fix: skip problematic integration test (#1065 )

refactor(auth): save authType after successfully authenticated (#1036 )
fix: integration tests (#1062 )
2025-12-24 10:39:17 +00:00 · 2025-11-19 11:55:19 +08:00 · 2025-11-19 11:21:46 +08:00 · 2025-11-19 10:23:16 +08:00 · 2025-11-18 19:38:30 +08:00 · 2025-11-18 13:47:20 +08:00
64 changed files with 1924 additions and 809 deletions
--- a/docs/features/subagents.md
+++ b/docs/features/subagents.md
@@ -106,7 +106,7 @@ Subagents are configured using Markdown files with YAML frontmatter. This format
 ---
 name: agent-name
 description: Brief description of when and how to use this agent
-tools: 
+tools:
  - tool1
  - tool2
  - tool3 # Optional
@@ -170,7 +170,7 @@ Perfect for comprehensive test creation and test-driven development.
 ---
 name: testing-expert
 description: Writes comprehensive unit tests, integration tests, and handles test automation with best practices
-tools: 
+tools:
  - read_file
  - write_file
  - read_many_files
@@ -214,7 +214,7 @@ Specialized in creating clear, comprehensive documentation.
 ---
 name: documentation-writer
 description: Creates comprehensive documentation, README files, API docs, and user guides
-tools: 
+tools:
  - read_file
  - write_file
  - read_many_files
@@ -267,7 +267,7 @@ Focused on code quality, security, and best practices.
 ---
 name: code-reviewer
 description: Reviews code for best practices, security issues, performance, and maintainability
-tools: 
+tools:
  - read_file
  - read_many_files
 ---
@@ -311,7 +311,7 @@ Optimized for React development, hooks, and component patterns.
 ---
 name: react-specialist
 description: Expert in React development, hooks, component patterns, and modern React best practices
-tools: 
+tools:
  - read_file
  - write_file
  - read_many_files
--- a/docs/support/troubleshooting.md
+++ b/docs/support/troubleshooting.md
@@ -14,6 +14,13 @@ This guide provides solutions to common issues and debugging tips, including top
  - **Solution:** Set the `NODE_EXTRA_CA_CERTS` environment variable to the absolute path of your corporate root CA certificate file.
    - Example: `export NODE_EXTRA_CA_CERTS=/path/to/your/corporate-ca.crt`

+- **Issue: Unable to display UI after authentication failure**
+  - **Cause:** If authentication fails after selecting an authentication type, the `security.auth.selectedType` setting may be persisted in `settings.json`. On restart, the CLI may get stuck trying to authenticate with the failed auth type and fail to display the UI.
+  - **Solution:** Clear the `security.auth.selectedType` configuration item in your `settings.json` file:
+    - Open `~/.qwen/settings.json` (or `./.qwen/settings.json` for project-specific settings)
+    - Remove the `security.auth.selectedType` field
+    - Restart the CLI to allow it to prompt for authentication again
+
 ## Frequently asked questions (FAQs)

 - **Q: How do I update Qwen Code to the latest version?**
--- a/integration-tests/context-compress-interactive.test.ts
+++ b/integration-tests/context-compress-interactive.test.ts
@@ -21,23 +21,21 @@ describe('Interactive Mode', () => {
  it.skipIf(process.platform === 'win32')(
    'should trigger chat compression with /compress command',
    async () => {
-      await rig.setup('interactive-compress-test');
+      await rig.setup('interactive-compress-test', {
+        settings: {
+          security: {
+            auth: {
+              selectedType: 'openai',
+            },
+          },
+        },
+      });

      const { ptyProcess } = rig.runInteractive();

      let fullOutput = '';
      ptyProcess.onData((data) => (fullOutput += data));

-      const authDialogAppeared = await rig.waitForText(
-        'How would you like to authenticate',
-        5000,
-      );
-
-      // select the second option if auth dialog come's up
-      if (authDialogAppeared) {
-        ptyProcess.write('2');
-      }
-
      // Wait for the app to be ready
      const isReady = await rig.waitForText('Type your message', 15000);
      expect(
@@ -68,49 +66,43 @@ describe('Interactive Mode', () => {
    },
  );

-  it.skipIf(process.platform === 'win32')(
-    'should handle compression failure on token inflation',
-    async () => {
-      await rig.setup('interactive-compress-test');
+  it.skip('should handle compression failure on token inflation', async () => {
+    await rig.setup('interactive-compress-test', {
+      settings: {
+        security: {
+          auth: {
+            selectedType: 'openai',
+          },
+        },
+      },
+    });

-      const { ptyProcess } = rig.runInteractive();
+    const { ptyProcess } = rig.runInteractive();

-      let fullOutput = '';
-      ptyProcess.onData((data) => (fullOutput += data));
+    let fullOutput = '';
+    ptyProcess.onData((data) => (fullOutput += data));

-      const authDialogAppeared = await rig.waitForText(
-        'How would you like to authenticate',
-        5000,
-      );
+    // Wait for the app to be ready
+    const isReady = await rig.waitForText('Type your message', 25000);
+    expect(isReady, 'CLI did not start up in interactive mode correctly').toBe(
+      true,
+    );

-      // select the second option if auth dialog come's up
-      if (authDialogAppeared) {
-        ptyProcess.write('2');
-      }
+    await type(ptyProcess, '/compress');
+    await new Promise((resolve) => setTimeout(resolve, 1000));
+    await type(ptyProcess, '\r');

-      // Wait for the app to be ready
-      const isReady = await rig.waitForText('Type your message', 25000);
-      expect(
-        isReady,
-        'CLI did not start up in interactive mode correctly',
-      ).toBe(true);
+    const foundEvent = await rig.waitForTelemetryEvent(
+      'chat_compression',
+      90000,
+    );
+    expect(foundEvent).toBe(true);

-      await type(ptyProcess, '/compress');
-      await new Promise((resolve) => setTimeout(resolve, 100));
-      await type(ptyProcess, '\r');
+    const compressionFailed = await rig.waitForText(
+      'Nothing to compress.',
+      25000,
+    );

-      const foundEvent = await rig.waitForTelemetryEvent(
-        'chat_compression',
-        90000,
-      );
-      expect(foundEvent).toBe(true);
-
-      const compressionFailed = await rig.waitForText(
-        'compression was not beneficial',
-        25000,
-      );
-
-      expect(compressionFailed).toBe(true);
-    },
-  );
+    expect(compressionFailed).toBe(true);
+  });
 });
--- a/integration-tests/file-system-interactive.test.ts
+++ b/integration-tests/file-system-interactive.test.ts
@@ -22,21 +22,19 @@ describe('Interactive file system', () => {
    'should perform a read-then-write sequence in interactive mode',
    async () => {
      const fileName = 'version.txt';
-      await rig.setup('interactive-read-then-write');
+      await rig.setup('interactive-read-then-write', {
+        settings: {
+          security: {
+            auth: {
+              selectedType: 'openai',
+            },
+          },
+        },
+      });
      rig.createFile(fileName, '1.0.0');

      const { ptyProcess } = rig.runInteractive();

-      const authDialogAppeared = await rig.waitForText(
-        'How would you like to authenticate',
-        5000,
-      );
-
-      // select the second option if auth dialog come's up
-      if (authDialogAppeared) {
-        ptyProcess.write('2');
-      }
-
      // Wait for the app to be ready
      const isReady = await rig.waitForText('Type your message', 15000);
      expect(
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
  "name": "@qwen-code/qwen-code",
-  "version": "0.2.1",
+  "version": "0.2.2",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "@qwen-code/qwen-code",
-      "version": "0.2.1",
+      "version": "0.2.2",
      "workspaces": [
        "packages/*"
      ],
@@ -16024,7 +16024,7 @@
    },
    "packages/cli": {
      "name": "@qwen-code/qwen-code",
-      "version": "0.2.1",
+      "version": "0.2.2",
      "dependencies": {
        "@google/genai": "1.16.0",
        "@iarna/toml": "^2.2.5",
@@ -16139,7 +16139,7 @@
    },
    "packages/core": {
      "name": "@qwen-code/qwen-code-core",
-      "version": "0.2.1",
+      "version": "0.2.2",
      "hasInstallScript": true,
      "dependencies": {
        "@google/genai": "1.16.0",
@@ -16278,7 +16278,7 @@
    },
    "packages/test-utils": {
      "name": "@qwen-code/qwen-code-test-utils",
-      "version": "0.2.1",
+      "version": "0.2.2",
      "dev": true,
      "license": "Apache-2.0",
      "devDependencies": {
@@ -16290,7 +16290,7 @@
    },
    "packages/vscode-ide-companion": {
      "name": "qwen-code-vscode-ide-companion",
-      "version": "0.2.1",
+      "version": "0.2.2",
      "license": "LICENSE",
      "dependencies": {
        "@modelcontextprotocol/sdk": "^1.15.1",
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@qwen-code/qwen-code",
-  "version": "0.2.1",
+  "version": "0.2.2",
  "engines": {
    "node": ">=20.0.0"
  },
@@ -13,7 +13,7 @@
    "url": "git+https://github.com/QwenLM/qwen-code.git"
  },
  "config": {
-    "sandboxImageUri": "ghcr.io/qwenlm/qwen-code:0.2.1"
+    "sandboxImageUri": "ghcr.io/qwenlm/qwen-code:0.2.2"
  },
  "scripts": {
    "start": "cross-env node scripts/start.js",
--- a/packages/cli/package.json
+++ b/packages/cli/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@qwen-code/qwen-code",
-  "version": "0.2.1",
+  "version": "0.2.2",
  "description": "Qwen Code",
  "repository": {
    "type": "git",
@@ -25,7 +25,7 @@
    "dist"
  ],
  "config": {
-    "sandboxImageUri": "ghcr.io/qwenlm/qwen-code:0.2.1"
+    "sandboxImageUri": "ghcr.io/qwenlm/qwen-code:0.2.2"
  },
  "dependencies": {
    "@google/genai": "1.16.0",
--- a/packages/cli/src/config/settings.ts
+++ b/packages/cli/src/config/settings.ts
@@ -839,5 +839,6 @@ export function saveSettings(settingsFile: SettingsFile): void {
    );
  } catch (error) {
    console.error('Error saving user settings file:', error);
+    throw error;
  }
 }
--- a/packages/cli/src/core/auth.ts
+++ b/packages/cli/src/core/auth.ts
@@ -8,6 +8,8 @@ import {
  type AuthType,
  type Config,
  getErrorMessage,
+  logAuth,
+  AuthEvent,
 } from '@qwen-code/qwen-code-core';

 /**
@@ -25,11 +27,21 @@ export async function performInitialAuth(
  }

  try {
-    await config.refreshAuth(authType);
+    await config.refreshAuth(authType, true);
    // The console.log is intentionally left out here.
    // We can add a dedicated startup message later if needed.
+
+    // Log authentication success
+    const authEvent = new AuthEvent(authType, 'auto', 'success');
+    logAuth(config, authEvent);
  } catch (e) {
-    return `Failed to login. Message: ${getErrorMessage(e)}`;
+    const errorMessage = `Failed to login. Message: ${getErrorMessage(e)}`;
+
+    // Log authentication failure
+    const authEvent = new AuthEvent(authType, 'auto', 'error', errorMessage);
+    logAuth(config, authEvent);
+
+    return errorMessage;
  }

  return null;
--- a/packages/cli/src/core/initializer.ts
+++ b/packages/cli/src/core/initializer.ts
@@ -11,7 +11,7 @@ import {
  logIdeConnection,
  type Config,
 } from '@qwen-code/qwen-code-core';
-import { type LoadedSettings } from '../config/settings.js';
+import { type LoadedSettings, SettingScope } from '../config/settings.js';
 import { performInitialAuth } from './auth.js';
 import { validateTheme } from './theme.js';

@@ -33,10 +33,18 @@ export async function initializeApp(
  config: Config,
  settings: LoadedSettings,
 ): Promise<InitializationResult> {
-  const authError = await performInitialAuth(
-    config,
-    settings.merged.security?.auth?.selectedType,
-  );
+  const authType = settings.merged.security?.auth?.selectedType;
+  const authError = await performInitialAuth(config, authType);
+
+  // Fallback to user select when initial authentication fails
+  if (authError) {
+    settings.setValue(
+      SettingScope.User,
+      'security.auth.selectedType',
+      undefined,
+    );
+  }
+
  const themeError = validateTheme(settings);

  const shouldOpenAuthDialog =
--- a/packages/cli/src/nonInteractiveCli.test.ts
+++ b/packages/cli/src/nonInteractiveCli.test.ts
@@ -23,6 +23,7 @@ import type { Part } from '@google/genai';
 import { runNonInteractive } from './nonInteractiveCli.js';
 import { vi } from 'vitest';
 import type { LoadedSettings } from './config/settings.js';
+import { CommandKind } from './ui/commands/types.js';

 // Mock core modules
 vi.mock('./ui/hooks/atCommandProcessor.js');
@@ -727,6 +728,7 @@ describe('runNonInteractive', () => {
    const mockCommand = {
      name: 'testcommand',
      description: 'a test command',
+      kind: CommandKind.FILE,
      action: vi.fn().mockResolvedValue({
        type: 'submit_prompt',
        content: [{ text: 'Prompt from command' }],
@@ -766,6 +768,7 @@ describe('runNonInteractive', () => {
    const mockCommand = {
      name: 'confirm',
      description: 'a command that needs confirmation',
+      kind: CommandKind.FILE,
      action: vi.fn().mockResolvedValue({
        type: 'confirm_shell_commands',
        commands: ['rm -rf /'],
@@ -821,6 +824,7 @@ describe('runNonInteractive', () => {
    const mockCommand = {
      name: 'noaction',
      description: 'unhandled type',
+      kind: CommandKind.FILE,
      action: vi.fn().mockResolvedValue({
        type: 'unhandled',
      }),
@@ -847,6 +851,7 @@ describe('runNonInteractive', () => {
    const mockCommand = {
      name: 'testargs',
      description: 'a test command',
+      kind: CommandKind.FILE,
      action: mockAction,
    };
    mockGetCommands.mockReturnValue([mockCommand]);
--- a/packages/cli/src/nonInteractiveCliCommands.ts
+++ b/packages/cli/src/nonInteractiveCliCommands.ts
@@ -13,15 +13,56 @@ import {
  type Config,
 } from '@qwen-code/qwen-code-core';
 import { CommandService } from './services/CommandService.js';
+import { BuiltinCommandLoader } from './services/BuiltinCommandLoader.js';
 import { FileCommandLoader } from './services/FileCommandLoader.js';
-import type { CommandContext } from './ui/commands/types.js';
+import {
+  CommandKind,
+  type CommandContext,
+  type SlashCommand,
+} from './ui/commands/types.js';
 import { createNonInteractiveUI } from './ui/noninteractive/nonInteractiveUi.js';
 import type { LoadedSettings } from './config/settings.js';
 import type { SessionStatsState } from './ui/contexts/SessionContext.js';

+/**
+ * Filters commands based on the allowed built-in command names.
+ *
+ * - Always includes FILE commands
+ * - Only includes BUILT_IN commands if their name is in the allowed set
+ * - Excludes other command types (e.g., MCP_PROMPT) in non-interactive mode
+ *
+ * @param commands All loaded commands
+ * @param allowedBuiltinCommandNames Set of allowed built-in command names (empty = none allowed)
+ * @returns Filtered commands
+ */
+function filterCommandsForNonInteractive(
+  commands: readonly SlashCommand[],
+  allowedBuiltinCommandNames: Set<string>,
+): SlashCommand[] {
+  return commands.filter((cmd) => {
+    if (cmd.kind === CommandKind.FILE) {
+      return true;
+    }
+
+    // Built-in commands: only include if in the allowed list
+    if (cmd.kind === CommandKind.BUILT_IN) {
+      return allowedBuiltinCommandNames.has(cmd.name);
+    }
+
+    // Exclude other types (e.g., MCP_PROMPT) in non-interactive mode
+    return false;
+  });
+}
+
 /**
 * Processes a slash command in a non-interactive environment.
 *
+ * @param rawQuery The raw query string (should start with '/')
+ * @param abortController Controller to cancel the operation
+ * @param config The configuration object
+ * @param settings The loaded settings
+ * @param allowedBuiltinCommandNames Optional array of built-in command names that are
+ *   allowed. If not provided or empty, only file commands are available.
 * @returns A Promise that resolves to `PartListUnion` if a valid command is
 *   found and results in a prompt, or `undefined` otherwise.
 * @throws {FatalInputError} if the command result is not supported in
@@ -32,21 +73,35 @@ export const handleSlashCommand = async (
  abortController: AbortController,
  config: Config,
  settings: LoadedSettings,
+  allowedBuiltinCommandNames?: string[],
 ): Promise<PartListUnion | undefined> => {
  const trimmed = rawQuery.trim();
  if (!trimmed.startsWith('/')) {
    return;
  }

-  // Only custom commands are supported for now.
-  const loaders = [new FileCommandLoader(config)];
+  const allowedBuiltinSet = new Set(allowedBuiltinCommandNames ?? []);
+
+  // Only load BuiltinCommandLoader if there are allowed built-in commands
+  const loaders =
+    allowedBuiltinSet.size > 0
+      ? [new BuiltinCommandLoader(config), new FileCommandLoader(config)]
+      : [new FileCommandLoader(config)];
+
  const commandService = await CommandService.create(
    loaders,
    abortController.signal,
  );
  const commands = commandService.getCommands();
+  const filteredCommands = filterCommandsForNonInteractive(
+    commands,
+    allowedBuiltinSet,
+  );

-  const { commandToExecute, args } = parseSlashCommand(rawQuery, commands);
+  const { commandToExecute, args } = parseSlashCommand(
+    rawQuery,
+    filteredCommands,
+  );

  if (commandToExecute) {
    if (commandToExecute.action) {
@@ -107,3 +162,44 @@ export const handleSlashCommand = async (

  return;
 };
+
+/**
+ * Retrieves all available slash commands for the current configuration.
+ *
+ * @param config The configuration object
+ * @param settings The loaded settings
+ * @param abortSignal Signal to cancel the loading process
+ * @param allowedBuiltinCommandNames Optional array of built-in command names that are
+ *   allowed. If not provided or empty, only file commands are available.
+ * @returns A Promise that resolves to an array of SlashCommand objects
+ */
+export const getAvailableCommands = async (
+  config: Config,
+  settings: LoadedSettings,
+  abortSignal: AbortSignal,
+  allowedBuiltinCommandNames?: string[],
+): Promise<SlashCommand[]> => {
+  try {
+    const allowedBuiltinSet = new Set(allowedBuiltinCommandNames ?? []);
+
+    // Only load BuiltinCommandLoader if there are allowed built-in commands
+    const loaders =
+      allowedBuiltinSet.size > 0
+        ? [new BuiltinCommandLoader(config), new FileCommandLoader(config)]
+        : [new FileCommandLoader(config)];
+
+    const commandService = await CommandService.create(loaders, abortSignal);
+    const commands = commandService.getCommands();
+    const filteredCommands = filterCommandsForNonInteractive(
+      commands,
+      allowedBuiltinSet,
+    );
+
+    // Filter out hidden commands
+    return filteredCommands.filter((cmd) => !cmd.hidden);
+  } catch (error) {
+    // Handle errors gracefully - log and return empty array
+    console.error('Error loading available commands:', error);
+    return [];
+  }
+};
--- a/packages/cli/src/ui/AppContainer.tsx
+++ b/packages/cli/src/ui/AppContainer.tsx
@@ -25,7 +25,6 @@ import {
  type HistoryItem,
  ToolCallStatus,
  type HistoryItemWithoutId,
-  AuthState,
 } from './types.js';
 import { MessageType, StreamingState } from './types.js';
 import {
@@ -48,7 +47,6 @@ import { useHistory } from './hooks/useHistoryManager.js';
 import { useMemoryMonitor } from './hooks/useMemoryMonitor.js';
 import { useThemeCommand } from './hooks/useThemeCommand.js';
 import { useAuthCommand } from './auth/useAuth.js';
-import { useQwenAuth } from './hooks/useQwenAuth.js';
 import { useQuotaAndFallback } from './hooks/useQuotaAndFallback.js';
 import { useEditorSettings } from './hooks/useEditorSettings.js';
 import { useSettingsCommand } from './hooks/useSettingsCommand.js';
@@ -93,10 +91,12 @@ import { ShellFocusContext } from './contexts/ShellFocusContext.js';
 import { useQuitConfirmation } from './hooks/useQuitConfirmation.js';
 import { useWelcomeBack } from './hooks/useWelcomeBack.js';
 import { useDialogClose } from './hooks/useDialogClose.js';
+import { useInitializationAuthError } from './hooks/useInitializationAuthError.js';
 import { type VisionSwitchOutcome } from './components/ModelSwitchDialog.js';
 import { processVisionSwitchOutcome } from './hooks/useVisionAutoSwitch.js';
 import { useSubagentCreateDialog } from './hooks/useSubagentCreateDialog.js';
 import { useAgentsManagerDialog } from './hooks/useAgentsManagerDialog.js';
+import { useAttentionNotifications } from './hooks/useAttentionNotifications.js';

 const CTRL_EXIT_PROMPT_DURATION_MS = 1000;

@@ -348,20 +348,13 @@ export const AppContainer = (props: AppContainerProps) => {
    onAuthError,
    isAuthDialogOpen,
    isAuthenticating,
+    pendingAuthType,
+    qwenAuthState,
    handleAuthSelect,
    openAuthDialog,
+    cancelAuthentication,
  } = useAuthCommand(settings, config);

-  // Qwen OAuth authentication state
-  const {
-    isQwenAuth,
-    isQwenAuthenticating,
-    deviceAuth,
-    authStatus,
-    authMessage,
-    cancelQwenAuth,
-  } = useQwenAuth(settings, isAuthenticating);
-
  const { proQuotaRequest, handleProQuotaChoice } = useQuotaAndFallback({
    config,
    historyManager,
@@ -370,19 +363,7 @@ export const AppContainer = (props: AppContainerProps) => {
    setModelSwitchedFromQuotaError,
  });

-  // Handle Qwen OAuth timeout
-  const handleQwenAuthTimeout = useCallback(() => {
-    onAuthError('Qwen OAuth authentication timed out. Please try again.');
-    cancelQwenAuth();
-    setAuthState(AuthState.Updating);
-  }, [onAuthError, cancelQwenAuth, setAuthState]);
-
-  // Handle Qwen OAuth cancel
-  const handleQwenAuthCancel = useCallback(() => {
-    onAuthError('Qwen OAuth authentication cancelled.');
-    cancelQwenAuth();
-    setAuthState(AuthState.Updating);
-  }, [onAuthError, cancelQwenAuth, setAuthState]);
+  useInitializationAuthError(initializationResult.authError, onAuthError);

  // Sync user tier from config when authentication changes
  // TODO: Implement getUserTier() method on Config if needed
@@ -394,6 +375,8 @@ export const AppContainer = (props: AppContainerProps) => {

  // Check for enforced auth type mismatch
  useEffect(() => {
+    // Check for initialization error first
+
    if (
      settings.merged.security?.auth?.enforcedType &&
      settings.merged.security?.auth.selectedType &&
@@ -944,6 +927,12 @@ export const AppContainer = (props: AppContainerProps) => {
    settings.merged.ui?.customWittyPhrases,
  );

+  useAttentionNotifications({
+    isFocused,
+    streamingState,
+    elapsedTime,
+  });
+
  // Dialog close functionality
  const { closeAnyOpenDialog } = useDialogClose({
    isThemeDialogOpen,
@@ -952,7 +941,7 @@ export const AppContainer = (props: AppContainerProps) => {
    handleApprovalModeSelect,
    isAuthDialogOpen,
    handleAuthSelect,
-    selectedAuthType: settings.merged.security?.auth?.selectedType,
+    pendingAuthType,
    isEditorDialogOpen,
    exitEditorDialog,
    isSettingsDialogOpen,
@@ -1194,7 +1183,7 @@ export const AppContainer = (props: AppContainerProps) => {
    isVisionSwitchDialogOpen ||
    isPermissionsDialogOpen ||
    isAuthDialogOpen ||
-    (isAuthenticating && isQwenAuthenticating) ||
+    isAuthenticating ||
    isEditorDialogOpen ||
    showIdeRestartPrompt ||
    !!proQuotaRequest ||
@@ -1217,12 +1206,9 @@ export const AppContainer = (props: AppContainerProps) => {
      isConfigInitialized,
      authError,
      isAuthDialogOpen,
+      pendingAuthType,
      // Qwen OAuth state
-      isQwenAuth,
-      isQwenAuthenticating,
-      deviceAuth,
-      authStatus,
-      authMessage,
+      qwenAuthState,
      editorError,
      isEditorDialogOpen,
      corgiMode,
@@ -1312,12 +1298,9 @@ export const AppContainer = (props: AppContainerProps) => {
      isConfigInitialized,
      authError,
      isAuthDialogOpen,
+      pendingAuthType,
      // Qwen OAuth state
-      isQwenAuth,
-      isQwenAuthenticating,
-      deviceAuth,
-      authStatus,
-      authMessage,
+      qwenAuthState,
      editorError,
      isEditorDialogOpen,
      corgiMode,
@@ -1411,9 +1394,7 @@ export const AppContainer = (props: AppContainerProps) => {
      handleAuthSelect,
      setAuthState,
      onAuthError,
-      // Qwen OAuth handlers
-      handleQwenAuthTimeout,
-      handleQwenAuthCancel,
+      cancelAuthentication,
      handleEditorSelect,
      exitEditorDialog,
      closeSettingsDialog,
@@ -1447,9 +1428,7 @@ export const AppContainer = (props: AppContainerProps) => {
      handleAuthSelect,
      setAuthState,
      onAuthError,
-      // Qwen OAuth handlers
-      handleQwenAuthTimeout,
-      handleQwenAuthCancel,
+      cancelAuthentication,
      handleEditorSelect,
      exitEditorDialog,
      closeSettingsDialog,
--- a/packages/cli/src/ui/auth/AuthDialog.test.tsx
+++ b/packages/cli/src/ui/auth/AuthDialog.test.tsx
@@ -9,6 +9,53 @@ import { AuthDialog } from './AuthDialog.js';
 import { LoadedSettings, SettingScope } from '../../config/settings.js';
 import { AuthType } from '@qwen-code/qwen-code-core';
 import { renderWithProviders } from '../../test-utils/render.js';
+import { UIStateContext } from '../contexts/UIStateContext.js';
+import { UIActionsContext } from '../contexts/UIActionsContext.js';
+import type { UIState } from '../contexts/UIStateContext.js';
+import type { UIActions } from '../contexts/UIActionsContext.js';
+
+const createMockUIState = (overrides: Partial<UIState> = {}): UIState => {
+  // AuthDialog only uses authError and pendingAuthType
+  const baseState = {
+    authError: null,
+    pendingAuthType: undefined,
+  } as Partial<UIState>;
+
+  return {
+    ...baseState,
+    ...overrides,
+  } as UIState;
+};
+
+const createMockUIActions = (overrides: Partial<UIActions> = {}): UIActions => {
+  // AuthDialog only uses handleAuthSelect
+  const baseActions = {
+    handleAuthSelect: vi.fn(),
+  } as Partial<UIActions>;
+
+  return {
+    ...baseActions,
+    ...overrides,
+  } as UIActions;
+};
+
+const renderAuthDialog = (
+  settings: LoadedSettings,
+  uiStateOverrides: Partial<UIState> = {},
+  uiActionsOverrides: Partial<UIActions> = {},
+) => {
+  const uiState = createMockUIState(uiStateOverrides);
+  const uiActions = createMockUIActions(uiActionsOverrides);
+
+  return renderWithProviders(
+    <UIStateContext.Provider value={uiState}>
+      <UIActionsContext.Provider value={uiActions}>
+        <AuthDialog />
+      </UIActionsContext.Provider>
+    </UIStateContext.Provider>,
+    { settings },
+  );
+};

 describe('AuthDialog', () => {
  const wait = (ms = 50) => new Promise((resolve) => setTimeout(resolve, ms));
@@ -66,13 +113,9 @@ describe('AuthDialog', () => {
      new Set(),
    );

-    const { lastFrame } = renderWithProviders(
-      <AuthDialog
-        onSelect={() => {}}
-        settings={settings}
-        initialErrorMessage="GEMINI_API_KEY  environment variable not found"
-      />,
-    );
+    const { lastFrame } = renderAuthDialog(settings, {
+      authError: 'GEMINI_API_KEY  environment variable not found',
+    });

    expect(lastFrame()).toContain(
      'GEMINI_API_KEY  environment variable not found',
@@ -116,9 +159,7 @@ describe('AuthDialog', () => {
        new Set(),
      );

-      const { lastFrame } = renderWithProviders(
-        <AuthDialog onSelect={() => {}} settings={settings} />,
-      );
+      const { lastFrame } = renderAuthDialog(settings);

      // Since the auth dialog only shows OpenAI option now,
      // it won't show GEMINI_API_KEY messages
@@ -162,9 +203,7 @@ describe('AuthDialog', () => {
        new Set(),
      );

-      const { lastFrame } = renderWithProviders(
-        <AuthDialog onSelect={() => {}} settings={settings} />,
-      );
+      const { lastFrame } = renderAuthDialog(settings);

      expect(lastFrame()).not.toContain(
        'Existing API key detected (GEMINI_API_KEY)',
@@ -208,9 +247,7 @@ describe('AuthDialog', () => {
        new Set(),
      );

-      const { lastFrame } = renderWithProviders(
-        <AuthDialog onSelect={() => {}} settings={settings} />,
-      );
+      const { lastFrame } = renderAuthDialog(settings);

      // Since the auth dialog only shows OpenAI option now,
      // it won't show GEMINI_API_KEY messages
@@ -255,9 +292,7 @@ describe('AuthDialog', () => {
        new Set(),
      );

-      const { lastFrame } = renderWithProviders(
-        <AuthDialog onSelect={() => {}} settings={settings} />,
-      );
+      const { lastFrame } = renderAuthDialog(settings);

      // This is a bit brittle, but it's the best way to check which item is selected.
      expect(lastFrame()).toContain('● 2. OpenAI');
@@ -297,9 +332,7 @@ describe('AuthDialog', () => {
        new Set(),
      );

-      const { lastFrame } = renderWithProviders(
-        <AuthDialog onSelect={() => {}} settings={settings} />,
-      );
+      const { lastFrame } = renderAuthDialog(settings);

      // Default is Qwen OAuth (first option)
      expect(lastFrame()).toContain('● 1. Qwen OAuth');
@@ -341,9 +374,7 @@ describe('AuthDialog', () => {
        new Set(),
      );

-      const { lastFrame } = renderWithProviders(
-        <AuthDialog onSelect={() => {}} settings={settings} />,
-      );
+      const { lastFrame } = renderAuthDialog(settings);

      // Since the auth dialog doesn't show QWEN_DEFAULT_AUTH_TYPE errors anymore,
      // it will just show the default Qwen OAuth option
@@ -352,7 +383,7 @@ describe('AuthDialog', () => {
  });

  it('should prevent exiting when no auth method is selected and show error message', async () => {
-    const onSelect = vi.fn();
+    const handleAuthSelect = vi.fn();
    const settings: LoadedSettings = new LoadedSettings(
      {
        settings: { ui: { customThemes: {} }, mcpServers: {} },
@@ -386,8 +417,10 @@ describe('AuthDialog', () => {
      new Set(),
    );

-    const { lastFrame, stdin, unmount } = renderWithProviders(
-      <AuthDialog onSelect={onSelect} settings={settings} />,
+    const { lastFrame, stdin, unmount } = renderAuthDialog(
+      settings,
+      {},
+      { handleAuthSelect },
    );
    await wait();

@@ -395,16 +428,16 @@ describe('AuthDialog', () => {
    stdin.write('\u001b'); // ESC key
    await wait();

-    // Should show error message instead of calling onSelect
+    // Should show error message instead of calling handleAuthSelect
    expect(lastFrame()).toContain(
      'You must select an auth method to proceed. Press Ctrl+C again to exit.',
    );
-    expect(onSelect).not.toHaveBeenCalled();
+    expect(handleAuthSelect).not.toHaveBeenCalled();
    unmount();
  });

  it('should not exit if there is already an error message', async () => {
-    const onSelect = vi.fn();
+    const handleAuthSelect = vi.fn();
    const settings: LoadedSettings = new LoadedSettings(
      {
        settings: { ui: { customThemes: {} }, mcpServers: {} },
@@ -438,12 +471,10 @@ describe('AuthDialog', () => {
      new Set(),
    );

-    const { lastFrame, stdin, unmount } = renderWithProviders(
-      <AuthDialog
-        onSelect={onSelect}
-        settings={settings}
-        initialErrorMessage="Initial error"
-      />,
+    const { lastFrame, stdin, unmount } = renderAuthDialog(
+      settings,
+      { authError: 'Initial error' },
+      { handleAuthSelect },
    );
    await wait();

@@ -453,13 +484,13 @@ describe('AuthDialog', () => {
    stdin.write('\u001b'); // ESC key
    await wait();

-    // Should not call onSelect
-    expect(onSelect).not.toHaveBeenCalled();
+    // Should not call handleAuthSelect
+    expect(handleAuthSelect).not.toHaveBeenCalled();
    unmount();
  });

  it('should allow exiting when auth method is already selected', async () => {
-    const onSelect = vi.fn();
+    const handleAuthSelect = vi.fn();
    const settings: LoadedSettings = new LoadedSettings(
      {
        settings: { ui: { customThemes: {} }, mcpServers: {} },
@@ -493,8 +524,10 @@ describe('AuthDialog', () => {
      new Set(),
    );

-    const { stdin, unmount } = renderWithProviders(
-      <AuthDialog onSelect={onSelect} settings={settings} />,
+    const { stdin, unmount } = renderAuthDialog(
+      settings,
+      {},
+      { handleAuthSelect },
    );
    await wait();

@@ -502,8 +535,8 @@ describe('AuthDialog', () => {
    stdin.write('\u001b'); // ESC key
    await wait();

-    // Should call onSelect with undefined to exit
-    expect(onSelect).toHaveBeenCalledWith(undefined, SettingScope.User);
+    // Should call handleAuthSelect with undefined to exit
+    expect(handleAuthSelect).toHaveBeenCalledWith(undefined, SettingScope.User);
    unmount();
  });
 });
--- a/packages/cli/src/ui/auth/AuthDialog.tsx
+++ b/packages/cli/src/ui/auth/AuthDialog.tsx
@@ -8,26 +8,13 @@ import type React from 'react';
 import { useState } from 'react';
 import { AuthType } from '@qwen-code/qwen-code-core';
 import { Box, Text } from 'ink';
-import { validateAuthMethod } from '../../config/auth.js';
-import { type LoadedSettings, SettingScope } from '../../config/settings.js';
+import { SettingScope } from '../../config/settings.js';
 import { Colors } from '../colors.js';
 import { useKeypress } from '../hooks/useKeypress.js';
-import { OpenAIKeyPrompt } from '../components/OpenAIKeyPrompt.js';
 import { RadioButtonSelect } from '../components/shared/RadioButtonSelect.js';
-
-interface AuthDialogProps {
-  onSelect: (
-    authMethod: AuthType | undefined,
-    scope: SettingScope,
-    credentials?: {
-      apiKey?: string;
-      baseUrl?: string;
-      model?: string;
-    },
-  ) => void;
-  settings: LoadedSettings;
-  initialErrorMessage?: string | null;
-}
+import { useUIState } from '../contexts/UIStateContext.js';
+import { useUIActions } from '../contexts/UIActionsContext.js';
+import { useSettings } from '../contexts/SettingsContext.js';

 function parseDefaultAuthType(
  defaultAuthType: string | undefined,
@@ -41,15 +28,14 @@ function parseDefaultAuthType(
  return null;
 }

-export function AuthDialog({
-  onSelect,
-  settings,
-  initialErrorMessage,
-}: AuthDialogProps): React.JSX.Element {
-  const [errorMessage, setErrorMessage] = useState<string | null>(
-    initialErrorMessage || null,
-  );
-  const [showOpenAIKeyPrompt, setShowOpenAIKeyPrompt] = useState(false);
+export function AuthDialog(): React.JSX.Element {
+  const { pendingAuthType, authError } = useUIState();
+  const { handleAuthSelect: onAuthSelect } = useUIActions();
+  const settings = useSettings();
+
+  const [errorMessage, setErrorMessage] = useState<string | null>(null);
+  const [selectedIndex, setSelectedIndex] = useState<number | null>(null);
+
  const items = [
    {
      key: AuthType.QWEN_OAUTH,
@@ -62,10 +48,17 @@ export function AuthDialog({
  const initialAuthIndex = Math.max(
    0,
    items.findIndex((item) => {
+      // Priority 1: pendingAuthType
+      if (pendingAuthType) {
+        return item.value === pendingAuthType;
+      }
+
+      // Priority 2: settings.merged.security?.auth?.selectedType
      if (settings.merged.security?.auth?.selectedType) {
        return item.value === settings.merged.security?.auth?.selectedType;
      }

+      // Priority 3: QWEN_DEFAULT_AUTH_TYPE env var
      const defaultAuthType = parseDefaultAuthType(
        process.env['QWEN_DEFAULT_AUTH_TYPE'],
      );
@@ -73,52 +66,29 @@ export function AuthDialog({
        return item.value === defaultAuthType;
      }

+      // Priority 4: default to QWEN_OAUTH
      return item.value === AuthType.QWEN_OAUTH;
    }),
  );

-  const handleAuthSelect = (authMethod: AuthType) => {
-    const error = validateAuthMethod(authMethod);
-    if (error) {
-      if (
-        authMethod === AuthType.USE_OPENAI &&
-        !process.env['OPENAI_API_KEY']
-      ) {
-        setShowOpenAIKeyPrompt(true);
-        setErrorMessage(null);
-      } else {
-        setErrorMessage(error);
-      }
-    } else {
-      setErrorMessage(null);
-      onSelect(authMethod, SettingScope.User);
-    }
+  const hasApiKey = Boolean(settings.merged.security?.auth?.apiKey);
+  const currentSelectedAuthType =
+    selectedIndex !== null
+      ? items[selectedIndex]?.value
+      : items[initialAuthIndex]?.value;
+
+  const handleAuthSelect = async (authMethod: AuthType) => {
+    setErrorMessage(null);
+    await onAuthSelect(authMethod, SettingScope.User);
  };

-  const handleOpenAIKeySubmit = (
-    apiKey: string,
-    baseUrl: string,
-    model: string,
-  ) => {
-    setShowOpenAIKeyPrompt(false);
-    onSelect(AuthType.USE_OPENAI, SettingScope.User, {
-      apiKey,
-      baseUrl,
-      model,
-    });
-  };
-
-  const handleOpenAIKeyCancel = () => {
-    setShowOpenAIKeyPrompt(false);
-    setErrorMessage('OpenAI API key is required to use OpenAI authentication.');
+  const handleHighlight = (authMethod: AuthType) => {
+    const index = items.findIndex((item) => item.value === authMethod);
+    setSelectedIndex(index);
  };

  useKeypress(
    (key) => {
-      if (showOpenAIKeyPrompt) {
-        return;
-      }
-
      if (key.name === 'escape') {
        // Prevent exit if there is an error message.
        // This means they user is not authenticated yet.
@@ -132,21 +102,12 @@ export function AuthDialog({
          );
          return;
        }
-        onSelect(undefined, SettingScope.User);
+        onAuthSelect(undefined, SettingScope.User);
      }
    },
    { isActive: true },
  );

-  if (showOpenAIKeyPrompt) {
-    return (
-      <OpenAIKeyPrompt
-        onSubmit={handleOpenAIKeySubmit}
-        onCancel={handleOpenAIKeyCancel}
-      />
-    );
-  }
-
  return (
    <Box
      borderStyle="round"
@@ -164,16 +125,26 @@ export function AuthDialog({
          items={items}
          initialIndex={initialAuthIndex}
          onSelect={handleAuthSelect}
+          onHighlight={handleHighlight}
        />
      </Box>
-      {errorMessage && (
+      {(authError || errorMessage) && (
        <Box marginTop={1}>
-          <Text color={Colors.AccentRed}>{errorMessage}</Text>
+          <Text color={Colors.AccentRed}>{authError || errorMessage}</Text>
        </Box>
      )}
      <Box marginTop={1}>
        <Text color={Colors.AccentPurple}>(Use Enter to Set Auth)</Text>
      </Box>
+      {hasApiKey && currentSelectedAuthType === AuthType.QWEN_OAUTH && (
+        <Box marginTop={1}>
+          <Text color={Colors.Gray}>
+            Note: Your existing API key in settings.json will not be cleared
+            when using Qwen OAuth. You can switch back to OpenAI authentication
+            later if needed.
+          </Text>
+        </Box>
+      )}
      <Box marginTop={1}>
        <Text>Terms of Services and Privacy Notice for Qwen Code</Text>
      </Box>
--- a/packages/cli/src/ui/auth/useAuth.ts
+++ b/packages/cli/src/ui/auth/useAuth.ts
@@ -6,27 +6,19 @@

 import { useState, useCallback, useEffect } from 'react';
 import type { LoadedSettings, SettingScope } from '../../config/settings.js';
-import type { AuthType, Config } from '@qwen-code/qwen-code-core';
+import type { Config } from '@qwen-code/qwen-code-core';
 import {
+  AuthType,
  clearCachedCredentialFile,
  getErrorMessage,
+  logAuth,
+  AuthEvent,
 } from '@qwen-code/qwen-code-core';
 import { AuthState } from '../types.js';
-import { validateAuthMethod } from '../../config/auth.js';
+import { useQwenAuth } from '../hooks/useQwenAuth.js';
+import type { OpenAICredentials } from '../components/OpenAIKeyPrompt.js';

-export function validateAuthMethodWithSettings(
-  authType: AuthType,
-  settings: LoadedSettings,
-): string | null {
-  const enforcedType = settings.merged.security?.auth?.enforcedType;
-  if (enforcedType && enforcedType !== authType) {
-    return `Authentication is enforced to be ${enforcedType}, but you are currently using ${authType}.`;
-  }
-  if (settings.merged.security?.auth?.useExternal) {
-    return null;
-  }
-  return validateAuthMethod(authType);
-}
+export type { QwenAuthState } from '../hooks/useQwenAuth.js';

 export const useAuthCommand = (settings: LoadedSettings, config: Config) => {
  const unAuthenticated =
@@ -40,6 +32,14 @@ export const useAuthCommand = (settings: LoadedSettings, config: Config) => {

  const [isAuthenticating, setIsAuthenticating] = useState(false);
  const [isAuthDialogOpen, setIsAuthDialogOpen] = useState(unAuthenticated);
+  const [pendingAuthType, setPendingAuthType] = useState<AuthType | undefined>(
+    undefined,
+  );
+
+  const { qwenAuthState, cancelQwenAuth } = useQwenAuth(
+    pendingAuthType,
+    isAuthenticating,
+  );

  const onAuthError = useCallback(
    (error: string | null) => {
@@ -52,90 +52,123 @@ export const useAuthCommand = (settings: LoadedSettings, config: Config) => {
    [setAuthError, setAuthState],
  );

-  // Authentication flow
-  useEffect(() => {
-    const authFlow = async () => {
-      const authType = settings.merged.security?.auth?.selectedType;
-      if (isAuthDialogOpen || !authType) {
-        return;
+  const handleAuthFailure = useCallback(
+    (error: unknown) => {
+      setIsAuthenticating(false);
+      const errorMessage = `Failed to authenticate. Message: ${getErrorMessage(error)}`;
+      onAuthError(errorMessage);
+
+      // Log authentication failure
+      if (pendingAuthType) {
+        const authEvent = new AuthEvent(
+          pendingAuthType,
+          'manual',
+          'error',
+          errorMessage,
+        );
+        logAuth(config, authEvent);
      }
+    },
+    [onAuthError, pendingAuthType, config],
+  );

-      const validationError = validateAuthMethodWithSettings(
-        authType,
-        settings,
-      );
-      if (validationError) {
-        onAuthError(validationError);
-        return;
-      }
-
-      try {
-        setIsAuthenticating(true);
-        await config.refreshAuth(authType);
-        console.log(`Authenticated via "${authType}".`);
-        setAuthError(null);
-        setAuthState(AuthState.Authenticated);
-      } catch (e) {
-        onAuthError(`Failed to login. Message: ${getErrorMessage(e)}`);
-      } finally {
-        setIsAuthenticating(false);
-      }
-    };
-
-    void authFlow();
-  }, [isAuthDialogOpen, settings, config, onAuthError]);
-
-  // Handle auth selection from dialog
-  const handleAuthSelect = useCallback(
+  const handleAuthSuccess = useCallback(
    async (
-      authType: AuthType | undefined,
+      authType: AuthType,
      scope: SettingScope,
-      credentials?: {
-        apiKey?: string;
-        baseUrl?: string;
-        model?: string;
-      },
+      credentials?: OpenAICredentials,
    ) => {
-      if (authType) {
-        await clearCachedCredentialFile();
+      try {
+        settings.setValue(scope, 'security.auth.selectedType', authType);

-        // Save OpenAI credentials if provided
-        if (credentials) {
-          // Update Config's internal generationConfig before calling refreshAuth
-          // This ensures refreshAuth has access to the new credentials
-          config.updateCredentials({
-            apiKey: credentials.apiKey,
-            baseUrl: credentials.baseUrl,
-            model: credentials.model,
-          });
-
-          // Also set environment variables for compatibility with other parts of the code
-          if (credentials.apiKey) {
+        // Only update credentials if not switching to QWEN_OAUTH,
+        // so that OpenAI credentials are preserved when switching to QWEN_OAUTH.
+        if (authType !== AuthType.QWEN_OAUTH && credentials) {
+          if (credentials?.apiKey != null) {
            settings.setValue(
              scope,
              'security.auth.apiKey',
              credentials.apiKey,
            );
          }
-          if (credentials.baseUrl) {
+          if (credentials?.baseUrl != null) {
            settings.setValue(
              scope,
              'security.auth.baseUrl',
              credentials.baseUrl,
            );
          }
-          if (credentials.model) {
+          if (credentials?.model != null) {
            settings.setValue(scope, 'model.name', credentials.model);
          }
+          await clearCachedCredentialFile();
        }
-
-        settings.setValue(scope, 'security.auth.selectedType', authType);
+      } catch (error) {
+        handleAuthFailure(error);
+        return;
      }

-      setIsAuthDialogOpen(false);
      setAuthError(null);
+      setAuthState(AuthState.Authenticated);
+      setPendingAuthType(undefined);
+      setIsAuthDialogOpen(false);
+      setIsAuthenticating(false);
+
+      // Log authentication success
+      const authEvent = new AuthEvent(authType, 'manual', 'success');
+      logAuth(config, authEvent);
    },
-    [settings, config],
+    [settings, handleAuthFailure, config],
+  );
+
+  const performAuth = useCallback(
+    async (
+      authType: AuthType,
+      scope: SettingScope,
+      credentials?: OpenAICredentials,
+    ) => {
+      try {
+        await config.refreshAuth(authType);
+        handleAuthSuccess(authType, scope, credentials);
+      } catch (e) {
+        handleAuthFailure(e);
+      }
+    },
+    [config, handleAuthSuccess, handleAuthFailure],
+  );
+
+  const handleAuthSelect = useCallback(
+    async (
+      authType: AuthType | undefined,
+      scope: SettingScope,
+      credentials?: OpenAICredentials,
+    ) => {
+      if (!authType) {
+        setIsAuthDialogOpen(false);
+        setAuthError(null);
+        return;
+      }
+
+      setPendingAuthType(authType);
+      setAuthError(null);
+      setIsAuthDialogOpen(false);
+      setIsAuthenticating(true);
+
+      if (authType === AuthType.USE_OPENAI) {
+        if (credentials) {
+          config.updateCredentials({
+            apiKey: credentials.apiKey,
+            baseUrl: credentials.baseUrl,
+            model: credentials.model,
+          });
+          await performAuth(authType, scope, credentials);
+        }
+        return;
+      }
+
+      await performAuth(authType, scope);
+    },
+    [config, performAuth],
  );

  const openAuthDialog = useCallback(() => {
@@ -143,8 +176,45 @@ export const useAuthCommand = (settings: LoadedSettings, config: Config) => {
  }, []);

  const cancelAuthentication = useCallback(() => {
+    if (isAuthenticating && pendingAuthType === AuthType.QWEN_OAUTH) {
+      cancelQwenAuth();
+    }
+
+    // Log authentication cancellation
+    if (isAuthenticating && pendingAuthType) {
+      const authEvent = new AuthEvent(pendingAuthType, 'manual', 'cancelled');
+      logAuth(config, authEvent);
+    }
+
+    // Do not reset pendingAuthType here, persist the previously selected type.
    setIsAuthenticating(false);
-  }, []);
+    setIsAuthDialogOpen(true);
+    setAuthError(null);
+  }, [isAuthenticating, pendingAuthType, cancelQwenAuth, config]);
+
+  /**
+   /**
+    * We previously used a useEffect to trigger authentication automatically when
+    * settings.security.auth.selectedType changed. This caused problems: if authentication failed,
+    * the UI could get stuck, since settings.json would update before success. Now, we
+    * update selectedType in settings only when authentication fully succeeds.
+    * Authentication is triggered explicitly—either during initial app startup or when the
+    * user switches methods—not reactively through settings changes. This avoids repeated
+    * or broken authentication cycles.
+    */
+  useEffect(() => {
+    const defaultAuthType = process.env['QWEN_DEFAULT_AUTH_TYPE'];
+    if (
+      defaultAuthType &&
+      ![AuthType.QWEN_OAUTH, AuthType.USE_OPENAI].includes(
+        defaultAuthType as AuthType,
+      )
+    ) {
+      onAuthError(
+        `Invalid QWEN_DEFAULT_AUTH_TYPE value: "${defaultAuthType}". Valid values are: ${[AuthType.QWEN_OAUTH, AuthType.USE_OPENAI].join(', ')}`,
+      );
+    }
+  }, [onAuthError]);

  return {
    authState,
@@ -153,6 +223,8 @@ export const useAuthCommand = (settings: LoadedSettings, config: Config) => {
    onAuthError,
    isAuthDialogOpen,
    isAuthenticating,
+    pendingAuthType,
+    qwenAuthState,
    handleAuthSelect,
    openAuthDialog,
    cancelAuthentication,
--- a/packages/cli/src/ui/commands/terminalSetupCommand.ts
+++ b/packages/cli/src/ui/commands/terminalSetupCommand.ts
@@ -17,7 +17,7 @@ import { terminalSetup } from '../utils/terminalSetup.js';
 export const terminalSetupCommand: SlashCommand = {
  name: 'terminal-setup',
  description:
-    'Configure terminal keybindings for multiline input (VS Code, Cursor, Windsurf)',
+    'Configure terminal keybindings for multiline input (VS Code, Cursor, Windsurf, Trae)',
  kind: CommandKind.BUILT_IN,

  action: async (): Promise<MessageActionReturn> => {
--- a/packages/cli/src/ui/components/DialogManager.tsx
+++ b/packages/cli/src/ui/components/DialogManager.tsx
@@ -12,9 +12,9 @@ import { ShellConfirmationDialog } from './ShellConfirmationDialog.js';
 import { ConsentPrompt } from './ConsentPrompt.js';
 import { ThemeDialog } from './ThemeDialog.js';
 import { SettingsDialog } from './SettingsDialog.js';
-import { AuthInProgress } from '../auth/AuthInProgress.js';
 import { QwenOAuthProgress } from './QwenOAuthProgress.js';
 import { AuthDialog } from '../auth/AuthDialog.js';
+import { OpenAIKeyPrompt } from './OpenAIKeyPrompt.js';
 import { EditorSettingsDialog } from './EditorSettingsDialog.js';
 import { WorkspaceMigrationDialog } from './WorkspaceMigrationDialog.js';
 import { ProQuotaDialog } from './ProQuotaDialog.js';
@@ -26,6 +26,9 @@ import { useUIState } from '../contexts/UIStateContext.js';
 import { useUIActions } from '../contexts/UIActionsContext.js';
 import { useConfig } from '../contexts/ConfigContext.js';
 import { useSettings } from '../contexts/SettingsContext.js';
+import { SettingScope } from '../../config/settings.js';
+import { AuthState } from '../types.js';
+import { AuthType } from '@qwen-code/qwen-code-core';
 import process from 'node:process';
 import { type UseHistoryManagerReturn } from '../hooks/useHistoryManager.js';
 import { IdeTrustChangeDialog } from './IdeTrustChangeDialog.js';
@@ -56,6 +59,16 @@ export const DialogManager = ({
  const { constrainHeight, terminalHeight, staticExtraHeight, mainAreaWidth } =
    uiState;

+  const getDefaultOpenAIConfig = () => {
+    const fromSettings = settings.merged.security?.auth;
+    const modelSettings = settings.merged.model;
+    return {
+      apiKey: fromSettings?.apiKey || process.env['OPENAI_API_KEY'] || '',
+      baseUrl: fromSettings?.baseUrl || process.env['OPENAI_BASE_URL'] || '',
+      model: modelSettings?.name || process.env['OPENAI_MODEL'] || '',
+    };
+  };
+
  if (uiState.showWelcomeBackDialog && uiState.welcomeBackInfo?.hasHistory) {
    return (
      <WelcomeBackDialog
@@ -207,39 +220,56 @@ export const DialogManager = ({
  if (uiState.isVisionSwitchDialogOpen) {
    return <ModelSwitchDialog onSelect={uiActions.handleVisionSwitchSelect} />;
  }
+
+  if (uiState.isAuthDialogOpen || uiState.authError) {
+    return (
+      <Box flexDirection="column">
+        <AuthDialog />
+      </Box>
+    );
+  }
+
  if (uiState.isAuthenticating) {
-    // Show Qwen OAuth progress if it's Qwen auth and OAuth is active
-    if (uiState.isQwenAuth && uiState.isQwenAuthenticating) {
+    if (uiState.pendingAuthType === AuthType.USE_OPENAI) {
+      const defaults = getDefaultOpenAIConfig();
      return (
-        <QwenOAuthProgress
-          deviceAuth={uiState.deviceAuth || undefined}
-          authStatus={uiState.authStatus}
-          authMessage={uiState.authMessage}
-          onTimeout={uiActions.handleQwenAuthTimeout}
-          onCancel={uiActions.handleQwenAuthCancel}
+        <OpenAIKeyPrompt
+          onSubmit={(apiKey, baseUrl, model) => {
+            uiActions.handleAuthSelect(AuthType.USE_OPENAI, SettingScope.User, {
+              apiKey,
+              baseUrl,
+              model,
+            });
+          }}
+          onCancel={() => {
+            uiActions.cancelAuthentication();
+            uiActions.setAuthState(AuthState.Updating);
+          }}
+          defaultApiKey={defaults.apiKey}
+          defaultBaseUrl={defaults.baseUrl}
+          defaultModel={defaults.model}
        />
      );
    }

-    // Default auth progress for other auth types
-    return (
-      <AuthInProgress
-        onTimeout={() => {
-          uiActions.onAuthError('Authentication cancelled.');
-        }}
-      />
-    );
-  }
-  if (uiState.isAuthDialogOpen) {
-    return (
-      <Box flexDirection="column">
-        <AuthDialog
-          onSelect={uiActions.handleAuthSelect}
-          settings={settings}
-          initialErrorMessage={uiState.authError}
+    if (uiState.pendingAuthType === AuthType.QWEN_OAUTH) {
+      return (
+        <QwenOAuthProgress
+          deviceAuth={uiState.qwenAuthState.deviceAuth || undefined}
+          authStatus={uiState.qwenAuthState.authStatus}
+          authMessage={uiState.qwenAuthState.authMessage}
+          onTimeout={() => {
+            uiActions.onAuthError('Qwen OAuth authentication timed out.');
+            uiActions.cancelAuthentication();
+            uiActions.setAuthState(AuthState.Updating);
+          }}
+          onCancel={() => {
+            uiActions.cancelAuthentication();
+            uiActions.setAuthState(AuthState.Updating);
+          }}
        />
-      </Box>
-    );
+      );
+    }
  }
  if (uiState.isEditorDialogOpen) {
    return (
--- a/packages/cli/src/ui/components/OpenAIKeyPrompt.tsx
+++ b/packages/cli/src/ui/components/OpenAIKeyPrompt.tsx
@@ -6,6 +6,7 @@

 import type React from 'react';
 import { useState } from 'react';
+import { z } from 'zod';
 import { Box, Text } from 'ink';
 import { Colors } from '../colors.js';
 import { useKeypress } from '../hooks/useKeypress.js';
@@ -13,18 +14,62 @@ import { useKeypress } from '../hooks/useKeypress.js';
 interface OpenAIKeyPromptProps {
  onSubmit: (apiKey: string, baseUrl: string, model: string) => void;
  onCancel: () => void;
+  defaultApiKey?: string;
+  defaultBaseUrl?: string;
+  defaultModel?: string;
 }

+export const credentialSchema = z.object({
+  apiKey: z.string().min(1, 'API key is required'),
+  baseUrl: z
+    .union([z.string().url('Base URL must be a valid URL'), z.literal('')])
+    .optional(),
+  model: z.string().min(1, 'Model must be a non-empty string').optional(),
+});
+
+export type OpenAICredentials = z.infer<typeof credentialSchema>;
+
 export function OpenAIKeyPrompt({
  onSubmit,
  onCancel,
+  defaultApiKey,
+  defaultBaseUrl,
+  defaultModel,
 }: OpenAIKeyPromptProps): React.JSX.Element {
-  const [apiKey, setApiKey] = useState('');
-  const [baseUrl, setBaseUrl] = useState('');
-  const [model, setModel] = useState('');
+  const [apiKey, setApiKey] = useState(defaultApiKey || '');
+  const [baseUrl, setBaseUrl] = useState(defaultBaseUrl || '');
+  const [model, setModel] = useState(defaultModel || '');
  const [currentField, setCurrentField] = useState<
    'apiKey' | 'baseUrl' | 'model'
  >('apiKey');
+  const [validationError, setValidationError] = useState<string | null>(null);
+
+  const validateAndSubmit = () => {
+    setValidationError(null);
+
+    try {
+      const validated = credentialSchema.parse({
+        apiKey: apiKey.trim(),
+        baseUrl: baseUrl.trim() || undefined,
+        model: model.trim() || undefined,
+      });
+
+      onSubmit(
+        validated.apiKey,
+        validated.baseUrl === '' ? '' : validated.baseUrl || '',
+        validated.model || '',
+      );
+    } catch (error) {
+      if (error instanceof z.ZodError) {
+        const errorMessage = error.errors
+          .map((e) => `${e.path.join('.')}: ${e.message}`)
+          .join(', ');
+        setValidationError(`Invalid credentials: ${errorMessage}`);
+      } else {
+        setValidationError('Failed to validate credentials');
+      }
+    }
+  };

  useKeypress(
    (key) => {
@@ -46,7 +91,7 @@ export function OpenAIKeyPrompt({
        } else if (currentField === 'model') {
          // 只有在提交时才检查 API key 是否为空
          if (apiKey.trim()) {
-            onSubmit(apiKey.trim(), baseUrl.trim(), model.trim());
+            validateAndSubmit();
          } else {
            // 如果 API key 为空，回到 API key 字段
            setCurrentField('apiKey');
@@ -162,6 +207,11 @@ export function OpenAIKeyPrompt({
      <Text bold color={Colors.AccentBlue}>
        OpenAI Configuration Required
      </Text>
+      {validationError && (
+        <Box marginTop={1}>
+          <Text color={Colors.AccentRed}>{validationError}</Text>
+        </Box>
+      )}
      <Box marginTop={1}>
        <Text>
          Please enter your OpenAI configuration. You can get an API key from{' '}
--- a/packages/cli/src/ui/components/QwenOAuthProgress.test.tsx
+++ b/packages/cli/src/ui/components/QwenOAuthProgress.test.tsx
@@ -8,7 +8,7 @@
 import { render } from 'ink-testing-library';
 import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
 import { QwenOAuthProgress } from './QwenOAuthProgress.js';
-import type { DeviceAuthorizationInfo } from '../hooks/useQwenAuth.js';
+import type { DeviceAuthorizationData } from '@qwen-code/qwen-code-core';
 import { useKeypress } from '../hooks/useKeypress.js';
 import type { Key } from '../contexts/KeypressContext.js';

@@ -42,12 +42,13 @@ describe('QwenOAuthProgress', () => {
  let keypressHandler: ((key: Key) => void) | null = null;

  const createMockDeviceAuth = (
-    overrides: Partial<DeviceAuthorizationInfo> = {},
-  ): DeviceAuthorizationInfo => ({
+    overrides: Partial<DeviceAuthorizationData> = {},
+  ): DeviceAuthorizationData => ({
    verification_uri: 'https://example.com/device',
    verification_uri_complete: 'https://example.com/device?user_code=ABC123',
    user_code: 'ABC123',
    expires_in: 300,
+    device_code: 'test-device-code',
    ...overrides,
  });

@@ -55,7 +56,7 @@ describe('QwenOAuthProgress', () => {

  const renderComponent = (
    props: Partial<{
-      deviceAuth: DeviceAuthorizationInfo;
+      deviceAuth: DeviceAuthorizationData;
      authStatus:
        | 'idle'
        | 'polling'
@@ -158,7 +159,7 @@ describe('QwenOAuthProgress', () => {
    });

    it('should format time correctly', () => {
-      const deviceAuthWithCustomTime: DeviceAuthorizationInfo = {
+      const deviceAuthWithCustomTime: DeviceAuthorizationData = {
        ...mockDeviceAuth,
        expires_in: 125, // 2 minutes and 5 seconds
      };
@@ -176,7 +177,7 @@ describe('QwenOAuthProgress', () => {
    });

    it('should format single digit seconds with leading zero', () => {
-      const deviceAuthWithCustomTime: DeviceAuthorizationInfo = {
+      const deviceAuthWithCustomTime: DeviceAuthorizationData = {
        ...mockDeviceAuth,
        expires_in: 67, // 1 minute and 7 seconds
      };
@@ -196,7 +197,7 @@ describe('QwenOAuthProgress', () => {

  describe('Timer functionality', () => {
    it('should countdown and call onTimeout when timer expires', async () => {
-      const deviceAuthWithShortTime: DeviceAuthorizationInfo = {
+      const deviceAuthWithShortTime: DeviceAuthorizationData = {
        ...mockDeviceAuth,
        expires_in: 2, // 2 seconds
      };
@@ -520,7 +521,7 @@ describe('QwenOAuthProgress', () => {

  describe('Props changes', () => {
    it('should display initial timer value from deviceAuth', () => {
-      const deviceAuthWith10Min: DeviceAuthorizationInfo = {
+      const deviceAuthWith10Min: DeviceAuthorizationData = {
        ...mockDeviceAuth,
        expires_in: 600, // 10 minutes
      };
--- a/packages/cli/src/ui/components/QwenOAuthProgress.tsx
+++ b/packages/cli/src/ui/components/QwenOAuthProgress.tsx
@@ -11,13 +11,13 @@ import Spinner from 'ink-spinner';
 import Link from 'ink-link';
 import qrcode from 'qrcode-terminal';
 import { Colors } from '../colors.js';
-import type { DeviceAuthorizationInfo } from '../hooks/useQwenAuth.js';
+import type { DeviceAuthorizationData } from '@qwen-code/qwen-code-core';
 import { useKeypress } from '../hooks/useKeypress.js';

 interface QwenOAuthProgressProps {
  onTimeout: () => void;
  onCancel: () => void;
-  deviceAuth?: DeviceAuthorizationInfo;
+  deviceAuth?: DeviceAuthorizationData;
  authStatus?:
    | 'idle'
    | 'polling'
@@ -131,8 +131,8 @@ export function QwenOAuthProgress({

  useKeypress(
    (key) => {
-      if (authStatus === 'timeout') {
-        // Any key press in timeout state should trigger cancel to return to auth dialog
+      if (authStatus === 'timeout' || authStatus === 'error') {
+        // Any key press in timeout or error state should trigger cancel to return to auth dialog
        onCancel();
      } else if (key.name === 'escape' || (key.ctrl && key.name === 'c')) {
        onCancel();
@@ -234,6 +234,35 @@ export function QwenOAuthProgress({
    );
  }

+  if (authStatus === 'error') {
+    return (
+      <Box
+        borderStyle="round"
+        borderColor={Colors.AccentRed}
+        flexDirection="column"
+        padding={1}
+        width="100%"
+      >
+        <Text bold color={Colors.AccentRed}>
+          Qwen OAuth Authentication Error
+        </Text>
+
+        <Box marginTop={1}>
+          <Text>
+            {authMessage ||
+              'An error occurred during authentication. Please try again.'}
+          </Text>
+        </Box>
+
+        <Box marginTop={1}>
+          <Text color={Colors.Gray}>
+            Press any key to return to authentication type selection.
+          </Text>
+        </Box>
+      </Box>
+    );
+  }
+
  // Show loading state when no device auth is available yet
  if (!deviceAuth) {
    return (
--- a/packages/cli/src/ui/components/SettingsDialog.test.tsx
+++ b/packages/cli/src/ui/components/SettingsDialog.test.tsx
@@ -487,8 +487,11 @@ describe('SettingsDialog', () => {
      it('loops back when reaching the end of an enum', async () => {
        vi.mocked(saveModifiedSettings).mockClear();
        vi.mocked(getSettingsSchema).mockReturnValue(FAKE_SCHEMA);
-        const settings = createMockSettings();
-        settings.setValue(SettingScope.User, 'ui.theme', StringEnum.BAZ);
+        const settings = createMockSettings({
+          ui: {
+            theme: StringEnum.BAZ,
+          },
+        });
        const onSelect = vi.fn();
        const component = (
          <KeypressProvider kittyProtocolEnabled={false}>
--- a/packages/cli/src/ui/components/messages/CompressionMessage.tsx
+++ b/packages/cli/src/ui/components/messages/CompressionMessage.tsx
@@ -47,7 +47,7 @@ export function CompressionMessage({
      case CompressionStatus.COMPRESSION_FAILED_TOKEN_COUNT_ERROR:
        return 'Could not compress chat history due to a token counting error.';
      case CompressionStatus.NOOP:
-        return 'Chat history is already compressed.';
+        return 'Nothing to compress.';
      default:
        return '';
    }
--- a/packages/cli/src/ui/contexts/UIActionsContext.tsx
+++ b/packages/cli/src/ui/contexts/UIActionsContext.tsx
@@ -16,6 +16,7 @@ import {
 import { type SettingScope } from '../../config/settings.js';
 import type { AuthState } from '../types.js';
 import { type VisionSwitchOutcome } from '../components/ModelSwitchDialog.js';
+import { type OpenAICredentials } from '../components/OpenAIKeyPrompt.js';

 export interface UIActions {
  handleThemeSelect: (
@@ -30,12 +31,11 @@ export interface UIActions {
  handleAuthSelect: (
    authType: AuthType | undefined,
    scope: SettingScope,
-  ) => void;
+    credentials?: OpenAICredentials,
+  ) => Promise<void>;
  setAuthState: (state: AuthState) => void;
  onAuthError: (error: string) => void;
-  // Qwen OAuth handlers
-  handleQwenAuthTimeout: () => void;
-  handleQwenAuthCancel: () => void;
+  cancelAuthentication: () => void;
  handleEditorSelect: (
    editorType: EditorType | undefined,
    scope: SettingScope,
--- a/packages/cli/src/ui/contexts/UIStateContext.tsx
+++ b/packages/cli/src/ui/contexts/UIStateContext.tsx
@@ -16,10 +16,11 @@ import type {
  HistoryItemWithoutId,
  StreamingState,
 } from '../types.js';
-import type { DeviceAuthorizationInfo } from '../hooks/useQwenAuth.js';
+import type { QwenAuthState } from '../hooks/useQwenAuth.js';
 import type { CommandContext, SlashCommand } from '../commands/types.js';
 import type { TextBuffer } from '../components/shared/text-buffer.js';
 import type {
+  AuthType,
  IdeContext,
  ApprovalMode,
  UserTierId,
@@ -49,18 +50,9 @@ export interface UIState {
  isConfigInitialized: boolean;
  authError: string | null;
  isAuthDialogOpen: boolean;
+  pendingAuthType: AuthType | undefined;
  // Qwen OAuth state
-  isQwenAuth: boolean;
-  isQwenAuthenticating: boolean;
-  deviceAuth: DeviceAuthorizationInfo | null;
-  authStatus:
-    | 'idle'
-    | 'polling'
-    | 'success'
-    | 'error'
-    | 'timeout'
-    | 'rate_limit';
-  authMessage: string | null;
+  qwenAuthState: QwenAuthState;
  editorError: string | null;
  isEditorDialogOpen: boolean;
  corgiMode: boolean;
--- a/packages/cli/src/ui/editors/editorSettingsManager.ts
+++ b/packages/cli/src/ui/editors/editorSettingsManager.ts
@@ -25,6 +25,7 @@ export const EDITOR_DISPLAY_NAMES: Record<EditorType, string> = {
  vscodium: 'VSCodium',
  windsurf: 'Windsurf',
  zed: 'Zed',
+  trae: 'Trae',
 };

 class EditorSettingsManager {
--- a/packages/cli/src/ui/hooks/useAttentionNotifications.test.ts
+++ b/packages/cli/src/ui/hooks/useAttentionNotifications.test.ts
@@ -0,0 +1,151 @@
+/**
+ * @license
+ * Copyright 2025 Qwen
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { renderHook } from '@testing-library/react';
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+import { StreamingState } from '../types.js';
+import {
+  AttentionNotificationReason,
+  notifyTerminalAttention,
+} from '../../utils/attentionNotification.js';
+import {
+  LONG_TASK_NOTIFICATION_THRESHOLD_SECONDS,
+  useAttentionNotifications,
+} from './useAttentionNotifications.js';
+
+vi.mock('../../utils/attentionNotification.js', () => ({
+  notifyTerminalAttention: vi.fn(),
+  AttentionNotificationReason: {
+    ToolApproval: 'tool_approval',
+    LongTaskComplete: 'long_task_complete',
+  },
+}));
+
+const mockedNotify = vi.mocked(notifyTerminalAttention);
+
+describe('useAttentionNotifications', () => {
+  beforeEach(() => {
+    mockedNotify.mockReset();
+  });
+
+  const render = (
+    props?: Partial<Parameters<typeof useAttentionNotifications>[0]>,
+  ) =>
+    renderHook(({ hookProps }) => useAttentionNotifications(hookProps), {
+      initialProps: {
+        hookProps: {
+          isFocused: true,
+          streamingState: StreamingState.Idle,
+          elapsedTime: 0,
+          ...props,
+        },
+      },
+    });
+
+  it('notifies when tool approval is required while unfocused', () => {
+    const { rerender } = render();
+
+    rerender({
+      hookProps: {
+        isFocused: false,
+        streamingState: StreamingState.WaitingForConfirmation,
+        elapsedTime: 0,
+      },
+    });
+
+    expect(mockedNotify).toHaveBeenCalledWith(
+      AttentionNotificationReason.ToolApproval,
+    );
+  });
+
+  it('notifies when focus is lost after entering approval wait state', () => {
+    const { rerender } = render({
+      isFocused: true,
+      streamingState: StreamingState.WaitingForConfirmation,
+    });
+
+    rerender({
+      hookProps: {
+        isFocused: false,
+        streamingState: StreamingState.WaitingForConfirmation,
+        elapsedTime: 0,
+      },
+    });
+
+    expect(mockedNotify).toHaveBeenCalledTimes(1);
+  });
+
+  it('sends a notification when a long task finishes while unfocused', () => {
+    const { rerender } = render();
+
+    rerender({
+      hookProps: {
+        isFocused: false,
+        streamingState: StreamingState.Responding,
+        elapsedTime: LONG_TASK_NOTIFICATION_THRESHOLD_SECONDS + 5,
+      },
+    });
+
+    rerender({
+      hookProps: {
+        isFocused: false,
+        streamingState: StreamingState.Idle,
+        elapsedTime: 0,
+      },
+    });
+
+    expect(mockedNotify).toHaveBeenCalledWith(
+      AttentionNotificationReason.LongTaskComplete,
+    );
+  });
+
+  it('does not notify about long tasks when the CLI is focused', () => {
+    const { rerender } = render();
+
+    rerender({
+      hookProps: {
+        isFocused: true,
+        streamingState: StreamingState.Responding,
+        elapsedTime: LONG_TASK_NOTIFICATION_THRESHOLD_SECONDS + 2,
+      },
+    });
+
+    rerender({
+      hookProps: {
+        isFocused: true,
+        streamingState: StreamingState.Idle,
+        elapsedTime: 0,
+      },
+    });
+
+    expect(mockedNotify).not.toHaveBeenCalledWith(
+      AttentionNotificationReason.LongTaskComplete,
+      expect.anything(),
+    );
+  });
+
+  it('does not treat short responses as long tasks', () => {
+    const { rerender } = render();
+
+    rerender({
+      hookProps: {
+        isFocused: false,
+        streamingState: StreamingState.Responding,
+        elapsedTime: 5,
+      },
+    });
+
+    rerender({
+      hookProps: {
+        isFocused: false,
+        streamingState: StreamingState.Idle,
+        elapsedTime: 0,
+      },
+    });
+
+    expect(mockedNotify).not.toHaveBeenCalled();
+  });
+});
--- a/packages/cli/src/ui/hooks/useAttentionNotifications.ts
+++ b/packages/cli/src/ui/hooks/useAttentionNotifications.ts
@@ -0,0 +1,63 @@
+/**
+ * @license
+ * Copyright 2025 Qwen
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { useEffect, useRef } from 'react';
+import { StreamingState } from '../types.js';
+import {
+  notifyTerminalAttention,
+  AttentionNotificationReason,
+} from '../../utils/attentionNotification.js';
+
+export const LONG_TASK_NOTIFICATION_THRESHOLD_SECONDS = 20;
+
+interface UseAttentionNotificationsOptions {
+  isFocused: boolean;
+  streamingState: StreamingState;
+  elapsedTime: number;
+}
+
+export const useAttentionNotifications = ({
+  isFocused,
+  streamingState,
+  elapsedTime,
+}: UseAttentionNotificationsOptions) => {
+  const awaitingNotificationSentRef = useRef(false);
+  const respondingElapsedRef = useRef(0);
+
+  useEffect(() => {
+    if (
+      streamingState === StreamingState.WaitingForConfirmation &&
+      !isFocused &&
+      !awaitingNotificationSentRef.current
+    ) {
+      notifyTerminalAttention(AttentionNotificationReason.ToolApproval);
+      awaitingNotificationSentRef.current = true;
+    }
+
+    if (streamingState !== StreamingState.WaitingForConfirmation || isFocused) {
+      awaitingNotificationSentRef.current = false;
+    }
+  }, [isFocused, streamingState]);
+
+  useEffect(() => {
+    if (streamingState === StreamingState.Responding) {
+      respondingElapsedRef.current = elapsedTime;
+      return;
+    }
+
+    if (streamingState === StreamingState.Idle) {
+      const wasLongTask =
+        respondingElapsedRef.current >=
+        LONG_TASK_NOTIFICATION_THRESHOLD_SECONDS;
+      if (wasLongTask && !isFocused) {
+        notifyTerminalAttention(AttentionNotificationReason.LongTaskComplete);
+      }
+      // Reset tracking for next task
+      respondingElapsedRef.current = 0;
+      return;
+    }
+  }, [streamingState, elapsedTime, isFocused]);
+};
--- a/packages/cli/src/ui/hooks/useDialogClose.ts
+++ b/packages/cli/src/ui/hooks/useDialogClose.ts
@@ -7,6 +7,7 @@
 import { useCallback } from 'react';
 import { SettingScope } from '../../config/settings.js';
 import type { AuthType, ApprovalMode } from '@qwen-code/qwen-code-core';
+import type { OpenAICredentials } from '../components/OpenAIKeyPrompt.js';

 export interface DialogCloseOptions {
  // Theme dialog
@@ -25,8 +26,9 @@ export interface DialogCloseOptions {
  handleAuthSelect: (
    authType: AuthType | undefined,
    scope: SettingScope,
+    credentials?: OpenAICredentials,
  ) => Promise<void>;
-  selectedAuthType: AuthType | undefined;
+  pendingAuthType: AuthType | undefined;

  // Editor dialog
  isEditorDialogOpen: boolean;
--- a/packages/cli/src/ui/hooks/useInitializationAuthError.ts
+++ b/packages/cli/src/ui/hooks/useInitializationAuthError.ts
@@ -0,0 +1,47 @@
+/**
+ * @license
+ * Copyright 2025 Qwen Team
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { useEffect, useRef } from 'react';
+
+/**
+ * Hook that handles initialization authentication error only once.
+ * This ensures that if an auth error occurred during app initialization,
+ * it is reported to the user exactly once, even if the component re-renders.
+ *
+ * @param authError - The authentication error from initialization, or null if no error.
+ * @param onAuthError - Callback function to handle the authentication error.
+ *
+ * @example
+ * ```tsx
+ * useInitializationAuthError(
+ *   initializationResult.authError,
+ *   onAuthError
+ * );
+ * ```
+ */
+export const useInitializationAuthError = (
+  authError: string | null,
+  onAuthError: (error: string) => void,
+): void => {
+  const hasHandled = useRef(false);
+  const authErrorRef = useRef(authError);
+  const onAuthErrorRef = useRef(onAuthError);
+
+  // Update refs to always use latest values
+  authErrorRef.current = authError;
+  onAuthErrorRef.current = onAuthError;
+
+  useEffect(() => {
+    if (hasHandled.current) {
+      return;
+    }
+
+    if (authErrorRef.current) {
+      hasHandled.current = true;
+      onAuthErrorRef.current(authErrorRef.current);
+    }
+  }, [authError, onAuthError]);
+};
--- a/packages/cli/src/ui/hooks/useQwenAuth.test.ts
+++ b/packages/cli/src/ui/hooks/useQwenAuth.test.ts
@@ -6,14 +6,13 @@

 import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
 import { renderHook, act } from '@testing-library/react';
-import type { DeviceAuthorizationInfo } from './useQwenAuth.js';
+import type { DeviceAuthorizationData } from '@qwen-code/qwen-code-core';
 import { useQwenAuth } from './useQwenAuth.js';
 import {
  AuthType,
  qwenOAuth2Events,
  QwenOAuth2Event,
 } from '@qwen-code/qwen-code-core';
-import type { LoadedSettings } from '../../config/settings.js';

 // Mock the qwenOAuth2Events
 vi.mock('@qwen-code/qwen-code-core', async () => {
@@ -36,24 +35,14 @@ vi.mock('@qwen-code/qwen-code-core', async () => {
 const mockQwenOAuth2Events = vi.mocked(qwenOAuth2Events);

 describe('useQwenAuth', () => {
-  const mockDeviceAuth: DeviceAuthorizationInfo = {
+  const mockDeviceAuth: DeviceAuthorizationData = {
    verification_uri: 'https://oauth.qwen.com/device',
    verification_uri_complete: 'https://oauth.qwen.com/device?user_code=ABC123',
    user_code: 'ABC123',
    expires_in: 1800,
+    device_code: 'device_code_123',
  };

-  const createMockSettings = (authType: AuthType): LoadedSettings =>
-    ({
-      merged: {
-        security: {
-          auth: {
-            selectedType: authType,
-          },
-        },
-      },
-    }) as LoadedSettings;
-
  beforeEach(() => {
    vi.clearAllMocks();
  });
@@ -63,36 +52,33 @@ describe('useQwenAuth', () => {
  });

  it('should initialize with default state when not Qwen auth', () => {
-    const settings = createMockSettings(AuthType.USE_GEMINI);
-    const { result } = renderHook(() => useQwenAuth(settings, false));
+    const { result } = renderHook(() =>
+      useQwenAuth(AuthType.USE_GEMINI, false),
+    );

-    expect(result.current).toEqual({
-      isQwenAuthenticating: false,
+    expect(result.current.qwenAuthState).toEqual({
      deviceAuth: null,
      authStatus: 'idle',
      authMessage: null,
-      isQwenAuth: false,
-      cancelQwenAuth: expect.any(Function),
    });
+    expect(result.current.cancelQwenAuth).toBeInstanceOf(Function);
  });

  it('should initialize with default state when Qwen auth but not authenticating', () => {
-    const settings = createMockSettings(AuthType.QWEN_OAUTH);
-    const { result } = renderHook(() => useQwenAuth(settings, false));
+    const { result } = renderHook(() =>
+      useQwenAuth(AuthType.QWEN_OAUTH, false),
+    );

-    expect(result.current).toEqual({
-      isQwenAuthenticating: false,
+    expect(result.current.qwenAuthState).toEqual({
      deviceAuth: null,
      authStatus: 'idle',
      authMessage: null,
-      isQwenAuth: true,
-      cancelQwenAuth: expect.any(Function),
    });
+    expect(result.current.cancelQwenAuth).toBeInstanceOf(Function);
  });

  it('should set up event listeners when Qwen auth and authenticating', () => {
-    const settings = createMockSettings(AuthType.QWEN_OAUTH);
-    renderHook(() => useQwenAuth(settings, true));
+    renderHook(() => useQwenAuth(AuthType.QWEN_OAUTH, true));

    expect(mockQwenOAuth2Events.on).toHaveBeenCalledWith(
      QwenOAuth2Event.AuthUri,
@@ -105,8 +91,7 @@ describe('useQwenAuth', () => {
  });

  it('should handle device auth event', () => {
-    const settings = createMockSettings(AuthType.QWEN_OAUTH);
-    let handleDeviceAuth: (deviceAuth: DeviceAuthorizationInfo) => void;
+    let handleDeviceAuth: (deviceAuth: DeviceAuthorizationData) => void;

    mockQwenOAuth2Events.on.mockImplementation((event, handler) => {
      if (event === QwenOAuth2Event.AuthUri) {
@@ -115,19 +100,17 @@ describe('useQwenAuth', () => {
      return mockQwenOAuth2Events;
    });

-    const { result } = renderHook(() => useQwenAuth(settings, true));
+    const { result } = renderHook(() => useQwenAuth(AuthType.QWEN_OAUTH, true));

    act(() => {
      handleDeviceAuth!(mockDeviceAuth);
    });

-    expect(result.current.deviceAuth).toEqual(mockDeviceAuth);
-    expect(result.current.authStatus).toBe('polling');
-    expect(result.current.isQwenAuthenticating).toBe(true);
+    expect(result.current.qwenAuthState.deviceAuth).toEqual(mockDeviceAuth);
+    expect(result.current.qwenAuthState.authStatus).toBe('polling');
  });

  it('should handle auth progress event - success', () => {
-    const settings = createMockSettings(AuthType.QWEN_OAUTH);
    let handleAuthProgress: (
      status: 'success' | 'error' | 'polling' | 'timeout' | 'rate_limit',
      message?: string,
@@ -140,18 +123,19 @@ describe('useQwenAuth', () => {
      return mockQwenOAuth2Events;
    });

-    const { result } = renderHook(() => useQwenAuth(settings, true));
+    const { result } = renderHook(() => useQwenAuth(AuthType.QWEN_OAUTH, true));

    act(() => {
      handleAuthProgress!('success', 'Authentication successful!');
    });

-    expect(result.current.authStatus).toBe('success');
-    expect(result.current.authMessage).toBe('Authentication successful!');
+    expect(result.current.qwenAuthState.authStatus).toBe('success');
+    expect(result.current.qwenAuthState.authMessage).toBe(
+      'Authentication successful!',
+    );
  });

  it('should handle auth progress event - error', () => {
-    const settings = createMockSettings(AuthType.QWEN_OAUTH);
    let handleAuthProgress: (
      status: 'success' | 'error' | 'polling' | 'timeout' | 'rate_limit',
      message?: string,
@@ -164,18 +148,19 @@ describe('useQwenAuth', () => {
      return mockQwenOAuth2Events;
    });

-    const { result } = renderHook(() => useQwenAuth(settings, true));
+    const { result } = renderHook(() => useQwenAuth(AuthType.QWEN_OAUTH, true));

    act(() => {
      handleAuthProgress!('error', 'Authentication failed');
    });

-    expect(result.current.authStatus).toBe('error');
-    expect(result.current.authMessage).toBe('Authentication failed');
+    expect(result.current.qwenAuthState.authStatus).toBe('error');
+    expect(result.current.qwenAuthState.authMessage).toBe(
+      'Authentication failed',
+    );
  });

  it('should handle auth progress event - polling', () => {
-    const settings = createMockSettings(AuthType.QWEN_OAUTH);
    let handleAuthProgress: (
      status: 'success' | 'error' | 'polling' | 'timeout' | 'rate_limit',
      message?: string,
@@ -188,20 +173,19 @@ describe('useQwenAuth', () => {
      return mockQwenOAuth2Events;
    });

-    const { result } = renderHook(() => useQwenAuth(settings, true));
+    const { result } = renderHook(() => useQwenAuth(AuthType.QWEN_OAUTH, true));

    act(() => {
      handleAuthProgress!('polling', 'Waiting for user authorization...');
    });

-    expect(result.current.authStatus).toBe('polling');
-    expect(result.current.authMessage).toBe(
+    expect(result.current.qwenAuthState.authStatus).toBe('polling');
+    expect(result.current.qwenAuthState.authMessage).toBe(
      'Waiting for user authorization...',
    );
  });

  it('should handle auth progress event - rate_limit', () => {
-    const settings = createMockSettings(AuthType.QWEN_OAUTH);
    let handleAuthProgress: (
      status: 'success' | 'error' | 'polling' | 'timeout' | 'rate_limit',
      message?: string,
@@ -214,7 +198,7 @@ describe('useQwenAuth', () => {
      return mockQwenOAuth2Events;
    });

-    const { result } = renderHook(() => useQwenAuth(settings, true));
+    const { result } = renderHook(() => useQwenAuth(AuthType.QWEN_OAUTH, true));

    act(() => {
      handleAuthProgress!(
@@ -223,14 +207,13 @@ describe('useQwenAuth', () => {
      );
    });

-    expect(result.current.authStatus).toBe('rate_limit');
-    expect(result.current.authMessage).toBe(
+    expect(result.current.qwenAuthState.authStatus).toBe('rate_limit');
+    expect(result.current.qwenAuthState.authMessage).toBe(
      'Too many requests. The server is rate limiting our requests. Please select a different authentication method or try again later.',
    );
  });

  it('should handle auth progress event without message', () => {
-    const settings = createMockSettings(AuthType.QWEN_OAUTH);
    let handleAuthProgress: (
      status: 'success' | 'error' | 'polling' | 'timeout' | 'rate_limit',
      message?: string,
@@ -243,27 +226,30 @@ describe('useQwenAuth', () => {
      return mockQwenOAuth2Events;
    });

-    const { result } = renderHook(() => useQwenAuth(settings, true));
+    const { result } = renderHook(() => useQwenAuth(AuthType.QWEN_OAUTH, true));

    act(() => {
      handleAuthProgress!('success');
    });

-    expect(result.current.authStatus).toBe('success');
-    expect(result.current.authMessage).toBe(null);
+    expect(result.current.qwenAuthState.authStatus).toBe('success');
+    expect(result.current.qwenAuthState.authMessage).toBe(null);
  });

  it('should clean up event listeners when auth type changes', () => {
-    const qwenSettings = createMockSettings(AuthType.QWEN_OAUTH);
    const { rerender } = renderHook(
-      ({ settings, isAuthenticating }) =>
-        useQwenAuth(settings, isAuthenticating),
-      { initialProps: { settings: qwenSettings, isAuthenticating: true } },
+      ({ pendingAuthType, isAuthenticating }) =>
+        useQwenAuth(pendingAuthType, isAuthenticating),
+      {
+        initialProps: {
+          pendingAuthType: AuthType.QWEN_OAUTH,
+          isAuthenticating: true,
+        },
+      },
    );

    // Change to non-Qwen auth
-    const geminiSettings = createMockSettings(AuthType.USE_GEMINI);
-    rerender({ settings: geminiSettings, isAuthenticating: true });
+    rerender({ pendingAuthType: AuthType.USE_GEMINI, isAuthenticating: true });

    expect(mockQwenOAuth2Events.off).toHaveBeenCalledWith(
      QwenOAuth2Event.AuthUri,
@@ -276,9 +262,9 @@ describe('useQwenAuth', () => {
  });

  it('should clean up event listeners when authentication stops', () => {
-    const settings = createMockSettings(AuthType.QWEN_OAUTH);
    const { rerender } = renderHook(
-      ({ isAuthenticating }) => useQwenAuth(settings, isAuthenticating),
+      ({ isAuthenticating }) =>
+        useQwenAuth(AuthType.QWEN_OAUTH, isAuthenticating),
      { initialProps: { isAuthenticating: true } },
    );

@@ -296,8 +282,9 @@ describe('useQwenAuth', () => {
  });

  it('should clean up event listeners on unmount', () => {
-    const settings = createMockSettings(AuthType.QWEN_OAUTH);
-    const { unmount } = renderHook(() => useQwenAuth(settings, true));
+    const { unmount } = renderHook(() =>
+      useQwenAuth(AuthType.QWEN_OAUTH, true),
+    );

    unmount();

@@ -312,8 +299,7 @@ describe('useQwenAuth', () => {
  });

  it('should reset state when switching from Qwen auth to another auth type', () => {
-    const qwenSettings = createMockSettings(AuthType.QWEN_OAUTH);
-    let handleDeviceAuth: (deviceAuth: DeviceAuthorizationInfo) => void;
+    let handleDeviceAuth: (deviceAuth: DeviceAuthorizationData) => void;

    mockQwenOAuth2Events.on.mockImplementation((event, handler) => {
      if (event === QwenOAuth2Event.AuthUri) {
@@ -323,9 +309,14 @@ describe('useQwenAuth', () => {
    });

    const { result, rerender } = renderHook(
-      ({ settings, isAuthenticating }) =>
-        useQwenAuth(settings, isAuthenticating),
-      { initialProps: { settings: qwenSettings, isAuthenticating: true } },
+      ({ pendingAuthType, isAuthenticating }) =>
+        useQwenAuth(pendingAuthType, isAuthenticating),
+      {
+        initialProps: {
+          pendingAuthType: AuthType.QWEN_OAUTH,
+          isAuthenticating: true,
+        },
+      },
    );

    // Simulate device auth
@@ -333,22 +324,19 @@ describe('useQwenAuth', () => {
      handleDeviceAuth!(mockDeviceAuth);
    });

-    expect(result.current.deviceAuth).toEqual(mockDeviceAuth);
-    expect(result.current.authStatus).toBe('polling');
+    expect(result.current.qwenAuthState.deviceAuth).toEqual(mockDeviceAuth);
+    expect(result.current.qwenAuthState.authStatus).toBe('polling');

    // Switch to different auth type
-    const geminiSettings = createMockSettings(AuthType.USE_GEMINI);
-    rerender({ settings: geminiSettings, isAuthenticating: true });
+    rerender({ pendingAuthType: AuthType.USE_GEMINI, isAuthenticating: true });

-    expect(result.current.isQwenAuthenticating).toBe(false);
-    expect(result.current.deviceAuth).toBe(null);
-    expect(result.current.authStatus).toBe('idle');
-    expect(result.current.authMessage).toBe(null);
+    expect(result.current.qwenAuthState.deviceAuth).toBe(null);
+    expect(result.current.qwenAuthState.authStatus).toBe('idle');
+    expect(result.current.qwenAuthState.authMessage).toBe(null);
  });

  it('should reset state when authentication stops', () => {
-    const settings = createMockSettings(AuthType.QWEN_OAUTH);
-    let handleDeviceAuth: (deviceAuth: DeviceAuthorizationInfo) => void;
+    let handleDeviceAuth: (deviceAuth: DeviceAuthorizationData) => void;

    mockQwenOAuth2Events.on.mockImplementation((event, handler) => {
      if (event === QwenOAuth2Event.AuthUri) {
@@ -358,7 +346,8 @@ describe('useQwenAuth', () => {
    });

    const { result, rerender } = renderHook(
-      ({ isAuthenticating }) => useQwenAuth(settings, isAuthenticating),
+      ({ isAuthenticating }) =>
+        useQwenAuth(AuthType.QWEN_OAUTH, isAuthenticating),
      { initialProps: { isAuthenticating: true } },
    );

@@ -367,21 +356,19 @@ describe('useQwenAuth', () => {
      handleDeviceAuth!(mockDeviceAuth);
    });

-    expect(result.current.deviceAuth).toEqual(mockDeviceAuth);
-    expect(result.current.authStatus).toBe('polling');
+    expect(result.current.qwenAuthState.deviceAuth).toEqual(mockDeviceAuth);
+    expect(result.current.qwenAuthState.authStatus).toBe('polling');

    // Stop authentication
    rerender({ isAuthenticating: false });

-    expect(result.current.isQwenAuthenticating).toBe(false);
-    expect(result.current.deviceAuth).toBe(null);
-    expect(result.current.authStatus).toBe('idle');
-    expect(result.current.authMessage).toBe(null);
+    expect(result.current.qwenAuthState.deviceAuth).toBe(null);
+    expect(result.current.qwenAuthState.authStatus).toBe('idle');
+    expect(result.current.qwenAuthState.authMessage).toBe(null);
  });

  it('should handle cancelQwenAuth function', () => {
-    const settings = createMockSettings(AuthType.QWEN_OAUTH);
-    let handleDeviceAuth: (deviceAuth: DeviceAuthorizationInfo) => void;
+    let handleDeviceAuth: (deviceAuth: DeviceAuthorizationData) => void;

    mockQwenOAuth2Events.on.mockImplementation((event, handler) => {
      if (event === QwenOAuth2Event.AuthUri) {
@@ -390,53 +377,49 @@ describe('useQwenAuth', () => {
      return mockQwenOAuth2Events;
    });

-    const { result } = renderHook(() => useQwenAuth(settings, true));
+    const { result } = renderHook(() => useQwenAuth(AuthType.QWEN_OAUTH, true));

    // Set up some state
    act(() => {
      handleDeviceAuth!(mockDeviceAuth);
    });

-    expect(result.current.deviceAuth).toEqual(mockDeviceAuth);
+    expect(result.current.qwenAuthState.deviceAuth).toEqual(mockDeviceAuth);

    // Cancel auth
    act(() => {
      result.current.cancelQwenAuth();
    });

-    expect(result.current.isQwenAuthenticating).toBe(false);
-    expect(result.current.deviceAuth).toBe(null);
-    expect(result.current.authStatus).toBe('idle');
-    expect(result.current.authMessage).toBe(null);
+    expect(result.current.qwenAuthState.deviceAuth).toBe(null);
+    expect(result.current.qwenAuthState.authStatus).toBe('idle');
+    expect(result.current.qwenAuthState.authMessage).toBe(null);
  });

-  it('should maintain isQwenAuth flag correctly', () => {
-    // Test with Qwen OAuth
-    const qwenSettings = createMockSettings(AuthType.QWEN_OAUTH);
+  it('should handle different auth types correctly', () => {
+    // Test with Qwen OAuth - should set up event listeners when authenticating
    const { result: qwenResult } = renderHook(() =>
-      useQwenAuth(qwenSettings, false),
+      useQwenAuth(AuthType.QWEN_OAUTH, true),
    );
-    expect(qwenResult.current.isQwenAuth).toBe(true);
+    expect(qwenResult.current.qwenAuthState.authStatus).toBe('idle');
+    expect(mockQwenOAuth2Events.on).toHaveBeenCalled();

-    // Test with other auth types
-    const geminiSettings = createMockSettings(AuthType.USE_GEMINI);
+    // Test with other auth types - should not set up event listeners
    const { result: geminiResult } = renderHook(() =>
-      useQwenAuth(geminiSettings, false),
+      useQwenAuth(AuthType.USE_GEMINI, true),
    );
-    expect(geminiResult.current.isQwenAuth).toBe(false);
+    expect(geminiResult.current.qwenAuthState.authStatus).toBe('idle');

-    const oauthSettings = createMockSettings(AuthType.LOGIN_WITH_GOOGLE);
    const { result: oauthResult } = renderHook(() =>
-      useQwenAuth(oauthSettings, false),
+      useQwenAuth(AuthType.LOGIN_WITH_GOOGLE, true),
    );
-    expect(oauthResult.current.isQwenAuth).toBe(false);
+    expect(oauthResult.current.qwenAuthState.authStatus).toBe('idle');
  });

-  it('should set isQwenAuthenticating to true when starting authentication with Qwen auth', () => {
-    const settings = createMockSettings(AuthType.QWEN_OAUTH);
-    const { result } = renderHook(() => useQwenAuth(settings, true));
+  it('should initialize with idle status when starting authentication with Qwen auth', () => {
+    const { result } = renderHook(() => useQwenAuth(AuthType.QWEN_OAUTH, true));

-    expect(result.current.isQwenAuthenticating).toBe(true);
-    expect(result.current.authStatus).toBe('idle');
+    expect(result.current.qwenAuthState.authStatus).toBe('idle');
+    expect(mockQwenOAuth2Events.on).toHaveBeenCalled();
  });
 });
--- a/packages/cli/src/ui/hooks/useQwenAuth.ts
+++ b/packages/cli/src/ui/hooks/useQwenAuth.ts
@@ -5,23 +5,15 @@
 */

 import { useState, useCallback, useEffect } from 'react';
-import type { LoadedSettings } from '../../config/settings.js';
 import {
  AuthType,
  qwenOAuth2Events,
  QwenOAuth2Event,
+  type DeviceAuthorizationData,
 } from '@qwen-code/qwen-code-core';

-export interface DeviceAuthorizationInfo {
-  verification_uri: string;
-  verification_uri_complete: string;
-  user_code: string;
-  expires_in: number;
-}
-
-interface QwenAuthState {
-  isQwenAuthenticating: boolean;
-  deviceAuth: DeviceAuthorizationInfo | null;
+export interface QwenAuthState {
+  deviceAuth: DeviceAuthorizationData | null;
  authStatus:
    | 'idle'
    | 'polling'
@@ -33,25 +25,22 @@ interface QwenAuthState {
 }

 export const useQwenAuth = (
-  settings: LoadedSettings,
+  pendingAuthType: AuthType | undefined,
  isAuthenticating: boolean,
 ) => {
  const [qwenAuthState, setQwenAuthState] = useState<QwenAuthState>({
-    isQwenAuthenticating: false,
    deviceAuth: null,
    authStatus: 'idle',
    authMessage: null,
  });

-  const isQwenAuth =
-    settings.merged.security?.auth?.selectedType === AuthType.QWEN_OAUTH;
+  const isQwenAuth = pendingAuthType === AuthType.QWEN_OAUTH;

  // Set up event listeners when authentication starts
  useEffect(() => {
    if (!isQwenAuth || !isAuthenticating) {
      // Reset state when not authenticating or not Qwen auth
      setQwenAuthState({
-        isQwenAuthenticating: false,
        deviceAuth: null,
        authStatus: 'idle',
        authMessage: null,
@@ -61,12 +50,11 @@ export const useQwenAuth = (

    setQwenAuthState((prev) => ({
      ...prev,
-      isQwenAuthenticating: true,
      authStatus: 'idle',
    }));

    // Set up event listeners
-    const handleDeviceAuth = (deviceAuth: DeviceAuthorizationInfo) => {
+    const handleDeviceAuth = (deviceAuth: DeviceAuthorizationData) => {
      setQwenAuthState((prev) => ({
        ...prev,
        deviceAuth: {
@@ -74,6 +62,7 @@ export const useQwenAuth = (
          verification_uri_complete: deviceAuth.verification_uri_complete,
          user_code: deviceAuth.user_code,
          expires_in: deviceAuth.expires_in,
+          device_code: deviceAuth.device_code,
        },
        authStatus: 'polling',
      }));
@@ -106,7 +95,6 @@ export const useQwenAuth = (
    qwenOAuth2Events.emit(QwenOAuth2Event.AuthCancel);

    setQwenAuthState({
-      isQwenAuthenticating: false,
      deviceAuth: null,
      authStatus: 'idle',
      authMessage: null,
@@ -114,8 +102,7 @@ export const useQwenAuth = (
  }, []);

  return {
-    ...qwenAuthState,
-    isQwenAuth,
+    qwenAuthState,
    cancelQwenAuth,
  };
 };
--- a/packages/cli/src/ui/utils/terminalSetup.ts
+++ b/packages/cli/src/ui/utils/terminalSetup.ts
@@ -48,7 +48,7 @@ export interface TerminalSetupResult {
  requiresRestart?: boolean;
 }

-type SupportedTerminal = 'vscode' | 'cursor' | 'windsurf';
+type SupportedTerminal = 'vscode' | 'cursor' | 'windsurf' | 'trae';

 // Terminal detection
 async function detectTerminal(): Promise<SupportedTerminal | null> {
@@ -68,6 +68,11 @@ async function detectTerminal(): Promise<SupportedTerminal | null> {
  ) {
    return 'windsurf';
  }
+
+  if (process.env['TERM_PRODUCT']?.toLowerCase().includes('trae')) {
+    return 'trae';
+  }
+
  // Check VS Code last since forks may also set VSCODE env vars
  if (termProgram === 'vscode' || process.env['VSCODE_GIT_IPC_HANDLE']) {
    return 'vscode';
@@ -86,6 +91,8 @@ async function detectTerminal(): Promise<SupportedTerminal | null> {
        return 'cursor';
      if (parentName.includes('code') || parentName.includes('Code'))
        return 'vscode';
+      if (parentName.includes('trae') || parentName.includes('Trae'))
+        return 'trae';
    } catch (error) {
      // Continue detection even if process check fails
      console.debug('Parent process detection failed:', error);
@@ -287,6 +294,10 @@ async function configureWindsurf(): Promise<TerminalSetupResult> {
  return configureVSCodeStyle('Windsurf', 'Windsurf');
 }

+async function configureTrae(): Promise<TerminalSetupResult> {
+  return configureVSCodeStyle('Trae', 'Trae');
+}
+
 /**
 * Main terminal setup function that detects and configures the current terminal.
 *
@@ -333,6 +344,8 @@ export async function terminalSetup(): Promise<TerminalSetupResult> {
      return configureCursor();
    case 'windsurf':
      return configureWindsurf();
+    case 'trae':
+      return configureTrae();
    default:
      return {
        success: false,
--- a/packages/cli/src/utils/attentionNotification.test.ts
+++ b/packages/cli/src/utils/attentionNotification.test.ts
@@ -0,0 +1,72 @@
+/**
+ * @license
+ * Copyright 2025 Qwen
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+import {
+  notifyTerminalAttention,
+  AttentionNotificationReason,
+} from './attentionNotification.js';
+
+describe('notifyTerminalAttention', () => {
+  let stream: { write: ReturnType<typeof vi.fn>; isTTY: boolean };
+
+  beforeEach(() => {
+    stream = { write: vi.fn().mockReturnValue(true), isTTY: true };
+  });
+
+  it('emits terminal bell character', () => {
+    const result = notifyTerminalAttention(
+      AttentionNotificationReason.ToolApproval,
+      {
+        stream,
+      },
+    );
+
+    expect(result).toBe(true);
+    expect(stream.write).toHaveBeenCalledWith('\u0007');
+  });
+
+  it('returns false when not running inside a tty', () => {
+    stream.isTTY = false;
+
+    const result = notifyTerminalAttention(
+      AttentionNotificationReason.ToolApproval,
+      { stream },
+    );
+
+    expect(result).toBe(false);
+    expect(stream.write).not.toHaveBeenCalled();
+  });
+
+  it('returns false when stream write fails', () => {
+    stream.write = vi.fn().mockImplementation(() => {
+      throw new Error('Write failed');
+    });
+
+    const result = notifyTerminalAttention(
+      AttentionNotificationReason.ToolApproval,
+      { stream },
+    );
+
+    expect(result).toBe(false);
+  });
+
+  it('works with different notification reasons', () => {
+    const reasons = [
+      AttentionNotificationReason.ToolApproval,
+      AttentionNotificationReason.LongTaskComplete,
+    ];
+
+    reasons.forEach((reason) => {
+      stream.write.mockClear();
+
+      const result = notifyTerminalAttention(reason, { stream });
+
+      expect(result).toBe(true);
+      expect(stream.write).toHaveBeenCalledWith('\u0007');
+    });
+  });
+});
--- a/packages/cli/src/utils/attentionNotification.ts
+++ b/packages/cli/src/utils/attentionNotification.ts
@@ -0,0 +1,43 @@
+/**
+ * @license
+ * Copyright 2025 Qwen
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import process from 'node:process';
+
+export enum AttentionNotificationReason {
+  ToolApproval = 'tool_approval',
+  LongTaskComplete = 'long_task_complete',
+}
+
+export interface TerminalNotificationOptions {
+  stream?: Pick<NodeJS.WriteStream, 'write' | 'isTTY'>;
+}
+
+const TERMINAL_BELL = '\u0007';
+
+/**
+ * Grabs the user's attention by emitting the terminal bell character.
+ * This causes the terminal to flash or play a sound, alerting the user
+ * to check the CLI for important events.
+ *
+ * @returns true when the bell was successfully written to the terminal.
+ */
+export function notifyTerminalAttention(
+  _reason: AttentionNotificationReason,
+  options: TerminalNotificationOptions = {},
+): boolean {
+  const stream = options.stream ?? process.stdout;
+  if (!stream?.write || stream.isTTY === false) {
+    return false;
+  }
+
+  try {
+    stream.write(TERMINAL_BELL);
+    return true;
+  } catch (error) {
+    console.warn('Failed to send terminal bell:', error);
+    return false;
+  }
+}
--- a/packages/cli/src/zed-integration/schema.ts
+++ b/packages/cli/src/zed-integration/schema.ts
@@ -128,6 +128,14 @@ export type AgentRequest = z.infer<typeof agentRequestSchema>;

 export type AgentNotification = z.infer<typeof agentNotificationSchema>;

+export type AvailableCommandInput = z.infer<typeof availableCommandInputSchema>;
+
+export type AvailableCommand = z.infer<typeof availableCommandSchema>;
+
+export type AvailableCommandsUpdate = z.infer<
+  typeof availableCommandsUpdateSchema
+>;
+
 export const writeTextFileRequestSchema = z.object({
  content: z.string(),
  path: z.string(),
@@ -386,6 +394,21 @@ export const promptRequestSchema = z.object({
  sessionId: z.string(),
 });

+export const availableCommandInputSchema = z.object({
+  hint: z.string(),
+});
+
+export const availableCommandSchema = z.object({
+  description: z.string(),
+  input: availableCommandInputSchema.nullable().optional(),
+  name: z.string(),
+});
+
+export const availableCommandsUpdateSchema = z.object({
+  availableCommands: z.array(availableCommandSchema),
+  sessionUpdate: z.literal('available_commands_update'),
+});
+
 export const sessionUpdateSchema = z.union([
  z.object({
    content: contentBlockSchema,
@@ -423,6 +446,7 @@ export const sessionUpdateSchema = z.union([
    entries: z.array(planEntrySchema),
    sessionUpdate: z.literal('plan'),
  }),
+  availableCommandsUpdateSchema,
 ]);

 export const agentResponseSchema = z.union([
--- a/packages/cli/src/zed-integration/zedIntegration.ts
+++ b/packages/cli/src/zed-integration/zedIntegration.ts
@@ -31,6 +31,7 @@ import {
  MCPServerConfig,
  ToolConfirmationOutcome,
  logToolCall,
+  logUserPrompt,
  getErrorStatus,
  isWithinRoot,
  isNodeError,
@@ -38,6 +39,7 @@ import {
  TaskTool,
  Kind,
  TodoWriteTool,
+  UserPromptEvent,
 } from '@qwen-code/qwen-code-core';
 import * as acp from './acp.js';
 import { AcpFileSystemService } from './fileSystemService.js';
@@ -53,6 +55,26 @@ import { ExtensionStorage, type Extension } from '../config/extension.js';
 import type { CliArgs } from '../config/config.js';
 import { loadCliConfig } from '../config/config.js';
 import { ExtensionEnablementManager } from '../config/extensions/extensionEnablement.js';
+import {
+  handleSlashCommand,
+  getAvailableCommands,
+} from '../nonInteractiveCliCommands.js';
+import type { AvailableCommand, AvailableCommandsUpdate } from './schema.js';
+import { isSlashCommand } from '../ui/utils/commandUtils.js';
+
+/**
+ * Built-in commands that are allowed in ACP integration mode.
+ * Only these commands will be available when using handleSlashCommand
+ * or getAvailableCommands in ACP integration.
+ *
+ * Currently, only "init" is supported because `handleSlashCommand` in
+ * nonInteractiveCliCommands.ts only supports handling results where
+ * result.type is "submit_prompt". Other result types are either coupled
+ * to the UI or cannot send notifications to the client via ACP.
+ *
+ * If you have a good idea to add support for more commands, PRs are welcome!
+ */
+const ALLOWED_BUILTIN_COMMANDS_FOR_ACP = ['init'];

 /**
 * Resolves the model to use based on the current configuration.
@@ -151,7 +173,7 @@ class GeminiAgent {
    cwd,
    mcpServers,
  }: acp.NewSessionRequest): Promise<acp.NewSessionResponse> {
-    const sessionId = randomUUID();
+    const sessionId = this.config.getSessionId() || randomUUID();
    const config = await this.newSessionConfig(sessionId, cwd, mcpServers);

    let isAuthenticated = false;
@@ -182,9 +204,20 @@ class GeminiAgent {

    const geminiClient = config.getGeminiClient();
    const chat = await geminiClient.startChat();
-    const session = new Session(sessionId, chat, config, this.client);
+    const session = new Session(
+      sessionId,
+      chat,
+      config,
+      this.client,
+      this.settings,
+    );
    this.sessions.set(sessionId, session);

+    // Send available commands update as the first session update
+    setTimeout(async () => {
+      await session.sendAvailableCommandsUpdate();
+    }, 0);
+
    return {
      sessionId,
    };
@@ -242,12 +275,14 @@ class GeminiAgent {

 class Session {
  private pendingPrompt: AbortController | null = null;
+  private turn: number = 0;

  constructor(
    private readonly id: string,
    private readonly chat: GeminiChat,
    private readonly config: Config,
    private readonly client: acp.Client,
+    private readonly settings: LoadedSettings,
  ) {}

  async cancelPendingPrompt(): Promise<void> {
@@ -264,10 +299,57 @@ class Session {
    const pendingSend = new AbortController();
    this.pendingPrompt = pendingSend;

-    const promptId = Math.random().toString(16).slice(2);
-    const chat = this.chat;
+    // Increment turn counter for each user prompt
+    this.turn += 1;

-    const parts = await this.#resolvePrompt(params.prompt, pendingSend.signal);
+    const chat = this.chat;
+    const promptId = this.config.getSessionId() + '########' + this.turn;
+
+    // Extract text from all text blocks to construct the full prompt text for logging
+    const promptText = params.prompt
+      .filter((block) => block.type === 'text')
+      .map((block) => (block.type === 'text' ? block.text : ''))
+      .join(' ');
+
+    // Log user prompt
+    logUserPrompt(
+      this.config,
+      new UserPromptEvent(
+        promptText.length,
+        promptId,
+        this.config.getContentGeneratorConfig()?.authType,
+        promptText,
+      ),
+    );
+
+    // Check if the input contains a slash command
+    // Extract text from the first text block if present
+    const firstTextBlock = params.prompt.find((block) => block.type === 'text');
+    const inputText = firstTextBlock?.text || '';
+
+    let parts: Part[];
+
+    if (isSlashCommand(inputText)) {
+      // Handle slash command - allow specific built-in commands for ACP integration
+      const slashCommandResult = await handleSlashCommand(
+        inputText,
+        pendingSend,
+        this.config,
+        this.settings,
+        ALLOWED_BUILTIN_COMMANDS_FOR_ACP,
+      );
+
+      if (slashCommandResult) {
+        // Use the result from the slash command
+        parts = slashCommandResult as Part[];
+      } else {
+        // Slash command didn't return a prompt, continue with normal processing
+        parts = await this.#resolvePrompt(params.prompt, pendingSend.signal);
+      }
+    } else {
+      // Normal processing for non-slash commands
+      parts = await this.#resolvePrompt(params.prompt, pendingSend.signal);
+    }

    let nextMessage: Content | null = { role: 'user', parts };

@@ -361,6 +443,37 @@ class Session {
    await this.client.sessionUpdate(params);
  }

+  async sendAvailableCommandsUpdate(): Promise<void> {
+    const abortController = new AbortController();
+    try {
+      const slashCommands = await getAvailableCommands(
+        this.config,
+        this.settings,
+        abortController.signal,
+        ALLOWED_BUILTIN_COMMANDS_FOR_ACP,
+      );
+
+      // Convert SlashCommand[] to AvailableCommand[] format for ACP protocol
+      const availableCommands: AvailableCommand[] = slashCommands.map(
+        (cmd) => ({
+          name: cmd.name,
+          description: cmd.description,
+          input: null,
+        }),
+      );
+
+      const update: AvailableCommandsUpdate = {
+        sessionUpdate: 'available_commands_update',
+        availableCommands,
+      };
+
+      await this.sendUpdate(update);
+    } catch (error) {
+      // Log error but don't fail session creation
+      console.error('Error sending available commands update:', error);
+    }
+  }
+
  private async runTool(
    abortSignal: AbortSignal,
    promptId: string,
--- a/packages/core/index.ts
+++ b/packages/core/index.ts
@@ -30,6 +30,7 @@ export {
  logExtensionEnable,
  logIdeConnection,
  logExtensionDisable,
+  logAuth,
 } from './src/telemetry/loggers.js';

 export {
@@ -40,6 +41,7 @@ export {
  ExtensionEnableEvent,
  ExtensionUninstallEvent,
  ModelSlashCommandEvent,
+  AuthEvent,
 } from './src/telemetry/types.js';
 export { makeFakeConfig } from './src/test-utils/config.js';
 export * from './src/utils/pathReader.js';
--- a/packages/core/package.json
+++ b/packages/core/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@qwen-code/qwen-code-core",
-  "version": "0.2.1",
+  "version": "0.2.2",
  "description": "Qwen Code Core",
  "repository": {
    "type": "git",
--- a/packages/core/scripts/postinstall.js
+++ b/packages/core/scripts/postinstall.js
@@ -20,66 +20,81 @@ const vendorDir = path.join(packageRoot, 'vendor', 'ripgrep');

 /**
 * Remove quarantine attribute and set executable permissions on macOS/Linux
+ * This script never throws errors to avoid blocking npm workflows.
 */
 function setupRipgrepBinaries() {
-  if (!fs.existsSync(vendorDir)) {
-    console.log('Vendor directory not found, skipping ripgrep setup');
-    return;
-  }
-
-  const platform = process.platform;
-  const arch = process.arch;
-
-  // Determine the binary directory based on platform and architecture
-  let binaryDir;
-  if (platform === 'darwin' || platform === 'linux') {
-    const archStr = arch === 'x64' || arch === 'arm64' ? arch : null;
-    if (archStr) {
-      binaryDir = path.join(vendorDir, `${archStr}-${platform}`);
-    }
-  } else if (platform === 'win32') {
-    // Windows doesn't need these fixes
-    return;
-  }
-
-  if (!binaryDir || !fs.existsSync(binaryDir)) {
-    console.log(
-      `Binary directory not found for ${platform}-${arch}, skipping ripgrep setup`,
-    );
-    return;
-  }
-
-  const rgBinary = path.join(binaryDir, 'rg');
-
-  if (!fs.existsSync(rgBinary)) {
-    console.log(`Ripgrep binary not found at ${rgBinary}`);
-    return;
-  }
-
  try {
-    // Set executable permissions
-    fs.chmodSync(rgBinary, 0o755);
-    console.log(`✓ Set executable permissions on ${rgBinary}`);
+    if (!fs.existsSync(vendorDir)) {
+      console.log('ℹ Vendor directory not found, skipping ripgrep setup');
+      return;
+    }

-    // On macOS, remove quarantine attribute
-    if (platform === 'darwin') {
-      try {
-        execSync(`xattr -d com.apple.quarantine "${rgBinary}"`, {
-          stdio: 'pipe',
-        });
-        console.log(`✓ Removed quarantine attribute from ${rgBinary}`);
-      } catch (error) {
-        // Quarantine attribute might not exist, which is fine
-        if (error.message && !error.message.includes('No such xattr')) {
-          console.warn(
-            `Warning: Could not remove quarantine attribute: ${error.message}`,
-          );
+    const platform = process.platform;
+    const arch = process.arch;
+
+    // Determine the binary directory based on platform and architecture
+    let binaryDir;
+    if (platform === 'darwin' || platform === 'linux') {
+      const archStr = arch === 'x64' || arch === 'arm64' ? arch : null;
+      if (archStr) {
+        binaryDir = path.join(vendorDir, `${archStr}-${platform}`);
+      }
+    } else if (platform === 'win32') {
+      // Windows doesn't need these fixes
+      console.log('ℹ Windows detected, skipping ripgrep setup');
+      return;
+    }
+
+    if (!binaryDir || !fs.existsSync(binaryDir)) {
+      console.log(
+        `ℹ Binary directory not found for ${platform}-${arch}, skipping ripgrep setup`,
+      );
+      return;
+    }
+
+    const rgBinary = path.join(binaryDir, 'rg');
+
+    if (!fs.existsSync(rgBinary)) {
+      console.log(`ℹ Ripgrep binary not found at ${rgBinary}, skipping setup`);
+      return;
+    }
+
+    try {
+      // Set executable permissions
+      fs.chmodSync(rgBinary, 0o755);
+      console.log(`✓ Set executable permissions on ${rgBinary}`);
+
+      // On macOS, remove quarantine attribute
+      if (platform === 'darwin') {
+        try {
+          execSync(`xattr -d com.apple.quarantine "${rgBinary}"`, {
+            stdio: 'pipe',
+          });
+          console.log(`✓ Removed quarantine attribute from ${rgBinary}`);
+        } catch {
+          // Quarantine attribute might not exist, which is fine
+          console.log('ℹ Quarantine attribute not present or already removed');
        }
      }
+    } catch (error) {
+      console.log(
+        `⚠ Could not complete ripgrep setup: ${error.message || 'Unknown error'}`,
+      );
+      console.log('  This is not critical - ripgrep may still work correctly');
    }
  } catch (error) {
-    console.error(`Error setting up ripgrep binary: ${error.message}`);
+    console.log(
+      `⚠ Ripgrep setup encountered an issue: ${error.message || 'Unknown error'}`,
+    );
+    console.log('  Continuing anyway - this should not affect functionality');
  }
 }

-setupRipgrepBinaries();
+// Wrap the entire execution to ensure no errors escape to npm
+try {
+  setupRipgrepBinaries();
+} catch {
+  // Last resort catch - never let errors block npm
+  console.log('⚠ Postinstall script encountered an unexpected error');
+  console.log('  This will not affect the installation');
+}
--- a/packages/core/src/config/config.ts
+++ b/packages/core/src/config/config.ts
@@ -562,7 +562,7 @@ export class Config {
    }
  }

-  async refreshAuth(authMethod: AuthType) {
+  async refreshAuth(authMethod: AuthType, isInitialAuth?: boolean) {
    // Vertex and Genai have incompatible encryption and sending history with
    // throughtSignature from Genai to Vertex will fail, we need to strip them
    if (
@@ -582,6 +582,7 @@ export class Config {
      newContentGeneratorConfig,
      this,
      this.getSessionId(),
+      isInitialAuth,
    );
    // Only assign to instance properties after successful initialization
    this.contentGeneratorConfig = newContentGeneratorConfig;
--- a/packages/core/src/core/contentGenerator.ts
+++ b/packages/core/src/core/contentGenerator.ts
@@ -120,6 +120,7 @@ export async function createContentGenerator(
  config: ContentGeneratorConfig,
  gcConfig: Config,
  sessionId?: string,
+  isInitialAuth?: boolean,
 ): Promise<ContentGenerator> {
  const version = process.env['CLI_VERSION'] || process.version;
  const userAgent = `QwenCode/${version} (${process.platform}; ${process.arch})`;
@@ -191,13 +192,17 @@ export async function createContentGenerator(

    try {
      // Get the Qwen OAuth client (now includes integrated token management)
-      const qwenClient = await getQwenOauthClient(gcConfig);
+      // If this is initial auth, require cached credentials to detect missing credentials
+      const qwenClient = await getQwenOauthClient(
+        gcConfig,
+        isInitialAuth ? { requireCachedCredentials: true } : undefined,
+      );

      // Create the content generator with dynamic token management
      return new QwenContentGenerator(qwenClient, config, gcConfig);
    } catch (error) {
      throw new Error(
-        `Failed to initialize Qwen: ${error instanceof Error ? error.message : String(error)}`,
+        `${error instanceof Error ? error.message : String(error)}`,
      );
    }
  }
--- a/packages/core/src/core/openaiContentGenerator/converter.ts
+++ b/packages/core/src/core/openaiContentGenerator/converter.ts
@@ -23,6 +23,14 @@ import type OpenAI from 'openai';
 import { safeJsonParse } from '../../utils/safeJsonParse.js';
 import { StreamingToolCallParser } from './streamingToolCallParser.js';

+/**
+ * Extended usage type that supports both OpenAI standard format and alternative formats
+ * Some models return cached_tokens at the top level instead of in prompt_tokens_details
+ */
+interface ExtendedCompletionUsage extends OpenAI.CompletionUsage {
+  cached_tokens?: number;
+}
+
 /**
 * Tool call accumulator for streaming responses
 */
@@ -582,7 +590,13 @@ export class OpenAIContentConverter {
      const promptTokens = usage.prompt_tokens || 0;
      const completionTokens = usage.completion_tokens || 0;
      const totalTokens = usage.total_tokens || 0;
-      const cachedTokens = usage.prompt_tokens_details?.cached_tokens || 0;
+      // Support both formats: prompt_tokens_details.cached_tokens (OpenAI standard)
+      // and cached_tokens (some models return it at top level)
+      const extendedUsage = usage as ExtendedCompletionUsage;
+      const cachedTokens =
+        usage.prompt_tokens_details?.cached_tokens ??
+        extendedUsage.cached_tokens ??
+        0;

      // If we only have total tokens but no breakdown, estimate the split
      // Typically input is ~70% and output is ~30% for most conversations
@@ -707,7 +721,13 @@ export class OpenAIContentConverter {
      const promptTokens = usage.prompt_tokens || 0;
      const completionTokens = usage.completion_tokens || 0;
      const totalTokens = usage.total_tokens || 0;
-      const cachedTokens = usage.prompt_tokens_details?.cached_tokens || 0;
+      // Support both formats: prompt_tokens_details.cached_tokens (OpenAI standard)
+      // and cached_tokens (some models return it at top level)
+      const extendedUsage = usage as ExtendedCompletionUsage;
+      const cachedTokens =
+        usage.prompt_tokens_details?.cached_tokens ??
+        extendedUsage.cached_tokens ??
+        0;

      // If we only have total tokens but no breakdown, estimate the split
      // Typically input is ~70% and output is ~30% for most conversations
--- a/packages/core/src/core/openaiContentGenerator/index.ts
+++ b/packages/core/src/core/openaiContentGenerator/index.ts
@@ -13,6 +13,7 @@ import { OpenAIContentGenerator } from './openaiContentGenerator.js';
 import {
  DashScopeOpenAICompatibleProvider,
  DeepSeekOpenAICompatibleProvider,
+  ModelScopeOpenAICompatibleProvider,
  OpenRouterOpenAICompatibleProvider,
  type OpenAICompatibleProvider,
  DefaultOpenAICompatibleProvider,
@@ -78,6 +79,14 @@ export function determineProvider(
    );
  }

+  // Check for ModelScope provider
+  if (ModelScopeOpenAICompatibleProvider.isModelScopeProvider(config)) {
+    return new ModelScopeOpenAICompatibleProvider(
+      contentGeneratorConfig,
+      cliConfig,
+    );
+  }
+
  // Default provider for standard OpenAI-compatible APIs
  return new DefaultOpenAICompatibleProvider(contentGeneratorConfig, cliConfig);
 }
--- a/packages/core/src/core/openaiContentGenerator/provider/index.ts
+++ b/packages/core/src/core/openaiContentGenerator/provider/index.ts
@@ -1,3 +1,4 @@
+export { ModelScopeOpenAICompatibleProvider } from './modelscope.js';
 export { DashScopeOpenAICompatibleProvider } from './dashscope.js';
 export { DeepSeekOpenAICompatibleProvider } from './deepseek.js';
 export { OpenRouterOpenAICompatibleProvider } from './openrouter.js';
--- a/packages/core/src/core/openaiContentGenerator/provider/modelscope.test.ts
+++ b/packages/core/src/core/openaiContentGenerator/provider/modelscope.test.ts
@@ -0,0 +1,96 @@
+/**
+ * @license
+ * Copyright 2025 Qwen
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+import type OpenAI from 'openai';
+import { ModelScopeOpenAICompatibleProvider } from './modelscope.js';
+import type { Config } from '../../../config/config.js';
+import type { ContentGeneratorConfig } from '../../contentGenerator.js';
+
+vi.mock('openai');
+
+describe('ModelScopeOpenAICompatibleProvider', () => {
+  let provider: ModelScopeOpenAICompatibleProvider;
+  let mockContentGeneratorConfig: ContentGeneratorConfig;
+  let mockCliConfig: Config;
+
+  beforeEach(() => {
+    mockContentGeneratorConfig = {
+      apiKey: 'test-api-key',
+      baseUrl: 'https://api.modelscope.cn/v1',
+      model: 'qwen-max',
+    } as ContentGeneratorConfig;
+
+    mockCliConfig = {
+      getCliVersion: vi.fn().mockReturnValue('1.0.0'),
+    } as unknown as Config;
+
+    provider = new ModelScopeOpenAICompatibleProvider(
+      mockContentGeneratorConfig,
+      mockCliConfig,
+    );
+  });
+
+  describe('isModelScopeProvider', () => {
+    it('should return true if baseUrl includes "modelscope"', () => {
+      const config = { baseUrl: 'https://api.modelscope.cn/v1' };
+      expect(
+        ModelScopeOpenAICompatibleProvider.isModelScopeProvider(
+          config as ContentGeneratorConfig,
+        ),
+      ).toBe(true);
+    });
+
+    it('should return false if baseUrl does not include "modelscope"', () => {
+      const config = { baseUrl: 'https://api.openai.com/v1' };
+      expect(
+        ModelScopeOpenAICompatibleProvider.isModelScopeProvider(
+          config as ContentGeneratorConfig,
+        ),
+      ).toBe(false);
+    });
+  });
+
+  describe('buildRequest', () => {
+    it('should remove stream_options when stream is false', () => {
+      const originalRequest: OpenAI.Chat.ChatCompletionCreateParams = {
+        model: 'qwen-max',
+        messages: [{ role: 'user', content: 'Hello!' }],
+        stream: false,
+        stream_options: { include_usage: true },
+      };
+
+      const result = provider.buildRequest(originalRequest, 'prompt-id');
+
+      expect(result).not.toHaveProperty('stream_options');
+    });
+
+    it('should keep stream_options when stream is true', () => {
+      const originalRequest: OpenAI.Chat.ChatCompletionCreateParams = {
+        model: 'qwen-max',
+        messages: [{ role: 'user', content: 'Hello!' }],
+        stream: true,
+        stream_options: { include_usage: true },
+      };
+
+      const result = provider.buildRequest(originalRequest, 'prompt-id');
+
+      expect(result).toHaveProperty('stream_options');
+    });
+
+    it('should handle requests without stream_options', () => {
+      const originalRequest: OpenAI.Chat.ChatCompletionCreateParams = {
+        model: 'qwen-max',
+        messages: [{ role: 'user', content: 'Hello!' }],
+        stream: false,
+      };
+
+      const result = provider.buildRequest(originalRequest, 'prompt-id');
+
+      expect(result).not.toHaveProperty('stream_options');
+    });
+  });
+});
--- a/packages/core/src/core/openaiContentGenerator/provider/modelscope.ts
+++ b/packages/core/src/core/openaiContentGenerator/provider/modelscope.ts
@@ -0,0 +1,32 @@
+import type OpenAI from 'openai';
+import { DefaultOpenAICompatibleProvider } from './default.js';
+import type { ContentGeneratorConfig } from '../../contentGenerator.js';
+
+/**
+ * Provider for ModelScope API
+ */
+export class ModelScopeOpenAICompatibleProvider extends DefaultOpenAICompatibleProvider {
+  /**
+   * Checks if the configuration is for ModelScope.
+   */
+  static isModelScopeProvider(config: ContentGeneratorConfig): boolean {
+    return !!config.baseUrl?.includes('modelscope');
+  }
+
+  /**
+   * ModelScope does not support `stream_options` when `stream` is false.
+   * This method removes `stream_options` if `stream` is not true.
+   */
+  override buildRequest(
+    request: OpenAI.Chat.ChatCompletionCreateParams,
+    userPromptId: string,
+  ): OpenAI.Chat.ChatCompletionCreateParams {
+    const newRequest = super.buildRequest(request, userPromptId);
+    if (!newRequest.stream) {
+      delete (newRequest as OpenAI.Chat.ChatCompletionCreateParamsNonStreaming)
+        .stream_options;
+    }
+
+    return newRequest;
+  }
+}
--- a/packages/core/src/qwen/qwenOAuth2.test.ts
+++ b/packages/core/src/qwen/qwenOAuth2.test.ts
@@ -825,7 +825,7 @@ describe('getQwenOAuthClient', () => {
      import('./qwenOAuth2.js').then((module) =>
        module.getQwenOAuthClient(mockConfig),
      ),
-    ).rejects.toThrow('Qwen OAuth authentication failed');
+    ).rejects.toThrow('Device authorization flow failed');

    SharedTokenManager.getInstance = originalGetInstance;
  });
@@ -983,7 +983,7 @@ describe('getQwenOAuthClient - Enhanced Error Scenarios', () => {
      import('./qwenOAuth2.js').then((module) =>
        module.getQwenOAuthClient(mockConfig),
      ),
-    ).rejects.toThrow('Qwen OAuth authentication failed');
+    ).rejects.toThrow('Device authorization flow failed');

    SharedTokenManager.getInstance = originalGetInstance;
  });
@@ -1032,7 +1032,7 @@ describe('getQwenOAuthClient - Enhanced Error Scenarios', () => {
      import('./qwenOAuth2.js').then((module) =>
        module.getQwenOAuthClient(mockConfig),
      ),
-    ).rejects.toThrow('Qwen OAuth authentication timed out');
+    ).rejects.toThrow('Authorization timeout, please restart the process.');

    SharedTokenManager.getInstance = originalGetInstance;
  });
@@ -1082,7 +1082,7 @@ describe('getQwenOAuthClient - Enhanced Error Scenarios', () => {
        module.getQwenOAuthClient(mockConfig),
      ),
    ).rejects.toThrow(
-      'Too many request for Qwen OAuth authentication, please try again later.',
+      'Too many requests. The server is rate limiting our requests. Please select a different authentication method or try again later.',
    );

    SharedTokenManager.getInstance = originalGetInstance;
@@ -1119,7 +1119,7 @@ describe('getQwenOAuthClient - Enhanced Error Scenarios', () => {
      import('./qwenOAuth2.js').then((module) =>
        module.getQwenOAuthClient(mockConfig),
      ),
-    ).rejects.toThrow('Qwen OAuth authentication failed');
+    ).rejects.toThrow('Device authorization flow failed');

    SharedTokenManager.getInstance = originalGetInstance;
  });
@@ -1177,7 +1177,7 @@ describe('authWithQwenDeviceFlow - Comprehensive Testing', () => {
      import('./qwenOAuth2.js').then((module) =>
        module.getQwenOAuthClient(mockConfig),
      ),
-    ).rejects.toThrow('Qwen OAuth authentication failed');
+    ).rejects.toThrow('Device authorization flow failed');

    SharedTokenManager.getInstance = originalGetInstance;
  });
@@ -1264,7 +1264,9 @@ describe('authWithQwenDeviceFlow - Comprehensive Testing', () => {
      import('./qwenOAuth2.js').then((module) =>
        module.getQwenOAuthClient(mockConfig),
      ),
-    ).rejects.toThrow('Qwen OAuth authentication failed');
+    ).rejects.toThrow(
+      'Device code expired or invalid, please restart the authorization process.',
+    );

    SharedTokenManager.getInstance = originalGetInstance;
  });
--- a/packages/core/src/qwen/qwenOAuth2.ts
+++ b/packages/core/src/qwen/qwenOAuth2.ts
@@ -467,6 +467,7 @@ export type AuthResult =
  | {
      success: false;
      reason: 'timeout' | 'cancelled' | 'error' | 'rate_limit';
+      message?: string; // Detailed error message for better error reporting
    };

 /**
@@ -476,6 +477,7 @@ export const qwenOAuth2Events = new EventEmitter();

 export async function getQwenOAuthClient(
  config: Config,
+  options?: { requireCachedCredentials?: boolean },
 ): Promise<QwenOAuth2Client> {
  const client = new QwenOAuth2Client();

@@ -488,11 +490,6 @@ export async function getQwenOAuthClient(
    client.setCredentials(credentials);
    return client;
  } catch (error: unknown) {
-    console.debug(
-      'Shared token manager failed, attempting device flow:',
-      error,
-    );
-
    // Handle specific token manager errors
    if (error instanceof TokenManagerError) {
      switch (error.type) {
@@ -520,12 +517,20 @@ export async function getQwenOAuthClient(
      // Try device flow instead of forcing refresh
      const result = await authWithQwenDeviceFlow(client, config);
      if (!result.success) {
-        throw new Error('Qwen OAuth authentication failed');
+        // Use detailed error message if available, otherwise use default
+        const errorMessage =
+          result.message || 'Qwen OAuth authentication failed';
+        throw new Error(errorMessage);
      }
      return client;
    }

-    // No cached credentials, use device authorization flow for authentication
+    if (options?.requireCachedCredentials) {
+      throw new Error(
+        'No cached Qwen-OAuth credentials found. Please re-authenticate.',
+      );
+    }
+
    const result = await authWithQwenDeviceFlow(client, config);
    if (!result.success) {
      // Only emit timeout event if the failure reason is actually timeout
@@ -538,20 +543,24 @@ export async function getQwenOAuthClient(
        );
      }

-      // Throw error with appropriate message based on failure reason
-      switch (result.reason) {
-        case 'timeout':
-          throw new Error('Qwen OAuth authentication timed out');
-        case 'cancelled':
-          throw new Error('Qwen OAuth authentication was cancelled by user');
-        case 'rate_limit':
-          throw new Error(
-            'Too many request for Qwen OAuth authentication, please try again later.',
-          );
-        case 'error':
-        default:
-          throw new Error('Qwen OAuth authentication failed');
-      }
+      // Use detailed error message if available, otherwise use default based on reason
+      const errorMessage =
+        result.message ||
+        (() => {
+          switch (result.reason) {
+            case 'timeout':
+              return 'Qwen OAuth authentication timed out';
+            case 'cancelled':
+              return 'Qwen OAuth authentication was cancelled by user';
+            case 'rate_limit':
+              return 'Too many request for Qwen OAuth authentication, please try again later.';
+            case 'error':
+            default:
+              return 'Qwen OAuth authentication failed';
+          }
+        })();
+
+      throw new Error(errorMessage);
    }

    return client;
@@ -644,13 +653,10 @@ async function authWithQwenDeviceFlow(
    for (let attempt = 0; attempt < maxAttempts; attempt++) {
      // Check if authentication was cancelled
      if (isCancelled) {
-        console.debug('\nAuthentication cancelled by user.');
-        qwenOAuth2Events.emit(
-          QwenOAuth2Event.AuthProgress,
-          'error',
-          'Authentication cancelled by user.',
-        );
-        return { success: false, reason: 'cancelled' };
+        const message = 'Authentication cancelled by user.';
+        console.debug('\n' + message);
+        qwenOAuth2Events.emit(QwenOAuth2Event.AuthProgress, 'error', message);
+        return { success: false, reason: 'cancelled', message };
      }

      try {
@@ -738,13 +744,14 @@ async function authWithQwenDeviceFlow(

          // Check for cancellation after waiting
          if (isCancelled) {
-            console.debug('\nAuthentication cancelled by user.');
+            const message = 'Authentication cancelled by user.';
+            console.debug('\n' + message);
            qwenOAuth2Events.emit(
              QwenOAuth2Event.AuthProgress,
              'error',
-              'Authentication cancelled by user.',
+              message,
            );
-            return { success: false, reason: 'cancelled' };
+            return { success: false, reason: 'cancelled', message };
          }

          continue;
@@ -758,7 +765,7 @@ async function authWithQwenDeviceFlow(
          );
        }
      } catch (error: unknown) {
-        // Handle specific error cases
+        // Extract error information
        const errorMessage =
          error instanceof Error ? error.message : String(error);
        const statusCode =
@@ -766,42 +773,49 @@ async function authWithQwenDeviceFlow(
            ? (error as Error & { status?: number }).status
            : null;

-        if (errorMessage.includes('401') || statusCode === 401) {
-          const message =
-            'Device code expired or invalid, please restart the authorization process.';
-
-          // Emit error event
-          qwenOAuth2Events.emit(QwenOAuth2Event.AuthProgress, 'error', message);
-
-          return { success: false, reason: 'error' };
-        }
-
-        // Handle 429 Too Many Requests error
-        if (errorMessage.includes('429') || statusCode === 429) {
-          const message =
-            'Too many requests. The server is rate limiting our requests. Please select a different authentication method or try again later.';
-
-          // Emit rate limit event to notify user
+        // Helper function to handle error and stop polling
+        const handleError = (
+          reason: 'error' | 'rate_limit',
+          message: string,
+          eventType: 'error' | 'rate_limit' = 'error',
+        ): AuthResult => {
          qwenOAuth2Events.emit(
            QwenOAuth2Event.AuthProgress,
-            'rate_limit',
+            eventType,
            message,
          );
+          console.error('\n' + message);
+          return { success: false, reason, message };
+        };

-          console.log('\n' + message);
+        // Handle credential caching failures - stop polling immediately
+        if (errorMessage.includes('Failed to cache credentials')) {
+          return handleError('error', errorMessage);
+        }

-          // Return false to stop polling and go back to auth selection
-          return { success: false, reason: 'rate_limit' };
+        // Handle 401 Unauthorized - device code expired or invalid
+        if (errorMessage.includes('401') || statusCode === 401) {
+          return handleError(
+            'error',
+            'Device code expired or invalid, please restart the authorization process.',
+          );
+        }
+
+        // Handle 429 Too Many Requests - rate limiting
+        if (errorMessage.includes('429') || statusCode === 429) {
+          return handleError(
+            'rate_limit',
+            'Too many requests. The server is rate limiting our requests. Please select a different authentication method or try again later.',
+            'rate_limit',
+          );
        }

        const message = `Error polling for token: ${errorMessage}`;
-
-        // Emit error event
        qwenOAuth2Events.emit(QwenOAuth2Event.AuthProgress, 'error', message);

-        // Check for cancellation before waiting
        if (isCancelled) {
-          return { success: false, reason: 'cancelled' };
+          const message = 'Authentication cancelled by user.';
+          return { success: false, reason: 'cancelled', message };
        }

        await new Promise((resolve) => setTimeout(resolve, pollInterval));
@@ -818,11 +832,12 @@ async function authWithQwenDeviceFlow(
    );

    console.error('\n' + timeoutMessage);
-    return { success: false, reason: 'timeout' };
+    return { success: false, reason: 'timeout', message: timeoutMessage };
  } catch (error: unknown) {
    const errorMessage = error instanceof Error ? error.message : String(error);
-    console.error('Device authorization flow failed:', errorMessage);
-    return { success: false, reason: 'error' };
+    const message = `Device authorization flow failed: ${errorMessage}`;
+    console.error(message);
+    return { success: false, reason: 'error', message };
  } finally {
    // Clean up event listener
    qwenOAuth2Events.off(QwenOAuth2Event.AuthCancel, cancelHandler);
@@ -852,10 +867,30 @@ async function loadCachedQwenCredentials(

 async function cacheQwenCredentials(credentials: QwenCredentials) {
  const filePath = getQwenCachedCredentialPath();
-  await fs.mkdir(path.dirname(filePath), { recursive: true });
+  try {
+    await fs.mkdir(path.dirname(filePath), { recursive: true });

-  const credString = JSON.stringify(credentials, null, 2);
-  await fs.writeFile(filePath, credString);
+    const credString = JSON.stringify(credentials, null, 2);
+    await fs.writeFile(filePath, credString);
+  } catch (error: unknown) {
+    // Handle file system errors (e.g., EACCES permission denied)
+    const errorMessage = error instanceof Error ? error.message : String(error);
+    const errorCode =
+      error instanceof Error && 'code' in error
+        ? (error as Error & { code?: string }).code
+        : undefined;
+
+    if (errorCode === 'EACCES') {
+      throw new Error(
+        `Failed to cache credentials: Permission denied (EACCES). Current user has no permission to access \`${filePath}\`. Please check permissions.`,
+      );
+    }
+
+    // Throw error for other file system failures
+    throw new Error(
+      `Failed to cache credentials: error when creating folder \`${path.dirname(filePath)}\` and writing to \`${filePath}\`. ${errorMessage}. Please check permissions.`,
+    );
+  }
 }

 /**
--- a/packages/core/src/telemetry/constants.ts
+++ b/packages/core/src/telemetry/constants.ts
@@ -33,6 +33,7 @@ export const EVENT_MALFORMED_JSON_RESPONSE =
 export const EVENT_FILE_OPERATION = 'qwen-code.file_operation';
 export const EVENT_MODEL_SLASH_COMMAND = 'qwen-code.slash_command.model';
 export const EVENT_SUBAGENT_EXECUTION = 'qwen-code.subagent_execution';
+export const EVENT_AUTH = 'qwen-code.auth';

 // Performance Events
 export const EVENT_STARTUP_PERFORMANCE = 'qwen-code.startup.performance';
--- a/packages/core/src/telemetry/index.ts
+++ b/packages/core/src/telemetry/index.ts
@@ -43,6 +43,7 @@ export {
  logExtensionUninstall,
  logRipgrepFallback,
  logNextSpeakerCheck,
+  logAuth,
 } from './loggers.js';
 export type { SlashCommandEvent, ChatCompressionEvent } from './types.js';
 export {
@@ -61,6 +62,7 @@ export {
  ToolOutputTruncatedEvent,
  RipgrepFallbackEvent,
  NextSpeakerCheckEvent,
+  AuthEvent,
 } from './types.js';
 export { makeSlashCommandEvent, makeChatCompressionEvent } from './types.js';
 export type { TelemetryEvent } from './types.js';
--- a/packages/core/src/telemetry/loggers.ts
+++ b/packages/core/src/telemetry/loggers.ts
@@ -37,6 +37,7 @@ import {
  EVENT_SUBAGENT_EXECUTION,
  EVENT_MALFORMED_JSON_RESPONSE,
  EVENT_INVALID_CHUNK,
+  EVENT_AUTH,
 } from './constants.js';
 import {
  recordApiErrorMetrics,
@@ -83,6 +84,7 @@ import type {
  SubagentExecutionEvent,
  MalformedJsonResponseEvent,
  InvalidChunkEvent,
+  AuthEvent,
 } from './types.js';
 import type { UiEvent } from './uiTelemetry.js';
 import { uiTelemetryService } from './uiTelemetry.js';
@@ -838,3 +840,29 @@ export function logExtensionDisable(
  };
  logger.emit(logRecord);
 }
+
+export function logAuth(config: Config, event: AuthEvent): void {
+  QwenLogger.getInstance(config)?.logAuthEvent(event);
+  if (!isTelemetrySdkInitialized()) return;
+
+  const attributes: LogAttributes = {
+    ...getCommonAttributes(config),
+    ...event,
+    'event.name': EVENT_AUTH,
+    'event.timestamp': new Date().toISOString(),
+    auth_type: event.auth_type,
+    action_type: event.action_type,
+    status: event.status,
+  };
+
+  if (event.error_message) {
+    attributes['error.message'] = event.error_message;
+  }
+
+  const logger = logs.getLogger(SERVICE_NAME);
+  const logRecord: LogRecord = {
+    body: `Auth event: ${event.action_type} ${event.status} for ${event.auth_type}`,
+    attributes,
+  };
+  logger.emit(logRecord);
+}
--- a/packages/core/src/telemetry/qwen-logger/event-types.ts
+++ b/packages/core/src/telemetry/qwen-logger/event-types.ts
@@ -19,6 +19,21 @@ export interface RumView {
  name: string;
 }

+export interface RumOS {
+  type?: string;
+  version?: string;
+  container?: string;
+  container_version?: string;
+}
+
+export interface RumDevice {
+  id?: string;
+  name?: string;
+  type?: string;
+  brand?: string;
+  model?: string;
+}
+
 export interface RumEvent {
  timestamp?: number;
  event_type?: 'view' | 'action' | 'exception' | 'resource';
@@ -78,6 +93,8 @@ export interface RumPayload {
  user: RumUser;
  session: RumSession;
  view: RumView;
+  os?: RumOS;
+  device?: RumDevice;
  events: RumEvent[];
  properties?: Record<string, unknown>;
  _v: string;
--- a/packages/core/src/telemetry/qwen-logger/qwen-logger.test.ts
+++ b/packages/core/src/telemetry/qwen-logger/qwen-logger.test.ts
@@ -13,8 +13,10 @@ import {
  afterEach,
  afterAll,
 } from 'vitest';
+import * as os from 'node:os';
 import { QwenLogger, TEST_ONLY } from './qwen-logger.js';
 import type { Config } from '../../config/config.js';
+import { AuthType } from '../../core/contentGenerator.js';
 import {
  StartSessionEvent,
  EndSessionEvent,
@@ -22,7 +24,7 @@ import {
  KittySequenceOverflowEvent,
  IdeConnectionType,
 } from '../types.js';
-import type { RumEvent } from './event-types.js';
+import type { RumEvent, RumPayload } from './event-types.js';

 // Mock dependencies
 vi.mock('../../utils/user_id.js', () => ({
@@ -46,6 +48,7 @@ const makeFakeConfig = (overrides: Partial<Config> = {}): Config => {
    getCliVersion: () => '1.0.0',
    getProxy: () => undefined,
    getContentGeneratorConfig: () => ({ authType: 'test-auth' }),
+    getAuthType: () => AuthType.QWEN_OAUTH,
    getMcpServers: () => ({}),
    getModel: () => 'test-model',
    getEmbeddingModel: () => 'test-embedding',
@@ -102,6 +105,24 @@ describe('QwenLogger', () => {
    });
  });

+  describe('createRumPayload', () => {
+    it('includes os metadata in payload', async () => {
+      const logger = QwenLogger.getInstance(mockConfig)!;
+      const payload = await (
+        logger as unknown as {
+          createRumPayload(): Promise<RumPayload>;
+        }
+      ).createRumPayload();
+
+      expect(payload.os).toEqual(
+        expect.objectContaining({
+          type: os.platform(),
+          version: os.release(),
+        }),
+      );
+    });
+  });
+
  describe('event queue management', () => {
    it('should handle event overflow gracefully', () => {
      const debugConfig = makeFakeConfig({ getDebugMode: () => true });
--- a/packages/core/src/telemetry/qwen-logger/qwen-logger.ts
+++ b/packages/core/src/telemetry/qwen-logger/qwen-logger.ts
@@ -6,6 +6,7 @@

 import { Buffer } from 'buffer';
 import * as https from 'https';
+import * as os from 'node:os';
 import { HttpsProxyAgent } from 'https-proxy-agent';

 import type {
@@ -36,6 +37,7 @@ import type {
  ExtensionEnableEvent,
  ModelSlashCommandEvent,
  ExtensionDisableEvent,
+  AuthEvent,
 } from '../types.js';
 import { EndSessionEvent } from '../types.js';
 import type {
@@ -45,6 +47,7 @@ import type {
  RumResourceEvent,
  RumExceptionEvent,
  RumPayload,
+  RumOS,
 } from './event-types.js';
 import type { Config } from '../../config/config.js';
 import { safeJsonStringify } from '../../utils/safeJsonStringify.js';
@@ -214,9 +217,17 @@ export class QwenLogger {
    return this.createRumEvent('exception', type, name, properties);
  }

+  private getOsMetadata(): RumOS {
+    return {
+      type: os.platform(),
+      version: os.release(),
+    };
+  }
+
  async createRumPayload(): Promise<RumPayload> {
    const authType = this.config?.getAuthType();
    const version = this.config?.getCliVersion() || 'unknown';
+    const osMetadata = this.getOsMetadata();

    return {
      app: {
@@ -235,6 +246,7 @@ export class QwenLogger {
        id: this.sessionId,
        name: 'qwen-code-cli',
      },
+      os: osMetadata,

      events: this.events.toArray() as RumEvent[],
      properties: {
@@ -735,6 +747,25 @@ export class QwenLogger {
    this.flushIfNeeded();
  }

+  logAuthEvent(event: AuthEvent): void {
+    const snapshots: Record<string, unknown> = {
+      auth_type: event.auth_type,
+      action_type: event.action_type,
+      status: event.status,
+    };
+
+    if (event.error_message) {
+      snapshots['error_message'] = event.error_message;
+    }
+
+    const rumEvent = this.createActionEvent('auth', 'auth', {
+      snapshots: JSON.stringify(snapshots),
+    });
+
+    this.enqueueLogEvent(rumEvent);
+    this.flushIfNeeded();
+  }
+
  // misc events
  logFlashFallbackEvent(event: FlashFallbackEvent): void {
    const rumEvent = this.createActionEvent('misc', 'flash_fallback', {
--- a/packages/core/src/telemetry/types.ts
+++ b/packages/core/src/telemetry/types.ts
@@ -686,6 +686,29 @@ export class SubagentExecutionEvent implements BaseTelemetryEvent {
  }
 }

+export class AuthEvent implements BaseTelemetryEvent {
+  'event.name': 'auth';
+  'event.timestamp': string;
+  auth_type: AuthType;
+  action_type: 'auto' | 'manual';
+  status: 'success' | 'error' | 'cancelled';
+  error_message?: string;
+
+  constructor(
+    auth_type: AuthType,
+    action_type: 'auto' | 'manual',
+    status: 'success' | 'error' | 'cancelled',
+    error_message?: string,
+  ) {
+    this['event.name'] = 'auth';
+    this['event.timestamp'] = new Date().toISOString();
+    this.auth_type = auth_type;
+    this.action_type = action_type;
+    this.status = status;
+    this.error_message = error_message;
+  }
+}
+
 export type TelemetryEvent =
  | StartSessionEvent
  | EndSessionEvent
@@ -713,7 +736,8 @@ export type TelemetryEvent =
  | ExtensionInstallEvent
  | ExtensionUninstallEvent
  | ToolOutputTruncatedEvent
-  | ModelSlashCommandEvent;
+  | ModelSlashCommandEvent
+  | AuthEvent;

 export class ExtensionDisableEvent implements BaseTelemetryEvent {
  'event.name': 'extension_disable';
--- a/packages/core/src/tools/ripGrep.test.ts
+++ b/packages/core/src/tools/ripGrep.test.ts
@@ -22,12 +22,12 @@ import type { Config } from '../config/config.js';
 import { createMockWorkspaceContext } from '../test-utils/mockWorkspaceContext.js';
 import type { ChildProcess } from 'node:child_process';
 import { spawn } from 'node:child_process';
-import { ensureRipgrepPath } from '../utils/ripgrepUtils.js';
+import { getRipgrepCommand } from '../utils/ripgrepUtils.js';
 import { DEFAULT_FILE_FILTERING_OPTIONS } from '../config/constants.js';

 // Mock ripgrepUtils
 vi.mock('../utils/ripgrepUtils.js', () => ({
-  ensureRipgrepPath: vi.fn(),
+  getRipgrepCommand: vi.fn(),
 }));

 // Mock child_process for ripgrep calls
@@ -109,7 +109,7 @@ describe('RipGrepTool', () => {

  beforeEach(async () => {
    vi.clearAllMocks();
-    (ensureRipgrepPath as Mock).mockResolvedValue('/mock/path/to/rg');
+    (getRipgrepCommand as Mock).mockResolvedValue('/mock/path/to/rg');
    mockSpawn.mockReset();
    tempRootDir = await fs.mkdtemp(path.join(os.tmpdir(), 'grep-tool-root-'));
    fileExclusionsMock = {
@@ -588,18 +588,15 @@ describe('RipGrepTool', () => {
    });

    it('should throw an error if ripgrep is not available', async () => {
-      // Make ensureRipgrepBinary throw
-      (ensureRipgrepPath as Mock).mockRejectedValue(
-        new Error('Ripgrep binary not found'),
-      );
+      (getRipgrepCommand as Mock).mockResolvedValue(null);

      const params: RipGrepToolParams = { pattern: 'world' };
      const invocation = grepTool.build(params);

      expect(await invocation.execute(abortSignal)).toStrictEqual({
        llmContent:
-          'Error during grep search operation: Ripgrep binary not found',
-        returnDisplay: 'Error: Ripgrep binary not found',
+          'Error during grep search operation: ripgrep binary not found.',
+        returnDisplay: 'Error: ripgrep binary not found.',
      });
    });
  });
--- a/packages/core/src/tools/ripGrep.ts
+++ b/packages/core/src/tools/ripGrep.ts
@@ -6,7 +6,6 @@

 import fs from 'node:fs';
 import path from 'node:path';
-import { EOL } from 'node:os';
 import { spawn } from 'node:child_process';
 import type { ToolInvocation, ToolResult } from './tools.js';
 import { BaseDeclarativeTool, BaseToolInvocation, Kind } from './tools.js';
@@ -14,7 +13,7 @@ import { ToolNames } from './tool-names.js';
 import { resolveAndValidatePath } from '../utils/paths.js';
 import { getErrorMessage } from '../utils/errors.js';
 import type { Config } from '../config/config.js';
-import { ensureRipgrepPath } from '../utils/ripgrepUtils.js';
+import { getRipgrepCommand } from '../utils/ripgrepUtils.js';
 import { SchemaValidator } from '../utils/schemaValidator.js';
 import type { FileFilteringOptions } from '../config/constants.js';
 import { DEFAULT_FILE_FILTERING_OPTIONS } from '../config/constants.js';
@@ -88,7 +87,7 @@ class GrepToolInvocation extends BaseToolInvocation<
      }

      // Split into lines and count total matches
-      const allLines = rawOutput.split(EOL).filter((line) => line.trim());
+      const allLines = rawOutput.split('\n').filter((line) => line.trim());
      const totalMatches = allLines.length;
      const matchTerm = totalMatches === 1 ? 'match' : 'matches';

@@ -159,7 +158,7 @@ class GrepToolInvocation extends BaseToolInvocation<
        returnDisplay: displayMessage,
      };
    } catch (error) {
-      console.error(`Error during GrepLogic execution: ${error}`);
+      console.error(`Error during ripgrep search operation: ${error}`);
      const errorMessage = getErrorMessage(error);
      return {
        llmContent: `Error during grep search operation: ${errorMessage}`,
@@ -210,11 +209,15 @@ class GrepToolInvocation extends BaseToolInvocation<
    rgArgs.push(absolutePath);

    try {
-      const rgPath = this.config.getUseBuiltinRipgrep()
-        ? await ensureRipgrepPath()
-        : 'rg';
+      const rgCommand = await getRipgrepCommand(
+        this.config.getUseBuiltinRipgrep(),
+      );
+      if (!rgCommand) {
+        throw new Error('ripgrep binary not found.');
+      }
+
      const output = await new Promise<string>((resolve, reject) => {
-        const child = spawn(rgPath, rgArgs, {
+        const child = spawn(rgCommand, rgArgs, {
          windowsHide: true,
        });

@@ -234,7 +237,7 @@ class GrepToolInvocation extends BaseToolInvocation<

        child.on('error', (err) => {
          options.signal.removeEventListener('abort', cleanup);
-          reject(new Error(`Failed to start ripgrep: ${err.message}.`));
+          reject(new Error(`failed to start ripgrep: ${err.message}.`));
        });

        child.on('close', (code) => {
@@ -256,7 +259,7 @@ class GrepToolInvocation extends BaseToolInvocation<

      return output;
    } catch (error: unknown) {
-      console.error(`GrepLogic: ripgrep failed: ${getErrorMessage(error)}`);
+      console.error(`Ripgrep failed: ${getErrorMessage(error)}`);
      throw error;
    }
  }
--- a/packages/core/src/utils/editor.test.ts
+++ b/packages/core/src/utils/editor.test.ts
@@ -72,6 +72,7 @@ describe('editor utils', () => {
      { editor: 'neovim', commands: ['nvim'], win32Commands: ['nvim'] },
      { editor: 'zed', commands: ['zed', 'zeditor'], win32Commands: ['zed'] },
      { editor: 'emacs', commands: ['emacs'], win32Commands: ['emacs.exe'] },
+      { editor: 'trae', commands: ['trae'], win32Commands: ['trae'] },
    ];

    for (const { editor, commands, win32Commands } of testCases) {
@@ -171,6 +172,7 @@ describe('editor utils', () => {
      },
      { editor: 'cursor', commands: ['cursor'], win32Commands: ['cursor'] },
      { editor: 'zed', commands: ['zed', 'zeditor'], win32Commands: ['zed'] },
+      { editor: 'trae', commands: ['trae'], win32Commands: ['trae'] },
    ];

    for (const { editor, commands, win32Commands } of guiEditors) {
@@ -321,6 +323,7 @@ describe('editor utils', () => {
      'windsurf',
      'cursor',
      'zed',
+      'trae',
    ];

    for (const editor of guiEditors) {
@@ -430,6 +433,7 @@ describe('editor utils', () => {
        'windsurf',
        'cursor',
        'zed',
+        'trae',
      ];
      for (const editor of guiEditors) {
        it(`should not call onEditorClose for ${editor}`, async () => {
@@ -481,6 +485,7 @@ describe('editor utils', () => {
      'windsurf',
      'cursor',
      'zed',
+      'trae',
    ];
    for (const editor of guiEditors) {
      it(`should not allow ${editor} in sandbox mode`, () => {
--- a/packages/core/src/utils/editor.ts
+++ b/packages/core/src/utils/editor.ts
@@ -14,7 +14,8 @@ export type EditorType =
  | 'vim'
  | 'neovim'
  | 'zed'
-  | 'emacs';
+  | 'emacs'
+  | 'trae';

 function isValidEditorType(editor: string): editor is EditorType {
  return [
@@ -26,6 +27,7 @@ function isValidEditorType(editor: string): editor is EditorType {
    'neovim',
    'zed',
    'emacs',
+    'trae',
  ].includes(editor);
 }

@@ -62,6 +64,7 @@ const editorCommands: Record<
  neovim: { win32: ['nvim'], default: ['nvim'] },
  zed: { win32: ['zed'], default: ['zed', 'zeditor'] },
  emacs: { win32: ['emacs.exe'], default: ['emacs'] },
+  trae: { win32: ['trae'], default: ['trae'] },
 };

 export function checkHasEditorType(editor: EditorType): boolean {
@@ -73,7 +76,9 @@ export function checkHasEditorType(editor: EditorType): boolean {

 export function allowEditorTypeInSandbox(editor: EditorType): boolean {
  const notUsingSandbox = !process.env['SANDBOX'];
-  if (['vscode', 'vscodium', 'windsurf', 'cursor', 'zed'].includes(editor)) {
+  if (
+    ['vscode', 'vscodium', 'windsurf', 'cursor', 'zed', 'trae'].includes(editor)
+  ) {
    return notUsingSandbox;
  }
  // For terminal-based editors like vim and emacs, allow in sandbox.
@@ -115,6 +120,7 @@ export function getDiffCommand(
    case 'windsurf':
    case 'cursor':
    case 'zed':
+    case 'trae':
      return { command, args: ['--wait', '--diff', oldPath, newPath] };
    case 'vim':
    case 'neovim':
--- a/packages/core/src/utils/ripgrepUtils.test.ts
+++ b/packages/core/src/utils/ripgrepUtils.test.ts
@@ -7,8 +7,8 @@
 import { describe, it, expect, beforeEach, vi, type Mock } from 'vitest';
 import {
  canUseRipgrep,
-  ensureRipgrepPath,
-  getRipgrepPath,
+  getRipgrepCommand,
+  getBuiltinRipgrep,
 } from './ripgrepUtils.js';
 import { fileExists } from './fileUtils.js';
 import path from 'node:path';
@@ -27,7 +27,7 @@ describe('ripgrepUtils', () => {
    vi.clearAllMocks();
  });

-  describe('getRipgrepPath', () => {
+  describe('getBulltinRipgrepPath', () => {
    it('should return path with .exe extension on Windows', () => {
      const originalPlatform = process.platform;
      const originalArch = process.arch;
@@ -36,7 +36,7 @@ describe('ripgrepUtils', () => {
      Object.defineProperty(process, 'platform', { value: 'win32' });
      Object.defineProperty(process, 'arch', { value: 'x64' });

-      const rgPath = getRipgrepPath();
+      const rgPath = getBuiltinRipgrep();

      expect(rgPath).toContain('x64-win32');
      expect(rgPath).toContain('rg.exe');
@@ -55,7 +55,7 @@ describe('ripgrepUtils', () => {
      Object.defineProperty(process, 'platform', { value: 'darwin' });
      Object.defineProperty(process, 'arch', { value: 'arm64' });

-      const rgPath = getRipgrepPath();
+      const rgPath = getBuiltinRipgrep();

      expect(rgPath).toContain('arm64-darwin');
      expect(rgPath).toContain('rg');
@@ -75,7 +75,7 @@ describe('ripgrepUtils', () => {
      Object.defineProperty(process, 'platform', { value: 'linux' });
      Object.defineProperty(process, 'arch', { value: 'x64' });

-      const rgPath = getRipgrepPath();
+      const rgPath = getBuiltinRipgrep();

      expect(rgPath).toContain('x64-linux');
      expect(rgPath).toContain('rg');
@@ -87,7 +87,7 @@ describe('ripgrepUtils', () => {
      Object.defineProperty(process, 'arch', { value: originalArch });
    });

-    it('should throw error for unsupported platform', () => {
+    it('should return null for unsupported platform', () => {
      const originalPlatform = process.platform;
      const originalArch = process.arch;

@@ -95,14 +95,14 @@ describe('ripgrepUtils', () => {
      Object.defineProperty(process, 'platform', { value: 'freebsd' });
      Object.defineProperty(process, 'arch', { value: 'x64' });

-      expect(() => getRipgrepPath()).toThrow('Unsupported platform: freebsd');
+      expect(getBuiltinRipgrep()).toBeNull();

      // Restore original values
      Object.defineProperty(process, 'platform', { value: originalPlatform });
      Object.defineProperty(process, 'arch', { value: originalArch });
    });

-    it('should throw error for unsupported architecture', () => {
+    it('should return null for unsupported architecture', () => {
      const originalPlatform = process.platform;
      const originalArch = process.arch;

@@ -110,7 +110,7 @@ describe('ripgrepUtils', () => {
      Object.defineProperty(process, 'platform', { value: 'darwin' });
      Object.defineProperty(process, 'arch', { value: 'ia32' });

-      expect(() => getRipgrepPath()).toThrow('Unsupported architecture: ia32');
+      expect(getBuiltinRipgrep()).toBeNull();

      // Restore original values
      Object.defineProperty(process, 'platform', { value: originalPlatform });
@@ -136,7 +136,7 @@ describe('ripgrepUtils', () => {
        Object.defineProperty(process, 'platform', { value: platform });
        Object.defineProperty(process, 'arch', { value: arch });

-        const rgPath = getRipgrepPath();
+        const rgPath = getBuiltinRipgrep();
        const binaryName = platform === 'win32' ? 'rg.exe' : 'rg';
        const expectedPathSegment = path.join(
          `${arch}-${platform}`,
@@ -169,107 +169,77 @@ describe('ripgrepUtils', () => {
      expect(result).toBe(true);
      expect(fileExists).toHaveBeenCalledOnce();
    });
-
-    it('should fall back to system rg if bundled ripgrep binary does not exist', async () => {
-      (fileExists as Mock).mockResolvedValue(false);
-      // When useBuiltin is true but bundled binary doesn't exist,
-      // it should fall back to checking system rg (which will spawn a process)
-      // In this test environment, system rg is likely available, so result should be true
-      // unless spawn fails
-
-      const result = await canUseRipgrep();
-
-      // The test may pass or fail depending on system rg availability
-      // Just verify that fileExists was called to check bundled binary first
-      expect(fileExists).toHaveBeenCalledOnce();
-      // Result depends on whether system rg is installed
-      expect(typeof result).toBe('boolean');
-    });
-
-    // Note: Tests for system ripgrep detection (useBuiltin=false) would require mocking
-    // the child_process spawn function, which is complex in ESM. These cases are tested
-    // indirectly through integration tests.
-
-    it('should return false if platform is unsupported', async () => {
-      const originalPlatform = process.platform;
-
-      // Mock unsupported platform
-      Object.defineProperty(process, 'platform', { value: 'aix' });
-
-      const result = await canUseRipgrep();
-
-      expect(result).toBe(false);
-      expect(fileExists).not.toHaveBeenCalled();
-
-      // Restore original value
-      Object.defineProperty(process, 'platform', { value: originalPlatform });
-    });
-
-    it('should return false if architecture is unsupported', async () => {
-      const originalArch = process.arch;
-
-      // Mock unsupported architecture
-      Object.defineProperty(process, 'arch', { value: 's390x' });
-
-      const result = await canUseRipgrep();
-
-      expect(result).toBe(false);
-      expect(fileExists).not.toHaveBeenCalled();
-
-      // Restore original value
-      Object.defineProperty(process, 'arch', { value: originalArch });
-    });
  });

-  describe('ensureRipgrepBinary', () => {
-    it('should return ripgrep path if binary exists', async () => {
+  describe('ensureRipgrepPath', () => {
+    it('should return bundled ripgrep path if binary exists (useBuiltin=true)', async () => {
      (fileExists as Mock).mockResolvedValue(true);

-      const rgPath = await ensureRipgrepPath();
+      const rgPath = await getRipgrepCommand(true);

      expect(rgPath).toBeDefined();
      expect(rgPath).toContain('rg');
+      expect(rgPath).not.toBe('rg'); // Should be full path, not just 'rg'
      expect(fileExists).toHaveBeenCalledOnce();
      expect(fileExists).toHaveBeenCalledWith(rgPath);
    });

-    it('should throw error if binary does not exist', async () => {
-      (fileExists as Mock).mockResolvedValue(false);
+    it('should return bundled ripgrep path if binary exists (default)', async () => {
+      (fileExists as Mock).mockResolvedValue(true);

-      await expect(ensureRipgrepPath()).rejects.toThrow(
-        /Ripgrep binary not found/,
-      );
-      await expect(ensureRipgrepPath()).rejects.toThrow(/Platform:/);
-      await expect(ensureRipgrepPath()).rejects.toThrow(/Architecture:/);
+      const rgPath = await getRipgrepCommand();

-      expect(fileExists).toHaveBeenCalled();
+      expect(rgPath).toBeDefined();
+      expect(rgPath).toContain('rg');
+      expect(fileExists).toHaveBeenCalledOnce();
    });

-    it('should throw error with correct path information', async () => {
+    it('should fall back to system rg if bundled binary does not exist', async () => {
      (fileExists as Mock).mockResolvedValue(false);
+      // When useBuiltin is true but bundled binary doesn't exist,
+      // it should fall back to checking system rg
+      // The test result depends on whether system rg is actually available
+
+      const rgPath = await getRipgrepCommand(true);
+
+      expect(fileExists).toHaveBeenCalledOnce();
+      // If system rg is available, it should return 'rg' (or 'rg.exe' on Windows)
+      // This test will pass if system ripgrep is installed
+      expect(rgPath).toBeDefined();
+    });
+
+    it('should use system rg when useBuiltin=false', async () => {
+      // When useBuiltin is false, should skip bundled check and go straight to system rg
+      const rgPath = await getRipgrepCommand(false);
+
+      // Should not check for bundled binary
+      expect(fileExists).not.toHaveBeenCalled();
+      // If system rg is available, it should return 'rg' (or 'rg.exe' on Windows)
+      expect(rgPath).toBeDefined();
+    });
+
+    it('should throw error if neither bundled nor system ripgrep is available', async () => {
+      // This test only makes sense in an environment where system rg is not installed
+      // We'll skip this test in CI/local environments where rg might be available
+      // Instead, we test the error message format
+      const originalPlatform = process.platform;
+
+      // Use an unsupported platform to trigger the error path
+      Object.defineProperty(process, 'platform', { value: 'freebsd' });

      try {
-        await ensureRipgrepPath();
-        // Should not reach here
-        expect(true).toBe(false);
+        await getRipgrepCommand();
+        // If we get here without error, system rg was available, which is fine
      } catch (error) {
        expect(error).toBeInstanceOf(Error);
        const errorMessage = (error as Error).message;
-        expect(errorMessage).toContain('Ripgrep binary not found at');
-        expect(errorMessage).toContain(process.platform);
-        expect(errorMessage).toContain(process.arch);
+        // Should contain helpful error information
+        expect(
+          errorMessage.includes('Ripgrep binary not found') ||
+            errorMessage.includes('Failed to locate ripgrep') ||
+            errorMessage.includes('Unsupported platform'),
+        ).toBe(true);
      }
-    });
-
-    it('should throw error if platform is unsupported', async () => {
-      const originalPlatform = process.platform;
-
-      // Mock unsupported platform
-      Object.defineProperty(process, 'platform', { value: 'openbsd' });
-
-      await expect(ensureRipgrepPath()).rejects.toThrow(
-        'Unsupported platform: openbsd',
-      );

      // Restore original value
      Object.defineProperty(process, 'platform', { value: originalPlatform });
--- a/packages/core/src/utils/ripgrepUtils.ts
+++ b/packages/core/src/utils/ripgrepUtils.ts
@@ -18,37 +18,42 @@ type Architecture = 'x64' | 'arm64';
 /**
 * Maps process.platform values to vendor directory names
 */
-function getPlatformString(platform: string): Platform {
+function getPlatformString(platform: string): Platform | undefined {
  switch (platform) {
    case 'darwin':
    case 'linux':
    case 'win32':
      return platform;
    default:
-      throw new Error(`Unsupported platform: ${platform}`);
+      return undefined;
  }
 }

 /**
 * Maps process.arch values to vendor directory names
 */
-function getArchitectureString(arch: string): Architecture {
+function getArchitectureString(arch: string): Architecture | undefined {
  switch (arch) {
    case 'x64':
    case 'arm64':
      return arch;
    default:
-      throw new Error(`Unsupported architecture: ${arch}`);
+      return undefined;
  }
 }

 /**
 * Returns the path to the bundled ripgrep binary for the current platform
+ * @returns The path to the bundled ripgrep binary, or null if not available
 */
-export function getRipgrepPath(): string {
+export function getBuiltinRipgrep(): string | null {
  const platform = getPlatformString(process.platform);
  const arch = getArchitectureString(process.arch);

+  if (!platform || !arch) {
+    return null;
+  }
+
  // Binary name includes .exe on Windows
  const binaryName = platform === 'win32' ? 'rg.exe' : 'rg';

@@ -83,6 +88,51 @@ export function getRipgrepPath(): string {
  return vendorPath;
 }

+/**
+ * Checks if system ripgrep is available and returns the command to use
+ * @returns The ripgrep command ('rg' or 'rg.exe') if available, or null if not found
+ */
+export async function getSystemRipgrep(): Promise<string | null> {
+  try {
+    const { spawn } = await import('node:child_process');
+    const rgCommand = process.platform === 'win32' ? 'rg.exe' : 'rg';
+    const isAvailable = await new Promise<boolean>((resolve) => {
+      const proc = spawn(rgCommand, ['--version']);
+      proc.on('error', () => resolve(false));
+      proc.on('exit', (code) => resolve(code === 0));
+    });
+    return isAvailable ? rgCommand : null;
+  } catch (_error) {
+    return null;
+  }
+}
+
+/**
+ * Checks if ripgrep binary exists and returns its path
+ * @param useBuiltin If true, tries bundled ripgrep first, then falls back to system ripgrep.
+ *                   If false, only checks for system ripgrep.
+ * @returns The path to ripgrep binary ('rg' or 'rg.exe' for system ripgrep, or full path for bundled), or null if not available
+ */
+export async function getRipgrepCommand(
+  useBuiltin: boolean = true,
+): Promise<string | null> {
+  try {
+    if (useBuiltin) {
+      // Try bundled ripgrep first
+      const rgPath = getBuiltinRipgrep();
+      if (rgPath && (await fileExists(rgPath))) {
+        return rgPath;
+      }
+      // Fallback to system rg if bundled binary is not available
+    }
+
+    // Check for system ripgrep
+    return await getSystemRipgrep();
+  } catch (_error) {
+    return null;
+  }
+}
+
 /**
 * Checks if ripgrep binary is available
 * @param useBuiltin If true, tries bundled ripgrep first, then falls back to system ripgrep.
@@ -91,42 +141,6 @@ export function getRipgrepPath(): string {
 export async function canUseRipgrep(
  useBuiltin: boolean = true,
 ): Promise<boolean> {
-  try {
-    if (useBuiltin) {
-      // Try bundled ripgrep first
-      const rgPath = getRipgrepPath();
-      if (await fileExists(rgPath)) {
-        return true;
-      }
-      // Fallback to system rg if bundled binary is not available
-    }
-
-    // Check for system ripgrep by trying to spawn 'rg --version'
-    const { spawn } = await import('node:child_process');
-    return await new Promise<boolean>((resolve) => {
-      const proc = spawn('rg', ['--version']);
-      proc.on('error', () => resolve(false));
-      proc.on('exit', (code) => resolve(code === 0));
-    });
-  } catch (_error) {
-    // Unsupported platform/arch or other error
-    return false;
-  }
-}
-
-/**
- * Ensures ripgrep binary exists and returns its path
- * @throws Error if ripgrep binary is not available
- */
-export async function ensureRipgrepPath(): Promise<string> {
-  const rgPath = getRipgrepPath();
-
-  if (!(await fileExists(rgPath))) {
-    throw new Error(
-      `Ripgrep binary not found at ${rgPath}. ` +
-        `Platform: ${process.platform}, Architecture: ${process.arch}`,
-    );
-  }
-
-  return rgPath;
+  const rgPath = await getRipgrepCommand(useBuiltin);
+  return rgPath !== null;
 }
--- a/packages/test-utils/package.json
+++ b/packages/test-utils/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@qwen-code/qwen-code-test-utils",
-  "version": "0.2.1",
+  "version": "0.2.2",
  "private": true,
  "main": "src/index.ts",
  "license": "Apache-2.0",
--- a/packages/vscode-ide-companion/package.json
+++ b/packages/vscode-ide-companion/package.json
@@ -2,7 +2,7 @@
  "name": "qwen-code-vscode-ide-companion",
  "displayName": "Qwen Code Companion",
  "description": "Enable Qwen Code with direct access to your VS Code workspace.",
-  "version": "0.2.1",
+  "version": "0.2.2",
  "publisher": "qwenlm",
  "icon": "assets/icon.png",
  "repository": {
Author	SHA1	Message	Date
tanzhenxin	97bf48b14c	fix: skip problematic integration test (#1065 )	2025-11-19 11:55:19 +08:00
Mingholy	d0e76c76a8	refactor(auth): save authType after successfully authenticated (#1036 )	2025-11-19 11:21:46 +08:00
tanzhenxin	3ed93d5b5d	fix: integration tests (#1062 )	2025-11-19 10:23:16 +08:00
tanzhenxin	71646490f1	Fix: Improve ripgrep binary detection and cross-platform compatibility (#1060 )	2025-11-18 19:38:30 +08:00
DS-Controller2	f0bbeac04a	fix(core): add modelscope provider to handle stream_options (#848 ) * fix(core): add modelscope provider to handle stream_options --------- Co-authored-by: Qwen Code <qwen-code@alibaba-inc.com> Co-authored-by: mingholy.lmh <mingholy.lmh@alibaba-inc.com>	2025-11-18 13:47:20 +08:00
Mingholy	efca0bc795	fix: basic slash command support (#1020 )	2025-11-18 13:46:42 +08:00
tanzhenxin	6bb829f876	feat: Add Terminal Attention Notifications for User Alerts (#1052 )	2025-11-18 13:43:43 +08:00
tanzhenxin	5bc309b3dc	feat: add os platform and version in log report (#1053 )	2025-11-18 13:43:17 +08:00
yyyanghj	0eeffc6875	feat: add support for Trae editor (#1037 )	2025-11-17 10:58:33 +08:00
hj C	f0e21374c1	feat: add support for alternative cached_tokens format in OpenAI converter (#1035 ) Co-authored-by: chenhuanjie <chenhuanjie@xiaohongshu.com>	2025-11-14 18:09:33 +08:00
BlockHand	29261c75e1	feat: openApi configurable window (#1019 )	2025-11-14 10:18:57 +08:00
tanzhenxin	b4eba6584a	chore: pump version to 0.2.2 (#1027 )	2025-11-13 20:39:14 +08:00