages/sdk-configuration/otlp-exporter/
-
-### Local
-
-Use the `npm run telemetry -- --target=local` command to automate the process of setting up a local telemetry pipeline, including configuring the necessary settings in your `.qwen/settings.json` file. The underlying script installs `otelcol-contrib` (the OpenTelemetry Collector) and `jaeger` (The Jaeger UI for viewing traces). To use it:
-
-1.  **Run the command**:
-    Execute the command from the root of the repository:
-
-    ```bash
-    npm run telemetry -- --target=local
-    ```
-
-    The script will:
-    - Download Jaeger and OTEL if needed.
-    - Start a local Jaeger instance.
-    - Start an OTEL collector configured to receive data from Qwen Code.
-    - Automatically enable telemetry in your workspace settings.
-    - On exit, disable telemetry.
-
-1.  **View traces**:
-    Open your web browser and navigate to **http://localhost:16686** to access the Jaeger UI. Here you can inspect detailed traces of Qwen Code operations.
-
-1.  **Inspect logs and metrics**:
-    The script redirects the OTEL collector output (which includes logs and metrics) to `~/.qwen/tmp/<projectHash>/otel/collector.log`. The script will provide links to view and a command to tail your telemetry data (traces, metrics, logs) locally.
-
-1.  **Stop the services**:
-    Press `Ctrl+C` in the terminal where the script is running to stop the OTEL Collector and Jaeger services.
-
-### Google Cloud
-
-Use the `npm run telemetry -- --target=gcp` command to automate setting up a local OpenTelemetry collector that forwards data to your Google Cloud project, including configuring the necessary settings in your `.qwen/settings.json` file. The underlying script installs `otelcol-contrib`. To use it:
-
-1.  **Prerequisites**:
-    - Have a Google Cloud project ID.
-    - Export the `GOOGLE_CLOUD_PROJECT` environment variable to make it available to the OTEL collector.
-      ```bash
-      export OTLP_GOOGLE_CLOUD_PROJECT="your-project-id"
-      ```
-    - Authenticate with Google Cloud (e.g., run `gcloud auth application-default login` or ensure `GOOGLE_APPLICATION_CREDENTIALS` is set).
-    - Ensure your Google Cloud account/service account has the necessary IAM roles: "Cloud Trace Agent", "Monitoring Metric Writer", and "Logs Writer".
-
-1.  **Run the command**:
-    Execute the command from the root of the repository:
-
-    ```bash
-    npm run telemetry -- --target=gcp
-    ```
-
-    The script will:
-    - Download the `otelcol-contrib` binary if needed.
-    - Start an OTEL collector configured to receive data from Qwen Code and export it to your specified Google Cloud project.
-    - Automatically enable telemetry and disable sandbox mode in your workspace settings (`.qwen/settings.json`).
-    - Provide direct links to view traces, metrics, and logs in your Google Cloud Console.
-    - On exit (Ctrl+C), it will attempt to restore your original telemetry and sandbox settings.
-
-1.  **Run Qwen Code:**
-    In a separate terminal, run your Qwen Code commands. This generates telemetry data that the collector captures.
-
-1.  **View telemetry in Google Cloud**:
-    Use the links provided by the script to navigate to the Google Cloud Console and view your traces, metrics, and logs.
-
-1.  **Inspect local collector logs**:
-    The script redirects the local OTEL collector output to `~/.qwen/tmp/<projectHash>/otel/collector-gcp.log`. The script provides links to view and command to tail your collector logs locally.
-
-1.  **Stop the service**:
-    Press `Ctrl+C` in the terminal where the script is running to stop the OTEL Collector.
-
-## Logs and metric reference
-
-The following section describes the structure of logs and metrics generated for Qwen Code.
-
-- A `sessionId` is included as a common attribute on all logs and metrics.
-
-### Logs
-
-Logs are timestamped records of specific events. The following events are logged for Qwen Code:
-
-- `qwen-code.config`: This event occurs once at startup with the CLI's configuration.
-  - **Attributes**:
-    - `model` (string)
-    - `embedding_model` (string)
-    - `sandbox_enabled` (boolean)
-    - `core_tools_enabled` (string)
-    - `approval_mode` (string)
-    - `api_key_enabled` (boolean)
-    - `vertex_ai_enabled` (boolean)
-    - `code_assist_enabled` (boolean)
-    - `log_prompts_enabled` (boolean)
-    - `file_filtering_respect_git_ignore` (boolean)
-    - `debug_mode` (boolean)
-    - `mcp_servers` (string)
-
-- `qwen-code.user_prompt`: This event occurs when a user submits a prompt.
-  - **Attributes**:
-    - `prompt_length` (int)
-    - `prompt_id` (string)
-    - `prompt` (string, this attribute is excluded if `log_prompts_enabled` is configured to be `false`)
-    - `auth_type` (string)
-
-- `qwen-code.tool_call`: This event occurs for each function call.
-  - **Attributes**:
-    - `function_name`
-    - `function_args`
-    - `duration_ms`
-    - `success` (boolean)
-    - `decision` (string: "accept", "reject", "auto_accept", or "modify", if applicable)
-    - `error` (if applicable)
-    - `error_type` (if applicable)
-    - `metadata` (if applicable, dictionary of string -> any)
-
-- `qwen-code.api_request`: This event occurs when making a request to Qwen API.
-  - **Attributes**:
-    - `model`
-    - `request_text` (if applicable)
-
-- `qwen-code.api_error`: This event occurs if the API request fails.
-  - **Attributes**:
-    - `model`
-    - `error`
-    - `error_type`
-    - `status_code`
-    - `duration_ms`
-    - `auth_type`
-
-- `qwen-code.api_response`: This event occurs upon receiving a response from Qwen API.
-  - **Attributes**:
-    - `model`
-    - `status_code`
-    - `duration_ms`
-    - `error` (optional)
-    - `input_token_count`
-    - `output_token_count`
-    - `cached_content_token_count`
-    - `thoughts_token_count`
-    - `tool_token_count`
-    - `response_text` (if applicable)
-    - `auth_type`
-
-- `qwen-code.flash_fallback`: This event occurs when Qwen Code switches to flash as fallback.
-  - **Attributes**:
-    - `auth_type`
-
-- `qwen-code.slash_command`: This event occurs when a user executes a slash command.
-  - **Attributes**:
-    - `command` (string)
-    - `subcommand` (string, if applicable)
-
-### Metrics
-
-Metrics are numerical measurements of behavior over time. The following metrics are collected for Qwen Code (metric names remain `qwen-code.*` for compatibility):
-
-- `qwen-code.session.count` (Counter, Int): Incremented once per CLI startup.
-
-- `qwen-code.tool.call.count` (Counter, Int): Counts tool calls.
-  - **Attributes**:
-    - `function_name`
-    - `success` (boolean)
-    - `decision` (string: "accept", "reject", or "modify", if applicable)
-    - `tool_type` (string: "mcp", or "native", if applicable)
-
-- `qwen-code.tool.call.latency` (Histogram, ms): Measures tool call latency.
-  - **Attributes**:
-    - `function_name`
-    - `decision` (string: "accept", "reject", or "modify", if applicable)
-
-- `qwen-code.api.request.count` (Counter, Int): Counts all API requests.
-  - **Attributes**:
-    - `model`
-    - `status_code`
-    - `error_type` (if applicable)
-
-- `qwen-code.api.request.latency` (Histogram, ms): Measures API request latency.
-  - **Attributes**:
-    - `model`
-
-- `qwen-code.token.usage` (Counter, Int): Counts the number of tokens used.
-  - **Attributes**:
-    - `model`
-    - `type` (string: "input", "output", "thought", "cache", or "tool")
-
-- `qwen-code.file.operation.count` (Counter, Int): Counts file operations.
-  - **Attributes**:
-    - `operation` (string: "create", "read", "update"): The type of file operation.
-    - `lines` (Int, if applicable): Number of lines in the file.
-    - `mimetype` (string, if applicable): Mimetype of the file.
-    - `extension` (string, if applicable): File extension of the file.
-    - `ai_added_lines` (Int, if applicable): Number of lines added/changed by AI.
-    - `ai_removed_lines` (Int, if applicable): Number of lines removed/changed by AI.
-    - `user_added_lines` (Int, if applicable): Number of lines added/changed by user in AI proposed changes.
-    - `user_removed_lines` (Int, if applicable): Number of lines removed/changed by user in AI proposed changes.
-    - `programming_language` (string, if applicable): The programming language of the file.
-
-- `qwen-code.chat_compression` (Counter, Int): Counts chat compression operations
-  - **Attributes**:
-    - `tokens_before`: (Int): Number of tokens in context prior to compression
-    - `tokens_after`: (Int): Number of tokens in context after compression

docs/tools/_meta.ts

@@ -0,0 +1,11 @@
+export default {
+  index: 'Introduction',
+  'file-system': 'File System',
+  'multi-file': 'Multi-File Read',
+  shell: 'Shell',
+  'todo-write': 'Todo Write',
+  'web-fetch': 'Web Fetch',
+  'web-search': 'Web Search',
+  memory: 'Memory',
+  'mcp-server': 'MCP Servers',
+};

docs/tools/index.md

@@ -54,4 +54,3 @@ Qwen Code's built-in tools can be broadly categorized as follows:
 Additionally, these tools incorporate:
 
 - **[MCP servers](./mcp-server.md)**: MCP servers act as a bridge between the model and your local environment or other services like APIs.
-- **[Sandboxing](../sandbox.md)**: Sandboxing isolates the model and its changes from your environment to reduce potential risk.

docs/tools/mcp-server.md

@@ -51,7 +51,30 @@ Qwen Code uses the `mcpServers` configuration in your `settings.json` file to lo
 
 ### Configure the MCP server in settings.json
 
-You can configure MCP servers at the global level in the `~/.qwen/settings.json` file or in your project's root directory, create or open the `.qwen/settings.json` file. Within the file, add the `mcpServers` configuration block.
+You can configure MCP servers in your `settings.json` file in two main ways: through the top-level `mcpServers` object for specific server definitions, and through the `mcp` object for global settings that control server discovery and execution.
+
+#### Global MCP Settings (`mcp`)
+
+The `mcp` object in your `settings.json` allows you to define global rules for all MCP servers.
+
+- **`mcp.serverCommand`** (string): A global command to start an MCP server.
+- **`mcp.allowed`** (array of strings): A list of MCP server names to allow. If this is set, only servers from this list (matching the keys in the `mcpServers` object) will be connected to.
+- **`mcp.excluded`** (array of strings): A list of MCP server names to exclude. Servers in this list will not be connected to.
+
+**Example:**
+
+```json
+{
+  "mcp": {
+    "allowed": ["my-trusted-server"],
+    "excluded": ["experimental-server"]
+  }
+}
+```
+
+#### Server-Specific Configuration (`mcpServers`)
+
+The `mcpServers` object is where you define each individual MCP server you want the CLI to connect to.
 
 ### Configuration Structure
 
@@ -92,8 +115,10 @@ Each server configuration supports the following properties:
 - **`cwd`** (string): Working directory for Stdio transport
 - **`timeout`** (number): Request timeout in milliseconds (default: 600,000ms = 10 minutes)
 - **`trust`** (boolean): When `true`, bypasses all tool call confirmations for this server (default: `false`)
-- **`includeTools`** (string[]): List of tool names to include from this MCP server. When specified, only the tools listed here will be available from this server (whitelist behavior). If not specified, all tools from the server are enabled by default.
+- **`includeTools`** (string[]): List of tool names to include from this MCP server. When specified, only the tools listed here will be available from this server (allowlist behavior). If not specified, all tools from the server are enabled by default.
 - **`excludeTools`** (string[]): List of tool names to exclude from this MCP server. Tools listed here will not be available to the model, even if they are exposed by the server. **Note:** `excludeTools` takes precedence over `includeTools` - if a tool is in both lists, it will be excluded.
+- **`targetAudience`** (string): The OAuth Client ID allowlisted on the IAP-protected application you are trying to access. Used with `authProviderType: 'service_account_impersonation'`.
+- **`targetServiceAccount`** (string): The email address of the Google Cloud Service Account to impersonate. Used with `authProviderType: 'service_account_impersonation'`.
 
 ### OAuth Support for Remote MCP Servers
 
@@ -187,6 +212,9 @@ You can specify the authentication provider type using the `authProviderType` pr
 - **`authProviderType`** (string): Specifies the authentication provider. Can be one of the following:
   - **`dynamic_discovery`** (default): The CLI will automatically discover the OAuth configuration from the server.
   - **`google_credentials`**: The CLI will use the Google Application Default Credentials (ADC) to authenticate with the server. When using this provider, you must specify the required scopes.
+  - **`service_account_impersonation`**: The CLI will impersonate a Google Cloud Service Account to authenticate with the server. This is useful for accessing IAP-protected services (this was specifically designed for Cloud Run services).
+
+#### Google Credentials
 
 ```json
 {
@@ -202,6 +230,24 @@ You can specify the authentication provider type using the `authProviderType` pr
 }
 ```
 
+#### Service Account Impersonation
+
+To authenticate with a server using Service Account Impersonation, you must set the `authProviderType` to `service_account_impersonation` and provide the following properties:
+
+- **`targetAudience`** (string): The OAuth Client ID allowslisted on the IAP-protected application you are trying to access.
+- **`targetServiceAccount`** (string): The email address of the Google Cloud Service Account to impersonate.
+
+The CLI will use your local Application Default Credentials (ADC) to generate an OIDC ID token for the specified service account and audience. This token will then be used to authenticate with the MCP server.
+
+#### Setup Instructions
+
+1. **[Create](https://cloud.google.com/iap/docs/oauth-client-creation) or use an existing OAuth 2.0 client ID.** To use an existing OAuth 2.0 client ID, follow the steps in [How to share OAuth Clients](https://cloud.google.com/iap/docs/sharing-oauth-clients).
+2. **Add the OAuth ID to the allowlist for [programmatic access](https://cloud.google.com/iap/docs/sharing-oauth-clients#programmatic_access) for the application.** Since Cloud Run is not yet a supported resource type in gcloud iap, you must allowlist the Client ID on the project.
+3. **Create a service account.** [Documentation](https://cloud.google.com/iam/docs/service-accounts-create#creating), [Cloud Console Link](https://console.cloud.google.com/iam-admin/serviceaccounts)
+4. **Add both the service account and users to the IAP Policy** in the "Security" tab of the Cloud Run service itself or via gcloud.
+5. **Grant all users and groups** who will access the MCP Server the necessary permissions to [impersonate the service account](https://cloud.google.com/docs/authentication/use-service-account-impersonation) (i.e., `roles/iam.serviceAccountTokenCreator`).
+6. **[Enable](https://console.cloud.google.com/apis/library/iamcredentials.googleapis.com) the IAM Credentials API** for your project.
+
 ### Example Configurations
 
 #### Python MCP Server (Stdio)
@@ -310,6 +356,21 @@ You can specify the authentication provider type using the `authProviderType` pr
 }
 ```
 
+### SSE MCP Server with SA Impersonation
+
+```json
+{
+  "mcpServers": {
+    "myIapProtectedServer": {
+      "url": "https://my-iap-service.run.app/sse",
+      "authProviderType": "service_account_impersonation",
+      "targetAudience": "YOUR_IAP_CLIENT_ID.apps.googleusercontent.com",
+      "targetServiceAccount": "your-sa@your-project.iam.gserviceaccount.com"
+    }
+  }
+}
+```
+
 ## Discovery Process Deep Dive
 
 When Qwen Code starts, it performs MCP server discovery through the following detailed process:
@@ -667,9 +728,13 @@ await server.connect(transport);
 This can be included in `settings.json` under `mcpServers` with:
 
 ```json
-"nodeServer": {
-  "command": "node",
-  "args": ["filename.ts"],
+{
+  "mcpServers": {
+    "nodeServer": {
+      "command": "node",
+      "args": ["filename.ts"]
+    }
+  }
 }
 ```
 

docs/tools/shell.md

@@ -4,7 +4,9 @@ This document describes the `run_shell_command` tool for Qwen Code.
 
 ## Description
 
-Use `run_shell_command` to interact with the underlying system, run scripts, or perform command-line operations. `run_shell_command` executes a given shell command. On Windows, the command will be executed with `cmd.exe /c`. On other platforms, the command will be executed with `bash -c`.
+Use `run_shell_command` to interact with the underlying system, run scripts, or perform command-line operations. `run_shell_command` executes a given shell command, including interactive commands that require user input (e.g., `vim`, `git rebase -i`) if the `tools.shell.enableInteractiveShell` setting is set to `true`.
+
+On Windows, commands are executed with `cmd.exe /c`. On other platforms, they are executed with `bash -c`.
 
 ### Arguments
 
@@ -102,10 +104,67 @@ Start multiple background services:
 run_shell_command(command="docker-compose up", description="Start all services", is_background=true)
 ```
 
+## Configuration
+
+You can configure the behavior of the `run_shell_command` tool by modifying your `settings.json` file or by using the `/settings` command in the Qwen Code.
+
+### Enabling Interactive Commands
+
+To enable interactive commands, you need to set the `tools.shell.enableInteractiveShell` setting to `true`. This will use `node-pty` for shell command execution, which allows for interactive sessions. If `node-pty` is not available, it will fall back to the `child_process` implementation, which does not support interactive commands.
+
+**Example `settings.json`:**
+
+```json
+{
+  "tools": {
+    "shell": {
+      "enableInteractiveShell": true
+    }
+  }
+}
+```
+
+### Showing Color in Output
+
+To show color in the shell output, you need to set the `tools.shell.showColor` setting to `true`. **Note: This setting only applies when `tools.shell.enableInteractiveShell` is enabled.**
+
+**Example `settings.json`:**
+
+```json
+{
+  "tools": {
+    "shell": {
+      "showColor": true
+    }
+  }
+}
+```
+
+### Setting the Pager
+
+You can set a custom pager for the shell output by setting the `tools.shell.pager` setting. The default pager is `cat`. **Note: This setting only applies when `tools.shell.enableInteractiveShell` is enabled.**
+
+**Example `settings.json`:**
+
+```json
+{
+  "tools": {
+    "shell": {
+      "pager": "less"
+    }
+  }
+}
+```
+
+## Interactive Commands
+
+The `run_shell_command` tool now supports interactive commands by integrating a pseudo-terminal (pty). This allows you to run commands that require real-time user input, such as text editors (`vim`, `nano`), terminal-based UIs (`htop`), and interactive version control operations (`git rebase -i`).
+
+When an interactive command is running, you can send input to it from the Qwen Code. To focus on the interactive shell, press `ctrl+f`. The terminal output, including complex TUIs, will be rendered correctly.
+
 ## Important notes
 
 - **Security:** Be cautious when executing commands, especially those constructed from user input, to prevent security vulnerabilities.
-- **Interactive commands:** Avoid commands that require interactive user input, as this can cause the tool to hang. Use non-interactive flags if available (e.g., `npm init -y`).
 - **Error handling:** Check the `Stderr`, `Error`, and `Exit Code` fields to determine if a command executed successfully.
 - **Background processes:** When `is_background=true` or when a command contains `&`, the tool will return immediately and the process will continue to run in the background. The `Background PIDs` field will contain the process ID of the background process.
 - **Background execution choices:** The `is_background` parameter is required and provides explicit control over execution mode. You can also add `&` to the command for manual background execution, but the `is_background` parameter must still be specified. The parameter provides clearer intent and automatically handles the background execution setup.
@@ -117,16 +176,16 @@ When `run_shell_command` executes a command, it sets the `QWEN_CODE=1` environme
 
 ## Command Restrictions
 
-You can restrict the commands that can be executed by the `run_shell_command` tool by using the `coreTools` and `excludeTools` settings in your configuration file.
+You can restrict the commands that can be executed by the `run_shell_command` tool by using the `tools.core` and `tools.exclude` settings in your configuration file.
 
-- `coreTools`: To restrict `run_shell_command` to a specific set of commands, add entries to the `coreTools` list in the format `run_shell_command(<command>)`. For example, `"coreTools": ["run_shell_command(git)"]` will only allow `git` commands. Including the generic `run_shell_command` acts as a wildcard, allowing any command not explicitly blocked.
-- `excludeTools`: To block specific commands, add entries to the `excludeTools` list in the format `run_shell_command(<command>)`. For example, `"excludeTools": ["run_shell_command(rm)"]` will block `rm` commands.
+- `tools.core`: To restrict `run_shell_command` to a specific set of commands, add entries to the `core` list under the `tools` category in the format `run_shell_command(<command>)`. For example, `"tools": {"core": ["run_shell_command(git)"]}` will only allow `git` commands. Including the generic `run_shell_command` acts as a wildcard, allowing any command not explicitly blocked.
+- `tools.exclude`: To block specific commands, add entries to the `exclude` list under the `tools` category in the format `run_shell_command(<command>)`. For example, `"tools": {"exclude": ["run_shell_command(rm)"]}` will block `rm` commands.
 
 The validation logic is designed to be secure and flexible:
 
 1.  **Command Chaining Disabled**: The tool automatically splits commands chained with `&&`, `||`, or `;` and validates each part separately. If any part of the chain is disallowed, the entire command is blocked.
 2.  **Prefix Matching**: The tool uses prefix matching. For example, if you allow `git`, you can run `git status` or `git log`.
-3.  **Blocklist Precedence**: The `excludeTools` list is always checked first. If a command matches a blocked prefix, it will be denied, even if it also matches an allowed prefix in `coreTools`.
+3.  **Blocklist Precedence**: The `tools.exclude` list is always checked first. If a command matches a blocked prefix, it will be denied, even if it also matches an allowed prefix in `tools.core`.
 
 ### Command Restriction Examples
 
@@ -136,7 +195,9 @@ To allow only `git` and `npm` commands, and block all others:
 
 ```json
 {
-  "coreTools": ["run_shell_command(git)", "run_shell_command(npm)"]
+  "tools": {
+    "core": ["run_shell_command(git)", "run_shell_command(npm)"]
+  }
 }
 ```
 
@@ -150,8 +211,10 @@ To block `rm` and allow all other commands:
 
 ```json
 {
-  "coreTools": ["run_shell_command"],
-  "excludeTools": ["run_shell_command(rm)"]
+  "tools": {
+    "core": ["run_shell_command"],
+    "exclude": ["run_shell_command(rm)"]
+  }
 }
 ```
 
@@ -161,12 +224,14 @@ To block `rm` and allow all other commands:
 
 **Blocklist takes precedence**
 
-If a command prefix is in both `coreTools` and `excludeTools`, it will be blocked.
+If a command prefix is in both `tools.core` and `tools.exclude`, it will be blocked.
 
 ```json
 {
-  "coreTools": ["run_shell_command(git)"],
-  "excludeTools": ["run_shell_command(git push)"]
+  "tools": {
+    "core": ["run_shell_command(git)"],
+    "exclude": ["run_shell_command(git push)"]
+  }
 }
 ```
 
@@ -175,11 +240,13 @@ If a command prefix is in both `coreTools` and `excludeTools`, it will be blocke
 
 **Block all shell commands**
 
-To block all shell commands, add the `run_shell_command` wildcard to `excludeTools`:
+To block all shell commands, add the `run_shell_command` wildcard to `tools.exclude`:
 
 ```json
 {
-  "excludeTools": ["run_shell_command"]
+  "tools": {
+    "exclude": ["run_shell_command"]
+  }
 }
 ```
 

esbuild.config.js

@@ -4,32 +4,50 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-import esbuild from 'esbuild';
 import path from 'node:path';
 import { fileURLToPath } from 'node:url';
 import { createRequire } from 'node:module';
+import { writeFileSync } from 'node:fs';
+
+let esbuild;
+try {
+  esbuild = (await import('esbuild')).default;
+} catch (_error) {
+  console.warn('esbuild not available, skipping bundle step');
+  process.exit(0);
+}
 
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
 const require = createRequire(import.meta.url);
 const pkg = require(path.resolve(__dirname, 'package.json'));
 
+const external = [
+  '@lydell/node-pty',
+  'node-pty',
+  '@lydell/node-pty-darwin-arm64',
+  '@lydell/node-pty-darwin-x64',
+  '@lydell/node-pty-linux-x64',
+  '@lydell/node-pty-win32-arm64',
+  '@lydell/node-pty-win32-x64',
+  'tiktoken',
+];
+
 esbuild
   .build({
     entryPoints: ['packages/cli/index.ts'],
     bundle: true,
-    outfile: 'bundle/gemini.js',
+    outfile: 'dist/cli.js',
     platform: 'node',
     format: 'esm',
-    external: [
-      '@lydell/node-pty',
-      'node-pty',
-      '@lydell/node-pty-darwin-arm64',
-      '@lydell/node-pty-darwin-x64',
-      '@lydell/node-pty-linux-x64',
-      '@lydell/node-pty-win32-arm64',
-      '@lydell/node-pty-win32-x64',
-    ],
+    target: 'node20',
+    external,
+    packages: 'bundle',
+    inject: [path.resolve(__dirname, 'scripts/esbuild-shims.js')],
+    banner: {
+      js: `// Force strict mode and setup for ESM
+"use strict";`,
+    },
     alias: {
       'is-in-ci': path.resolve(
         __dirname,
@@ -38,10 +56,20 @@ esbuild
     },
     define: {
       'process.env.CLI_VERSION': JSON.stringify(pkg.version),
-    },
-    banner: {
-      js: `import { createRequire } from 'module'; const require = createRequire(import.meta.url); globalThis.__filename = require('url').fileURLToPath(import.meta.url); globalThis.__dirname = require('path').dirname(globalThis.__filename);`,
+      // Make global available for compatibility
+      global: 'globalThis',
     },
     loader: { '.node': 'file' },
+    metafile: true,
+    write: true,
+    keepNames: true,
   })
-  .catch(() => process.exit(1));
+  .then(({ metafile }) => {
+    if (process.env.DEV === 'true') {
+      writeFileSync('./dist/esbuild.json', JSON.stringify(metafile, null, 2));
+    }
+  })
+  .catch((error) => {
+    console.error('esbuild build failed:', error);
+    process.exitCode = 1;
+  });

eslint.config.js

@@ -12,28 +12,17 @@ import prettierConfig from 'eslint-config-prettier';
 import importPlugin from 'eslint-plugin-import';
 import vitest from '@vitest/eslint-plugin';
 import globals from 'globals';
-import licenseHeader from 'eslint-plugin-license-header';
-import path from 'node:path';
-import url from 'node:url';
-
-// --- ESM way to get __dirname ---
-const __filename = url.fileURLToPath(import.meta.url);
-const __dirname = path.dirname(__filename);
-// --- ---
-
-// Determine the monorepo root (assuming eslint.config.js is at the root)
-const projectRoot = __dirname;
 
 export default tseslint.config(
   {
     // Global ignores
     ignores: [
       'node_modules/*',
-      'eslint.config.js',
       'packages/**/dist/**',
       'bundle/**',
       'package/bundle/**',
       '.integration-tests/**',
+      'dist/**',
     ],
   },
   eslint.configs.recommended,
@@ -221,6 +210,21 @@ export default tseslint.config(
       '@typescript-eslint/no-require-imports': 'off',
     },
   },
+  // extra settings for core package scripts
+  {
+    files: ['packages/core/scripts/**/*.js'],
+    languageOptions: {
+      globals: {
+        ...globals.node,
+        process: 'readonly',
+        console: 'readonly',
+      },
+    },
+    rules: {
+      'no-restricted-syntax': 'off',
+      '@typescript-eslint/no-require-imports': 'off',
+    },
+  },
   // Prettier config must be last
   prettierConfig,
   // extra settings for scripts that we run directly with node

hello/QWEN.md

@@ -0,0 +1,8 @@
+# Ink Library Screen Reader Guidance
+
+When building custom components, it's important to keep accessibility in mind. While Ink provides the building blocks, ensuring your components are accessible will make your CLIs usable by a wider audience.
+
+## General Principles
+
+Provide screen reader-friendly output: Use the useIsScreenReaderEnabled hook to detect if a screen reader is active. You can then render a more descriptive output for screen reader users.
+Leverage ARIA props: For components that have a specific role (e.g., a checkbox or a button), use the aria-role, aria-state, and aria-label props on <Box> and <Text> to provide semantic meaning to screen readers.

hello/qwen-extension.json

@@ -0,0 +1,5 @@
+{
+  "name": "context-example",
+  "version": "1.0.0",
+  "contextFileName": "QWEN.md"
+}

integration-tests/context-compress-interactive.test.ts

@@ -0,0 +1,116 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { expect, describe, it, beforeEach, afterEach } from 'vitest';
+import { TestRig, type } from './test-helper.js';
+
+describe('Interactive Mode', () => {
+  let rig: TestRig;
+
+  beforeEach(() => {
+    rig = new TestRig();
+  });
+
+  afterEach(async () => {
+    await rig.cleanup();
+  });
+
+  it.skipIf(process.platform === 'win32')(
+    'should trigger chat compression with /compress command',
+    async () => {
+      await rig.setup('interactive-compress-test');
+
+      const { ptyProcess } = rig.runInteractive();
+
+      let fullOutput = '';
+      ptyProcess.onData((data) => (fullOutput += data));
+
+      const authDialogAppeared = await rig.waitForText(
+        'How would you like to authenticate',
+        5000,
+      );
+
+      // select the second option if auth dialog come's up
+      if (authDialogAppeared) {
+        ptyProcess.write('2');
+      }
+
+      // Wait for the app to be ready
+      const isReady = await rig.waitForText('Type your message', 15000);
+      expect(
+        isReady,
+        'CLI did not start up in interactive mode correctly',
+      ).toBe(true);
+
+      const longPrompt =
+        'Dont do anything except returning a 1000 token long paragragh with the <name of the scientist who discovered theory of relativity> at the end to indicate end of response. This is a moderately long sentence.';
+
+      await type(ptyProcess, longPrompt);
+      await type(ptyProcess, '\r');
+
+      await rig.waitForText('einstein', 25000);
+
+      await type(ptyProcess, '/compress');
+      // A small delay to allow React to re-render the command list.
+      await new Promise((resolve) => setTimeout(resolve, 100));
+      await type(ptyProcess, '\r');
+
+      const foundEvent = await rig.waitForTelemetryEvent(
+        'chat_compression',
+        90000,
+      );
+      expect(foundEvent, 'chat_compression telemetry event was not found').toBe(
+        true,
+      );
+    },
+  );
+
+  it.skipIf(process.platform === 'win32')(
+    'should handle compression failure on token inflation',
+    async () => {
+      await rig.setup('interactive-compress-test');
+
+      const { ptyProcess } = rig.runInteractive();
+
+      let fullOutput = '';
+      ptyProcess.onData((data) => (fullOutput += data));
+
+      const authDialogAppeared = await rig.waitForText(
+        'How would you like to authenticate',
+        5000,
+      );
+
+      // select the second option if auth dialog come's up
+      if (authDialogAppeared) {
+        ptyProcess.write('2');
+      }
+
+      // Wait for the app to be ready
+      const isReady = await rig.waitForText('Type your message', 25000);
+      expect(
+        isReady,
+        'CLI did not start up in interactive mode correctly',
+      ).toBe(true);
+
+      await type(ptyProcess, '/compress');
+      await new Promise((resolve) => setTimeout(resolve, 100));
+      await type(ptyProcess, '\r');
+
+      const foundEvent = await rig.waitForTelemetryEvent(
+        'chat_compression',
+        90000,
+      );
+      expect(foundEvent).toBe(true);
+
+      const compressionFailed = await rig.waitForText(
+        'compression was not beneficial',
+        25000,
+      );
+
+      expect(compressionFailed).toBe(true);
+    },
+  );
+});

integration-tests/ctrl-c-exit.test.ts

@@ -0,0 +1,129 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { describe, it, expect } from 'vitest';
+import { TestRig } from './test-helper.js';
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+
+describe('Ctrl+C exit', () => {
+  // (#9782) Temporarily disabling on windows because it is failing on main and every
+  // PR, which is potentially hiding other failures
+  it.skipIf(process.platform === 'win32')(
+    'should exit gracefully on second Ctrl+C',
+    async () => {
+      const rig = new TestRig();
+      await rig.setup('should exit gracefully on second Ctrl+C');
+
+      const { ptyProcess, promise } = rig.runInteractive();
+
+      let output = '';
+      ptyProcess.onData((data) => {
+        output += data;
+      });
+
+      // Wait for the app to be ready by looking for the initial prompt indicator
+      await rig.poll(() => output.includes('▶'), 5000, 100);
+
+      // Send first Ctrl+C
+      ptyProcess.write(String.fromCharCode(3));
+
+      // Wait for the exit prompt
+      await rig.poll(
+        () => output.includes('Press Ctrl+C again to exit'),
+        1500,
+        50,
+      );
+
+      // Send second Ctrl+C
+      ptyProcess.write(String.fromCharCode(3));
+
+      const result = await promise;
+
+      // Expect a graceful exit (code 0)
+      expect(
+        result.exitCode,
+        `Process exited with code ${result.exitCode}. Output: ${result.output}`,
+      ).toBe(0);
+
+      // Check that the quitting message is displayed
+      const quittingMessage = 'Agent powering down. Goodbye!';
+      // The regex below is intentionally matching the ESC control character (\x1b)
+      // to strip ANSI color codes from the terminal output.
+      // eslint-disable-next-line no-control-regex
+      const cleanOutput = output.replace(/\x1b\[[0-9;]*m/g, '');
+      expect(cleanOutput).toContain(quittingMessage);
+    },
+  );
+
+  it.skipIf(process.platform === 'win32')(
+    'should exit gracefully on second Ctrl+C when calling a tool',
+    async () => {
+      const rig = new TestRig();
+      await rig.setup(
+        'should exit gracefully on second Ctrl+C when calling a tool',
+      );
+
+      const childProcessFile = 'child_process_file.txt';
+      rig.createFile(
+        'wait.js',
+        `setTimeout(() => require('fs').writeFileSync('${childProcessFile}', 'done'), 5000)`,
+      );
+
+      const { ptyProcess, promise } = rig.runInteractive();
+
+      let output = '';
+      ptyProcess.onData((data) => {
+        output += data;
+      });
+
+      // Wait for the app to be ready by looking for the initial prompt indicator
+      await rig.poll(() => output.includes('▶'), 5000, 100);
+
+      ptyProcess.write('use the tool to run "node -e wait.js"\n');
+
+      await rig.poll(() => output.includes('Shell'), 5000, 100);
+
+      // Send first Ctrl+C
+      ptyProcess.write(String.fromCharCode(3));
+
+      // Wait for the exit prompt
+      await rig.poll(
+        () => output.includes('Press Ctrl+C again to exit'),
+        1500,
+        50,
+      );
+
+      // Send second Ctrl+C
+      ptyProcess.write(String.fromCharCode(3));
+
+      const result = await promise;
+
+      // Expect a graceful exit (code 0)
+      expect(
+        result.exitCode,
+        `Process exited with code ${result.exitCode}. Output: ${result.output}`,
+      ).toBe(0);
+
+      // Check that the quitting message is displayed
+      const quittingMessage = 'Agent powering down. Goodbye!';
+      // The regex below is intentionally matching the ESC control character (\x1b)
+      // to strip ANSI color codes from the terminal output.
+      // eslint-disable-next-line no-control-regex
+      const cleanOutput = output.replace(/\x1b\[[0-9;]*m/g, '');
+      expect(cleanOutput).toContain(quittingMessage);
+
+      // Check that the child process was terminated and did not create the file.
+      const childProcessFileExists = fs.existsSync(
+        path.join(rig.testDir!, childProcessFile),
+      );
+      expect(
+        childProcessFileExists,
+        'Child process file should not exist',
+      ).toBe(false);
+    },
+  );
+});

integration-tests/edit.test.ts

@@ -61,4 +61,125 @@ describe('edit', () => {
       console.log('File edited successfully. New content:', newFileContent);
     }
   });
+
+  it('should handle $ literally when replacing text ending with $', async () => {
+    const rig = new TestRig();
+    await rig.setup(
+      'should handle $ literally when replacing text ending with $',
+    );
+
+    const fileName = 'regex.yml';
+    const originalContent = "| select('match', '^[sv]d[a-z]$')\n";
+    const expectedContent = "| select('match', '^[sv]d[a-z]$') # updated\n";
+
+    rig.createFile(fileName, originalContent);
+
+    const prompt =
+      "Open regex.yml and append ' # updated' after the line containing ^[sv]d[a-z]$ without breaking the $ character.";
+
+    const result = await rig.run(prompt);
+    const foundToolCall = await rig.waitForToolCall('edit');
+
+    if (!foundToolCall) {
+      printDebugInfo(rig, result);
+    }
+
+    expect(foundToolCall, 'Expected to find an edit tool call').toBeTruthy();
+
+    validateModelOutput(result, ['regex.yml'], 'Replace $ literal test');
+
+    const newFileContent = rig.readFile(fileName);
+    expect(newFileContent).toBe(expectedContent);
+  });
+
+  it.skip('should fail safely when old_string is not found', async () => {
+    const rig = new TestRig();
+    await rig.setup('should fail safely when old_string is not found');
+    const fileName = 'no_match.txt';
+    const fileContent = 'hello world';
+    rig.createFile(fileName, fileContent);
+
+    const prompt = `replace "goodbye" with "farewell" in ${fileName}`;
+    await rig.run(prompt);
+
+    await rig.waitForTelemetryReady();
+    const toolLogs = rig.readToolLogs();
+
+    const editAttempt = toolLogs.find((log) => log.toolRequest.name === 'edit');
+    const readAttempt = toolLogs.find(
+      (log) => log.toolRequest.name === 'read_file',
+    );
+
+    // VERIFY: The model must have at least tried to read the file or perform an edit.
+    expect(
+      readAttempt || editAttempt,
+      'Expected model to attempt a read_file or edit',
+    ).toBeDefined();
+
+    // If the model tried to edit, that specific attempt must have failed.
+    if (editAttempt) {
+      if (editAttempt.toolRequest.success) {
+        console.error('The edit tool succeeded when it was expected to fail');
+        console.error('Tool call args:', editAttempt.toolRequest.args);
+      }
+      expect(
+        editAttempt.toolRequest.success,
+        'If edit is called, it must fail',
+      ).toBe(false);
+    }
+
+    // CRITICAL: The final content of the file must be unchanged.
+    const newFileContent = rig.readFile(fileName);
+    expect(newFileContent).toBe(fileContent);
+  });
+
+  it('should insert a multi-line block of text', async () => {
+    const rig = new TestRig();
+    await rig.setup('should insert a multi-line block of text');
+    const fileName = 'insert_block.js';
+    const originalContent = 'function hello() {\n  // INSERT_CODE_HERE\n}';
+    const newBlock = "console.log('hello');\n  console.log('world');";
+    const expectedContent = `function hello() {\n  ${newBlock}\n}`;
+    rig.createFile(fileName, originalContent);
+
+    const prompt = `In ${fileName}, replace "// INSERT_CODE_HERE" with:\n${newBlock}`;
+    const result = await rig.run(prompt);
+
+    const foundToolCall = await rig.waitForToolCall('edit');
+    if (!foundToolCall) {
+      printDebugInfo(rig, result);
+    }
+    expect(foundToolCall, 'Expected to find an edit tool call').toBeTruthy();
+
+    const newFileContent = rig.readFile(fileName);
+
+    expect(newFileContent.replace(/\r\n/g, '\n')).toBe(
+      expectedContent.replace(/\r\n/g, '\n'),
+    );
+  });
+
+  it('should delete a block of text', async () => {
+    const rig = new TestRig();
+    await rig.setup('should delete a block of text');
+    const fileName = 'delete_block.txt';
+    const blockToDelete =
+      '## DELETE THIS ##\nThis is a block of text to delete.\n## END DELETE ##';
+    const originalContent = `Hello\n${blockToDelete}\nWorld`;
+    // When deleting the block, a newline remains from the original structure (Hello\n + \nWorld)
+    rig.createFile(fileName, originalContent);
+
+    const prompt = `In ${fileName}, delete the entire block from "## DELETE THIS ##" to "## END DELETE ##" including the markers.`;
+    const result = await rig.run(prompt);
+
+    const foundToolCall = await rig.waitForToolCall('edit');
+    if (!foundToolCall) {
+      printDebugInfo(rig, result);
+    }
+    expect(foundToolCall, 'Expected to find an edit tool call').toBeTruthy();
+
+    const newFileContent = rig.readFile(fileName);
+
+    // Accept either 1 or 2 newlines between Hello and World
+    expect(newFileContent).toMatch(/^Hello\n\n?World$/);
+  });
 });

integration-tests/extensions-install.test.ts

@@ -0,0 +1,52 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { expect, test } from 'vitest';
+import { TestRig } from './test-helper.js';
+import { writeFileSync } from 'node:fs';
+import { join } from 'node:path';
+
+const extension = `{
+  "name": "test-extension",
+  "version": "0.0.1"
+}`;
+
+const extensionUpdate = `{
+  "name": "test-extension",
+  "version": "0.0.2"
+}`;
+
+test('installs a local extension, verifies a command, and updates it', async () => {
+  const rig = new TestRig();
+  rig.setup('extension install test');
+  const testServerPath = join(rig.testDir!, 'qwen-extension.json');
+  writeFileSync(testServerPath, extension);
+  try {
+    await rig.runCommand(['extensions', 'uninstall', 'test-extension']);
+  } catch {
+    /* empty */
+  }
+
+  const result = await rig.runCommand(
+    ['extensions', 'install', `${rig.testDir!}`],
+    { stdin: 'y\n' },
+  );
+  expect(result).toContain('test-extension');
+
+  const listResult = await rig.runCommand(['extensions', 'list']);
+  expect(listResult).toContain('test-extension');
+  writeFileSync(testServerPath, extensionUpdate);
+  const updateResult = await rig.runCommand([
+    'extensions',
+    'update',
+    `test-extension`,
+  ]);
+  expect(updateResult).toContain('0.0.2');
+
+  await rig.runCommand(['extensions', 'uninstall', 'test-extension']);
+
+  await rig.cleanup();
+});

integration-tests/file-system-interactive.test.ts

@@ -0,0 +1,85 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { expect, describe, it, beforeEach, afterEach } from 'vitest';
+import { TestRig, type, printDebugInfo } from './test-helper.js';
+
+describe('Interactive file system', () => {
+  let rig: TestRig;
+
+  beforeEach(() => {
+    rig = new TestRig();
+  });
+
+  afterEach(async () => {
+    await rig.cleanup();
+  });
+
+  it.skipIf(process.platform === 'win32')(
+    'should perform a read-then-write sequence in interactive mode',
+    async () => {
+      const fileName = 'version.txt';
+      await rig.setup('interactive-read-then-write');
+      rig.createFile(fileName, '1.0.0');
+
+      const { ptyProcess } = rig.runInteractive();
+
+      const authDialogAppeared = await rig.waitForText(
+        'How would you like to authenticate',
+        5000,
+      );
+
+      // select the second option if auth dialog come's up
+      if (authDialogAppeared) {
+        ptyProcess.write('2');
+      }
+
+      // Wait for the app to be ready
+      const isReady = await rig.waitForText('Type your message', 15000);
+      expect(
+        isReady,
+        'CLI did not start up in interactive mode correctly',
+      ).toBe(true);
+
+      // Step 1: Read the file
+      const readPrompt = `Read the version from ${fileName}`;
+      await type(ptyProcess, readPrompt);
+      await type(ptyProcess, '\r');
+
+      const readCall = await rig.waitForToolCall('read_file', 30000);
+      expect(readCall, 'Expected to find a read_file tool call').toBe(true);
+
+      const containsExpectedVersion = await rig.waitForText('1.0.0', 15000);
+      expect(
+        containsExpectedVersion,
+        'Expected to see version "1.0.0" in output',
+      ).toBe(true);
+
+      // Step 2: Write the file
+      const writePrompt = `now change the version to 1.0.1 in the file`;
+      await type(ptyProcess, writePrompt);
+      await type(ptyProcess, '\r');
+
+      const toolCall = await rig.waitForAnyToolCall(
+        ['write_file', 'edit'],
+        30000,
+      );
+
+      if (!toolCall) {
+        printDebugInfo(rig, rig._interactiveOutput, {
+          toolCall,
+        });
+      }
+
+      expect(toolCall, 'Expected to find a write_file or edit tool call').toBe(
+        true,
+      );
+
+      const newFileContent = rig.readFile(fileName);
+      expect(newFileContent).toBe('1.0.1');
+    },
+  );
+});

integration-tests/file-system.test.ts

@@ -5,6 +5,8 @@
  */
 
 import { describe, it, expect } from 'vitest';
+import { existsSync } from 'node:fs';
+import * as path from 'node:path';
 import { TestRig, printDebugInfo, validateModelOutput } from './test-helper.js';
 
 describe('file-system', () => {
@@ -86,4 +88,169 @@ describe('file-system', () => {
       console.log('File written successfully with hello message.');
     }
   });
+
+  it('should correctly handle file paths with spaces', async () => {
+    const rig = new TestRig();
+    await rig.setup('should correctly handle file paths with spaces');
+    const fileName = 'my test file.txt';
+
+    const result = await rig.run(`write "hello" to "${fileName}"`);
+
+    const foundToolCall = await rig.waitForToolCall('write_file');
+    if (!foundToolCall) {
+      printDebugInfo(rig, result);
+    }
+    expect(
+      foundToolCall,
+      'Expected to find a write_file tool call',
+    ).toBeTruthy();
+
+    const newFileContent = rig.readFile(fileName);
+    expect(newFileContent).toBe('hello');
+  });
+
+  it('should perform a read-then-write sequence', async () => {
+    const rig = new TestRig();
+    await rig.setup('should perform a read-then-write sequence');
+    const fileName = 'version.txt';
+    rig.createFile(fileName, '1.0.0');
+
+    const prompt = `Read the version from ${fileName} and write the next version 1.0.1 back to the file.`;
+    const result = await rig.run(prompt);
+
+    await rig.waitForTelemetryReady();
+    const toolLogs = rig.readToolLogs();
+
+    const readCall = toolLogs.find(
+      (log) => log.toolRequest.name === 'read_file',
+    );
+    const writeCall = toolLogs.find(
+      (log) =>
+        log.toolRequest.name === 'write_file' ||
+        log.toolRequest.name === 'replace',
+    );
+
+    if (!readCall || !writeCall) {
+      printDebugInfo(rig, result, { readCall, writeCall });
+    }
+
+    expect(readCall, 'Expected to find a read_file tool call').toBeDefined();
+    expect(
+      writeCall,
+      'Expected to find a write_file or replace tool call',
+    ).toBeDefined();
+
+    const newFileContent = rig.readFile(fileName);
+    expect(newFileContent).toBe('1.0.1');
+  });
+
+  it.skip('should replace multiple instances of a string', async () => {
+    const rig = new TestRig();
+    await rig.setup('should replace multiple instances of a string');
+    const fileName = 'ambiguous.txt';
+    const fileContent = 'Hey there, \ntest line\ntest line';
+    const expectedContent = 'Hey there, \nnew line\nnew line';
+    rig.createFile(fileName, fileContent);
+
+    const result = await rig.run(
+      `replace "test line" with "new line" in ${fileName}`,
+    );
+
+    const foundToolCall = await rig.waitForAnyToolCall([
+      'replace',
+      'write_file',
+    ]);
+    if (!foundToolCall) {
+      printDebugInfo(rig, result);
+    }
+    expect(
+      foundToolCall,
+      'Expected to find a replace or write_file tool call',
+    ).toBeTruthy();
+
+    const toolLogs = rig.readToolLogs();
+    const successfulEdit = toolLogs.some(
+      (log) =>
+        (log.toolRequest.name === 'replace' ||
+          log.toolRequest.name === 'write_file') &&
+        log.toolRequest.success,
+    );
+    if (!successfulEdit) {
+      console.error(
+        'Expected a successful edit tool call, but none was found.',
+      );
+      printDebugInfo(rig, result);
+    }
+    expect(successfulEdit, 'Expected a successful edit tool call').toBeTruthy();
+
+    const newFileContent = rig.readFile(fileName);
+    expect(newFileContent).toBe(expectedContent);
+  });
+
+  it('should fail safely when trying to edit a non-existent file', async () => {
+    const rig = new TestRig();
+    await rig.setup(
+      'should fail safely when trying to edit a non-existent file',
+    );
+    const fileName = 'non_existent.txt';
+
+    const result = await rig.run(`In ${fileName}, replace "a" with "b"`);
+
+    await rig.waitForTelemetryReady();
+    const toolLogs = rig.readToolLogs();
+
+    const readAttempt = toolLogs.find(
+      (log) => log.toolRequest.name === 'read_file',
+    );
+    const writeAttempt = toolLogs.find(
+      (log) => log.toolRequest.name === 'write_file',
+    );
+    const successfulReplace = toolLogs.find(
+      (log) => log.toolRequest.name === 'replace' && log.toolRequest.success,
+    );
+
+    // The model can either investigate (and fail) or do nothing.
+    // If it chose to investigate by reading, that read must have failed.
+    if (readAttempt && readAttempt.toolRequest.success) {
+      console.error(
+        'A read_file attempt succeeded for a non-existent file when it should have failed.',
+      );
+      printDebugInfo(rig, result);
+    }
+    if (readAttempt) {
+      expect(
+        readAttempt.toolRequest.success,
+        'If model tries to read the file, that attempt must fail',
+      ).toBe(false);
+    }
+
+    // CRITICAL: Verify that no matter what the model did, it never successfully
+    // wrote or replaced anything.
+    if (writeAttempt) {
+      console.error(
+        'A write_file attempt was made when no file should be written.',
+      );
+      printDebugInfo(rig, result);
+    }
+    expect(
+      writeAttempt,
+      'write_file should not have been called',
+    ).toBeUndefined();
+
+    if (successfulReplace) {
+      console.error('A successful replace occurred when it should not have.');
+      printDebugInfo(rig, result);
+    }
+    expect(
+      successfulReplace,
+      'A successful replace should not have occurred',
+    ).toBeUndefined();
+
+    // Final verification: ensure the file was not created.
+    const filePath = path.join(rig.testDir!, fileName);
+    const fileExists = existsSync(filePath);
+    expect(fileExists, 'The non-existent file should not be created').toBe(
+      false,
+    );
+  });
 });

integration-tests/globalSetup.ts

@@ -22,7 +22,7 @@ import { fileURLToPath } from 'node:url';
 import * as os from 'node:os';
 
 import {
-  GEMINI_CONFIG_DIR,
+  QWEN_CONFIG_DIR,
   DEFAULT_CONTEXT_FILENAME,
 } from '../packages/core/src/tools/memoryTool.js';
 
@@ -33,7 +33,7 @@ let runDir = ''; // Make runDir accessible in teardown
 
 const memoryFilePath = join(
   os.homedir(),
-  GEMINI_CONFIG_DIR,
+  QWEN_CONFIG_DIR,
   DEFAULT_CONTEXT_FILENAME,
 );
 let originalMemoryContent: string | null = null;

integration-tests/ide-client.test.ts

@@ -1,201 +0,0 @@
-/**
- * @license
- * Copyright 2025 Google LLC
- * SPDX-License-Identifier: Apache-2.0
- */
-
-import { describe, it, expect, beforeEach, afterEach, vi } from 'vitest';
-import * as fs from 'node:fs';
-import * as os from 'node:os';
-import * as path from 'node:path';
-import * as net from 'node:net';
-import * as child_process from 'node:child_process';
-import { IdeClient } from '../packages/core/src/ide/ide-client.js';
-
-import { TestMcpServer } from './test-mcp-server.js';
-
-describe.skip('IdeClient', () => {
-  it('reads port from file and connects', async () => {
-    const server = new TestMcpServer();
-    const port = await server.start();
-    const pid = process.pid;
-    const portFile = path.join(os.tmpdir(), `qwen-code-ide-server-${pid}.json`);
-    fs.writeFileSync(portFile, JSON.stringify({ port }));
-    process.env['QWEN_CODE_IDE_WORKSPACE_PATH'] = process.cwd();
-    process.env['TERM_PROGRAM'] = 'vscode';
-
-    const ideClient = await IdeClient.getInstance();
-    await ideClient.connect();
-
-    expect(ideClient.getConnectionStatus()).toEqual({
-      status: 'connected',
-      details: undefined,
-    });
-
-    fs.unlinkSync(portFile);
-    await server.stop();
-    delete process.env['QWEN_CODE_IDE_WORKSPACE_PATH'];
-  });
-});
-
-const getFreePort = (): Promise<number> => {
-  return new Promise((resolve, reject) => {
-    const server = net.createServer();
-    server.unref();
-    server.on('error', reject);
-    server.listen(0, () => {
-      const port = (server.address() as net.AddressInfo).port;
-      server.close(() => {
-        resolve(port);
-      });
-    });
-  });
-};
-
-describe('IdeClient fallback connection logic', () => {
-  let server: TestMcpServer;
-  let envPort: number;
-  let pid: number;
-  let portFile: string;
-
-  beforeEach(async () => {
-    pid = process.pid;
-    portFile = path.join(os.tmpdir(), `qwen-code-ide-server-${pid}.json`);
-    server = new TestMcpServer();
-    envPort = await server.start();
-    process.env['QWEN_CODE_IDE_SERVER_PORT'] = String(envPort);
-    process.env['TERM_PROGRAM'] = 'vscode';
-    process.env['QWEN_CODE_IDE_WORKSPACE_PATH'] = process.cwd();
-    // Reset instance
-    (IdeClient as unknown as { instance: IdeClient | undefined }).instance =
-      undefined;
-  });
-
-  afterEach(async () => {
-    await server.stop();
-    delete process.env['QWEN_CODE_IDE_SERVER_PORT'];
-    delete process.env['QWEN_CODE_IDE_WORKSPACE_PATH'];
-    if (fs.existsSync(portFile)) {
-      fs.unlinkSync(portFile);
-    }
-  });
-
-  it('connects using env var when port file does not exist', async () => {
-    // Ensure port file doesn't exist
-    if (fs.existsSync(portFile)) {
-      fs.unlinkSync(portFile);
-    }
-
-    const ideClient = await IdeClient.getInstance();
-    await ideClient.connect();
-
-    expect(ideClient.getConnectionStatus()).toEqual({
-      status: 'connected',
-      details: undefined,
-    });
-  });
-
-  it('falls back to env var when connection with port from file fails', async () => {
-    const filePort = await getFreePort();
-    // Write port file with a port that is not listening
-    fs.writeFileSync(portFile, JSON.stringify({ port: filePort }));
-
-    const ideClient = await IdeClient.getInstance();
-    await ideClient.connect();
-
-    expect(ideClient.getConnectionStatus()).toEqual({
-      status: 'connected',
-      details: undefined,
-    });
-  });
-});
-
-describe.skip('getIdeProcessId', () => {
-  let child: child_process.ChildProcess;
-
-  afterEach(() => {
-    if (child) {
-      child.kill();
-    }
-  });
-
-  it('should return the pid of the parent process', async () => {
-    // We need to spawn a child process that will run the test
-    // so that we can check that getIdeProcessId returns the pid of the parent
-    const parentPid = process.pid;
-    const output = await new Promise<string>((resolve, reject) => {
-      child = child_process.spawn(
-        'node',
-        [
-          '-e',
-          `
-        const { getIdeProcessId } = require('../packages/core/src/ide/process-utils.js');
-        getIdeProcessId().then(pid => console.log(pid));
-      `,
-        ],
-        {
-          stdio: ['pipe', 'pipe', 'pipe'],
-        },
-      );
-
-      let out = '';
-      child.stdout?.on('data', (data) => {
-        out += data.toString();
-      });
-
-      child.on('close', (code) => {
-        if (code === 0) {
-          resolve(out.trim());
-        } else {
-          reject(new Error(`Child process exited with code ${code}`));
-        }
-      });
-    });
-
-    expect(parseInt(output, 10)).toBe(parentPid);
-  }, 10000);
-});
-
-describe('IdeClient with proxy', () => {
-  let mcpServer: TestMcpServer;
-  let proxyServer: net.Server;
-  let mcpServerPort: number;
-  let proxyServerPort: number;
-
-  beforeEach(async () => {
-    mcpServer = new TestMcpServer();
-    mcpServerPort = await mcpServer.start();
-
-    proxyServer = net.createServer().listen();
-    proxyServerPort = (proxyServer.address() as net.AddressInfo).port;
-
-    vi.stubEnv('QWEN_CODE_IDE_SERVER_PORT', String(mcpServerPort));
-    vi.stubEnv('TERM_PROGRAM', 'vscode');
-    vi.stubEnv('QWEN_CODE_IDE_WORKSPACE_PATH', process.cwd());
-
-    // Reset instance
-    (IdeClient as unknown as { instance: IdeClient | undefined }).instance =
-      undefined;
-  });
-
-  afterEach(async () => {
-    (await IdeClient.getInstance()).disconnect();
-    await mcpServer.stop();
-    proxyServer.close();
-    vi.unstubAllEnvs();
-  });
-
-  it('should connect to IDE server when HTTP_PROXY, HTTPS_PROXY and NO_PROXY are set', async () => {
-    vi.stubEnv('HTTP_PROXY', `http://localhost:${proxyServerPort}`);
-    vi.stubEnv('HTTPS_PROXY', `http://localhost:${proxyServerPort}`);
-    vi.stubEnv('NO_PROXY', 'example.com,127.0.0.1,::1');
-
-    const ideClient = await IdeClient.getInstance();
-    await ideClient.connect();
-
-    expect(ideClient.getConnectionStatus()).toEqual({
-      status: 'connected',
-      details: undefined,
-    });
-  });
-});

integration-tests/json-output.test.ts

@@ -0,0 +1,89 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { expect, describe, it, beforeEach, afterEach } from 'vitest';
+import { TestRig } from './test-helper.js';
+
+describe('JSON output', () => {
+  let rig: TestRig;
+
+  beforeEach(async () => {
+    rig = new TestRig();
+    await rig.setup('json-output-test');
+  });
+
+  afterEach(async () => {
+    await rig.cleanup();
+  });
+
+  it('should return a valid JSON with response and stats', async () => {
+    const result = await rig.run(
+      'What is the capital of France?',
+      '--output-format',
+      'json',
+    );
+    const parsed = JSON.parse(result);
+
+    expect(parsed).toHaveProperty('response');
+    expect(typeof parsed.response).toBe('string');
+    expect(parsed.response.toLowerCase()).toContain('paris');
+
+    expect(parsed).toHaveProperty('stats');
+    expect(typeof parsed.stats).toBe('object');
+  });
+
+  it('should return a JSON error for enforced auth mismatch before running', async () => {
+    process.env['GOOGLE_GENAI_USE_GCA'] = 'true';
+    await rig.setup('json-output-auth-mismatch', {
+      settings: {
+        security: { auth: { enforcedType: 'gemini-api-key' } },
+      },
+    });
+
+    let thrown: Error | undefined;
+    try {
+      await rig.run('Hello', '--output-format', 'json');
+      expect.fail('Expected process to exit with error');
+    } catch (e) {
+      thrown = e as Error;
+    } finally {
+      delete process.env['GOOGLE_GENAI_USE_GCA'];
+    }
+
+    expect(thrown).toBeDefined();
+    const message = (thrown as Error).message;
+
+    // Use a regex to find the first complete JSON object in the string
+    const jsonMatch = message.match(/{[\s\S]*}/);
+
+    // Fail if no JSON-like text was found
+    expect(
+      jsonMatch,
+      'Expected to find a JSON object in the error output',
+    ).toBeTruthy();
+
+    let payload;
+    try {
+      // Parse the matched JSON string
+      payload = JSON.parse(jsonMatch![0]);
+    } catch (parseError) {
+      console.error('Failed to parse the following JSON:', jsonMatch![0]);
+      throw new Error(
+        `Test failed: Could not parse JSON from error message. Details: ${parseError}`,
+      );
+    }
+
+    expect(payload.error).toBeDefined();
+    expect(payload.error.type).toBe('Error');
+    expect(payload.error.code).toBe(1);
+    expect(payload.error.message).toContain(
+      'configured auth type is gemini-api-key',
+    );
+    expect(payload.error.message).toContain(
+      'current auth type is oauth-personal',
+    );
+  });
+});

integration-tests/list_directory.test.ts

@@ -29,7 +29,7 @@ describe('list_directory', () => {
       50, // check every 50ms
     );
 
-    const prompt = `Can you list the files in the current directory. Display them in the style of 'ls'`;
+    const prompt = `Can you list the files in the current directory.`;
 
     const result = await rig.run(prompt);
 

integration-tests/mcp_server_cyclic_schema.test.ts

@@ -5,14 +5,26 @@
  */
 
 /**
- * This test verifies we can match maximum schema depth errors from Gemini
- * and then detect and warn about the potential tools that caused the error.
+ * This test verifies we can provide MCP tools with recursive input schemas
+ * (in JSON, using the $ref keyword) and both the GenAI SDK and the Gemini
+ * API calls succeed. Note that prior to
+ * https://github.com/googleapis/js-genai/commit/36f6350705ecafc47eaea3f3eecbcc69512edab7#diff-fdde9372aec859322b7c5a5efe467e0ad25a57210c7229724586ee90ea4f5a30
+ * the Gemini API call would fail for such tools because the schema was
+ * passed not as a JSON string but using the Gemini API's tool parameter
+ * schema object which has stricter typing and recursion restrictions.
+ * If this test fails, it's likely because either the GenAI SDK or Gemini API
+ * has become more restrictive about the type of tool parameter schemas that
+ * are accepted. If this occurs: Gemini CLI previously attempted to detect
+ * such tools and proactively remove them from the set of tools provided in
+ * the Gemini API call (as FunctionDeclaration objects). It may be appropriate
+ * to resurrect that behavior but note that it's difficult to keep the
+ * GCLI filters in sync with the Gemini API restrictions and behavior.
  */
 
-import { describe, it, beforeAll, expect } from 'vitest';
-import { TestRig } from './test-helper.js';
-import { join } from 'node:path';
 import { writeFileSync } from 'node:fs';
+import { join } from 'node:path';
+import { beforeAll, describe, expect, it } from 'vitest';
+import { TestRig } from './test-helper.js';
 
 // Create a minimal MCP server that doesn't require external dependencies
 // This implements the MCP protocol directly using Node.js built-ins
@@ -180,15 +192,16 @@ describe('mcp server with cyclic tool schema is detected', () => {
     }
   });
 
-  it('should error and suggest disabling the cyclic tool', async () => {
-    // Just run any command to trigger the schema depth error.
-    // If this test starts failing, check `isSchemaDepthError` from
-    // geminiChat.ts to see if it needs to be updated.
-    // Or, possibly it could mean that gemini has fixed the issue.
-    const output = await rig.run('hello');
+  it('mcp tool with cyclic schema should be accessible', async () => {
+    const mcp_list_output = await rig.runCommand(['mcp', 'list']);
 
-    expect(output).toMatch(
-      /Skipping tool 'tool_with_cyclic_schema' from MCP server 'cyclic-schema-server' because it has missing types in its parameter schema/,
-    );
+    // Verify the cyclic schema server is configured
+    expect(mcp_list_output).toContain('cyclic-schema-server');
+  });
+
+  it('gemini api call should be successful with cyclic mcp tool schema', async () => {
+    // Run any command and verify that we get a non-error response from
+    // the Gemini API.
+    await rig.run('hello');
   });
 });

integration-tests/mixed-input-crash.test.ts

@@ -0,0 +1,62 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { describe, it, expect } from 'vitest';
+import { TestRig } from './test-helper.js';
+
+describe('mixed input crash prevention', () => {
+  it('should not crash when using mixed prompt inputs', async () => {
+    const rig = new TestRig();
+    rig.setup('should not crash when using mixed prompt inputs');
+
+    // Test: echo "say '1'." | gemini --prompt-interactive="say '2'." say '3'.
+    const stdinContent = "say '1'.";
+
+    try {
+      await rig.run(
+        { stdin: stdinContent },
+        '--prompt-interactive',
+        "say '2'.",
+        "say '3'.",
+      );
+      throw new Error('Expected the command to fail, but it succeeded');
+    } catch (error: unknown) {
+      expect(error).toBeInstanceOf(Error);
+      const err = error as Error;
+
+      expect(err.message).toContain('Process exited with code 1');
+      expect(err.message).toContain(
+        '--prompt-interactive flag cannot be used when input is piped',
+      );
+      expect(err.message).not.toContain('setRawMode is not a function');
+      expect(err.message).not.toContain('unexpected critical error');
+    }
+
+    const lastRequest = rig.readLastApiRequest();
+    expect(lastRequest).toBeNull();
+  });
+
+  it('should provide clear error message for mixed input', async () => {
+    const rig = new TestRig();
+    rig.setup('should provide clear error message for mixed input');
+
+    try {
+      await rig.run(
+        { stdin: 'test input' },
+        '--prompt-interactive',
+        'test prompt',
+      );
+      throw new Error('Expected the command to fail, but it succeeded');
+    } catch (error: unknown) {
+      expect(error).toBeInstanceOf(Error);
+      const err = error as Error;
+
+      expect(err.message).toContain(
+        '--prompt-interactive flag cannot be used when input is piped',
+      );
+    }
+  });
+});

integration-tests/read_many_files.test.ts

@@ -14,7 +14,7 @@ describe('read_many_files', () => {
     rig.createFile('file1.txt', 'file 1 content');
     rig.createFile('file2.txt', 'file 2 content');
 
-    const prompt = `Please use read_many_files to read file1.txt and file2.txt and show me what's in them`;
+    const prompt = `Use the read_many_files tool to read the contents of file1.txt and file2.txt and then print the contents of each file.`;
 
     const result = await rig.run(prompt);
 
@@ -41,11 +41,7 @@ describe('read_many_files', () => {
       'Expected to find either read_many_files or multiple read_file tool calls',
     ).toBeTruthy();
 
-    // Validate model output - will throw if no output, warn if missing expected content
-    validateModelOutput(
-      result,
-      ['file 1 content', 'file 2 content'],
-      'Read many files test',
-    );
+    // Validate model output - will throw if no output
+    validateModelOutput(result, null, 'Read many files test');
   });
 });

integration-tests/run_shell_command.test.ts

@@ -67,4 +67,64 @@ describe('run_shell_command', () => {
     // Validate model output - will throw if no output, warn if missing expected content
     validateModelOutput(result, 'test-stdin', 'Shell command stdin test');
   });
+
+  it('should propagate environment variables to the child process', async () => {
+    const rig = new TestRig();
+    await rig.setup('should propagate environment variables');
+
+    const varName = 'GEMINI_CLI_TEST_VAR';
+    const varValue = `test-value-${Math.random().toString(36).substring(7)}`;
+    process.env[varName] = varValue;
+
+    try {
+      const prompt = `Use echo to learn the value of the environment variable named ${varName} and tell me what it is.`;
+      const result = await rig.run(prompt);
+
+      const foundToolCall = await rig.waitForToolCall('run_shell_command');
+
+      if (!foundToolCall || !result.includes(varValue)) {
+        printDebugInfo(rig, result, {
+          'Found tool call': foundToolCall,
+          'Contains varValue': result.includes(varValue),
+        });
+      }
+
+      expect(
+        foundToolCall,
+        'Expected to find a run_shell_command tool call',
+      ).toBeTruthy();
+      validateModelOutput(result, varValue, 'Env var propagation test');
+      expect(result).toContain(varValue);
+    } finally {
+      delete process.env[varName];
+    }
+  });
+
+  it('should run a platform-specific file listing command', async () => {
+    const rig = new TestRig();
+    await rig.setup('should run platform-specific file listing');
+    const fileName = `test-file-${Math.random().toString(36).substring(7)}.txt`;
+    rig.createFile(fileName, 'test content');
+
+    const prompt = `Run a shell command to list the files in the current directory and tell me what they are.`;
+    const result = await rig.run(prompt);
+
+    const foundToolCall = await rig.waitForToolCall('run_shell_command');
+
+    // Debugging info
+    if (!foundToolCall || !result.includes(fileName)) {
+      printDebugInfo(rig, result, {
+        'Found tool call': foundToolCall,
+        'Contains fileName': result.includes(fileName),
+      });
+    }
+
+    expect(
+      foundToolCall,
+      'Expected to find a run_shell_command tool call',
+    ).toBeTruthy();
+
+    validateModelOutput(result, fileName, 'Platform-specific listing test');
+    expect(result).toContain(fileName);
+  });
 });

integration-tests/save_memory.test.ts

@@ -8,7 +8,9 @@ import { describe, it, expect } from 'vitest';
 import { TestRig, printDebugInfo, validateModelOutput } from './test-helper.js';
 
 describe('save_memory', () => {
-  it('should be able to save to memory', async () => {
+  // Skipped due to flaky model behavior - the model sometimes answers the question
+  // directly without calling the save_memory tool, even when prompted to "remember"
+  it.skip('should be able to save to memory', async () => {
     const rig = new TestRig();
     await rig.setup('should be able to save to memory');
 

integration-tests/shell-service.test.ts

@@ -1,156 +0,0 @@
-/**
- * @license
- * Copyright 2025 Google LLC
- * SPDX-License-Identifier: Apache-2.0
- */
-
-import { describe, it, expect, beforeAll } from 'vitest';
-import { ShellExecutionService } from '../packages/core/src/services/shellExecutionService.js';
-import * as fs from 'node:fs/promises';
-import * as path from 'node:path';
-import { vi } from 'vitest';
-
-describe('ShellExecutionService programmatic integration tests', () => {
-  let testDir: string;
-
-  beforeAll(async () => {
-    // Create a dedicated directory for this test suite to avoid conflicts.
-    testDir = path.join(
-      process.env['INTEGRATION_TEST_FILE_DIR']!,
-      'shell-service-tests',
-    );
-    await fs.mkdir(testDir, { recursive: true });
-  });
-
-  it('should execute a simple cross-platform command (echo)', async () => {
-    const command = 'echo "hello from the service"';
-    const onOutputEvent = vi.fn();
-    const abortController = new AbortController();
-
-    const handle = await ShellExecutionService.execute(
-      command,
-      testDir,
-      onOutputEvent,
-      abortController.signal,
-      false,
-    );
-
-    const result = await handle.result;
-
-    expect(result.error).toBeNull();
-    expect(result.exitCode).toBe(0);
-    // Output can vary slightly between shells (e.g., quotes), so check for inclusion.
-    expect(result.output).toContain('hello from the service');
-  });
-
-  it.runIf(process.platform === 'win32')(
-    'should execute "dir" on Windows',
-    async () => {
-      const testFile = 'test-file-windows.txt';
-      await fs.writeFile(path.join(testDir, testFile), 'windows test');
-
-      const command = 'dir';
-      const onOutputEvent = vi.fn();
-      const abortController = new AbortController();
-
-      const handle = await ShellExecutionService.execute(
-        command,
-        testDir,
-        onOutputEvent,
-        abortController.signal,
-        false,
-      );
-
-      const result = await handle.result;
-
-      expect(result.error).toBeNull();
-      expect(result.exitCode).toBe(0);
-      expect(result.output).toContain(testFile);
-    },
-  );
-
-  it.skipIf(process.platform === 'win32')(
-    'should execute "ls -l" on Unix',
-    async () => {
-      const testFile = 'test-file-unix.txt';
-      await fs.writeFile(path.join(testDir, testFile), 'unix test');
-
-      const command = 'ls -l';
-      const onOutputEvent = vi.fn();
-      const abortController = new AbortController();
-
-      const handle = await ShellExecutionService.execute(
-        command,
-        testDir,
-        onOutputEvent,
-        abortController.signal,
-        false,
-      );
-
-      const result = await handle.result;
-
-      expect(result.error).toBeNull();
-      expect(result.exitCode).toBe(0);
-      expect(result.output).toContain(testFile);
-    },
-  );
-
-  it('should abort a running process', async () => {
-    // A command that runs for a bit. 'sleep' on unix, 'timeout' on windows.
-    const command = process.platform === 'win32' ? 'timeout /t 20' : 'sleep 20';
-    const onOutputEvent = vi.fn();
-    const abortController = new AbortController();
-
-    const handle = await ShellExecutionService.execute(
-      command,
-      testDir,
-      onOutputEvent,
-      abortController.signal,
-      false,
-    );
-
-    // Abort shortly after starting
-    setTimeout(() => abortController.abort(), 50);
-
-    const result = await handle.result;
-
-    // For debugging the flaky test.
-    console.log('Abort test result:', result);
-
-    expect(result.aborted).toBe(true);
-    // A clean exit is exitCode 0 and no signal. If the process was truly
-    // aborted, it should not have exited cleanly.
-    const exitedCleanly = result.exitCode === 0 && result.signal === null;
-    expect(exitedCleanly, 'Process should not have exited cleanly').toBe(false);
-  });
-
-  it('should propagate environment variables to the child process', async () => {
-    const varName = 'QWEN_CODE_TEST_VAR';
-    const varValue = `test-value`;
-    process.env[varName] = varValue;
-
-    try {
-      const command =
-        process.platform === 'win32' ? `echo %${varName}%` : `echo $${varName}`;
-      const onOutputEvent = vi.fn();
-      const abortController = new AbortController();
-
-      const handle = await ShellExecutionService.execute(
-        command,
-        testDir,
-        onOutputEvent,
-        abortController.signal,
-        false,
-      );
-
-      const result = await handle.result;
-
-      expect(result.error).toBeNull();
-      expect(result.exitCode).toBe(0);
-      expect(result.output).toContain(varValue);
-    } finally {
-      // Clean up the env var to prevent side-effects on other tests.
-      delete process.env[varName];
-    }
-  });
-});

integration-tests/simple-mcp-server.test.ts

@@ -189,6 +189,25 @@ describe('simple-mcp-server', () => {
       const { chmodSync } = await import('node:fs');
       chmodSync(testServerPath, 0o755);
     }
+
+    // Poll for script for up to 5s
+    const { accessSync, constants } = await import('node:fs');
+    const isReady = await rig.poll(
+      () => {
+        try {
+          accessSync(testServerPath, constants.F_OK);
+          return true;
+        } catch {
+          return false;
+        }
+      },
+      5000, // Max wait 5 seconds
+      100, // Poll every 100ms
+    );
+
+    if (!isReady) {
+      throw new Error('MCP server script was not ready in time.');
+    }
   });
 
   it('should add two numbers', async () => {

integration-tests/telemetry.test.ts

@@ -0,0 +1,26 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { describe, it, expect } from 'vitest';
+import { TestRig } from './test-helper.js';
+
+describe('telemetry', () => {
+  it('should emit a metric and a log event', async () => {
+    const rig = new TestRig();
+    rig.setup('should emit a metric and a log event');
+
+    // Run a simple command that should trigger telemetry
+    await rig.run('just saying hi');
+
+    // Verify that a user_prompt event was logged
+    const hasUserPromptEvent = await rig.waitForTelemetryEvent('user_prompt');
+    expect(hasUserPromptEvent).toBe(true);
+
+    // Verify that a cli_command_count metric was emitted
+    const cliCommandCountMetric = rig.readMetric('session.count');
+    expect(cliCommandCountMetric).not.toBeNull();
+  });
+});

integration-tests/test-helper.ts

@@ -5,13 +5,15 @@
  */
 
 import { execSync, spawn } from 'node:child_process';
-import { parse } from 'shell-quote';
 import { mkdirSync, writeFileSync, readFileSync } from 'node:fs';
 import { join, dirname } from 'node:path';
 import { fileURLToPath } from 'node:url';
 import { env } from 'node:process';
+import { DEFAULT_QWEN_MODEL } from '../packages/core/src/config/models.js';
 import fs from 'node:fs';
 import { EOL } from 'node:os';
+import * as pty from '@lydell/node-pty';
+import stripAnsi from 'strip-ansi';
 
 const __dirname = dirname(fileURLToPath(import.meta.url));
 
@@ -112,14 +114,41 @@ export function validateModelOutput(
   return true;
 }
 
+// Simulates typing a string one character at a time to avoid paste detection.
+export async function type(ptyProcess: pty.IPty, text: string) {
+  const delay = 5;
+  for (const char of text) {
+    ptyProcess.write(char);
+    await new Promise((resolve) => setTimeout(resolve, delay));
+  }
+}
+
+interface ParsedLog {
+  attributes?: {
+    'event.name'?: string;
+    function_name?: string;
+    function_args?: string;
+    success?: boolean;
+    duration_ms?: number;
+  };
+  scopeMetrics?: {
+    metrics: {
+      descriptor: {
+        name: string;
+      };
+    }[];
+  }[];
+}
+
 export class TestRig {
   bundlePath: string;
   testDir: string | null;
   testName?: string;
   _lastRunStdout?: string;
+  _interactiveOutput = '';
 
   constructor() {
-    this.bundlePath = join(__dirname, '..', 'bundle/gemini.js');
+    this.bundlePath = join(__dirname, '..', 'dist/cli.js');
     this.testDir = null;
   }
 
@@ -140,8 +169,8 @@ export class TestRig {
     mkdirSync(this.testDir, { recursive: true });
 
     // Create a settings file to point the CLI to the local collector
-    const geminiDir = join(this.testDir, '.qwen');
-    mkdirSync(geminiDir, { recursive: true });
+    const qwenDir = join(this.testDir, '.qwen');
+    mkdirSync(qwenDir, { recursive: true });
     // In sandbox mode, use an absolute path for telemetry inside the container
     // The container mounts the test directory at the same path as the host
     const telemetryPath = join(this.testDir, 'telemetry.log'); // Always use test directory for telemetry
@@ -153,12 +182,12 @@ export class TestRig {
         otlpEndpoint: '',
         outfile: telemetryPath,
       },
-      sandbox:
-        env['GEMINI_SANDBOX'] !== 'false' ? env['GEMINI_SANDBOX'] : false,
+      model: DEFAULT_QWEN_MODEL,
+      sandbox: env.GEMINI_SANDBOX !== 'false' ? env.GEMINI_SANDBOX : false,
       ...options.settings, // Allow tests to override/add settings
     };
     writeFileSync(
-      join(geminiDir, 'settings.json'),
+      join(qwenDir, 'settings.json'),
       JSON.stringify(settings, null, 2),
     );
   }
@@ -178,13 +207,32 @@ export class TestRig {
     execSync('sync', { cwd: this.testDir! });
   }
 
+  /**
+   * The command and args to use to invoke Qwen Code CLI. Allows us to switch
+   * between using the bundled gemini.js (the default) and using the installed
+   * 'qwen' (used to verify npm bundles).
+   */
+  private _getCommandAndArgs(extraInitialArgs: string[] = []): {
+    command: string;
+    initialArgs: string[];
+  } {
+    const isNpmReleaseTest =
+      process.env.INTEGRATION_TEST_USE_INSTALLED_GEMINI === 'true';
+    const command = isNpmReleaseTest ? 'qwen' : 'node';
+    const initialArgs = isNpmReleaseTest
+      ? extraInitialArgs
+      : [this.bundlePath, ...extraInitialArgs];
+    return { command, initialArgs };
+  }
+
   run(
     promptOrOptions:
       | string
       | { prompt?: string; stdin?: string; stdinDoesNotEnd?: boolean },
     ...args: string[]
   ): Promise<string> {
-    let command = `node ${this.bundlePath} --yolo`;
+    const { command, initialArgs } = this._getCommandAndArgs(['--yolo']);
+    const commandArgs = [...initialArgs];
     const execOptions: {
       cwd: string;
       encoding: 'utf-8';
@@ -195,27 +243,25 @@ export class TestRig {
     };
 
     if (typeof promptOrOptions === 'string') {
-      command += ` --prompt ${JSON.stringify(promptOrOptions)}`;
+      commandArgs.push('--prompt', promptOrOptions);
     } else if (
       typeof promptOrOptions === 'object' &&
       promptOrOptions !== null
     ) {
       if (promptOrOptions.prompt) {
-        command += ` --prompt ${JSON.stringify(promptOrOptions.prompt)}`;
+        commandArgs.push('--prompt', promptOrOptions.prompt);
       }
       if (promptOrOptions.stdin) {
         execOptions.input = promptOrOptions.stdin;
       }
     }
 
-    command += ` ${args.join(' ')}`;
+    commandArgs.push(...args);
 
-    const commandArgs = parse(command);
-    const node = commandArgs.shift() as string;
-
-    const child = spawn(node, commandArgs as string[], {
+    const child = spawn(command, commandArgs, {
       cwd: this.testDir!,
       stdio: 'pipe',
+      env: process.env,
     });
 
     let stdout = '';
@@ -291,8 +337,15 @@ export class TestRig {
 
             result = filteredLines.join('\n');
           }
-          // If we have stderr output, include that also
-          if (stderr) {
+
+          // Check if this is a JSON output test - if so, don't include stderr
+          // as it would corrupt the JSON
+          const isJsonOutput =
+            commandArgs.includes('--output-format') &&
+            commandArgs.includes('json');
+
+          // If we have stderr output and it's not a JSON test, include that also
+          if (stderr && !isJsonOutput) {
             result += `\n\nStdErr:\n${stderr}`;
           }
 
@@ -306,6 +359,58 @@ export class TestRig {
     return promise;
   }
 
+  runCommand(
+    args: string[],
+    options: { stdin?: string } = {},
+  ): Promise<string> {
+    const { command, initialArgs } = this._getCommandAndArgs();
+    const commandArgs = [...initialArgs, ...args];
+
+    const child = spawn(command, commandArgs, {
+      cwd: this.testDir!,
+      stdio: 'pipe',
+    });
+
+    let stdout = '';
+    let stderr = '';
+
+    if (options.stdin) {
+      child.stdin!.write(options.stdin);
+      child.stdin!.end();
+    }
+
+    child.stdout!.on('data', (data: Buffer) => {
+      stdout += data;
+      if (env.KEEP_OUTPUT === 'true' || env.VERBOSE === 'true') {
+        process.stdout.write(data);
+      }
+    });
+
+    child.stderr!.on('data', (data: Buffer) => {
+      stderr += data;
+      if (env.KEEP_OUTPUT === 'true' || env.VERBOSE === 'true') {
+        process.stderr.write(data);
+      }
+    });
+
+    const promise = new Promise<string>((resolve, reject) => {
+      child.on('close', (code: number) => {
+        if (code === 0) {
+          this._lastRunStdout = stdout;
+          let result = stdout;
+          if (stderr) {
+            result += `\n\nStdErr:\n${stderr}`;
+          }
+          resolve(result);
+        } else {
+          reject(new Error(`Process exited with code ${code}:\n${stderr}`));
+        }
+      });
+    });
+
+    return promise;
+  }
+
   readFile(fileName: string) {
     const filePath = join(this.testDir!, fileName);
     const content = readFileSync(filePath, 'utf-8');
@@ -363,37 +468,12 @@ export class TestRig {
 
     return this.poll(
       () => {
-        const logFilePath = join(this.testDir!, 'telemetry.log');
-
-        if (!logFilePath || !fs.existsSync(logFilePath)) {
-          return false;
-        }
-
-        const content = readFileSync(logFilePath, 'utf-8');
-        const jsonObjects = content
-          .split(/}\n{/)
-          .map((obj, index, array) => {
-            // Add back the braces we removed during split
-            if (index > 0) obj = '{' + obj;
-            if (index < array.length - 1) obj = obj + '}';
-            return obj.trim();
-          })
-          .filter((obj) => obj);
-
-        for (const jsonStr of jsonObjects) {
-          try {
-            const logData = JSON.parse(jsonStr);
-            if (
-              logData.attributes &&
-              logData.attributes['event.name'] === `gemini_cli.${eventName}`
-            ) {
-              return true;
-            }
-          } catch {
-            // ignore
-          }
-        }
-        return false;
+        const logs = this._readAndParseTelemetryLog();
+        return logs.some(
+          (logData) =>
+            logData.attributes &&
+            logData.attributes['event.name'] === `qwen-code.${eventName}`,
+        );
       },
       timeout,
       100,
@@ -566,7 +646,7 @@ export class TestRig {
                 }
               } else if (
                 obj.attributes &&
-                obj.attributes['event.name'] === 'gemini_cli.tool_call'
+                obj.attributes['event.name'] === 'qwen-code.tool_call'
               ) {
                 logs.push({
                   timestamp: obj.attributes['event.timestamp'],
@@ -590,6 +670,45 @@ export class TestRig {
     return logs;
   }
 
+  private _readAndParseTelemetryLog(): ParsedLog[] {
+    // Telemetry is always written to the test directory
+    const logFilePath = join(this.testDir!, 'telemetry.log');
+
+    if (!logFilePath || !fs.existsSync(logFilePath)) {
+      return [];
+    }
+
+    const content = readFileSync(logFilePath, 'utf-8');
+
+    // Split the content into individual JSON objects
+    // They are separated by "}\n{"
+    const jsonObjects = content
+      .split(/}\n{/)
+      .map((obj, index, array) => {
+        // Add back the braces we removed during split
+        if (index > 0) obj = '{' + obj;
+        if (index < array.length - 1) obj = obj + '}';
+        return obj.trim();
+      })
+      .filter((obj) => obj);
+
+    const logs: ParsedLog[] = [];
+
+    for (const jsonStr of jsonObjects) {
+      try {
+        const logData = JSON.parse(jsonStr);
+        logs.push(logData);
+      } catch (e) {
+        // Skip objects that aren't valid JSON
+        if (env.VERBOSE === 'true') {
+          console.error('Failed to parse telemetry object:', e);
+        }
+      }
+    }
+
+    return logs;
+  }
+
   readToolLogs() {
     // For Podman, first check if telemetry file exists and has content
     // If not, fall back to parsing from stdout
@@ -619,33 +738,7 @@ export class TestRig {
       }
     }
 
-    // Telemetry is always written to the test directory
-    const logFilePath = join(this.testDir!, 'telemetry.log');
-
-    if (!logFilePath) {
-      console.warn(`TELEMETRY_LOG_FILE environment variable not set`);
-      return [];
-    }
-
-    // Check if file exists, if not return empty array (file might not be created yet)
-    if (!fs.existsSync(logFilePath)) {
-      return [];
-    }
-
-    const content = readFileSync(logFilePath, 'utf-8');
-
-    // Split the content into individual JSON objects
-    // They are separated by "}\n{"
-    const jsonObjects = content
-      .split(/}\n{/)
-      .map((obj, index, array) => {
-        // Add back the braces we removed during split
-        if (index > 0) obj = '{' + obj;
-        if (index < array.length - 1) obj = obj + '}';
-        return obj.trim();
-      })
-      .filter((obj) => obj);
-
+    const parsedLogs = this._readAndParseTelemetryLog();
     const logs: {
       toolRequest: {
         name: string;
@@ -655,29 +748,21 @@ export class TestRig {
       };
     }[] = [];
 
-    for (const jsonStr of jsonObjects) {
-      try {
-        const logData = JSON.parse(jsonStr);
-        // Look for tool call logs
-        if (
-          logData.attributes &&
-          logData.attributes['event.name'] === 'qwen-code.tool_call'
-        ) {
-          const toolName = logData.attributes.function_name;
-          logs.push({
-            toolRequest: {
-              name: toolName,
-              args: logData.attributes.function_args,
-              success: logData.attributes.success,
-              duration_ms: logData.attributes.duration_ms,
-            },
-          });
-        }
-      } catch (e) {
-        // Skip objects that aren't valid JSON
-        if (env['VERBOSE'] === 'true') {
-          console.error('Failed to parse telemetry object:', e);
-        }
+    for (const logData of parsedLogs) {
+      // Look for tool call logs
+      if (
+        logData.attributes &&
+        logData.attributes['event.name'] === 'qwen-code.tool_call'
+      ) {
+        const toolName = logData.attributes.function_name;
+        logs.push({
+          toolRequest: {
+            name: toolName,
+            args: logData.attributes.function_args,
+            success: logData.attributes.success,
+            duration_ms: logData.attributes.duration_ms,
+          },
+        });
       }
     }
 
@@ -685,38 +770,79 @@ export class TestRig {
   }
 
   readLastApiRequest(): Record<string, unknown> | null {
-    // Telemetry is always written to the test directory
-    const logFilePath = join(this.testDir!, 'telemetry.log');
+    const logs = this._readAndParseTelemetryLog();
+    const apiRequests = logs.filter(
+      (logData) =>
+        logData.attributes &&
+        logData.attributes['event.name'] === 'qwen-code.api_request',
+    );
+    return apiRequests.pop() || null;
+  }
 
-    if (!logFilePath || !fs.existsSync(logFilePath)) {
-      return null;
-    }
-
-    const content = readFileSync(logFilePath, 'utf-8');
-    const jsonObjects = content
-      .split(/}\n{/)
-      .map((obj, index, array) => {
-        if (index > 0) obj = '{' + obj;
-        if (index < array.length - 1) obj = obj + '}';
-        return obj.trim();
-      })
-      .filter((obj) => obj);
-
-    let lastApiRequest = null;
-
-    for (const jsonStr of jsonObjects) {
-      try {
-        const logData = JSON.parse(jsonStr);
-        if (
-          logData.attributes &&
-          logData.attributes['event.name'] === 'gemini_cli.api_request'
-        ) {
-          lastApiRequest = logData;
+  readMetric(metricName: string): Record<string, unknown> | null {
+    const logs = this._readAndParseTelemetryLog();
+    for (const logData of logs) {
+      if (logData.scopeMetrics) {
+        for (const scopeMetric of logData.scopeMetrics) {
+          for (const metric of scopeMetric.metrics) {
+            if (metric.descriptor.name === `qwen-code.${metricName}`) {
+              return metric;
+            }
+          }
         }
-      } catch {
-        // ignore
       }
     }
-    return lastApiRequest;
+    return null;
+  }
+
+  async waitForText(text: string, timeout?: number): Promise<boolean> {
+    if (!timeout) {
+      timeout = this.getDefaultTimeout();
+    }
+    return this.poll(
+      () =>
+        stripAnsi(this._interactiveOutput)
+          .toLowerCase()
+          .includes(text.toLowerCase()),
+      timeout,
+      200,
+    );
+  }
+
+  runInteractive(...args: string[]): {
+    ptyProcess: pty.IPty;
+    promise: Promise<{ exitCode: number; signal?: number; output: string }>;
+  } {
+    const { command, initialArgs } = this._getCommandAndArgs(['--yolo']);
+    const commandArgs = [...initialArgs, ...args];
+
+    this._interactiveOutput = ''; // Reset output for the new run
+
+    const ptyProcess = pty.spawn(command, commandArgs, {
+      name: 'xterm-color',
+      cols: 80,
+      rows: 30,
+      cwd: this.testDir!,
+      env: process.env as { [key: string]: string },
+    });
+
+    ptyProcess.onData((data) => {
+      this._interactiveOutput += data;
+      if (env.KEEP_OUTPUT === 'true' || env.VERBOSE === 'true') {
+        process.stdout.write(data);
+      }
+    });
+
+    const promise = new Promise<{
+      exitCode: number;
+      signal?: number;
+      output: string;
+    }>((resolve) => {
+      ptyProcess.onExit(({ exitCode, signal }) => {
+        resolve({ exitCode, signal, output: this._interactiveOutput });
+      });
+    });
+
+    return { ptyProcess, promise };
   }
 }

integration-tests/todo_write.test.ts

@@ -12,13 +12,12 @@ describe('todo_write', () => {
     const rig = new TestRig();
     await rig.setup('should be able to create and manage a todo list');
 
-    const prompt = `I want to implement a new feature to track user preferences. Here are the tasks:
-1. Create a user preferences model
-2. Add API endpoints for preferences
-3. Implement frontend components
-4. Write tests for the new functionality
+    const prompt = `Please create a todo list with these three simple tasks:
+1. Buy milk
+2. Walk the dog  
+3. Read a book
 
-Please create a todo list for these tasks.`;
+Use the todo_write tool to create this list.`;
 
     const result = await rig.run(prompt);
 
@@ -50,83 +49,21 @@ Please create a todo list for these tasks.`;
 
     expect(todoArgs.todos).toBeDefined();
     expect(Array.isArray(todoArgs.todos)).toBe(true);
-    expect(todoArgs.todos.length).toBe(4);
+    expect(todoArgs.todos.length).toBeGreaterThanOrEqual(3);
 
     // Check that all todos have the correct structure
     for (const todo of todoArgs.todos) {
       expect(todo.id).toBeDefined();
       expect(todo.content).toBeDefined();
-      expect(['pending', 'in_progress', 'completed']).toContain(todo.status);
+      expect(['pending', 'in_progress', 'completed', 'cancelled']).toContain(
+        todo.status,
+      );
     }
 
     // Log success info if verbose
     if (process.env['VERBOSE'] === 'true') {
       console.log('Todo list created successfully');
-    }
-  });
-
-  it('should be able to update todo status', async () => {
-    const rig = new TestRig();
-    await rig.setup('should be able to update todo status');
-
-    // First create a todo list
-    const initialPrompt = `Create a todo list with these tasks:
-1. Set up project structure
-2. Implement authentication
-3. Add database migrations`;
-
-    await rig.run(initialPrompt);
-    await rig.waitForToolCall('todo_write');
-
-    // Now update the todo list by marking one as in progress
-    const updatePrompt = `I've started working on implementing authentication. Please update the todo list to reflect that.`;
-
-    const result = await rig.run(updatePrompt);
-
-    const foundToolCall = await rig.waitForToolCall('todo_write');
-
-    // Add debugging information
-    if (!foundToolCall) {
-      printDebugInfo(rig, result);
-    }
-
-    expect(
-      foundToolCall,
-      'Expected to find a todo_write tool call',
-    ).toBeTruthy();
-
-    // Validate model output - will throw if no output
-    validateModelOutput(result, null, 'Todo update test');
-
-    // Check that the tool was called with updated parameters
-    const toolLogs = rig.readToolLogs();
-    const todoWriteCalls = toolLogs.filter(
-      (t) => t.toolRequest.name === 'todo_write',
-    );
-
-    expect(todoWriteCalls.length).toBeGreaterThan(0);
-
-    // Parse the arguments to verify the update
-    const todoArgs = JSON.parse(
-      todoWriteCalls[todoWriteCalls.length - 1].toolRequest.args,
-    );
-
-    expect(todoArgs.todos).toBeDefined();
-    expect(Array.isArray(todoArgs.todos)).toBe(true);
-    // The model might create a new list with just the task it's working on
-    // or it might update the existing list. Let's check that we have at least one todo
-    expect(todoArgs.todos.length).toBeGreaterThanOrEqual(1);
-
-    // Check that all todos have the correct structure
-    for (const todo of todoArgs.todos) {
-      expect(todo.id).toBeDefined();
-      expect(todo.content).toBeDefined();
-      expect(['pending', 'in_progress', 'completed']).toContain(todo.status);
-    }
-
-    // Log success info if verbose
-    if (process.env['VERBOSE'] === 'true') {
-      console.log('Todo list updated successfully');
+      console.log(`Created ${todoArgs.todos.length} todos`);
     }
   });
 });

integration-tests/utf-bom-encoding.test.ts

@@ -0,0 +1,141 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { describe, it, expect, beforeAll, afterAll } from 'vitest';
+import { writeFileSync, readFileSync } from 'node:fs';
+import { join, resolve } from 'node:path';
+import { TestRig } from './test-helper.js';
+
+// Windows skip (Option A: avoid infra scope)
+const d = process.platform === 'win32' ? describe.skip : describe;
+
+// BOM encoders
+const utf8BOM = (s: string) =>
+  Buffer.concat([Buffer.from([0xef, 0xbb, 0xbf]), Buffer.from(s, 'utf8')]);
+const utf16LE = (s: string) =>
+  Buffer.concat([Buffer.from([0xff, 0xfe]), Buffer.from(s, 'utf16le')]);
+const utf16BE = (s: string) => {
+  const bom = Buffer.from([0xfe, 0xff]);
+  const le = Buffer.from(s, 'utf16le');
+  le.swap16();
+  return Buffer.concat([bom, le]);
+};
+const utf32LE = (s: string) => {
+  const bom = Buffer.from([0xff, 0xfe, 0x00, 0x00]);
+  const cps = Array.from(s, (c) => c.codePointAt(0)!);
+  const payload = Buffer.alloc(cps.length * 4);
+  cps.forEach((cp, i) => {
+    const o = i * 4;
+    payload[o] = cp & 0xff;
+    payload[o + 1] = (cp >>> 8) & 0xff;
+    payload[o + 2] = (cp >>> 16) & 0xff;
+    payload[o + 3] = (cp >>> 24) & 0xff;
+  });
+  return Buffer.concat([bom, payload]);
+};
+const utf32BE = (s: string) => {
+  const bom = Buffer.from([0x00, 0x00, 0xfe, 0xff]);
+  const cps = Array.from(s, (c) => c.codePointAt(0)!);
+  const payload = Buffer.alloc(cps.length * 4);
+  cps.forEach((cp, i) => {
+    const o = i * 4;
+    payload[o] = (cp >>> 24) & 0xff;
+    payload[o + 1] = (cp >>> 16) & 0xff;
+    payload[o + 2] = (cp >>> 8) & 0xff;
+    payload[o + 3] = cp & 0xff;
+  });
+  return Buffer.concat([bom, payload]);
+};
+
+let rig: TestRig;
+let dir: string;
+
+d('BOM end-to-end integration', () => {
+  beforeAll(async () => {
+    rig = new TestRig();
+    await rig.setup('bom-integration');
+    dir = rig.testDir!;
+  });
+
+  afterAll(async () => {
+    await rig.cleanup();
+  });
+
+  async function runAndAssert(
+    filename: string,
+    content: Buffer,
+    expectedText: string | null,
+  ) {
+    writeFileSync(join(dir, filename), content);
+    const prompt = `read the file ${filename} and output its exact contents`;
+    const output = await rig.run(prompt);
+    await rig.waitForToolCall('read_file');
+    const lower = output.toLowerCase();
+    if (expectedText === null) {
+      expect(
+        lower.includes('binary') ||
+          lower.includes('skipped binary file') ||
+          lower.includes('cannot display'),
+      ).toBeTruthy();
+    } else {
+      expect(output.includes(expectedText)).toBeTruthy();
+      expect(lower.includes('skipped binary file')).toBeFalsy();
+    }
+  }
+
+  it('UTF-8 BOM', async () => {
+    await runAndAssert('utf8.txt', utf8BOM('BOM_OK UTF-8'), 'BOM_OK UTF-8');
+  });
+
+  it('UTF-16 LE BOM', async () => {
+    await runAndAssert(
+      'utf16le.txt',
+      utf16LE('BOM_OK UTF-16LE'),
+      'BOM_OK UTF-16LE',
+    );
+  });
+
+  it('UTF-16 BE BOM', async () => {
+    await runAndAssert(
+      'utf16be.txt',
+      utf16BE('BOM_OK UTF-16BE'),
+      'BOM_OK UTF-16BE',
+    );
+  });
+
+  it('UTF-32 LE BOM', async () => {
+    await runAndAssert(
+      'utf32le.txt',
+      utf32LE('BOM_OK UTF-32LE'),
+      'BOM_OK UTF-32LE',
+    );
+  });
+
+  it('UTF-32 BE BOM', async () => {
+    await runAndAssert(
+      'utf32be.txt',
+      utf32BE('BOM_OK UTF-32BE'),
+      'BOM_OK UTF-32BE',
+    );
+  });
+
+  it('Can describe a PNG file', async () => {
+    const imagePath = resolve(
+      process.cwd(),
+      'docs/assets/gemini-screenshot.png',
+    );
+    const imageContent = readFileSync(imagePath);
+    const filename = 'gemini-screenshot.png';
+    writeFileSync(join(dir, filename), imageContent);
+    const prompt = `What is shown in the image ${filename}?`;
+    const output = await rig.run(prompt);
+    await rig.waitForToolCall('read_file');
+    const lower = output.toLowerCase();
+    // The response is non-deterministic, so we just check for some
+    // keywords that are very likely to be in the response.
+    expect(lower.includes('gemini')).toBeTruthy();
+  });
+});

integration-tests/vitest.config.ts

@@ -17,6 +17,12 @@ export default defineConfig({
     include: ['**/*.test.ts'],
     exclude: ['**/terminal-bench/*.test.ts', '**/node_modules/**'],
     retry: 2,
-    fileParallelism: false,
+    fileParallelism: true,
+    poolOptions: {
+      threads: {
+        minThreads: 2,
+        maxThreads: 4,
+      },
+    },
   },
 });

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@qwen-code/qwen-code",
-  "version": "0.0.12",
+  "version": "0.1.0",
   "engines": {
     "node": ">=20.0.0"
   },
@@ -13,10 +13,10 @@
     "url": "git+https://github.com/QwenLM/qwen-code.git"
   },
   "config": {
-    "sandboxImageUri": "ghcr.io/qwenlm/qwen-code:0.0.12"
+    "sandboxImageUri": "ghcr.io/qwenlm/qwen-code:0.1.0"
   },
   "scripts": {
-    "start": "node scripts/start.js",
+    "start": "cross-env node scripts/start.js",
     "debug": "cross-env DEBUG=1 node --inspect-brk scripts/start.js",
     "auth:npm": "npx google-artifactregistry-auth",
     "auth:docker": "gcloud auth configure-docker us-west1-docker.pkg.dev",
@@ -27,36 +27,46 @@
     "build:vscode": "node scripts/build_vscode_companion.js",
     "build:all": "npm run build && npm run build:sandbox && npm run build:vscode",
     "build:packages": "npm run build --workspaces",
-    "build:sandbox": "node scripts/build_sandbox.js --skip-npm-install-build",
-    "bundle": "npm run generate && node esbuild.config.js && node scripts/copy_bundle_assets.js",
-    "test": "npm run test --workspaces --if-present",
-    "test:ci": "npm run test:ci --workspaces --if-present && npm run test:scripts",
+    "build:sandbox": "node scripts/build_sandbox.js",
+    "bundle": "rm -rf dist && npm run generate && node esbuild.config.js && node scripts/copy_bundle_assets.js",
+    "test": "npm run test --workspaces --if-present --parallel",
+    "test:ci": "npm run test:ci --workspaces --if-present --parallel && npm run test:scripts",
     "test:scripts": "vitest run --config ./scripts/tests/vitest.config.ts",
     "test:e2e": "cross-env VERBOSE=true KEEP_OUTPUT=true npm run test:integration:sandbox:none",
     "test:integration:all": "npm run test:integration:sandbox:none && npm run test:integration:sandbox:docker && npm run test:integration:sandbox:podman",
-    "test:integration:sandbox:none": "GEMINI_SANDBOX=false vitest run --root ./integration-tests",
-    "test:integration:sandbox:docker": "GEMINI_SANDBOX=docker npm run build:sandbox && GEMINI_SANDBOX=docker vitest run --root ./integration-tests",
-    "test:integration:sandbox:podman": "GEMINI_SANDBOX=podman vitest run --root ./integration-tests",
+    "test:integration:sandbox:none": "cross-env GEMINI_SANDBOX=false vitest run --root ./integration-tests",
+    "test:integration:sandbox:docker": "cross-env GEMINI_SANDBOX=docker npm run build:sandbox && GEMINI_SANDBOX=docker vitest run --root ./integration-tests",
+    "test:integration:sandbox:podman": "cross-env GEMINI_SANDBOX=podman vitest run --root ./integration-tests",
     "test:terminal-bench": "cross-env VERBOSE=true KEEP_OUTPUT=true vitest run --config ./vitest.terminal-bench.config.ts --root ./integration-tests",
     "test:terminal-bench:oracle": "cross-env VERBOSE=true KEEP_OUTPUT=true vitest run --config ./vitest.terminal-bench.config.ts --root ./integration-tests -t 'oracle'",
     "test:terminal-bench:qwen": "cross-env VERBOSE=true KEEP_OUTPUT=true vitest run --config ./vitest.terminal-bench.config.ts --root ./integration-tests -t 'qwen'",
     "lint": "eslint . --ext .ts,.tsx && eslint integration-tests",
     "lint:fix": "eslint . --fix && eslint integration-tests --fix",
     "lint:ci": "eslint . --ext .ts,.tsx --max-warnings 0 && eslint integration-tests --max-warnings 0",
+    "lint:all": "node scripts/lint.js",
     "format": "prettier --experimental-cli --write .",
     "typecheck": "npm run typecheck --workspaces --if-present",
     "preflight": "npm run clean && npm ci && npm run format && npm run lint:ci && npm run build && npm run typecheck && npm run test:ci",
-    "prepare": "npm run bundle",
+    "prepare": "husky && npm run bundle",
     "prepare:package": "node scripts/prepare-package.js",
     "release:version": "node scripts/version.js",
     "telemetry": "node scripts/telemetry.js",
-    "clean": "node scripts/clean.js"
+    "check:lockfile": "node scripts/check-lockfile.js",
+    "clean": "node scripts/clean.js",
+    "pre-commit": "node scripts/pre-commit.js"
+  },
+  "overrides": {
+    "wrap-ansi": "9.0.2",
+    "ansi-regex": "6.2.2",
+    "cliui": {
+      "wrap-ansi": "7.0.0"
+    }
   },
   "bin": {
-    "qwen": "bundle/gemini.js"
+    "qwen": "dist/cli.js"
   },
   "files": [
-    "bundle/",
+    "dist/",
     "README.md",
     "LICENSE"
   ],
@@ -70,7 +80,6 @@
     "@types/uuid": "^10.0.0",
     "@vitest/coverage-v8": "^3.1.1",
     "@vitest/eslint-plugin": "^1.3.4",
-    "concurrently": "^9.2.0",
     "cross-env": "^7.0.3",
     "esbuild": "^0.25.0",
     "eslint": "^9.24.0",
@@ -81,23 +90,27 @@
     "eslint-plugin-react-hooks": "^5.2.0",
     "glob": "^10.4.5",
     "globals": "^16.0.0",
+    "google-artifactregistry-auth": "^3.4.0",
+    "husky": "^9.1.7",
     "json": "^11.0.0",
-    "lodash": "^4.17.21",
-    "memfs": "^4.17.2",
+    "lint-staged": "^16.1.6",
+    "memfs": "^4.42.0",
     "mnemonist": "^0.40.3",
     "mock-fs": "^5.5.0",
     "msw": "^2.10.4",
+    "npm-run-all": "^4.1.5",
     "prettier": "^3.5.3",
     "react-devtools-core": "^4.28.5",
+    "semver": "^7.7.2",
+    "strip-ansi": "^7.1.2",
     "tsx": "^4.20.3",
     "typescript-eslint": "^8.30.1",
     "vitest": "^3.2.4",
     "yargs": "^17.7.2"
   },
   "dependencies": {
-    "@lvce-editor/ripgrep": "^1.6.0",
-    "simple-git": "^3.28.0",
-    "strip-ansi": "^7.1.0"
+    "@testing-library/dom": "^10.4.1",
+    "simple-git": "^3.28.0"
   },
   "optionalDependencies": {
     "@lydell/node-pty": "1.1.0",
@@ -107,5 +120,14 @@
     "@lydell/node-pty-win32-arm64": "1.1.0",
     "@lydell/node-pty-win32-x64": "1.1.0",
     "node-pty": "^1.0.0"
+  },
+  "lint-staged": {
+    "*.{js,jsx,ts,tsx}": [
+      "prettier --write",
+      "eslint --fix --max-warnings 0"
+    ],
+    "*.{json,md}": [
+      "prettier --write"
+    ]
   }
 }

packages/cli/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@qwen-code/qwen-code",
-  "version": "0.0.12",
+  "version": "0.1.0",
   "description": "Qwen Code",
   "repository": {
     "type": "git",
@@ -18,45 +18,48 @@
     "lint": "eslint . --ext .ts,.tsx",
     "format": "prettier --write .",
     "test": "vitest run",
-    "test:ci": "vitest run --coverage",
+    "test:ci": "vitest run",
     "typecheck": "tsc --noEmit"
   },
   "files": [
     "dist"
   ],
   "config": {
-    "sandboxImageUri": "ghcr.io/qwenlm/qwen-code:0.0.12"
+    "sandboxImageUri": "ghcr.io/qwenlm/qwen-code:0.1.0"
   },
   "dependencies": {
-    "@google/genai": "1.9.0",
+    "@google/genai": "1.16.0",
     "@iarna/toml": "^2.2.5",
     "@qwen-code/qwen-code-core": "file:../core",
     "@modelcontextprotocol/sdk": "^1.15.1",
     "@types/update-notifier": "^6.0.8",
+    "ansi-regex": "^6.2.2",
     "command-exists": "^1.2.9",
+    "comment-json": "^4.2.5",
     "diff": "^7.0.0",
     "dotenv": "^17.1.0",
     "fzf": "^0.5.2",
-    "glob": "^10.4.1",
+    "glob": "^10.4.5",
     "highlight.js": "^11.11.1",
     "ink": "^6.2.3",
     "ink-gradient": "^3.0.0",
     "ink-link": "^4.1.0",
     "ink-spinner": "^5.0.0",
-    "lodash-es": "^4.17.21",
     "lowlight": "^3.3.0",
-    "mime-types": "^3.0.1",
     "open": "^10.1.2",
     "qrcode-terminal": "^0.12.0",
     "react": "^19.1.0",
     "read-package-up": "^11.0.0",
-    "simple-git": "^3.28.0",
     "shell-quote": "^1.8.3",
+    "simple-git": "^3.28.0",
     "string-width": "^7.1.0",
     "strip-ansi": "^7.1.0",
     "strip-json-comments": "^3.1.1",
+    "tar": "^7.5.1",
     "undici": "^7.10.0",
+    "extract-zip": "^2.0.1",
     "update-notifier": "^7.3.1",
+    "wrap-ansi": "9.0.2",
     "yargs": "^17.7.2",
     "zod": "^3.23.8"
   },
@@ -64,16 +67,18 @@
     "@babel/runtime": "^7.27.6",
     "@google/gemini-cli-test-utils": "file:../test-utils",
     "@testing-library/react": "^16.3.0",
+    "@types/archiver": "^6.0.3",
     "@types/command-exists": "^1.2.3",
     "@types/diff": "^7.0.2",
     "@types/dotenv": "^6.1.1",
-    "@types/lodash-es": "^4.17.12",
     "@types/node": "^20.11.24",
     "@types/react": "^19.1.8",
     "@types/react-dom": "^19.1.6",
     "@types/semver": "^7.7.0",
     "@types/shell-quote": "^1.7.5",
+    "@types/tar": "^6.1.13",
     "@types/yargs": "^17.0.32",
+    "archiver": "^7.0.1",
     "ink-testing-library": "^4.0.0",
     "jsdom": "^26.1.0",
     "pretty-format": "^30.0.2",

packages/cli/src/commands/extensions.tsx

@@ -11,6 +11,8 @@ import { listCommand } from './extensions/list.js';
 import { updateCommand } from './extensions/update.js';
 import { disableCommand } from './extensions/disable.js';
 import { enableCommand } from './extensions/enable.js';
+import { linkCommand } from './extensions/link.js';
+import { newCommand } from './extensions/new.js';
 
 export const extensionsCommand: CommandModule = {
   command: 'extensions <command>',
@@ -23,6 +25,8 @@ export const extensionsCommand: CommandModule = {
       .command(updateCommand)
       .command(disableCommand)
       .command(enableCommand)
+      .command(linkCommand)
+      .command(newCommand)
       .demandCommand(1, 'You need at least one command before continuing.')
       .version(false),
   handler: () => {

packages/cli/src/commands/extensions/disable.ts

@@ -11,12 +11,16 @@ import { getErrorMessage } from '../../utils/errors.js';
 
 interface DisableArgs {
   name: string;
-  scope: SettingScope;
+  scope?: string;
 }
 
-export async function handleDisable(args: DisableArgs) {
+export function handleDisable(args: DisableArgs) {
   try {
-    disableExtension(args.name, args.scope);
+    if (args.scope?.toLowerCase() === 'workspace') {
+      disableExtension(args.name, SettingScope.Workspace);
+    } else {
+      disableExtension(args.name, SettingScope.User);
+    }
     console.log(
       `Extension "${args.name}" successfully disabled for scope "${args.scope}".`,
     );
@@ -39,13 +43,28 @@ export const disableCommand: CommandModule = {
         describe: 'The scope to disable the extenison in.',
         type: 'string',
         default: SettingScope.User,
-        choices: [SettingScope.User, SettingScope.Workspace],
       })
-      .check((_argv) => true),
-  handler: async (argv) => {
-    await handleDisable({
+      .check((argv) => {
+        if (
+          argv.scope &&
+          !Object.values(SettingScope)
+            .map((s) => s.toLowerCase())
+            .includes((argv.scope as string).toLowerCase())
+        ) {
+          throw new Error(
+            `Invalid scope: ${argv.scope}. Please use one of ${Object.values(
+              SettingScope,
+            )
+              .map((s) => s.toLowerCase())
+              .join(', ')}.`,
+          );
+        }
+        return true;
+      }),
+  handler: (argv) => {
+    handleDisable({
       name: argv['name'] as string,
-      scope: argv['scope'] as SettingScope,
+      scope: argv['scope'] as string,
     });
   },
 };

packages/cli/src/commands/extensions/enable.ts

@@ -11,15 +11,16 @@ import { SettingScope } from '../../config/settings.js';
 
 interface EnableArgs {
   name: string;
-  scope?: SettingScope;
+  scope?: string;
 }
 
-export async function handleEnable(args: EnableArgs) {
+export function handleEnable(args: EnableArgs) {
   try {
-    const scopes = args.scope
-      ? [args.scope]
-      : [SettingScope.User, SettingScope.Workspace];
-    enableExtension(args.name, scopes);
+    if (args.scope?.toLowerCase() === 'workspace') {
+      enableExtension(args.name, SettingScope.Workspace);
+    } else {
+      enableExtension(args.name, SettingScope.User);
+    }
     if (args.scope) {
       console.log(
         `Extension "${args.name}" successfully enabled for scope "${args.scope}".`,
@@ -35,7 +36,7 @@ export async function handleEnable(args: EnableArgs) {
 }
 
 export const enableCommand: CommandModule = {
-  command: 'disable [--scope] <name>',
+  command: 'enable [--scope] <name>',
   describe: 'Enables an extension.',
   builder: (yargs) =>
     yargs
@@ -47,13 +48,28 @@ export const enableCommand: CommandModule = {
         describe:
           'The scope to enable the extenison in. If not set, will be enabled in all scopes.',
         type: 'string',
-        choices: [SettingScope.User, SettingScope.Workspace],
       })
-      .check((_argv) => true),
-  handler: async (argv) => {
-    await handleEnable({
+      .check((argv) => {
+        if (
+          argv.scope &&
+          !Object.values(SettingScope)
+            .map((s) => s.toLowerCase())
+            .includes((argv.scope as string).toLowerCase())
+        ) {
+          throw new Error(
+            `Invalid scope: ${argv.scope}. Please use one of ${Object.values(
+              SettingScope,
+            )
+              .map((s) => s.toLowerCase())
+              .join(', ')}.`,
+          );
+        }
+        return true;
+      }),
+  handler: (argv) => {
+    handleEnable({
       name: argv['name'] as string,
-      scope: argv['scope'] as SettingScope,
+      scope: argv['scope'] as string,
     });
   },
 };

packages/cli/src/commands/extensions/examples/context/QWEN.md

@@ -0,0 +1,8 @@
+# Ink Library Screen Reader Guidance
+
+When building custom components, it's important to keep accessibility in mind. While Ink provides the building blocks, ensuring your components are accessible will make your CLIs usable by a wider audience.
+
+## General Principles
+
+Provide screen reader-friendly output: Use the useIsScreenReaderEnabled hook to detect if a screen reader is active. You can then render a more descriptive output for screen reader users.
+Leverage ARIA props: For components that have a specific role (e.g., a checkbox or a button), use the aria-role, aria-state, and aria-label props on <Box> and <Text> to provide semantic meaning to screen readers.

packages/cli/src/commands/extensions/examples/context/qwen-extension.json

@@ -0,0 +1,4 @@
+{
+  "name": "context-example",
+  "version": "1.0.0"
+}

packages/cli/src/commands/extensions/examples/custom-commands/commands/fs/grep-code.toml

@@ -0,0 +1,6 @@
+prompt = """
+Please summarize the findings for the pattern `{{args}}`.
+
+Search Results:
+!{grep -r {{args}} .}
+"""