anomalyco
diff --git a/‎bun.lock‎
Lines changed: 12 additions & 18 deletions b/‎bun.lock‎
Lines changed: 12 additions & 18 deletions
diff --git a/‎package.json‎
Lines changed: 0 additions & 2 deletions b/‎package.json‎
Lines changed: 0 additions & 2 deletions
diff --git a/‎packages/opencode/src/pty/index.ts‎
Lines changed: 0 additions & 1 deletion b/‎packages/opencode/src/pty/index.ts‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎packages/opencode/src/sandbox/runtime.ts‎
Lines changed: 0 additions & 61 deletions b/‎packages/opencode/src/sandbox/runtime.ts‎
Lines changed: 0 additions & 61 deletions
diff --git a/‎packages/opencode/src/session/prompt.ts‎
Lines changed: 43 additions & 24 deletions b/‎packages/opencode/src/session/prompt.ts‎
Lines changed: 43 additions & 24 deletions
@@ -76,8 +76,6 @@
   },
   "devDependencies": {
     "@actions/artifact": "5.0.1",
-    "@opentui/core": "0.1.90",
-    "@opentui/solid": "0.1.90",
     "@tsconfig/bun": "catalog:",
     "@types/mime-types": "3.0.1",
     "@typescript/native-preview": "catalog:",
 
@@ -9,7 +9,6 @@ import { Log } from "../util/log"
 import { lazy } from "@opencode-ai/util/lazy"
 import { Shell } from "@/shell/shell"
 import { Plugin } from "@/plugin"
-import { SandboxRuntime } from "@/sandbox/runtime"
 import { SandboxSpawn } from "@/sandbox/spawn"
 import { PtyID } from "./schema"
 import { Effect, Layer, ServiceMap } from "effect"
 
@@ -908,7 +908,7 @@ NOTE: At any point in time through this workflow you should feel free to ask the
           )
           const cleanArgs = clean[shellName]?.args ?? clean[""].args
           const rawArgs = invocations[shellName]?.args ?? invocations[""].args
-          const raw = { file: sh, args: rawArgs }
+          const raw = { file: sh, args: sandbox.active ? cleanArgs : rawArgs }
           const call =
             sandbox.active && sandbox.profile
               ? SandboxSpawn.wrap({ profile: sandbox.profile, file: sh, args: cleanArgs })
@@ -949,16 +949,24 @@ NOTE: At any point in time through this workflow you should feel free to ask the
                   }),
                 ),
               )
-              return yield* handle.exitCode
-            }).pipe(
-              Effect.scoped,
-              Effect.onInterrupt(() =>
-                Effect.sync(() => {
-                  aborted = true
-                }),
-              ),
-              Effect.exit,
-            )
+              const abort = Effect.callback<void>((resume) => {
+                if (signal.aborted) return resume(Effect.void)
+                const done = () => resume(Effect.void)
+                signal.addEventListener("abort", done, { once: true })
+                return Effect.sync(() => signal.removeEventListener("abort", done))
+              })
+              const next = yield* Effect.raceAll([
+                handle.exitCode.pipe(Effect.map((code) => ({ kind: "exit" as const, code }))),
+                abort.pipe(Effect.map(() => ({ kind: "abort" as const, code: 1 }))),
+              ])
+
+              if (next.kind === "abort") {
+                aborted = true
+                yield* handle.kill({ forceKillAfter: "3 seconds" }).pipe(Effect.orDie)
+              }
+
+              return next.code
+            }).pipe(Effect.scoped, Effect.exit)
 
             if (Exit.isFailure(exit)) {
               if (Cause.hasInterruptsOnly(exit.cause)) return { code: 1, stderr }
@@ -974,8 +982,8 @@ NOTE: At any point in time through this workflow you should feel free to ask the
           const unsandboxed = cfg.allow_unsandboxed_retry ? yield* Effect.promise(() => commandFamilies(command)) : []
           if (command !== input.command && cfg.allow_unsandboxed_retry && sandbox.active) {
             asked = true
-            try {
-              yield* permission.ask({
+            const exit = yield* permission
+              .ask({
                 permission: "bash:unsandboxed",
                 patterns: unsandboxed,
                 always: unsandboxed,
@@ -991,28 +999,34 @@ NOTE: At any point in time through this workflow you should feel free to ask the
                 },
                 ruleset: Permission.merge(agent.permission, session.permission ?? []),
               })
+              .pipe(Effect.exit)
+            if (Exit.isSuccess(exit)) {
               proactive = true
-            } catch (error) {
+            } else {
               rejected = true
-              log.info("proactive unsandboxed request rejected", { error, sessionID: input.sessionID })
+              log.info("proactive unsandboxed request rejected", {
+                error: Cause.squash(exit.cause),
+                sessionID: input.sessionID,
+              })
             }
           }
 
           let retried = false
           let reason: SandboxSpawn.RetryReason | undefined
-          let result
-          try {
-            result = yield* run(proactive ? raw : call)
-          } catch (error) {
+          let result: { code: number; stderr: string }
+          const first = yield* run(proactive ? raw : call).pipe(Effect.exit)
+          if (Exit.isFailure(first)) {
+            const error = Cause.squash(first.cause)
             if (rejected && !proactive && sandbox.active) {
               const message = error instanceof Error ? error.message : String(error)
               throw new Error(
                 `Explicit unsandboxed request was rejected; sandboxed fallback failed before command start: ${message}`,
                 error instanceof Error ? { cause: error } : undefined,
               )
             }
-            throw error
+            return yield* Effect.failCause(first.cause)
           }
+          result = first.value
 
           if (!proactive) {
             reason = SandboxSpawn.retryReason({
@@ -1026,8 +1040,8 @@ NOTE: At any point in time through this workflow you should feel free to ask the
 
           if (cfg.allow_unsandboxed_retry && !asked && !aborted && reason) {
             asked = true
-            try {
-              yield* permission.ask({
+            const exit = yield* permission
+              .ask({
                 permission: "bash:unsandboxed",
                 patterns: unsandboxed,
                 always: unsandboxed,
@@ -1042,15 +1056,20 @@ NOTE: At any point in time through this workflow you should feel free to ask the
                 },
                 ruleset: Permission.merge(agent.permission, session.permission ?? []),
               })
+              .pipe(Effect.exit)
+            if (Exit.isSuccess(exit)) {
               retried = true
               output = ""
               if (part.state.status === "running") {
                 part.state.metadata = { output: "", description: "" }
                 yield* sessions.updatePart(part)
               }
               result = yield* run(raw)
-            } catch (error) {
-              log.info("unsandboxed retry rejected", { error, sessionID: input.sessionID })
+            } else {
+              log.info("unsandboxed retry rejected", {
+                error: Cause.squash(exit.cause),
+                sessionID: input.sessionID,
+              })
             }
           }