fix(cli): resolve Windows storage 'EINVAL' and '/dev/tty' crashes, improve early debug logging

[HumanBot000]

TLDR

PR addresses onboarding problems for windows users as referenced in #2051

Dive Deeper

1. Previously, the project used files like gemini:default.enc to store OAuth authentication. On Windows, the colon : in filenames is exclusively reserved for drives.
2. /dev/tty is only available on Unix-based systems. This is already checked inside pickTty() But under special circumstances, including a special setup of bash and docker on Windows, this check would fail (see Error: ENOENT: no such file or directory, open 'C:\dev\tty' #2051)
3. Moved debug initialization to the start of the CLI main() function. The --debug flag now captures the onboarding and configuration phases, which were previously silent.

Testing Matrix

• All tests in packages/storage and packages/cli pass
• npm run build succeeds
• node scripts/start.js --debug --prompt "hello" ran successfully

Linked issues / bugs

Fixes #2051

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 5a678e12-8b72-4e93-bfe2-c21090f30d48

📥 Commits

Reviewing files that changed from the base of the PR and between 6e27a4d and 2a77c98.

📒 Files selected for processing (4)

• packages/cli/src/config/environmentLoader.ts
• packages/storage/src/secure-store/secure-store.migration.test.ts
• packages/storage/src/secure-store/secure-store.test.ts
• packages/storage/src/secure-store/secure-store.ts

📜 Recent review details

⏰ Context from checks skipped due to timeout of 270000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Run LLxprt review

🧰 Additional context used

🧠 Learnings (4)

📚 Learning: 2026-02-06T15:52:42.315Z

Learnt from: acoliver
Repo: vybestack/llxprt-code PR: 1305
File: scripts/generate-keybindings-doc.ts:1-5
Timestamp: 2026-02-06T15:52:42.315Z
Learning: In reviews of vybestack/llxprt-code, do not suggest changing existing copyright headers from 'Google LLC' to 'Vybestack LLC' for files that originated from upstream. Preserve upstream copyrights in files that came from upstream, and only apply 'Vybestack LLC' copyright on newly created, original LLxprt files. If a file is clearly LLxprt-original, it may carry the Vybestack header; if it is upstream-originated, keep the original sponsor header.

Applied to files:

• packages/cli/src/config/environmentLoader.ts
• packages/storage/src/secure-store/secure-store.test.ts
• packages/storage/src/secure-store/secure-store.migration.test.ts
• packages/storage/src/secure-store/secure-store.ts

📚 Learning: 2026-03-31T02:12:43.093Z

Learnt from: acoliver
Repo: vybestack/llxprt-code PR: 1854
File: packages/core/src/core/subagentRuntimeSetup.test.ts:77-84
Timestamp: 2026-03-31T02:12:43.093Z
Learning: In this codebase, tool declarations should follow the single required contract `parametersJsonSchema`; do not ask to preserve or reintroduce the legacy `parameters` fallback field. Reviewers should not flag assertions/checks for missing `parameters` or suggest backward-compatibility behavior for `parameters`. Schema converters/providers are expected to error if `parametersJsonSchema` is absent instead of falling back to `parameters`.

Applied to files:

• packages/cli/src/config/environmentLoader.ts
• packages/storage/src/secure-store/secure-store.test.ts
• packages/storage/src/secure-store/secure-store.migration.test.ts
• packages/storage/src/secure-store/secure-store.ts

📚 Learning: 2026-06-10T18:18:08.545Z

Learnt from: acoliver
Repo: vybestack/llxprt-code PR: 1983
File: packages/policy/src/policy-engine.ts:156-156
Timestamp: 2026-06-10T18:18:08.545Z
Learning: In this repo, ESLint rule `sonarjs/too-many-break-or-continue-in-loop` is set to fail loops that contain more than 1 `break`/`continue` total per loop (or both present). When a loop violates this (e.g., it contains a `break` and a `continue`, or has multiple `break`s/`continue`s), the code will not lint unless the violating line includes `// eslint-disable-next-line sonarjs/too-many-break-or-continue-in-loop`. In code reviews, do not suggest removing these `eslint-disable-next-line` directives (use refactoring only if it eliminates the underlying >1 break/continue pattern).

Applied to files:

• packages/cli/src/config/environmentLoader.ts
• packages/storage/src/secure-store/secure-store.test.ts
• packages/storage/src/secure-store/secure-store.migration.test.ts
• packages/storage/src/secure-store/secure-store.ts

📚 Learning: 2026-06-10T18:18:09.253Z

Learnt from: acoliver
Repo: vybestack/llxprt-code PR: 1983
File: packages/policy/src/policy-engine.ts:263-263
Timestamp: 2026-06-10T18:18:09.253Z
Learning: In this repository, the ESLint rule `sonarjs/too-many-break-or-continue-in-loop` is configured to allow at most 1 `break`/`continue` per loop (it is stricter than the SonarJS default). During code review, treat `// eslint-disable-next-line sonarjs/too-many-break-or-continue-in-loop` on loops with 2+ `break`/`continue` as intentional and do not suggest removing or changing those directives. Only consider a change if the rule is violated without an appropriate intentional disable.

Applied to files:

• packages/cli/src/config/environmentLoader.ts
• packages/storage/src/secure-store/secure-store.test.ts
• packages/storage/src/secure-store/secure-store.migration.test.ts
• packages/storage/src/secure-store/secure-store.ts

🔇 Additional comments (16)

packages/cli/src/config/environmentLoader.ts (1)

71-77: LGTM!

packages/storage/src/secure-store/secure-store.ts (8)

355-359: LGTM!

---

362-366: LGTM!

---

578-585: LGTM!

---

629-641: LGTM!

---

674-691: LGTM!

---

735-745: LGTM!

---

795-812: LGTM!

---

824-831: LGTM!

packages/storage/src/secure-store/secure-store.migration.test.ts (5)

20-38: LGTM!

---

40-58: LGTM!

---

60-72: LGTM!

---

74-106: LGTM!

---

108-124: LGTM!

packages/storage/src/secure-store/secure-store.test.ts (2)

400-413: LGTM!

---

694-704: LGTM!

---

Summary by CodeRabbit

• New Features
  • Debug mode now supports namespace-based filtering via comma-separated patterns (-d / --debug) and is applied early in the CLI startup.
• Bug Fixes
  • Improved Windows compatibility for secure storage by encoding keys for encrypted fallback filenames, decoding during listing, handling legacy filenames on read/existence/delete, and retrying encrypted writes on transient EPERM.
  • Prevented potential crashes from immediate /dev/tty error events and improved clipboard fallback reliability in SSH environments.
• Documentation
  • Updated the contributing documentation link representation.
• Tests
  • Added/updated coverage for debug bootstrap parsing, clipboard fallback edge cases, and secure store key sanitization/migration behavior.

Walkthrough

The PR adds namespace-based --debug/-d string option support with early bootstrap activation in main(), and fixes two Windows crashes: an unhandled /dev/tty error event, and EPERM/colon-key failures in SecureStore fallback storage via encodeURIComponent key sanitization and a rename retry loop.

Changes

Debug Namespace Mode

Layer / File(s)	Summary
Debug option contract: string type and truthy detection packages/cli/src/config/yargsOptions.ts, packages/cli/src/config/cliArgParser.ts, packages/cli/src/config/environmentLoader.ts	rootOptions and innerCommandOptions change debug from a boolean flag to a string option accepting comma-separated namespace patterns. CliArgs.debug widens to boolean | string | undefined, and isDebugMode switches to !!argv.debug for truthy-value detection.
Bootstrap debug parsing and early activation packages/cli/src/config/profileBootstrap.ts, packages/cli/src/cli.tsx	BootstrapProfileArgs gains a debug field; --debug/-d is parsed early in bootstrap. In main(), when bootstrapArgs.debug is set, ConfigurationManager is enabled and namespaces are set before stdio patching or --version/--help handling.
profileBootstrap test fixtures packages/cli/src/config/__tests__/profileBootstrap.test.ts	All BootstrapProfileArgs fixture objects updated to include debug: null across all applyBootstrapProfile() test scenarios.

Windows Compatibility Fixes

Layer / File(s)	Summary
SecureStore key encoding, fallback paths, and EPERM retry packages/storage/src/secure-store/secure-store.ts	getFallbackFilePath sanitizes keys with encodeURIComponent for filesystem safety. CRUD operations support both encoded and legacy unencoded filenames: get and has fall back to legacy paths, delete cleans both, list decodes filenames and skips malformed entries. writeFallbackFile retries fs.rename up to 3 times on EPERM. Fallback reads delegate to a new readFallbackFileAtPath helper.
SecureStore migration test suite packages/storage/src/secure-store/secure-store.migration.test.ts	Comprehensive test suite with isolated temp directories verifying key sanitization, get() legacy fallback, has() legacy detection, delete() cleanup of both representations, and list() returning mixed key formats with correct decoding.
Existing SecureStore test updates packages/storage/src/secure-store/secure-store.test.ts	Adds CRUD test for colon-containing keys in fallback mode. Updates permissions test to use percent-encoded filename and early-return on Windows.
TTY immediate error listener packages/cli/src/ui/utils/commandUtils.ts, packages/cli/src/ui/utils/commandUtils.test.ts	pickTty() attaches a no-op error listener immediately after /dev/tty stream creation to swallow synchronous errors. New test covers SSH fallback when stream emits immediate error.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Suggested labels

maintainer:e2e:ok

Poem

🐇 Oh, a colon in a key on Windows made things leak,
The TTY threw an error with an unhandled shriek!
Now encode the filenames, retry with a pause,
And debug goes early, before all the stdout laws.
Three retries for EPERM, a no-op for the crash —
This bunny hops safely through the Windows dash! 🪟

🚥 Pre-merge checks | ✅ 4

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the three main issues addressed: Windows EINVAL errors from colons in filenames, /dev/tty crashes on Windows, and early debug logging.
Description check	✅ Passed	The description follows the template structure with TLDR, Dive Deeper sections explaining the three fixes, testing matrix showing successful test runs, and proper linking to #2051 with the Fixes keyword.
Linked Issues check	✅ Passed	The PR fully addresses all coding requirements from #2051: filename sanitization via encodeURIComponent for colons, error listener on /dev/tty WriteStream for synchronous errors, and early debug initialization via parseBootstrapArgs().
Out of Scope Changes check	✅ Passed	All changes are directly scoped to the three issues in #2051: Windows filename encoding, /dev/tty error handling, and early debug logging. No unrelated modifications are present.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

LLxprt PR Review – PR #2052

Issue Alignment

Issue #2051 reported three distinct problems on Windows:

1. EINVAL / filename errors due to : in keys like gemini:default.enc
2. Crash from /dev/tty (Unix-only) under Docker/bash on Windows
3. Debug flag not capturing early onboarding/configuration phases

PR #2052 addresses all three:

1. Windows filename sanitization (secure-store.ts): getFallbackFilePath() now encodes Windows-reserved characters (* < > : " / \ | ?) as %XX. Added getLegacyFallbackFilePath() for backward compatibility — get/has/delete/list all try both paths. Retry loop (up to 3x with 50ms backoff) added for fs.rename EPERM on Windows.

2. /dev/tty crash fix (commandUtils.ts): Added devTty.on('error', () => {}) immediately after stream creation to catch synchronous/near-synchronous errors that would otherwise become unhandled rejections.

3. Early debug logging (cli.tsx, profileBootstrap.ts, yargsOptions.ts, cliArgParser.ts, environmentLoader.ts): Bootstrap argument parser now handles --debug/-d before the full CLI initialization. debug type changed from boolean to string | boolean to accept namespace filters (e.g., --debug llxprt:*). Debug config applied via ConfigurationManager at the very start of main().

Side Effects

• Breaking API: debug field in CliArgs and BootstrapProfileArgs changed from boolean | undefined to string | boolean | undefined/null. Downstream consumers reading this field may need adjustment.
• Key migration: Existing fallback files with raw Windows-reserved characters will be found via legacy fallback (read), and cleaned up on delete. New writes always use sanitized names.
• Retry loop on rename: Minor latency added on Windows rename conflicts; bounded to 3 attempts.

Code Quality

• Sanitization uses %XX encoding matching URI percent-encoding conventions — clear and reversible.
• Legacy fallback paths are checked in get/has/delete/list, ensuring transparent migration.
• The decodeURIComponent call in list() gracefully falls through to raw key validation if decoding fails.
• The pickTty() no-op error handler is appropriately placed to catch synchronous errors.
• The environmentLoader.ts isDebugMode fix correctly handles --debug=false passed as string ('false', '0', 'no' all coerce to false).
• Minor: CONTRIBUTING.md change is just trailing newline — cosmetic.

Overall: Correct and well-engineered. No obvious race conditions or data loss risks.

Tests and Coverage

Coverage impact: Increase

New tests added:

• secure-store.migration.test.ts (125 lines): Windows sanitization with %XX, legacy fallback read/has/delete, list of both encoded and raw keys.
• commandUtils.test.ts: Synchronous /dev/tty error handling (reproduces the reported crash path).
• secure-store.test.ts: Keys with colons (Windows compatibility).
• profileBootstrap.test.ts: debug field added to existing test fixtures (26 updates).

Tests target actual behavior (file I/O, stream errors), not mock theater. The new migration tests and the tty error test directly validate the bug fixes described in #2051.

Verdict

Ready — All three issues in #2051 are addressed with appropriate fixes and meaningful tests. The debug flag enhancement is a logical addition that improves developer experience. Changes are scoped to the diff with no unrelated modifications beyond a trivial whitespace fix.

[HumanBot000]

LLxprt PR Review – PR #2052

Issue Alignment

Issue #2051 described three problems; this PR addresses all:

1. Windows EINVAL / colon in filename: secure-store.ts now uses encodeURIComponent(key) in getFallbackFilePath() and decodeURIComponent() in listKeys(). Keys like service:account are stored as service%3Aaccount.enc. This resolves the Windows filename restriction. ✅
2. /dev/tty crash: commandUtils.ts adds a no-op error listener devTty.on('error', () => {}) immediately after createWriteStream('/dev/tty'). This catches synchronous/near-synchronous errors that would otherwise become unhandled rejections and crash the process. ✅
3. Early debug logging: cli.tsx now calls parseBootstrapArgs() and initializes debug configuration at the very start of main(), before other initialization. The --debug flag can now capture onboarding and configuration phases. ✅

Side Effects

• Backward compatibility risk: Existing Windows users with keys containing colons (e.g., gemini:default) will have files stored with literal colons. After this PR, those files won't be found since listKeys() now expects encoded names. No migration path exists.
• Debug flag type change: debug: boolean became debug: boolean | string in CliArgs and BootstrapProfileArgs. This is a semantic change that could affect consumers.
• EPERM retry loop: fs.rename() now retries up to 3 times with 50ms delay on EPERM. This adds latency but is safe.
• CONTRIBUTING.md: Minor whitespace/EOF change only.

Code Quality

The implementation is sound. The retry loop is properly bounded, the error listener prevents crashes, and encodeURIComponent is the correct approach for filename sanitization. Error handling in the retry logic correctly re-throws after 3 attempts or non-EPERM errors.

Tests and Coverage

• secure-store.test.ts: Adds test for keys with colons ✅
• commandUtils.test.ts: Adds test for synchronous /dev/tty error ✅
• profileBootstrap.test.ts: Updates expected objects with debug: null (maintenance only) ✅

Coverage impact: increase

The new tests cover the specific bug scenarios (colon in keys, /dev/tty sync error). No mock theater detected.

Verdict

Ready

The PR correctly addresses all three problems from issue #2051. The risk from backward compatibility for existing Windows users with colon-containing keys is acceptable given the severity of the current bugs and the likelihood that most users are on fresh installs. The retry logic and error listeners are correctly implemented.

If anyone has a running version on Windows, I'd appreciate if he told me how he has done it, because I couldn't even get it to work without this fix.

[coderabbitai]

Actionable comments posted: 3

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

packages/cli/src/config/__tests__/profileBootstrap.test.ts (1)

166-179: 🛠️ Refactor suggestion | 🟠 Major | ⚡ Quick win

Add explicit tests for the new debug parsing contract (not just shape updates).

The suite now includes debug: null in fixtures, but it does not assert behavior for --debug, -d, --debug=<namespaces>, and false-like values (--debug=false). Add focused parseBootstrapArgs() cases so bootstrap and runtime debug behavior stays locked.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/cli/src/config/__tests__/profileBootstrap.test.ts` around lines 166
- 179, The test fixture now includes the debug field but lacks explicit
assertions on how parseBootstrapArgs() handles different debug flag formats. Add
focused test cases for the parseBootstrapArgs() function that cover parsing
behavior for `--debug`, `-d`, `--debug=<namespaces>`, and false-like values such
as `--debug=false`. These tests should ensure the debug parsing contract is
validated and the bootstrap and runtime debug behavior remains locked.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@packages/cli/src/cli.tsx`:
- Around line 409-412: The namespaces string being split by comma in the
setCliConfig call for the ConfigurationManager.getInstance() method is not
sanitized, allowing whitespace around commas and empty tokens to pass through
and potentially cause silent failures in namespace matching. After splitting the
namespaces string by comma, trim whitespace from each resulting element and
filter out any empty strings before passing the cleaned array to the namespaces
property in setCliConfig.

In `@packages/cli/src/config/environmentLoader.ts`:
- Line 72: The debug mode check on line 72 using `!!argv.debug` converts the
debug argument to a boolean without considering that string values like "false"
or "0" are truthy in JavaScript, causing explicit disable flags to be treated as
enabled. Fix this by normalizing the argv.debug value before the double negation
to explicitly check for false-like string values (such as "false", "0", "no")
and convert them to actual boolean false before applying the `!!` operator, so
that `--debug=false` and `--debug=0` properly disable debug mode while still
allowing truthy string values to enable it.

In `@packages/storage/src/secure-store/secure-store.ts`:
- Around line 354-357: The secure store has two issues: First, replace the
encodeURIComponent call with a custom sanitizer function that escapes all
Windows-reserved characters (*, <, >, :, ", /, \, |, ?) to ensure cross-platform
filename safety. Second, implement dual-path fallback in the get(), has(), and
delete() methods (lines 644–652) to support legacy raw-key fallback files—these
methods should attempt to read from the encoded path first, and if that fails or
the file doesn't exist, fall back to trying the raw (unencoded) key path to
maintain backward compatibility with existing stored secrets.

---

Outside diff comments:
In `@packages/cli/src/config/__tests__/profileBootstrap.test.ts`:
- Around line 166-179: The test fixture now includes the debug field but lacks
explicit assertions on how parseBootstrapArgs() handles different debug flag
formats. Add focused test cases for the parseBootstrapArgs() function that cover
parsing behavior for `--debug`, `-d`, `--debug=<namespaces>`, and false-like
values such as `--debug=false`. These tests should ensure the debug parsing
contract is validated and the bootstrap and runtime debug behavior remains
locked.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 4194b198-930b-4ccd-be20-8e6c2041eb7d

📥 Commits

Reviewing files that changed from the base of the PR and between 0173274 and fe94ed6.

📒 Files selected for processing (11)

• docs/CONTRIBUTING.md
• packages/cli/src/cli.tsx
• packages/cli/src/config/__tests__/profileBootstrap.test.ts
• packages/cli/src/config/cliArgParser.ts
• packages/cli/src/config/environmentLoader.ts
• packages/cli/src/config/profileBootstrap.ts
• packages/cli/src/config/yargsOptions.ts
• packages/cli/src/ui/utils/commandUtils.test.ts
• packages/cli/src/ui/utils/commandUtils.ts
• packages/storage/src/secure-store/secure-store.test.ts
• packages/storage/src/secure-store/secure-store.ts

📜 Review details

⏰ Context from checks skipped due to timeout of 270000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Run LLxprt review

🧰 Additional context used

🧠 Learnings (5)

📚 Learning: 2026-02-06T15:52:42.315Z

Learnt from: acoliver
Repo: vybestack/llxprt-code PR: 1305
File: scripts/generate-keybindings-doc.ts:1-5
Timestamp: 2026-02-06T15:52:42.315Z
Learning: In reviews of vybestack/llxprt-code, do not suggest changing existing copyright headers from 'Google LLC' to 'Vybestack LLC' for files that originated from upstream. Preserve upstream copyrights in files that came from upstream, and only apply 'Vybestack LLC' copyright on newly created, original LLxprt files. If a file is clearly LLxprt-original, it may carry the Vybestack header; if it is upstream-originated, keep the original sponsor header.

Applied to files:

• packages/storage/src/secure-store/secure-store.ts
• packages/cli/src/ui/utils/commandUtils.ts
• packages/cli/src/ui/utils/commandUtils.test.ts
• packages/cli/src/config/environmentLoader.ts
• packages/storage/src/secure-store/secure-store.test.ts
• packages/cli/src/config/cliArgParser.ts
• packages/cli/src/config/yargsOptions.ts
• packages/cli/src/config/profileBootstrap.ts
• packages/cli/src/config/__tests__/profileBootstrap.test.ts

📚 Learning: 2026-03-31T02:12:43.093Z

Learnt from: acoliver
Repo: vybestack/llxprt-code PR: 1854
File: packages/core/src/core/subagentRuntimeSetup.test.ts:77-84
Timestamp: 2026-03-31T02:12:43.093Z
Learning: In this codebase, tool declarations should follow the single required contract `parametersJsonSchema`; do not ask to preserve or reintroduce the legacy `parameters` fallback field. Reviewers should not flag assertions/checks for missing `parameters` or suggest backward-compatibility behavior for `parameters`. Schema converters/providers are expected to error if `parametersJsonSchema` is absent instead of falling back to `parameters`.

Applied to files:

• packages/storage/src/secure-store/secure-store.ts
• packages/cli/src/ui/utils/commandUtils.ts
• packages/cli/src/ui/utils/commandUtils.test.ts
• packages/cli/src/config/environmentLoader.ts
• packages/storage/src/secure-store/secure-store.test.ts
• packages/cli/src/config/cliArgParser.ts
• packages/cli/src/config/yargsOptions.ts
• packages/cli/src/config/profileBootstrap.ts
• packages/cli/src/config/__tests__/profileBootstrap.test.ts

📚 Learning: 2026-06-10T18:18:08.545Z

Learnt from: acoliver
Repo: vybestack/llxprt-code PR: 1983
File: packages/policy/src/policy-engine.ts:156-156
Timestamp: 2026-06-10T18:18:08.545Z
Learning: In this repo, ESLint rule `sonarjs/too-many-break-or-continue-in-loop` is set to fail loops that contain more than 1 `break`/`continue` total per loop (or both present). When a loop violates this (e.g., it contains a `break` and a `continue`, or has multiple `break`s/`continue`s), the code will not lint unless the violating line includes `// eslint-disable-next-line sonarjs/too-many-break-or-continue-in-loop`. In code reviews, do not suggest removing these `eslint-disable-next-line` directives (use refactoring only if it eliminates the underlying >1 break/continue pattern).

Applied to files:

• packages/storage/src/secure-store/secure-store.ts
• packages/cli/src/ui/utils/commandUtils.ts
• packages/cli/src/ui/utils/commandUtils.test.ts
• packages/cli/src/config/environmentLoader.ts
• packages/storage/src/secure-store/secure-store.test.ts
• packages/cli/src/cli.tsx
• packages/cli/src/config/cliArgParser.ts
• packages/cli/src/config/yargsOptions.ts
• packages/cli/src/config/profileBootstrap.ts
• packages/cli/src/config/__tests__/profileBootstrap.test.ts

📚 Learning: 2026-06-10T18:18:09.253Z

Learnt from: acoliver
Repo: vybestack/llxprt-code PR: 1983
File: packages/policy/src/policy-engine.ts:263-263
Timestamp: 2026-06-10T18:18:09.253Z
Learning: In this repository, the ESLint rule `sonarjs/too-many-break-or-continue-in-loop` is configured to allow at most 1 `break`/`continue` per loop (it is stricter than the SonarJS default). During code review, treat `// eslint-disable-next-line sonarjs/too-many-break-or-continue-in-loop` on loops with 2+ `break`/`continue` as intentional and do not suggest removing or changing those directives. Only consider a change if the rule is violated without an appropriate intentional disable.

Applied to files:

• packages/storage/src/secure-store/secure-store.ts
• packages/cli/src/ui/utils/commandUtils.ts
• packages/cli/src/ui/utils/commandUtils.test.ts
• packages/cli/src/config/environmentLoader.ts
• packages/storage/src/secure-store/secure-store.test.ts
• packages/cli/src/cli.tsx
• packages/cli/src/config/cliArgParser.ts
• packages/cli/src/config/yargsOptions.ts
• packages/cli/src/config/profileBootstrap.ts
• packages/cli/src/config/__tests__/profileBootstrap.test.ts

📚 Learning: 2026-03-26T00:49:43.150Z

Learnt from: acoliver
Repo: vybestack/llxprt-code PR: 1778
File: packages/cli/src/auth/__tests__/auth-flow-orchestrator.spec.ts:309-324
Timestamp: 2026-03-26T00:49:43.150Z
Learning: In this repository’s Jest (or Jest-like) test files, it is acceptable to use `expect(promiseReturningFunction).resolves.not.toThrow()` when the function returns `Promise<void>`. Do not flag this as an incorrect or suboptimal matcher; for `Promise<void>` it is functionally equivalent to using `resolves.toBeUndefined()` to assert successful resolution.

Applied to files:

• packages/cli/src/config/__tests__/profileBootstrap.test.ts

🔇 Additional comments (8)

docs/CONTRIBUTING.md (1)

1-1: Clarify whether the symlink is intentional and configure Windows compatibility accordingly.

The symlink to ../CONTRIBUTING.md was originally added upstream (commit cca41edc in gemini-cli) for documentation site purposes, but was marked SKIPPED in llxprt's merge audits. A few concerns:

1. Intentionality unclear: The symlink appears in your repository, but was excluded from previous merges. Confirm whether it should be here.
2. Windows Git configuration: No core.symlinks is configured. On Windows, symlinks require elevated permissions or special Git settings; without configuration, clones may fail or convert the symlink to a regular file, creating inconsistencies.
3. No Windows CI coverage: The test matrix (.github/workflows/ci.yml) runs on ubuntu-latest and macos-latest only. Windows symlink behavior is untested.
4. Contradicts PR objectives: If this PR aims to improve Windows compatibility, a filesystem-level dependency on symlinks works against that goal.

Recommended action: Either remove the symlink and use a hardcopy of CONTRIBUTING.md in docs/, or document that symlink support is required and ensure git config core.symlinks true is set in Windows setup instructions. If keeping the symlink, add a Windows CI runner to test it.

packages/cli/src/config/yargsOptions.ts (1)

146-151: LGTM!

Also applies to: 199-204

packages/cli/src/config/cliArgParser.ts (1)

35-35: LGTM!

Also applies to: 156-156

packages/cli/src/config/profileBootstrap.ts (1)

190-193: Verify intended --debug behavior with positional prompt text.

Line 192 uses the consumed next token as the debug value when present, so llxprt --debug hello treats hello as debug namespaces (not prompt text). Please confirm this UX is intentional for backward compatibility with positional prompts.

packages/cli/src/ui/utils/commandUtils.ts (1)

98-100: LGTM!

packages/cli/src/ui/utils/commandUtils.test.ts (1)

420-437: LGTM!

packages/storage/src/secure-store/secure-store.ts (1)

747-760: LGTM!

packages/storage/src/secure-store/secure-store.test.ts (1)

396-413: LGTM!

Also applies to: 694-699

[acoliver]

@HumanBot000 run npm run format before checkin

[HumanBot000]

@HumanBot000 run npm run format before checkin

Sry for that. Will do that asap

[acoliver]

@HumanBot000 still failing lint (did you run npm run lint?)