Add /conversation/{conv_id}/microagents endpoint

Co-authored-by: llamantino <12345678+yourusername@users.noreply.github.com>

.devcontainer/devcontainer.json

@@ -12,4 +12,5 @@
 		"ghcr.io/devcontainers/features/node:1": {},
 	},
 	"postCreateCommand": ".devcontainer/setup.sh",
+	"runArgs": ["--network=host"],
 }

.github/workflows/ghcr-build.yml

@@ -293,7 +293,7 @@ jobs:
       - name: Install poetry via pipx
         run: pipx install poetry
       - name: Install Python dependencies using Poetry
-        run: make install-python-dependencies POETRY_GROUP=main,test,runtime INSTALL_PLAYWRIGHT=0
+        run: make install-python-dependencies INSTALL_PLAYWRIGHT=0
       - name: Run docker runtime tests
         run: |
           # We install pytest-xdist in order to run tests across CPUs
@@ -313,6 +313,8 @@ jobs:
           TEST_IN_CI=true \
           RUN_AS_OPENHANDS=false \
           poetry run pytest -n 7 -raRs --reruns 2 --reruns-delay 5 -s ./tests/runtime --ignore=tests/runtime/test_browsergym_envs.py --durations=10
+        env:
+          DEBUG: "1"
 
   # Run unit tests with the Docker runtime Docker images as openhands user
   test_runtime_oh:
@@ -378,6 +380,8 @@ jobs:
           TEST_IN_CI=true \
           RUN_AS_OPENHANDS=true \
           poetry run pytest -n 7 -raRs --reruns 2 --reruns-delay 5 -s ./tests/runtime --ignore=tests/runtime/test_browsergym_envs.py --durations=10
+        env:
+          DEBUG: "1"
 
   # The two following jobs (named identically) are to check whether all the runtime tests have passed as the
   # "All Runtime Tests Passed" is a required job for PRs to merge

.github/workflows/integration-runner.yml

@@ -54,7 +54,7 @@ jobs:
             Hi! I started running the integration tests on your PR. You will receive a comment with the results shortly.
 
       - name: Install Python dependencies using Poetry
-        run: poetry install --without evaluation
+        run: poetry install --with dev,test,runtime
 
       - name: Configure config.toml for testing with Haiku
         env:

.github/workflows/py-unit-tests.yml

@@ -44,7 +44,7 @@ jobs:
           python-version: ${{ matrix.python-version }}
           cache: 'poetry'
       - name: Install Python dependencies using Poetry
-        run: poetry install --without evaluation
+        run: poetry install --with dev,test,runtime
       - name: Build Environment
         run: make build
       - name: Run Unit Tests
@@ -71,8 +71,14 @@ jobs:
           python-version: ${{ matrix.python-version }}
           cache: 'poetry'
       - name: Install Python dependencies using Poetry
-        run: poetry install --without evaluation
+        run: poetry install --with dev,test,runtime
       - name: Run Windows unit tests
         run: poetry run pytest -svv tests/unit/test_windows_bash.py
+        env:
+          DEBUG: "1"
       - name: Run Windows runtime tests with LocalRuntime
         run: $env:TEST_RUNTIME="local"; poetry run pytest -svv tests/runtime/test_bash.py
+        env:
+          TEST_RUNTIME: local
+          DEBUG: "1"
+

.gitignore

@@ -166,7 +166,6 @@ cython_debug/
 # https://stackoverflow.com/questions/32964920/should-i-commit-the-vscode-folder-to-source-control
 .vscode/**/*
 !.vscode/extensions.json
-!.vscode/launch.json
 !.vscode/settings.json
 !.vscode/tasks.json
 

Development.md

@@ -136,7 +136,7 @@ poetry run pytest ./tests/unit/test_*.py
 To reduce build time (e.g., if no changes were made to the client-runtime component), you can use an existing Docker
 container image by setting the SANDBOX_RUNTIME_CONTAINER_IMAGE environment variable to the desired Docker image.
 
-Example: `export SANDBOX_RUNTIME_CONTAINER_IMAGE=ghcr.io/all-hands-ai/runtime:0.40-nikolaik`
+Example: `export SANDBOX_RUNTIME_CONTAINER_IMAGE=ghcr.io/all-hands-ai/runtime:0.41-nikolaik`
 
 ## Develop inside Docker container
 

Makefile

@@ -151,7 +151,7 @@ install-python-dependencies:
 		echo "Installing only POETRY_GROUP=${POETRY_GROUP}"; \
 		poetry install --only $${POETRY_GROUP}; \
 	else \
-		poetry install; \
+		poetry install --with dev,test,runtime; \
 	fi
 	@if [ "${INSTALL_PLAYWRIGHT}" != "false" ] && [ "${INSTALL_PLAYWRIGHT}" != "0" ]; then \
 		if [ -f "/etc/manjaro-release" ]; then \

README.md

@@ -51,17 +51,17 @@ system requirements and more information.
 
 
 ```bash
-docker pull docker.all-hands.dev/all-hands-ai/runtime:0.40-nikolaik
+docker pull docker.all-hands.dev/all-hands-ai/runtime:0.41-nikolaik
 
 docker run -it --rm --pull=always \
-    -e SANDBOX_RUNTIME_CONTAINER_IMAGE=docker.all-hands.dev/all-hands-ai/runtime:0.40-nikolaik \
+    -e SANDBOX_RUNTIME_CONTAINER_IMAGE=docker.all-hands.dev/all-hands-ai/runtime:0.41-nikolaik \
     -e LOG_ALL_EVENTS=true \
     -v /var/run/docker.sock:/var/run/docker.sock \
     -v ~/.openhands-state:/.openhands-state \
     -p 3000:3000 \
     --add-host host.docker.internal:host-gateway \
     --name openhands-app \
-    docker.all-hands.dev/all-hands-ai/openhands:0.40
+    docker.all-hands.dev/all-hands-ai/openhands:0.41
 ```
 
 You'll find OpenHands running at [http://localhost:3000](http://localhost:3000)!

README_CN.md

@@ -51,17 +51,17 @@ OpenHands也可以使用Docker在本地系统上运行。
 
 
 ```bash
-docker pull docker.all-hands.dev/all-hands-ai/runtime:0.40-nikolaik
+docker pull docker.all-hands.dev/all-hands-ai/runtime:0.41-nikolaik
 
 docker run -it --rm --pull=always \
-    -e SANDBOX_RUNTIME_CONTAINER_IMAGE=docker.all-hands.dev/all-hands-ai/runtime:0.40-nikolaik \
+    -e SANDBOX_RUNTIME_CONTAINER_IMAGE=docker.all-hands.dev/all-hands-ai/runtime:0.41-nikolaik \
     -e LOG_ALL_EVENTS=true \
     -v /var/run/docker.sock:/var/run/docker.sock \
     -v ~/.openhands-state:/.openhands-state \
     -p 3000:3000 \
     --add-host host.docker.internal:host-gateway \
     --name openhands-app \
-    docker.all-hands.dev/all-hands-ai/openhands:0.40
+    docker.all-hands.dev/all-hands-ai/openhands:0.41
 ```
 
 您将在[http://localhost:3000](http://localhost:3000)找到运行中的OpenHands！

containers/app/Dockerfile

@@ -26,7 +26,7 @@ RUN apt-get update -y \
 
 COPY ./pyproject.toml ./poetry.lock ./
 RUN touch README.md
-RUN export POETRY_CACHE_DIR && poetry install --without evaluation --no-root && rm -rf $POETRY_CACHE_DIR
+RUN export POETRY_CACHE_DIR && poetry install --no-root && rm -rf $POETRY_CACHE_DIR
 
 FROM python:3.12.3-slim AS openhands-app
 

containers/dev/compose.yml

@@ -11,7 +11,7 @@ services:
       - BACKEND_HOST=${BACKEND_HOST:-"0.0.0.0"}
       - SANDBOX_API_HOSTNAME=host.docker.internal
       #
-      - SANDBOX_RUNTIME_CONTAINER_IMAGE=${SANDBOX_RUNTIME_CONTAINER_IMAGE:-ghcr.io/all-hands-ai/runtime:0.40-nikolaik}
+      - SANDBOX_RUNTIME_CONTAINER_IMAGE=${SANDBOX_RUNTIME_CONTAINER_IMAGE:-ghcr.io/all-hands-ai/runtime:0.41-nikolaik}
       - SANDBOX_USER_ID=${SANDBOX_USER_ID:-1234}
       - WORKSPACE_MOUNT_PATH=${WORKSPACE_BASE:-$PWD/workspace}
     ports:

dev_config/python/.pre-commit-config.yaml

@@ -37,7 +37,8 @@ repos:
     hooks:
       - id: mypy
         additional_dependencies:
-          [types-requests, types-setuptools, types-pyyaml, types-toml]
+          [types-requests, types-setuptools, types-pyyaml, types-toml, types-docker, lxml]
+        # To see gaps add `--html-report mypy-report/`
         entry: mypy --config-file dev_config/python/mypy.ini openhands/
         always_run: true
         pass_filenames: false

docker-compose.yml

@@ -7,7 +7,7 @@ services:
     image: openhands:latest
     container_name: openhands-app-${DATE:-}
     environment:
-      - SANDBOX_RUNTIME_CONTAINER_IMAGE=${SANDBOX_RUNTIME_CONTAINER_IMAGE:-docker.all-hands.dev/all-hands-ai/runtime:0.40-nikolaik}
+      - SANDBOX_RUNTIME_CONTAINER_IMAGE=${SANDBOX_RUNTIME_CONTAINER_IMAGE:-docker.all-hands.dev/all-hands-ai/runtime:0.41-nikolaik}
       #- SANDBOX_USER_ID=${SANDBOX_USER_ID:-1234} # enable this only if you want a specific non-root sandbox user but you will have to manually adjust permissions of openhands-state for this user
       - WORKSPACE_MOUNT_PATH=${WORKSPACE_BASE:-$PWD/workspace}
     ports:

docs/docs.json

@@ -20,7 +20,7 @@
   "navigation": {
     "tabs": [
       {
-        "tab": "Getting started",
+        "tab": "Docs",
         "pages": [
           "index",
           "usage/installation",
@@ -31,116 +31,116 @@
             "pages": [
               "usage/cloud/openhands-cloud",
               {
-                "group": "Installation",
+                "group": "Integrations",
                 "pages": [
                   "usage/cloud/github-installation",
                   "usage/cloud/gitlab-installation"
                 ]
               },
               "usage/cloud/cloud-ui",
-              "usage/cloud/cloud-issue-resolver",
               "usage/cloud/cloud-api"
             ]
           },
           {
-            "group": "Usage Methods",
+            "group": "Running OpenHands Locally",
             "pages": [
+              "usage/local-setup",
               "usage/how-to/gui-mode",
               "usage/how-to/cli-mode",
               "usage/how-to/headless-mode",
               "usage/how-to/github-action"
             ]
-          }
-        ]
-      },
-      {
-        "tab": "Prompting and Customization",
-        "pages": [
-          "usage/prompting/prompting-best-practices",
-          "usage/prompting/repository",
+          },
           {
-            "group": "Microagents",
+            "group": "Customization",
             "pages": [
-              "usage/prompting/microagents-overview",
-              "usage/prompting/microagents-repo",
-              "usage/prompting/microagents-keyword",
-              "usage/prompting/microagents-org",
-              "usage/prompting/microagents-public"
-            ]
-          }
-        ]
-      },
-      {
-        "tab": "Advanced Configuration",
-        "pages": [
-          {
-            "group": "LLM Configuration",
-            "pages": [
-              "usage/llms/llms",
+              "usage/prompting/prompting-best-practices",
+              "usage/prompting/repository",
               {
-                "group": "Providers",
+                "group": "Microagents",
                 "pages": [
-                  "usage/llms/azure-llms",
-                  "usage/llms/google-llms",
-                  "usage/llms/groq",
-                  "usage/llms/local-llms",
-                  "usage/llms/litellm-proxy",
-                  "usage/llms/openai-llms",
-                  "usage/llms/openrouter"
+                  "usage/prompting/microagents-overview",
+                  "usage/prompting/microagents-repo",
+                  "usage/prompting/microagents-keyword",
+                  "usage/prompting/microagents-org",
+                  "usage/prompting/microagents-public"
                 ]
               }
             ]
           },
           {
-            "group": "Runtime Configuration",
+            "group": "Advanced Configuration",
             "pages": [
-              "usage/runtimes/overview",
-              {
-                "group": "Providers",
-                "pages": [
-                  "usage/runtimes/docker",
-                  "usage/runtimes/remote",
-                  "usage/runtimes/local",
-                  {
-                    "group": "Third-Party Providers",
-                    "pages": [
-                      "usage/runtimes/modal",
-                      "usage/runtimes/daytona",
-                      "usage/runtimes/runloop",
-                      "usage/runtimes/e2b"
-                    ]
-                  }
-                ]
-              }
+            {
+              "group": "LLM Configuration",
+              "pages": [
+                "usage/llms/llms",
+                {
+                  "group": "Providers",
+                  "pages": [
+                    "usage/llms/azure-llms",
+                    "usage/llms/google-llms",
+                    "usage/llms/groq",
+                    "usage/llms/local-llms",
+                    "usage/llms/litellm-proxy",
+                    "usage/llms/openai-llms",
+                    "usage/llms/openrouter"
+                  ]
+                }
+              ]
+            },
+            {
+              "group": "Runtime Configuration",
+              "pages": [
+                "usage/runtimes/overview",
+                {
+                  "group": "Providers",
+                  "pages": [
+                    "usage/runtimes/docker",
+                    "usage/runtimes/remote",
+                    "usage/runtimes/local",
+                    {
+                      "group": "Third-Party Providers",
+                      "pages": [
+                        "usage/runtimes/modal",
+                        "usage/runtimes/daytona",
+                        "usage/runtimes/runloop",
+                        "usage/runtimes/e2b"
+                      ]
+                    }
+                  ]
+                }
+              ]
+            },
+            "usage/configuration-options",
+            "usage/how-to/custom-sandbox-guide",
+            "usage/search-engine-setup",
+            "usage/mcp"
             ]
           },
-          "usage/configuration-options",
-          "usage/how-to/custom-sandbox-guide",
-          "usage/search-engine-setup",
-          "usage/mcp"
-        ]
-      },
-      {
-        "tab": "Troubleshooting & Feedback",
-        "pages": [
-          "usage/troubleshooting/troubleshooting",
-          "usage/feedback"
-        ]
-      },
-      {
-        "tab": "For OpenHands Developers",
-        "pages": [
-          "usage/how-to/development-overview",
           {
-            "group": "Architecture",
+            "group": "Troubleshooting & Feedback",
             "pages": [
-              "usage/architecture/backend",
-              "usage/architecture/runtime"
+              "usage/troubleshooting/troubleshooting",
+              "usage/feedback"
             ]
           },
-          "usage/how-to/debugging",
-          "usage/how-to/evaluation-harness",
-          "usage/how-to/websocket-connection"
+          {
+            "group": "OpenHands Developers",
+            "pages": [
+              "usage/how-to/development-overview",
+              {
+                "group": "Architecture",
+                "pages": [
+                  "usage/architecture/backend",
+                  "usage/architecture/runtime"
+                ]
+              },
+              "usage/how-to/debugging",
+              "usage/how-to/evaluation-harness",
+              "usage/how-to/websocket-connection"
+            ]
+          }
         ]
       },
       {
@@ -194,5 +194,11 @@
       "chatgpt",
       "claude"
     ]
-  }
+  },
+  "redirects": [
+    {
+      "source": "/modules/:slug*",
+      "destination": "/:slug*"
+    }
+  ]
 }

docs/usage/cloud/cloud-issue-resolver.mdx

@@ -1,33 +0,0 @@
----
-title: Cloud Issue Resolver
-description: The Cloud Issue Resolver automates code fixes and provides intelligent assistance for your repositories on GitHub.
----
-
-## Setup
-
-The Cloud Issue Resolver is available automatically when you grant OpenHands Cloud repository access:
-- [GitHub repository access](./github-installation#adding-repository-access)
-
-## Usage
-
-After granting OpenHands Cloud repository access, you can use the Cloud Issue Resolver on issues and pull requests in your repositories.
-
-### Working with Issues
-
-On your repository, label an issue with `openhands` or add a message starting with
-`@openhands`. OpenHands will:
-1. Comment on the issue to let you know it is working on it
-   - You can click on the link to track the progress on OpenHands Cloud
-2. Open a pull request if it determines that the issue has been successfully resolved
-3. Comment on the issue with a summary of the performed tasks and a link to the PR
-
-### Working with Pull Requests
-
-To get OpenHands to work on pull requests, mention `@openhands` in comments to:
-- Ask questions
-- Request updates
-- Get code explanations
-
-OpenHands will:
-1. Comment to let you know it is working on it
-2. Perform the requested task

docs/usage/cloud/cloud-ui.mdx

@@ -1,28 +1,36 @@
 ---
 title: Cloud UI
-description: The Cloud UI provides a web interface for interacting with OpenHands AI. This page explains how to access and use the OpenHands Cloud UI.
+description: The Cloud UI provides a web interface for interacting with OpenHands. This page explains how to use the
+ OpenHands Cloud UI.
 ---
 
+## Landing Page
 
-## Accessing the UI
+The landing page is where you can:
 
-The OpenHands Cloud UI can be accessed at [app.all-hands.dev](https://app.all-hands.dev). You'll need to sign in with your GitHub or GitLab account to access the interface.
-
-
-## Key Features
-
-For detailed information about the features available in the OpenHands Cloud UI, please refer to the [Key Features](../key-features.md) section of the documentation.
+- [Add GitHub repository access](/usage/cloud/github-installation#adding-github-repository-access) to OpenHands.
+- [Select a GitHub repo](/usage/cloud/github-installation#working-with-github-repos-in-openhands-cloud) or
+  [a GitLab repo](/usage/cloud/gitlab-installation#working-with-gitlab-repos-in-openhands-cloud) to start working on.
+- See `Suggested Tasks` for repositories that OpenHands has access to.
+- Launch an empty conversation using `Launch from Scratch`.
 
 ## Settings
 
-The settings page allows you to:
+The Settings page allows you to:
 
-- Configure your account preferences.
-- Manage repository access.
-- Generate API keys for programmatic access.
-- Generate custom secrets for the agent.
+- [Configure GitHub repository access](/usage/cloud/github-installation#modifying-repository-access) for OpenHands.
+- Set application settings like your preferred language, notifications and other preferences.
+- Add credits to your account.
+- Generate custom secrets.
+- Create API keys to work with OpenHands programmatically.
+
+## Key Features
+
+For an overview of the key features available inside a conversation, please refer to the [Key Features](../key-features)
+section of the documentation.
 
 ## Next Steps
 
-- [Use the Cloud Issue Resolver](./cloud-issue-resolver.md) to automate code fixes and get assistance.
-- [Learn about the Cloud API](./cloud-api.md) for programmatic access.
+- [Install GitHub Integration](/usage/cloud/github-installation) to use OpenHands with your GitHub repositories.
+- [Install GitLab Integration](/usage/cloud/gitlab-installation) to use OpenHands with your GitLab repositories.
+- [Use the Cloud API](/usage/cloud/cloud-api) to programmatically interact with OpenHands.

docs/usage/cloud/github-installation.mdx

@@ -1,30 +1,22 @@
 ---
-title: GitHub Installation
-description: This guide walks you through the process of installing and configuring OpenHands Cloud for your GitHub repositories.
+title: GitHub Integration
+description: This guide walks you through the process of installing OpenHands Cloud for your GitHub repositories. Once
+  set up, it will allow OpenHands to work with your GitHub repository through the Cloud UI or straight from GitHub!
 ---
 
 ## Prerequisites
 
-- A GitHub account
-- Access to OpenHands Cloud
+- Signed in to [OpenHands Cloud](https://app.all-hands.dev) with [a GitHub account](/usage/cloud/openhands-cloud).
 
-## Installation Steps
+## Adding GitHub Repository Access
 
-1. Log in to [OpenHands Cloud](https://app.all-hands.dev)
-2. If you haven't connected your GitHub account yet:
-   - Click on `Connect to GitHub`
-   - Review and accept the terms of service
-   - Authorize the OpenHands AI application
+You can grant OpenHands access to specific GitHub repositories:
 
-## Adding Repository Access
-
-You can grant OpenHands access to specific repositories:
-
-1. Click on `Add GitHub repos`
+1. Click on `Add GitHub repos` on the landing page.
 2. Select your organization and choose the specific repositories to grant OpenHands access to.
-   - OpenHands requests short-lived tokens (8-hour expiration) with these permissions:
+<Accordion title="OpenHands permissions">
+  - OpenHands requests short-lived tokens (8-hour expiration) with these permissions:
      - Actions: Read and write
-     - Administration: Read-only
      - Commit statuses: Read and write
      - Contents: Read and write
      - Issues: Read and write
@@ -35,20 +27,45 @@ You can grant OpenHands access to specific repositories:
    - Repository access for a user is granted based on:
      - Permission granted for the repository
      - User's GitHub permissions (owner/collaborator)
-3. Click `Install & Authorize`
+</Accordion>
+
+3. Click `Install & Authorize`.
 
 ## Modifying Repository Access
 
-You can modify repository access at any time by visiting the Settings page and selecting `Configure GitHub Repositories` under the `Git` tab.
+You can modify GitHub repository access at any time by:
+- Selecting `Add GitHub repos` on the landing page or
+- Visiting the Settings page and selecting `Configure GitHub Repositories` under the `Git` tab
 
-## Using OpenHands with GitHub
+## Working With GitHub Repos in Openhands Cloud
 
-Once you've granted repository access, you can use OpenHands with your GitHub repositories.
+Once you've granted GitHub repository access, you can start working with your GitHub repository. Use the `select a repo`
+and `select a branch` dropdowns to select the appropriate repository and branch you'd like OpenHands to work on. Then
+click on `Launch` to start the conversation!
 
-For details on how to use OpenHands with GitHub issues and pull requests, see the [Cloud Issue Resolver](./cloud-issue-resolver.md) documentation.
+![Connect Repo](/static/img/connect-repo.png)
+
+## Working on Github Issues and Pull Requests Using Openhands
+
+Giving GitHub repository access to OpenHands also allows you to work on GitHub issues and pull requests directly.
+
+### Working with Issues
+
+On your repository, label an issue with `openhands` or add a message starting with
+`@openhands`. OpenHands will:
+1. Comment on the issue to let you know it is working on it.
+   - You can click on the link to track the progress on OpenHands Cloud.
+2. Open a pull request if it determines that the issue has been successfully resolved.
+3. Comment on the issue with a summary of the performed tasks and a link to the PR.
+
+### Working with Pull Requests
+
+To get OpenHands to work on pull requests, mention `@openhands` in the comments to:
+- Ask questions
+- Request updates
+- Get code explanations
 
 ## Next Steps
 
-- [Access the Cloud UI](./cloud-ui.md) to interact with the web interface
-- [Use the Cloud Issue Resolver](./cloud-issue-resolver.md) to automate code fixes and get assistance
-- [Use the Cloud API](./cloud-api.md) to programmatically interact with OpenHands
+- [Learn about the Cloud UI](/usage/cloud/cloud-ui).
+- [Use the Cloud API](/usage/cloud/cloud-api) to programmatically interact with OpenHands.

docs/usage/cloud/gitlab-installation.mdx

@@ -1,23 +1,25 @@
 ---
-title: GitLab Installation
-description: This guide walks you through the process of installing and configuring OpenHands Cloud for your GitLab repositories.
+title: GitLab Integration
+description: This guide walks you through the process of installing OpenHands Cloud for your GitLab repositories. Once
+  set up, it will allow OpenHands to work with your GitLab repository.
 ---
 
 ## Prerequisites
 
-- A GitLab account
-- Access to OpenHands Cloud
+- Signed in to [OpenHands Cloud](https://app.all-hands.dev) with [a GitLab account](/usage/cloud/openhands-cloud).
 
-## Installation Steps
+## Adding GitLab Repository Access
 
-1. Log in to [OpenHands Cloud](https://app.all-hands.dev)
-2. If you haven't connected your GitLab account yet:
-   - Click on `Log in with GitLab`
-   - Authorize the OpenHands application
+Upon signing into OpenHands Cloud with a GitLab account, OpenHands will have access to your repositories.
 
+## Working With GitLab Repos in Openhands Cloud
 
+After signing in with a Gitlab account, use the `select a repo` and `select a branch` dropdowns to select the
+appropriate repository and branch you'd like OpenHands to work on. Then click on `Launch` to start the conversation!
+
+![Connect Repo](/static/img/connect-repo.png)
 
 ## Next Steps
 
-- [Access the Cloud UI](./cloud-ui.md) to interact with the web interface
-- [Use the Cloud API](./cloud-api.md) to programmatically interact with OpenHands
+- [Learn about the Cloud UI](/usage/cloud/cloud-ui).
+- [Use the Cloud API](/usage/cloud/cloud-api) to programmatically interact with OpenHands.

docs/usage/cloud/openhands-cloud.mdx

@@ -1,13 +1,12 @@
 ---
 title: Getting Started
-description: Getting started with OpenHands Cloud
+description: Getting started with OpenHands Cloud.
 ---
 
-OpenHands Cloud is the hosted cloud version of All Hands AI's OpenHands.
-
 ## Accessing OpenHands Cloud
 
-To get started with OpenHands Cloud, visit [app.all-hands.dev](https://app.all-hands.dev).
+OpenHands Cloud is the hosted cloud version of All Hands AI's OpenHands. To get started with OpenHands Cloud,
+visit [app.all-hands.dev](https://app.all-hands.dev).
 
 You'll be prompted to connect with your GitHub or GitLab account:
 
@@ -15,13 +14,13 @@ You'll be prompted to connect with your GitHub or GitLab account:
 2. Review the permissions requested by OpenHands and authorize the application.
    - OpenHands will require certain permissions from your account. To read more about these permissions,
      you can click the `Learn more` link on the authorization page.
+3. Review and accept the `terms of service` and select `Continue`.
 
 ## Next Steps
 
 Once you've connected your account, you can:
 
-- [Install GitHub Integration](./github-installation.md) to use OpenHands with your GitHub repositories
-- [Install GitLab Integration](./gitlab-installation.md) to use OpenHands with your GitLab repositories
-- [Access the Cloud UI](./cloud-ui.md) to interact with the web interface
-- [Use the Cloud API](./cloud-api.md) to programmatically interact with OpenHands
-- [Set up the Cloud Issue Resolver](./cloud-issue-resolver.md) to automate code fixes and provide intelligent assistance
+- [Install GitHub Integration](/usage/cloud/github-installation) to use OpenHands with your GitHub repositories.
+- [Install GitLab Integration](/usage/cloud/gitlab-installation) to use OpenHands with your GitLab repositories.
+- [Learn about the Cloud UI](/usage/cloud/cloud-ui).
+- [Use the Cloud API](/usage/cloud/cloud-api) to programmatically interact with OpenHands.

docs/usage/how-to/cli-mode.mdx

@@ -31,7 +31,7 @@ This command opens an interactive prompt where you can type tasks or commands an
 ```bash
 docker run -it \
     --pull=always \
-    -e SANDBOX_RUNTIME_CONTAINER_IMAGE=docker.all-hands.dev/all-hands-ai/runtime:0.39-nikolaik \
+    -e SANDBOX_RUNTIME_CONTAINER_IMAGE=docker.all-hands.dev/all-hands-ai/runtime:0.41-nikolaik \
     -e SANDBOX_USER_ID=$(id -u) \
     -e SANDBOX_VOLUMES=$SANDBOX_VOLUMES \
     -e LLM_API_KEY=$LLM_API_KEY \
@@ -40,7 +40,7 @@ docker run -it \
     -v ~/.openhands-state:/.openhands-state \
     --add-host host.docker.internal:host-gateway \
     --name openhands-app-$(date +%Y%m%d%H%M%S) \
-    docker.all-hands.dev/all-hands-ai/openhands:0.39 \
+    docker.all-hands.dev/all-hands-ai/openhands:0.41 \
     python -m openhands.cli.main --override-cli-mode true
 ```
 

docs/usage/how-to/headless-mode.mdx

@@ -31,7 +31,7 @@ To run OpenHands in Headless mode with Docker:
 ```bash
 docker run -it \
     --pull=always \
-    -e SANDBOX_RUNTIME_CONTAINER_IMAGE=docker.all-hands.dev/all-hands-ai/runtime:0.39-nikolaik \
+    -e SANDBOX_RUNTIME_CONTAINER_IMAGE=docker.all-hands.dev/all-hands-ai/runtime:0.41-nikolaik \
     -e SANDBOX_USER_ID=$(id -u) \
     -e SANDBOX_VOLUMES=$SANDBOX_VOLUMES \
     -e LLM_API_KEY=$LLM_API_KEY \
@@ -41,7 +41,7 @@ docker run -it \
     -v ~/.openhands-state:/.openhands-state \
     --add-host host.docker.internal:host-gateway \
     --name openhands-app-$(date +%Y%m%d%H%M%S) \
-    docker.all-hands.dev/all-hands-ai/openhands:0.39 \
+    docker.all-hands.dev/all-hands-ai/openhands:0.41 \
     python -m openhands.core.main -t "write a bash script that prints hi"
 ```
 

docs/usage/installation.mdx

@@ -1,6 +1,6 @@
 ---
 title: Quick Start
-description: Running OpenHands on the cloud or your local desktop
+description: Running OpenHands Cloud or running on your local system.
 icon: rocket
 ---
 
@@ -10,164 +10,10 @@ The easiest way to get started with OpenHands is on OpenHands Cloud, which comes
 
 To get started with OpenHands Cloud, visit [app.all-hands.dev](https://app.all-hands.dev).
 
-You'll be prompted to connect with your GitHub or GitLab account:
+For more information see [getting started with OpenHands Cloud.](/usage/cloud/openhands-cloud)
 
-1. Click `Log in with GitHub` or `Log in with GitLab`.
-2. Review the permissions requested by OpenHands and authorize the application.
-   - OpenHands will require certain permissions from your account. To read more about these permissions,
-     you can click the `Learn more` link on the authorization page.
+## Running OpenHands Locally
 
+Run OpenHands on your local system and bring your own LLM and API key.
 
-Once you've connected your account, you can:
-
-- [Install GitHub Integration](/usage/cloud/github-installation) to use OpenHands with your GitHub repositories
-- [Install GitLab Integration](/usage/cloud/gitlab-installation) to use OpenHands with your GitLab repositories
-- [Access the Cloud UI](/usage/cloud/cloud-ui) to interact with the web interface
-- [Use the Cloud API](/usage/cloud/cloud-api) to programmatically interact with OpenHands
-- [Set up the Cloud Issue Resolver](/usage/cloud/cloud-issue-resolver) to automate code fixes and provide intelligent assistance
-
-
-## Running OpenHands on your local desktop
-
-### System Requirements
-
-- MacOS with [Docker Desktop support](https://docs.docker.com/desktop/setup/install/mac-install/#system-requirements)
-- Linux
-- Windows with [WSL](https://learn.microsoft.com/en-us/windows/wsl/install) and [Docker Desktop support](https://docs.docker.com/desktop/setup/install/windows-install/#system-requirements)
-
-A system with a modern processor and a minimum of **4GB RAM** is recommended to run OpenHands.
-
-### Prerequisites
-
-<AccordionGroup>
-
-<Accordion title="MacOS">
-
-  **Docker Desktop**
-
-  1. [Install Docker Desktop on Mac](https://docs.docker.com/desktop/setup/install/mac-install).
-  2. Open Docker Desktop, go to `Settings > Advanced` and ensure `Allow the default Docker socket to be used` is enabled.
-</Accordion>
-
-<Accordion title="Linux">
-
-  <Note>
-  Tested with Ubuntu 22.04.
-  </Note>
-
-  **Docker Desktop**
-
-  1. [Install Docker Desktop on Linux](https://docs.docker.com/desktop/setup/install/linux/).
-
-</Accordion>
-
-<Accordion title="Windows">
-
-  **WSL**
-
-  1. [Install WSL](https://learn.microsoft.com/en-us/windows/wsl/install).
-  2. Run `wsl --version` in powershell and confirm `Default Version: 2`.
-
-  **Docker Desktop**
-
-  1. [Install Docker Desktop on Windows](https://docs.docker.com/desktop/setup/install/windows-install).
-  2. Open Docker Desktop, go to `Settings` and confirm the following:
-  - General: `Use the WSL 2 based engine` is enabled.
-  - Resources > WSL Integration: `Enable integration with my default WSL distro` is enabled.
-
-  <Note>
-  The docker command below to start the app must be run inside the WSL terminal.
-  </Note>
-
-</Accordion>
-
-</AccordionGroup>
-
-### Start the App
-
-The easiest way to run OpenHands is in Docker.
-
-```bash
-docker pull docker.all-hands.dev/all-hands-ai/runtime:0.39-nikolaik
-
-docker run -it --rm --pull=always \
-    -e SANDBOX_RUNTIME_CONTAINER_IMAGE=docker.all-hands.dev/all-hands-ai/runtime:0.39-nikolaik \
-    -e LOG_ALL_EVENTS=true \
-    -v /var/run/docker.sock:/var/run/docker.sock \
-    -v ~/.openhands-state:/.openhands-state \
-    -p 3000:3000 \
-    --add-host host.docker.internal:host-gateway \
-    --name openhands-app \
-    docker.all-hands.dev/all-hands-ai/openhands:0.39
-```
-
-You'll find OpenHands running at http://localhost:3000!
-
-You can also [connect OpenHands to your local filesystem](https://docs.all-hands.dev/modules/usage/runtimes/docker#connecting-to-your-filesystem),
-run OpenHands in a scriptable [headless mode](https://docs.all-hands.dev/modules/usage/how-to/headless-mode),
-interact with it via a [friendly CLI](https://docs.all-hands.dev/modules/usage/how-to/cli-mode),
-or run it on tagged issues with [a GitHub action](https://docs.all-hands.dev/modules/usage/how-to/github-action).
-
-### Setup
-
-After launching OpenHands, you **must** select an `LLM Provider` and `LLM Model` and enter a corresponding `API Key`.
-This can be done during the initial settings popup or by selecting the `Settings`
-button (gear icon) in the UI.
-
-If the required model does not exist in the list, in `Settings` under the `LLM` tab, you can toggle `Advanced` options
-and manually enter it with the correct prefix in the `Custom Model` text box.
-The `Advanced` options also allow you to specify a `Base URL` if required.
-
-#### Getting an API Key
-
-OpenHands requires an API key to access most language models. Here's how to get an API key from the recommended providers:
-
-<AccordionGroup>
-
-<Accordion title="Anthropic (Claude)">
-
-1. [Create an Anthropic account](https://console.anthropic.com/).
-2. [Generate an API key](https://console.anthropic.com/settings/keys).
-3. [Set up billing](https://console.anthropic.com/settings/billing).
-
-Consider setting usage limits to control costs.
-
-</Accordion>
-
-<Accordion title="OpenAI">
-
-1. [Create an OpenAI account](https://platform.openai.com/).
-2. [Generate an API key](https://platform.openai.com/api-keys).
-3. [Set up billing](https://platform.openai.com/account/billing/overview).
-
-</Accordion>
-
-</AccordionGroup>
-
-#### Setting Up Search Engine
-
-OpenHands can be configured to use a search engine to allow the agent to search the web for information when needed.
-
-Search functionality is enabled by default in OpenHands Cloud. No additional setup is required.
-
-To enable search functionality in self-hosted OpenHands:
-
-1. Get a Tavily API key from [tavily.com](https://tavily.com/)
-2. Enter the API key in the Settings page under `LLM` tab, `Search API Key (Tavily)`
-
-For more details, see the [Search Engine Setup](/usage/search-engine-setup) guide.
-
-
-Now you're ready to [get started with OpenHands](./getting-started).
-
-#### Versions
-
-The [docker command above](./installation#start-the-app) pulls the most recent stable release of OpenHands. You have other options as well:
-- For a specific release, replace `$VERSION` in `openhands:$VERSION` and `runtime:$VERSION`, with the version number.
-We use SemVer so `0.9` will automatically point to the latest `0.9.x` release, and `0` will point to the latest `0.x.x` release.
-- For the most up-to-date development version, replace `$VERSION` in `openhands:$VERSION` and `runtime:$VERSION`, with `main`.
-This version is unstable and is recommended for testing or development purposes only.
-
-For the development workflow, see [Development.md](https://github.com/All-Hands-AI/OpenHands/blob/main/Development.md).
-
-Are you having trouble? Check out our [Troubleshooting Guide](https://docs.all-hands.dev/modules/usage/troubleshooting).
+For more information see [running OpenHands locally.](/usage/local-setup)

docs/usage/llms/local-llms.mdx

@@ -23,7 +23,7 @@ We recommend using [LMStudio](https://lmstudio.ai/) for serving these models loc
    - Option 2: Download a LLM in GGUF format. For example, to download [Devstral Small 2505 GGUF](https://huggingface.co/mistralai/Devstral-Small-2505_gguf), using `huggingface-cli download mistralai/Devstral-Small-2505_gguf --local-dir mistralai/Devstral-Small-2505_gguf`. Then in bash terminal, run `lms import {model_name}` in the directory where you've downloaded the model checkpoint (e.g. run `lms import devstralQ4_K_M.gguf` in `mistralai/Devstral-Small-2505_gguf`)
 
 3. Open LM Studio application, you should first switch to `power user` mode, and then open the developer tab:
-  
+
 ![image](./screenshots/1_select_power_user.png)
 
 4. Then click `Select a model to load` on top of the application:
@@ -54,25 +54,25 @@ Check [the installation guide](https://docs.all-hands.dev/modules/usage/installa
 export LMSTUDIO_MODEL_NAME="imported-models/uncategorized/devstralq4_k_m.gguf" # <- Replace this with the model name you copied from LMStudio
 export LMSTUDIO_URL="http://host.docker.internal:1234"  # <- Replace this with the port from LMStudio
 
-docker pull docker.all-hands.dev/all-hands-ai/runtime:0.39-nikolaik
+docker pull docker.all-hands.dev/all-hands-ai/runtime:0.41-nikolaik
 
 mkdir -p ~/.openhands-state && echo '{"language":"en","agent":"CodeActAgent","max_iterations":null,"security_analyzer":null,"confirmation_mode":false,"llm_model":"lm_studio/'$LMSTUDIO_MODEL_NAME'","llm_api_key":"dummy","llm_base_url":"'$LMSTUDIO_URL/v1'","remote_runtime_resource_factor":null,"github_token":null,"enable_default_condenser":true,"user_consents_to_analytics":true}' > ~/.openhands-state/settings.json
 
 docker run -it --rm --pull=always \
-    -e SANDBOX_RUNTIME_CONTAINER_IMAGE=docker.all-hands.dev/all-hands-ai/runtime:0.39-nikolaik \
+    -e SANDBOX_RUNTIME_CONTAINER_IMAGE=docker.all-hands.dev/all-hands-ai/runtime:0.41-nikolaik \
     -e LOG_ALL_EVENTS=true \
     -v /var/run/docker.sock:/var/run/docker.sock \
     -v ~/.openhands-state:/.openhands-state \
     -p 3000:3000 \
     --add-host host.docker.internal:host-gateway \
     --name openhands-app \
-    docker.all-hands.dev/all-hands-ai/openhands:0.39
+    docker.all-hands.dev/all-hands-ai/openhands:0.41
 ```
 
 Once your server is running -- you can visit `http://localhost:3000` in your browser to use OpenHands with local Devstral model:
 ```
 Digest: sha256:e72f9baecb458aedb9afc2cd5bc935118d1868719e55d50da73190d3a85c674f
-Status: Image is up to date for docker.all-hands.dev/all-hands-ai/openhands:0.39
+Status: Image is up to date for docker.all-hands.dev/all-hands-ai/openhands:0.41
 Starting OpenHands...
 Running OpenHands as root
 14:22:13 - openhands:INFO: server_config.py:50 - Using config class None
@@ -152,7 +152,7 @@ Start OpenHands using `make run`.
 
 ### Configure OpenHands
 
-Once OpenHands is running, you'll need to set the following in the OpenHands UI through the Settings under the `LLM` tab: 
+Once OpenHands is running, you'll need to set the following in the OpenHands UI through the Settings under the `LLM` tab:
 1. Enable `Advanced` options.
 2. Set the following:
 - `Custom Model` to `openai/<served-model-name>` (e.g. `openai/openhands-lm-32b-v0.1`)

docs/usage/local-setup.mdx

@@ -0,0 +1,151 @@
+---
+title: Getting Started
+description: Getting started with running OpenHands locally.
+---
+
+## Recommended Methods for Running Openhands on Your Local System
+
+### System Requirements
+
+- MacOS with [Docker Desktop support](https://docs.docker.com/desktop/setup/install/mac-install/#system-requirements)
+- Linux
+- Windows with [WSL](https://learn.microsoft.com/en-us/windows/wsl/install) and [Docker Desktop support](https://docs.docker.com/desktop/setup/install/windows-install/#system-requirements)
+
+A system with a modern processor and a minimum of **4GB RAM** is recommended to run OpenHands.
+
+### Prerequisites
+
+<AccordionGroup>
+
+<Accordion title="MacOS">
+
+  **Docker Desktop**
+
+  1. [Install Docker Desktop on Mac](https://docs.docker.com/desktop/setup/install/mac-install).
+  2. Open Docker Desktop, go to `Settings > Advanced` and ensure `Allow the default Docker socket to be used` is enabled.
+</Accordion>
+
+<Accordion title="Linux">
+
+  <Note>
+  Tested with Ubuntu 22.04.
+  </Note>
+
+  **Docker Desktop**
+
+  1. [Install Docker Desktop on Linux](https://docs.docker.com/desktop/setup/install/linux/).
+
+</Accordion>
+
+<Accordion title="Windows">
+
+  **WSL**
+
+  1. [Install WSL](https://learn.microsoft.com/en-us/windows/wsl/install).
+  2. Run `wsl --version` in powershell and confirm `Default Version: 2`.
+
+  **Docker Desktop**
+
+  1. [Install Docker Desktop on Windows](https://docs.docker.com/desktop/setup/install/windows-install).
+  2. Open Docker Desktop, go to `Settings` and confirm the following:
+  - General: `Use the WSL 2 based engine` is enabled.
+  - Resources > WSL Integration: `Enable integration with my default WSL distro` is enabled.
+
+  <Note>
+  The docker command below to start the app must be run inside the WSL terminal.
+  </Note>
+
+</Accordion>
+
+</AccordionGroup>
+
+### Start the App
+
+```bash
+docker pull docker.all-hands.dev/all-hands-ai/runtime:0.40-nikolaik
+
+docker run -it --rm --pull=always \
+    -e SANDBOX_RUNTIME_CONTAINER_IMAGE=docker.all-hands.dev/all-hands-ai/runtime:0.40-nikolaik \
+    -e LOG_ALL_EVENTS=true \
+    -v /var/run/docker.sock:/var/run/docker.sock \
+    -v ~/.openhands-state:/.openhands-state \
+    -p 3000:3000 \
+    --add-host host.docker.internal:host-gateway \
+    --name openhands-app \
+    docker.all-hands.dev/all-hands-ai/openhands:0.40
+```
+
+You'll find OpenHands running at http://localhost:3000!
+
+### Setup
+
+After launching OpenHands, you **must** select an `LLM Provider` and `LLM Model` and enter a corresponding `API Key`.
+This can be done during the initial settings popup or by selecting the `Settings`
+button (gear icon) in the UI.
+
+If the required model does not exist in the list, in `Settings` under the `LLM` tab, you can toggle `Advanced` options
+and manually enter it with the correct prefix in the `Custom Model` text box.
+The `Advanced` options also allow you to specify a `Base URL` if required.
+
+#### Getting an API Key
+
+OpenHands requires an API key to access most language models. Here's how to get an API key from the recommended providers:
+
+<AccordionGroup>
+
+<Accordion title="Anthropic (Claude)">
+
+1. [Create an Anthropic account](https://console.anthropic.com/).
+2. [Generate an API key](https://console.anthropic.com/settings/keys).
+3. [Set up billing](https://console.anthropic.com/settings/billing).
+
+</Accordion>
+
+<Accordion title="OpenAI">
+
+1. [Create an OpenAI account](https://platform.openai.com/).
+2. [Generate an API key](https://platform.openai.com/api-keys).
+3. [Set up billing](https://platform.openai.com/account/billing/overview).
+
+</Accordion>
+
+<Accordion title="Google (Gemini)">
+
+1. Create a Google account if you don't already have one.
+2. [Generate an API key](https://aistudio.google.com/apikey).
+3. [Set up billing](https://aistudio.google.com/usage?tab=billing).
+
+</Accordion>
+
+</AccordionGroup>
+
+Consider setting usage limits to control costs.
+
+#### Setting Up Search Engine
+
+OpenHands can be configured to use a search engine to allow the agent to search the web for information when needed.
+
+To enable search functionality in OpenHands:
+
+1. Get a Tavily API key from [tavily.com](https://tavily.com/).
+2. Enter the Tavily API key in the Settings page under `LLM` tab > `Search API Key (Tavily)`
+
+For more details, see the [Search Engine Setup](/usage/search-engine-setup) guide.
+
+
+Now you're ready to [get started with OpenHands](/usage/getting-started).
+
+### Versions
+
+The [docker command above](/usage/local-setup#start-the-app) pulls the most recent stable release of OpenHands. You have other options as well:
+- For a specific release, replace `$VERSION` in `openhands:$VERSION` and `runtime:$VERSION`, with the version number.
+For example, `0.9` will automatically point to the latest `0.9.x` release, and `0` will point to the latest `0.x.x` release.
+- For the most up-to-date development version, replace `$VERSION` in `openhands:$VERSION` and `runtime:$VERSION`, with `main`.
+This version is unstable and is recommended for testing or development purposes only.
+
+## Next Steps
+
+- [Connect OpenHands to your local filesystem.](/usage/runtimes/docker#connecting-to-your-filesystem) to use OpenHands with your GitHub repositories
+- [Run OpenHands in a scriptable headless mode.](/usage/how-to/headless-mode)
+- [Run OpenHands with a friendly CLI.](/usage/how-to/cli-mode)
+- [Run OpenHands on tagged issues with a GitHub action.](/usage/how-to/github-action)

docs/usage/prompting/microagents-overview.mdx

@@ -11,7 +11,7 @@ Currently OpenHands supports the following types of microagents:
 - [Keyword-Triggered Microagents](./microagents-keyword): Guidelines activated by specific keywords in prompts.
 
 To customize OpenHands' behavior, create a .openhands/microagents/ directory in the root of your repository and
-add `<microagent_name>.md` files inside.
+add `<microagent_name>.md` files inside. For repository-specific guidelines, you can ask OpenHands to analyze your repository and create a comprehensive `repo.md` file (see [General Microagents](./microagents-repo) for details).
 
 <Note>
 Loaded microagents take up space in the context window.

docs/usage/prompting/microagents-repo.mdx

@@ -17,13 +17,45 @@ Frontmatter should be enclosed in triple dashes (---) and may include the follow
 |-----------|-----------------------------------------|----------|----------------|
 | `agent`   | The agent this microagent applies to    | No       | 'CodeActAgent' |
 
-## Example
+## Creating a Comprehensive Repository Agent
+
+To create an effective repository agent, you can ask OpenHands to analyze your repository with a prompt like:
 
-General microagent file example located at `.openhands/microagents/repo.md`:
 ```
+Please browse the repository, look at the documentation and relevant code, and understand the purpose of this repository.
+
+Specifically, I want you to create a `.openhands/microagents/repo.md` file. This file should contain succinct information that summarizes:
+1. The purpose of this repository
+2. The general setup of this repo
+3. A brief description of the structure of this repo
+
+Read all the GitHub workflows under .github/ of the repository (if this folder exists) to understand the CI checks (e.g., linter, pre-commit), and include those in the repo.md file.
+```
+
+This approach helps OpenHands capture repository context efficiently, reducing the need for repeated searches during conversations and ensuring more accurate solutions.
+
+## Example Content
+
+A comprehensive repository agent file (`.openhands/microagents/repo.md`) should include:
+
+```
+# Repository Purpose
 This project is a TODO application that allows users to track TODO items.
 
+# Setup Instructions
 To set it up, you can run `npm run build`.
+
+# Repository Structure
+- `/src`: Core application code
+- `/tests`: Test suite
+- `/docs`: Documentation
+- `/.github`: CI/CD workflows
+
+# CI/CD Workflows
+- `lint.yml`: Runs ESLint on all JavaScript files
+- `test.yml`: Runs the test suite on pull requests
+
+# Development Guidelines
 Always make sure the tests are passing before committing changes. You can run the tests by running `npm run test`.
 ```
 

frontend/__tests__/hooks/use-terminal.test.tsx

@@ -35,7 +35,6 @@ describe("useTerminal", () => {
     onKey: vi.fn(),
     attachCustomKeyEventHandler: vi.fn(),
     dispose: vi.fn(),
-    reset: vi.fn(),
   }));
 
   beforeAll(() => {
@@ -83,31 +82,6 @@ describe("useTerminal", () => {
     expect(mockTerminal.writeln).toHaveBeenNthCalledWith(2, "hello");
   });
 
-  it("should re-render all commands when terminal is reinitialized", () => {
-    const commands: Command[] = [
-      { content: "echo hello", type: "input" },
-      { content: "hello", type: "output" },
-    ];
-
-    const { rerender } = renderWithProviders(<TestTerminalComponent commands={commands} />, {
-      preloadedState: {
-        agent: { curAgentState: AgentState.RUNNING },
-        cmd: { commands },
-      },
-    });
-
-    // Clear mock calls from initial render
-    mockTerminal.writeln.mockClear();
-
-    // Trigger re-render with new commands array
-    const newCommands = [...commands];
-    rerender(<TestTerminalComponent commands={newCommands} />);
-
-    // Verify all commands are re-rendered
-    expect(mockTerminal.writeln).toHaveBeenNthCalledWith(1, "echo hello");
-    expect(mockTerminal.writeln).toHaveBeenNthCalledWith(2, "hello");
-  });
-
   // This test is no longer relevant as secrets filtering has been removed
   it.skip("should hide secrets in the terminal", () => {
     const secret = "super_secret_github_token";

frontend/__tests__/routes/settings-with-payment.test.tsx

@@ -6,6 +6,21 @@ import { renderWithProviders } from "test-utils";
 import OpenHands from "#/api/open-hands";
 import SettingsScreen from "#/routes/settings";
 import { PaymentForm } from "#/components/features/payment/payment-form";
+import * as useSettingsModule from "#/hooks/query/use-settings";
+
+// Mock the useSettings hook
+vi.mock("#/hooks/query/use-settings", async () => {
+  const actual = await vi.importActual<typeof import("#/hooks/query/use-settings")>("#/hooks/query/use-settings");
+  return {
+    ...actual,
+    useSettings: vi.fn().mockReturnValue({
+      data: {
+        EMAIL_VERIFIED: true, // Mock email as verified to prevent redirection
+      },
+      isLoading: false,
+    }),
+  };
+});
 
 // Mock the i18next hook
 vi.mock("react-i18next", async () => {
@@ -20,6 +35,7 @@ vi.mock("react-i18next", async () => {
           "SETTINGS$NAV_CREDITS": "Credits",
           "SETTINGS$NAV_API_KEYS": "API Keys",
           "SETTINGS$NAV_LLM": "LLM",
+          "SETTINGS$NAV_USER": "User",
           "SETTINGS$TITLE": "Settings"
         };
         return translations[key] || key;
@@ -47,6 +63,10 @@ describe("Settings Billing", () => {
           Component: () => <div data-testid="git-settings-screen" />,
           path: "/settings/git",
         },
+        {
+          Component: () => <div data-testid="user-settings-screen" />,
+          path: "/settings/user",
+        },
       ],
     },
   ]);

frontend/package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "openhands-frontend",
-  "version": "0.40.0",
+  "version": "0.41.0",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "openhands-frontend",
-      "version": "0.40.0",
+      "version": "0.41.0",
       "dependencies": {
         "@heroui/react": "2.7.8",
         "@microlink/react-json-view": "^1.26.2",
@@ -82,7 +82,7 @@
         "eslint-config-prettier": "^10.1.5",
         "eslint-plugin-import": "^2.29.1",
         "eslint-plugin-jsx-a11y": "^6.10.2",
-        "eslint-plugin-prettier": "^5.4.0",
+        "eslint-plugin-prettier": "^5.4.1",
         "eslint-plugin-react": "^7.37.5",
         "eslint-plugin-react-hooks": "^4.6.2",
         "eslint-plugin-unused-imports": "^4.1.4",
@@ -3800,9 +3800,9 @@
       }
     },
     "node_modules/@pkgr/core": {
-      "version": "0.2.4",
-      "resolved": "https://registry.npmjs.org/@pkgr/core/-/core-0.2.4.tgz",
-      "integrity": "sha512-ROFF39F6ZrnzSUEmQQZUar0Jt4xVoP9WnDRdWwF4NNcXs3xBTLgBUDoOwW141y1jP+S8nahIbdxbFC7IShw9Iw==",
+      "version": "0.2.7",
+      "resolved": "https://registry.npmjs.org/@pkgr/core/-/core-0.2.7.tgz",
+      "integrity": "sha512-YLT9Zo3oNPJoBjBc4q8G2mjU4tqIbf5CEOORbUUr48dCD9q3umJ3IPlVqOqDakPfd2HuwccBaqlGhN4Gmr5OWg==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -9758,14 +9758,14 @@
       }
     },
     "node_modules/eslint-plugin-prettier": {
-      "version": "5.4.0",
-      "resolved": "https://registry.npmjs.org/eslint-plugin-prettier/-/eslint-plugin-prettier-5.4.0.tgz",
-      "integrity": "sha512-BvQOvUhkVQM1i63iMETK9Hjud9QhqBnbtT1Zc642p9ynzBuCe5pybkOnvqZIBypXmMlsGcnU4HZ8sCTPfpAexA==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/eslint-plugin-prettier/-/eslint-plugin-prettier-5.4.1.tgz",
+      "integrity": "sha512-9dF+KuU/Ilkq27A8idRP7N2DH8iUR6qXcjF3FR2wETY21PZdBrIjwCau8oboyGj9b7etWmTGEeM8e7oOed6ZWg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "prettier-linter-helpers": "^1.0.0",
-        "synckit": "^0.11.0"
+        "synckit": "^0.11.7"
       },
       "engines": {
         "node": "^14.18.0 || >=16.0.0"
@@ -16781,9 +16781,9 @@
       "license": "MIT"
     },
     "node_modules/synckit": {
-      "version": "0.11.6",
-      "resolved": "https://registry.npmjs.org/synckit/-/synckit-0.11.6.tgz",
-      "integrity": "sha512-2pR2ubZSV64f/vqm9eLPz/KOvR9Dm+Co/5ChLgeHl0yEDRc6h5hXHoxEQH8Y5Ljycozd3p1k5TTSVdzYGkPvLw==",
+      "version": "0.11.8",
+      "resolved": "https://registry.npmjs.org/synckit/-/synckit-0.11.8.tgz",
+      "integrity": "sha512-+XZ+r1XGIJGeQk3VvXhT6xx/VpbHsRzsTkGgF6E5RX9TTXD0118l87puaEBZ566FhqblC6U0d4XnubznJDm30A==",
       "dev": true,
       "license": "MIT",
       "dependencies": {

frontend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "openhands-frontend",
-  "version": "0.40.0",
+  "version": "0.41.0",
   "private": true,
   "type": "module",
   "engines": {
@@ -107,7 +107,7 @@
     "eslint-config-prettier": "^10.1.5",
     "eslint-plugin-import": "^2.29.1",
     "eslint-plugin-jsx-a11y": "^6.10.2",
-    "eslint-plugin-prettier": "^5.4.0",
+    "eslint-plugin-prettier": "^5.4.1",
     "eslint-plugin-react": "^7.37.5",
     "eslint-plugin-react-hooks": "^4.6.2",
     "eslint-plugin-unused-imports": "^4.1.4",

frontend/scripts/check-unlocalized-strings.cjs

@@ -47,6 +47,7 @@ const SCAN_EXTENSIONS = [".ts", ".tsx", ".js", ".jsx"];
 
 // Attributes that typically don't contain user-facing text
 const NON_TEXT_ATTRIBUTES = [
+  "allow",
   "className",
   "i18nKey",
   "testId",
@@ -69,6 +70,7 @@ const NON_TEXT_ATTRIBUTES = [
   "aria-describedby",
   "aria-hidden",
   "role",
+  "sandbox",
 ];
 
 function shouldIgnorePath(filePath) {
@@ -114,6 +116,7 @@ const EXCLUDED_TECHNICAL_STRINGS = [
   "add-secret-form", // Test ID for secret form
   "edit-secret-form", // Test ID for secret form
   "search-api-key-input", // Input name for search API key
+  "noopener,noreferrer", // Options for window.open
 ];
 
 function isExcludedTechnicalString(str) {

frontend/src/api/open-hands-axios.ts

@@ -1,5 +1,60 @@
-import axios from "axios";
+import axios, { AxiosError, AxiosResponse } from "axios";
 
 export const openHands = axios.create({
   baseURL: `${window.location.protocol}//${import.meta.env.VITE_BACKEND_BASE_URL || window?.location.host}`,
 });
+
+// Helper function to check if a response contains an email verification error
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+const checkForEmailVerificationError = (data: any): boolean => {
+  const EMAIL_NOT_VERIFIED = "EmailNotVerifiedError";
+
+  if (typeof data === "string") {
+    return data.includes(EMAIL_NOT_VERIFIED);
+  }
+
+  if (typeof data === "object" && data !== null) {
+    if ("message" in data) {
+      const { message } = data;
+      if (typeof message === "string") {
+        return message.includes(EMAIL_NOT_VERIFIED);
+      }
+      if (Array.isArray(message)) {
+        return message.some(
+          (msg) => typeof msg === "string" && msg.includes(EMAIL_NOT_VERIFIED),
+        );
+      }
+    }
+
+    // Search any values in object in case message key is different
+    return Object.values(data).some(
+      (value) =>
+        (typeof value === "string" && value.includes(EMAIL_NOT_VERIFIED)) ||
+        (Array.isArray(value) &&
+          value.some(
+            (v) => typeof v === "string" && v.includes(EMAIL_NOT_VERIFIED),
+          )),
+    );
+  }
+
+  return false;
+};
+
+// Set up the global interceptor
+openHands.interceptors.response.use(
+  (response: AxiosResponse) => response,
+  (error: AxiosError) => {
+    // Check if it's a 403 error with the email verification message
+    if (
+      error.response?.status === 403 &&
+      checkForEmailVerificationError(error.response?.data)
+    ) {
+      if (window.location.pathname !== "/settings/user") {
+        window.location.reload();
+      }
+    }
+
+    // Continue with the error for other error handlers
+    return Promise.reject(error);
+  },
+);

frontend/src/api/open-hands.ts

@@ -236,6 +236,26 @@ class OpenHands {
     return data;
   }
 
+  static async startConversation(
+    conversationId: string,
+  ): Promise<Conversation | null> {
+    const { data } = await openHands.post<Conversation | null>(
+      `/api/conversations/${conversationId}/start`,
+    );
+
+    return data;
+  }
+
+  static async stopConversation(
+    conversationId: string,
+  ): Promise<Conversation | null> {
+    const { data } = await openHands.post<Conversation | null>(
+      `/api/conversations/${conversationId}/stop`,
+    );
+
+    return data;
+  }
+
   /**
    * Get the settings from the server or use the default settings if not found
    */

frontend/src/components/features/controls/agent-status-bar.tsx

@@ -84,7 +84,7 @@ export function AgentStatusBar() {
       setStatusMessage(t(I18nKey.STATUS$STARTING_RUNTIME));
       setIndicatorColor(IndicatorColor.RED);
     } else if (status === WsClientProviderStatus.DISCONNECTED) {
-      setStatusMessage(t(I18nKey.STATUS$CONNECTED)); // Using STATUS$CONNECTED instead of STATUS$CONNECTING
+      setStatusMessage(t(I18nKey.STATUS$WEBSOCKET_CLOSED));
       setIndicatorColor(IndicatorColor.RED);
     } else {
       setStatusMessage(AGENT_STATUS_MAP[curAgentState].message);

frontend/src/components/features/diff-viewer/file-diff-viewer.tsx

@@ -122,7 +122,7 @@ export function FileDiffViewer({ path, type }: FileDiffViewerProps) {
     modifiedEditor.onDidContentSizeChange(updateEditorHeight);
   };
 
-  const status = type === "U" ? STATUS_MAP.A : STATUS_MAP[type];
+  const status = (type === "U" ? STATUS_MAP.A : STATUS_MAP[type]) || "?";
 
   let statusIcon: React.ReactNode;
   if (typeof status === "string") {

frontend/src/components/features/guards/email-verification-guard.tsx

@@ -0,0 +1,32 @@
+import React from "react";
+import { useLocation, useNavigate } from "react-router";
+import { useSettings } from "#/hooks/query/use-settings";
+
+/**
+ * A component that restricts access to routes based on email verification status.
+ * If EMAIL_VERIFIED is false, only allows access to the /settings/user page.
+ */
+export function EmailVerificationGuard({
+  children,
+}: {
+  children: React.ReactNode;
+}) {
+  const { data: settings, isLoading } = useSettings();
+  const navigate = useNavigate();
+  const { pathname } = useLocation();
+
+  React.useEffect(() => {
+    // If settings are still loading, don't do anything yet
+    if (isLoading) return;
+
+    // If EMAIL_VERIFIED is explicitly false (not undefined or null)
+    if (settings?.EMAIL_VERIFIED === false) {
+      // Allow access to /settings/user but redirect from any other page
+      if (pathname !== "/settings/user") {
+        navigate("/settings/user", { replace: true });
+      }
+    }
+  }, [settings?.EMAIL_VERIFIED, pathname, navigate, isLoading]);
+
+  return children;
+}

frontend/src/components/features/sidebar/sidebar.tsx

@@ -69,16 +69,21 @@ export function Sidebar() {
             <div className="flex items-center justify-center">
               <AllHandsLogoButton />
             </div>
-            <NewProjectButton />
+            <NewProjectButton disabled={settings?.EMAIL_VERIFIED === false} />
             <ConversationPanelButton
               isOpen={conversationPanelIsOpen}
-              onClick={() => setConversationPanelIsOpen((prev) => !prev)}
+              onClick={() =>
+                settings?.EMAIL_VERIFIED === false
+                  ? null
+                  : setConversationPanelIsOpen((prev) => !prev)
+              }
+              disabled={settings?.EMAIL_VERIFIED === false}
             />
           </div>
 
           <div className="flex flex-row md:flex-col md:items-center gap-[26px] md:mb-4">
-            <DocsButton />
-            <SettingsButton />
+            <DocsButton disabled={settings?.EMAIL_VERIFIED === false} />
+            <SettingsButton disabled={settings?.EMAIL_VERIFIED === false} />
             <UserActions
               user={
                 user.data ? { avatar_url: user.data.avatar_url } : undefined

frontend/src/components/shared/buttons/conversation-panel-button.tsx

@@ -8,11 +8,13 @@ import { cn } from "#/utils/utils";
 interface ConversationPanelButtonProps {
   isOpen: boolean;
   onClick: () => void;
+  disabled?: boolean;
 }
 
 export function ConversationPanelButton({
   isOpen,
   onClick,
+  disabled = false,
 }: ConversationPanelButtonProps) {
   const { t } = useTranslation();
 
@@ -22,10 +24,14 @@ export function ConversationPanelButton({
       tooltip={t(I18nKey.SIDEBAR$CONVERSATIONS)}
       ariaLabel={t(I18nKey.SIDEBAR$CONVERSATIONS)}
       onClick={onClick}
+      disabled={disabled}
     >
       <FaListUl
         size={22}
-        className={cn(isOpen ? "text-white" : "text-[#9099AC]")}
+        className={cn(
+          isOpen ? "text-white" : "text-[#9099AC]",
+          disabled && "opacity-50",
+        )}
       />
     </TooltipButton>
   );

frontend/src/components/shared/buttons/docs-button.tsx

@@ -3,15 +3,24 @@ import DocsIcon from "#/icons/academy.svg?react";
 import { I18nKey } from "#/i18n/declaration";
 import { TooltipButton } from "./tooltip-button";
 
-export function DocsButton() {
+interface DocsButtonProps {
+  disabled?: boolean;
+}
+
+export function DocsButton({ disabled = false }: DocsButtonProps) {
   const { t } = useTranslation();
   return (
     <TooltipButton
       tooltip={t(I18nKey.SIDEBAR$DOCS)}
       ariaLabel={t(I18nKey.SIDEBAR$DOCS)}
       href="https://docs.all-hands.dev"
+      disabled={disabled}
     >
-      <DocsIcon width={28} height={28} className="text-[#9099AC]" />
+      <DocsIcon
+        width={28}
+        height={28}
+        className={`text-[#9099AC] ${disabled ? "opacity-50" : ""}`}
+      />
     </TooltipButton>
   );
 }

frontend/src/components/shared/buttons/new-project-button.tsx

@@ -3,7 +3,11 @@ import { I18nKey } from "#/i18n/declaration";
 import PlusIcon from "#/icons/plus.svg?react";
 import { TooltipButton } from "./tooltip-button";
 
-export function NewProjectButton() {
+interface NewProjectButtonProps {
+  disabled?: boolean;
+}
+
+export function NewProjectButton({ disabled = false }: NewProjectButtonProps) {
   const { t } = useTranslation();
   const startNewProject = t(I18nKey.CONVERSATION$START_NEW);
   return (
@@ -12,6 +16,7 @@ export function NewProjectButton() {
       ariaLabel={startNewProject}
       navLinkTo="/"
       testId="new-project-button"
+      disabled={disabled}
     >
       <PlusIcon width={28} height={28} />
     </TooltipButton>

frontend/src/components/shared/buttons/settings-button.tsx

@@ -5,9 +5,13 @@ import { I18nKey } from "#/i18n/declaration";
 
 interface SettingsButtonProps {
   onClick?: () => void;
+  disabled?: boolean;
 }
 
-export function SettingsButton({ onClick }: SettingsButtonProps) {
+export function SettingsButton({
+  onClick,
+  disabled = false,
+}: SettingsButtonProps) {
   const { t } = useTranslation();
 
   return (
@@ -17,6 +21,7 @@ export function SettingsButton({ onClick }: SettingsButtonProps) {
       ariaLabel={t(I18nKey.SETTINGS$TITLE)}
       onClick={onClick}
       navLinkTo="/settings"
+      disabled={disabled}
     >
       <SettingsIcon width={28} height={28} />
     </TooltipButton>

frontend/src/components/shared/buttons/tooltip-button.tsx

@@ -12,6 +12,7 @@ export interface TooltipButtonProps {
   ariaLabel: string;
   testId?: string;
   className?: React.HTMLAttributes<HTMLButtonElement>["className"];
+  disabled?: boolean;
 }
 
 export function TooltipButton({
@@ -23,9 +24,10 @@ export function TooltipButton({
   ariaLabel,
   testId,
   className,
+  disabled = false,
 }: TooltipButtonProps) {
   const handleClick = (e: React.MouseEvent) => {
-    if (onClick) {
+    if (onClick && !disabled) {
       onClick();
       e.preventDefault();
     }
@@ -37,7 +39,12 @@ export function TooltipButton({
       aria-label={ariaLabel}
       data-testid={testId}
       onClick={handleClick}
-      className={cn("hover:opacity-80", className)}
+      className={cn(
+        "hover:opacity-80",
+        disabled && "opacity-50 cursor-not-allowed",
+        className,
+      )}
+      disabled={disabled}
     >
       {children}
     </button>
@@ -45,7 +52,7 @@ export function TooltipButton({
 
   let content;
 
-  if (navLinkTo) {
+  if (navLinkTo && !disabled) {
     content = (
       <NavLink
         to={navLinkTo}
@@ -63,7 +70,24 @@ export function TooltipButton({
         {children}
       </NavLink>
     );
-  } else if (href) {
+  } else if (navLinkTo && disabled) {
+    // If disabled and has navLinkTo, render a button that looks like a NavLink but doesn't navigate
+    content = (
+      <button
+        type="button"
+        aria-label={ariaLabel}
+        data-testid={testId}
+        className={cn(
+          "text-[#9099AC]",
+          "opacity-50 cursor-not-allowed",
+          className,
+        )}
+        disabled
+      >
+        {children}
+      </button>
+    );
+  } else if (href && !disabled) {
     content = (
       <a
         href={href}
@@ -76,6 +100,19 @@ export function TooltipButton({
         {children}
       </a>
     );
+  } else if (href && disabled) {
+    // If disabled and has href, render a button that looks like a link but doesn't navigate
+    content = (
+      <button
+        type="button"
+        aria-label={ariaLabel}
+        data-testid={testId}
+        className={cn("opacity-50 cursor-not-allowed", className)}
+        disabled
+      >
+        {children}
+      </button>
+    );
   } else {
     content = buttonContent;
   }

frontend/src/context/ws-client-provider.tsx

@@ -150,7 +150,8 @@ export function WsClientProvider({
   const { providers } = useUserProviders();
 
   const messageRateHandler = useRate({ threshold: 250 });
-  const { data: conversation } = useActiveConversation();
+  const { data: conversation, refetch: refetchConversation } =
+    useActiveConversation();
 
   function send(event: Record<string, unknown>) {
     if (!sioRef.current) {
@@ -269,14 +270,11 @@ export function WsClientProvider({
     sio.io.opts.query.latest_event_id = lastEventRef.current?.id;
     updateStatusWhenErrorMessagePresent(data);
 
-    setErrorMessage(
-      hasValidMessageProperty(data)
-        ? data.message
-        : "The WebSocket connection was closed.",
-    );
+    setErrorMessage(hasValidMessageProperty(data) ? data.message : "");
   }
 
   function handleError(data: unknown) {
+    // set status
     setStatus(WsClientProviderStatus.DISCONNECTED);
     updateStatusWhenErrorMessagePresent(data);
 
@@ -285,6 +283,9 @@ export function WsClientProvider({
         ? data.message
         : "An unknown error occurred on the WebSocket connection.",
     );
+
+    // check if something went wrong with the conversation.
+    refetchConversation();
   }
 
   React.useEffect(() => {
@@ -300,12 +301,19 @@ export function WsClientProvider({
     if (!conversationId) {
       throw new Error("No conversation ID provided");
     }
-    if (!conversation || conversation.status === "STARTING") {
+    if (
+      !conversation ||
+      ["STOPPED", "STARTING"].includes(conversation.status)
+    ) {
       return () => undefined; // conversation not yet loaded
     }
 
     let sio = sioRef.current;
 
+    if (sio?.connected) {
+      sio.disconnect();
+    }
+
     const lastEvent = lastEventRef.current;
     const query = {
       latest_event_id: lastEvent?.id ?? -1,

frontend/src/hooks/query/use-active-conversation.ts

@@ -1,14 +1,26 @@
+import { useEffect } from "react";
 import { useConversationId } from "#/hooks/use-conversation-id";
 import { useUserConversation } from "./use-user-conversation";
+import OpenHands from "#/api/open-hands";
 
 const FIVE_MINUTES = 1000 * 60 * 5;
 
 export const useActiveConversation = () => {
   const { conversationId } = useConversationId();
-  return useUserConversation(conversationId, (query) => {
+  const userConversation = useUserConversation(conversationId, (query) => {
     if (query.state.data?.status === "STARTING") {
-      return 2000; // 2 seconds
+      return 3000; // 3 seconds
     }
     return FIVE_MINUTES;
   });
+
+  useEffect(() => {
+    const conversation = userConversation.data;
+    OpenHands.setCurrentConversation(conversation || null);
+  }, [
+    conversationId,
+    userConversation.isFetched,
+    userConversation?.data?.status,
+  ]);
+  return userConversation;
 };

frontend/src/hooks/query/use-settings.ts

@@ -27,7 +27,8 @@ const getSettingsQueryFn = async (): Promise<Settings> => {
       apiSettings.enable_proactive_conversation_starters,
     USER_CONSENTS_TO_ANALYTICS: apiSettings.user_consents_to_analytics,
     SEARCH_API_KEY: apiSettings.search_api_key || "",
-
+    EMAIL: apiSettings.email || "",
+    EMAIL_VERIFIED: apiSettings.email_verified,
     MCP_CONFIG: apiSettings.mcp_config,
     IS_NEW_USER: false,
   };
@@ -44,6 +45,7 @@ export const useSettings = () => {
     // would want to show the modal immediately if the
     // settings are not found
     retry: (_, error) => error.status !== 404,
+    refetchOnWindowFocus: false,
     staleTime: 1000 * 60 * 5, // 5 minutes
     gcTime: 1000 * 60 * 15, // 15 minutes
     enabled: !isOnTosPage && !!userIsAuthenticated,

frontend/src/hooks/query/use-user-conversation.ts

@@ -23,7 +23,6 @@ export const useUserConversation = (
     queryKey: ["user", "conversation", cid],
     queryFn: async () => {
       const conversation = await OpenHands.getConversation(cid!);
-      OpenHands.setCurrentConversation(conversation);
       return conversation;
     },
     enabled: !!cid,

frontend/src/hooks/use-terminal.ts

@@ -30,6 +30,10 @@ const renderCommand = (command: Command, terminal: Terminal) => {
   );
 };
 
+// Create a persistent reference that survives component unmounts
+// This ensures terminal history is preserved when navigating away and back
+const persistentLastCommandIndex = { current: 0 };
+
 export const useTerminal = ({
   commands,
 }: UseTerminalConfig = DEFAULT_TERMINAL_CONFIG) => {
@@ -38,7 +42,7 @@ export const useTerminal = ({
   const terminal = React.useRef<Terminal | null>(null);
   const fitAddon = React.useRef<FitAddon | null>(null);
   const ref = React.useRef<HTMLDivElement>(null);
-  const lastCommandIndex = React.useRef<number>(0);
+  const lastCommandIndex = persistentLastCommandIndex; // Use the persistent reference
   const keyEventDisposable = React.useRef<{ dispose: () => void } | null>(null);
   const disabled = RUNTIME_INACTIVE_STATES.includes(curAgentState);
 
@@ -107,8 +111,6 @@ export const useTerminal = ({
 
   // Initialize terminal and handle cleanup
   React.useEffect(() => {
-    // Reset lastCommandIndex when terminal is re-initialized
-    lastCommandIndex.current = 0;
     terminal.current = createTerminal();
     fitAddon.current = new FitAddon();
 
@@ -131,25 +133,25 @@ export const useTerminal = ({
     return () => {
       terminal.current?.dispose();
     };
-  }, []); // Empty dependency array since we want this to run only once on mount
+  }, []);
 
   React.useEffect(() => {
-    if (terminal.current && commands.length > 0) {
-      // Reset terminal content and re-render all commands
-      terminal.current.reset();
-      for (let i = 0; i < commands.length; i += 1) {
-        if (commands[i].type === "input") {
-          terminal.current.write("$ ");
-        }
+    if (
+      terminal.current &&
+      commands.length > 0 &&
+      lastCommandIndex.current < commands.length
+    ) {
+      let lastCommandType = "";
+      for (let i = lastCommandIndex.current; i < commands.length; i += 1) {
+        lastCommandType = commands[i].type;
         renderCommand(commands[i], terminal.current);
       }
       lastCommandIndex.current = commands.length;
-      // Add prompt if last command was output
-      if (commands[commands.length - 1].type === "output") {
+      if (lastCommandType === "output") {
         terminal.current.write("$ ");
       }
     }
-  }, [commands]);
+  }, [commands, disabled]);
 
   React.useEffect(() => {
     let resizeObserver: ResizeObserver | null = null;

frontend/src/i18n/declaration.ts

@@ -1,5 +1,6 @@
 // this file generate by script, don't modify it manually!!!
 export enum I18nKey {
+  STATUS$WEBSOCKET_CLOSED = "STATUS$WEBSOCKET_CLOSED",
   HOME$LAUNCH_FROM_SCRATCH = "HOME$LAUNCH_FROM_SCRATCH",
   HOME$READ_THIS = "HOME$READ_THIS",
   AUTH$LOGGING_BACK_IN = "AUTH$LOGGING_BACK_IN",
@@ -138,7 +139,9 @@ export enum I18nKey {
   VSCODE$LOADING = "VSCODE$LOADING",
   VSCODE$URL_NOT_AVAILABLE = "VSCODE$URL_NOT_AVAILABLE",
   VSCODE$FETCH_ERROR = "VSCODE$FETCH_ERROR",
-  VSCODE$IFRAME_PERMISSIONS = "VSCODE$IFRAME_PERMISSIONS",
+  VSCODE$CROSS_ORIGIN_WARNING = "VSCODE$CROSS_ORIGIN_WARNING",
+  VSCODE$URL_PARSE_ERROR = "VSCODE$URL_PARSE_ERROR",
+  VSCODE$OPEN_IN_NEW_TAB = "VSCODE$OPEN_IN_NEW_TAB",
   INCREASE_TEST_COVERAGE = "INCREASE_TEST_COVERAGE",
   AUTO_MERGE_PRS = "AUTO_MERGE_PRS",
   FIX_README = "FIX_README",
@@ -332,6 +335,7 @@ export enum I18nKey {
   SETTINGS$CONFIRMATION_MODE_TOOLTIP = "SETTINGS$CONFIRMATION_MODE_TOOLTIP",
   SETTINGS$AGENT_SELECT_ENABLED = "SETTINGS$AGENT_SELECT_ENABLED",
   SETTINGS$SECURITY_ANALYZER = "SETTINGS$SECURITY_ANALYZER",
+  SETTINGS$SECURITY_ANALYZER_PLACEHOLDER = "SETTINGS$SECURITY_ANALYZER_PLACEHOLDER",
   SETTINGS$DONT_KNOW_API_KEY = "SETTINGS$DONT_KNOW_API_KEY",
   SETTINGS$CLICK_FOR_INSTRUCTIONS = "SETTINGS$CLICK_FOR_INSTRUCTIONS",
   SETTINGS$SAVED = "SETTINGS$SAVED",
@@ -552,4 +556,19 @@ export enum I18nKey {
   TIPS$PROTIP = "TIPS$PROTIP",
   FEEDBACK$SUBMITTING_LABEL = "FEEDBACK$SUBMITTING_LABEL",
   FEEDBACK$SUBMITTING_MESSAGE = "FEEDBACK$SUBMITTING_MESSAGE",
+  SETTINGS$NAV_USER = "SETTINGS$NAV_USER",
+  SETTINGS$USER_TITLE = "SETTINGS$USER_TITLE",
+  SETTINGS$USER_EMAIL = "SETTINGS$USER_EMAIL",
+  SETTINGS$USER_EMAIL_LOADING = "SETTINGS$USER_EMAIL_LOADING",
+  SETTINGS$SAVE = "SETTINGS$SAVE",
+  SETTINGS$EMAIL_SAVED_SUCCESSFULLY = "SETTINGS$EMAIL_SAVED_SUCCESSFULLY",
+  SETTINGS$EMAIL_VERIFIED_SUCCESSFULLY = "SETTINGS$EMAIL_VERIFIED_SUCCESSFULLY",
+  SETTINGS$FAILED_TO_SAVE_EMAIL = "SETTINGS$FAILED_TO_SAVE_EMAIL",
+  SETTINGS$SENDING = "SETTINGS$SENDING",
+  SETTINGS$VERIFICATION_EMAIL_SENT = "SETTINGS$VERIFICATION_EMAIL_SENT",
+  SETTINGS$EMAIL_VERIFICATION_REQUIRED = "SETTINGS$EMAIL_VERIFICATION_REQUIRED",
+  SETTINGS$INVALID_EMAIL_FORMAT = "SETTINGS$INVALID_EMAIL_FORMAT",
+  SETTINGS$EMAIL_VERIFICATION_RESTRICTION_MESSAGE = "SETTINGS$EMAIL_VERIFICATION_RESTRICTION_MESSAGE",
+  SETTINGS$RESEND_VERIFICATION = "SETTINGS$RESEND_VERIFICATION",
+  SETTINGS$FAILED_TO_RESEND_VERIFICATION = "SETTINGS$FAILED_TO_RESEND_VERIFICATION",
 }

frontend/src/i18n/translation.json

@@ -1,4 +1,20 @@
 {
+    "STATUS$WEBSOCKET_CLOSED": {
+        "en": "The WebSocket connection was closed.",
+        "ja": "WebSocket接続が閉じられました。",
+        "zh-CN": "WebSocket连接已关闭。",
+        "zh-TW": "WebSocket連接已關閉。",
+        "ko-KR": "WebSocket 연결이 닫혔습니다.",
+        "no": "WebSocket-tilkoblingen ble lukket.",
+        "it": "La connessione WebSocket è stata chiusa.",
+        "pt": "A conexão WebSocket foi fechada.",
+        "es": "La conexión WebSocket se ha cerrado.",
+        "ar": "تم إغلاق اتصال WebSocket.",
+        "fr": "La connexion WebSocket a été fermée.",
+        "tr": "WebSocket bağlantısı kapatıldı.",
+        "de": "Die WebSocket-Verbindung wurde geschlossen.",
+        "uk": "З'єднання WebSocket було закрито."
+    },
     "HOME$LAUNCH_FROM_SCRATCH": {
         "en": "Launch from Scratch",
         "ja": "ゼロから始める",
@@ -2207,21 +2223,53 @@
         "tr": "VS Code URL'si alınamadı",
         "uk": "Не вдалося отримати VS Code URL"
     },
-    "VSCODE$IFRAME_PERMISSIONS": {
-        "en": "clipboard-read; clipboard-write",
-        "ja": "clipboard-read; clipboard-write",
-        "zh-CN": "clipboard-read; clipboard-write",
-        "zh-TW": "clipboard-read; clipboard-write",
-        "ko-KR": "clipboard-read; clipboard-write",
-        "de": "clipboard-read; clipboard-write",
-        "no": "clipboard-read; clipboard-write",
-        "it": "clipboard-read; clipboard-write",
-        "pt": "clipboard-read; clipboard-write",
-        "es": "clipboard-read; clipboard-write",
-        "ar": "clipboard-read; clipboard-write",
-        "fr": "clipboard-read; clipboard-write",
-        "tr": "clipboard-read; clipboard-write",
-        "uk": "clipboard-read; clipboard-write"
+    "VSCODE$CROSS_ORIGIN_WARNING": {
+        "en": "The code editor cannot be embedded due to browser security restrictions. Cross-origin cookies are being blocked.",
+        "ja": "ブラウザのセキュリティ制限により、コードエディタを埋め込むことができません。クロスオリジンCookieがブロックされています。",
+        "zh-CN": "由于浏览器安全限制，无法嵌入代码编辑器。跨源Cookie被阻止。",
+        "zh-TW": "由於瀏覽器安全限制，無法嵌入代碼編輯器。跨源Cookie被阻止。",
+        "ko-KR": "브라우저 보안 제한으로 인해 코드 편집기를 삽입할 수 없습니다. 교차 출처 쿠키가 차단되고 있습니다.",
+        "de": "Der Code-Editor kann aufgrund von Browser-Sicherheitsbeschränkungen nicht eingebettet werden. Cross-Origin-Cookies werden blockiert.",
+        "no": "Koderedigereren kan ikke bygges inn på grunn av nettleserens sikkerhetsbegrensninger. Cross-origin cookies blir blokkert.",
+        "it": "L'editor di codice non può essere incorporato a causa delle restrizioni di sicurezza del browser. I cookie cross-origin vengono bloccati.",
+        "pt": "O editor de código não pode ser incorporado devido a restrições de segurança do navegador. Cookies de origem cruzada estão sendo bloqueados.",
+        "es": "El editor de código no se puede incrustar debido a las restricciones de seguridad del navegador. Las cookies de origen cruzado están siendo bloqueadas.",
+        "ar": "لا يمكن تضمين محرر التعليمات البرمجية بسبب قيود أمان المتصفح. يتم حظر ملفات تعريف الارتباط عبر المصدر.",
+        "fr": "L'éditeur de code ne peut pas être intégré en raison des restrictions de sécurité du navigateur. Les cookies cross-origin sont bloqués.",
+        "tr": "Tarayıcı güvenlik kısıtlamaları nedeniyle kod düzenleyici yerleştirilemiyor. Çapraz kaynaklı çerezler engelleniyor.",
+        "uk": "Редактор коду не може бути вбудований через обмеження безпеки браузера. Блокуються файли cookie з різних джерел."
+    },
+    "VSCODE$URL_PARSE_ERROR": {
+        "en": "Error parsing URL",
+        "ja": "URLの解析エラー",
+        "zh-CN": "URL解析错误",
+        "zh-TW": "URL解析錯誤",
+        "ko-KR": "URL 구문 분석 오류",
+        "de": "Fehler beim Parsen der URL",
+        "no": "Feil ved parsing av URL",
+        "it": "Errore durante l'analisi dell'URL",
+        "pt": "Erro ao analisar URL",
+        "es": "Error al analizar URL",
+        "ar": "خطأ في تحليل عنوان URL",
+        "fr": "Erreur d'analyse de l'URL",
+        "tr": "URL ayrıştırma hatası",
+        "uk": "Помилка аналізу URL"
+    },
+    "VSCODE$OPEN_IN_NEW_TAB": {
+        "en": "Open in New Tab",
+        "ja": "新しいタブで開く",
+        "zh-CN": "在新标签页中打开",
+        "zh-TW": "在新標籤頁中打開",
+        "ko-KR": "새 탭에서 열기",
+        "de": "In neuem Tab öffnen",
+        "no": "Åpne i ny fane",
+        "it": "Apri in una nuova scheda",
+        "pt": "Abrir em nova aba",
+        "es": "Abrir en nueva pestaña",
+        "ar": "فتح في علامة تبويب جديدة",
+        "fr": "Ouvrir dans un nouvel onglet",
+        "tr": "Yeni Sekmede Aç",
+        "uk": "Відкрити в новій вкладці"
     },
     "INCREASE_TEST_COVERAGE": {
         "en": "Increase test coverage",
@@ -5311,6 +5359,22 @@
         "ja": "セキュリティアナライザー",
         "uk": "Увімкнути аналізатор безпеки"
     },
+    "SETTINGS$SECURITY_ANALYZER_PLACEHOLDER":{
+        "en": "Select a security analyzer…",
+        "de": "Wählen Sie einen Sicherheitsanalysator aus…",
+        "zh-CN": "选择一个安全分析器…",
+        "zh-TW": "選擇一個安全分析器…",
+        "ko-KR": "보안 분석기를 선택하세요…",
+        "no": "Velg en sikkerhetsanalysator…",
+        "it": "Seleziona un analizzatore di sicurezza…",
+        "pt": "Selecione um analisador de segurança…",
+        "es": "Seleccione un analizador de seguridad…",
+        "ar": "اختر محلل الأمان…",
+        "fr": "Sélectionnez un analyseur de sécurité…",
+        "tr": "Bir güvenlik analizörü seçin…",
+        "ja": "セキュリティアナライザーを選択…",
+        "uk": "Виберіть аналізатор безпеки…"
+    },
     "SETTINGS$DONT_KNOW_API_KEY": {
         "en": "Don't know your API key?",
         "ja": "APIキーがわかりませんか？",
@@ -8830,5 +8894,245 @@
         "tr": "Geri bildirim gönderiliyor, lütfen bekleyin...",
         "de": "Feedback senden, bitte warten...",
         "uk": "Відправляємо відгук, будь ласка, почекайте..."
+    },
+    "SETTINGS$NAV_USER": {
+        "en": "User",
+        "ja": "ユーザー",
+        "zh-CN": "用户",
+        "zh-TW": "用戶",
+        "ko-KR": "사용자",
+        "no": "Bruker",
+        "it": "Utente",
+        "pt": "Usuário",
+        "es": "Usuario",
+        "ar": "المستخدم",
+        "fr": "Utilisateur",
+        "tr": "Kullanıcı",
+        "de": "Benutzer",
+        "uk": "Користувач"
+    },
+    "SETTINGS$USER_TITLE": {
+        "en": "User Information",
+        "ja": "ユーザー情報",
+        "zh-CN": "用户信息",
+        "zh-TW": "用戶信息",
+        "ko-KR": "사용자 정보",
+        "no": "Brukerinformasjon",
+        "it": "Informazioni utente",
+        "pt": "Informações do usuário",
+        "es": "Información del usuario",
+        "ar": "معلومات المستخدم",
+        "fr": "Informations utilisateur",
+        "tr": "Kullanıcı Bilgileri",
+        "de": "Benutzerinformationen",
+        "uk": "Інформація про користувача"
+    },
+    "SETTINGS$USER_EMAIL": {
+        "en": "Email",
+        "ja": "メール",
+        "zh-CN": "邮箱",
+        "zh-TW": "郵箱",
+        "ko-KR": "이메일",
+        "no": "E-post",
+        "it": "Email",
+        "pt": "Email",
+        "es": "Correo electrónico",
+        "ar": "البريد الإلكتروني",
+        "fr": "Email",
+        "tr": "E-posta",
+        "de": "E-Mail",
+        "uk": "Електронна пошта"
+    },
+    "SETTINGS$USER_EMAIL_LOADING": {
+        "en": "Loading...",
+        "ja": "読み込み中...",
+        "zh-CN": "加载中...",
+        "zh-TW": "加載中...",
+        "ko-KR": "로딩 중...",
+        "no": "Laster...",
+        "it": "Caricamento...",
+        "pt": "Carregando...",
+        "es": "Cargando...",
+        "ar": "جار التحميل...",
+        "fr": "Chargement...",
+        "tr": "Yükleniyor...",
+        "de": "Wird geladen...",
+        "uk": "Завантаження..."
+    },
+    "SETTINGS$SAVE": {
+        "en": "Save",
+        "ja": "保存",
+        "zh-CN": "保存",
+        "zh-TW": "儲存",
+        "ko-KR": "저장",
+        "no": "Lagre",
+        "it": "Salva",
+        "pt": "Salvar",
+        "es": "Guardar",
+        "ar": "حفظ",
+        "fr": "Enregistrer",
+        "tr": "Kaydet",
+        "de": "Speichern",
+        "uk": "Зберегти"
+    },
+    "SETTINGS$EMAIL_SAVED_SUCCESSFULLY": {
+        "en": "Email saved successfully",
+        "ja": "メールが正常に保存されました",
+        "zh-CN": "邮箱保存成功",
+        "zh-TW": "郵箱儲存成功",
+        "ko-KR": "이메일이 성공적으로 저장되었습니다",
+        "no": "E-post lagret",
+        "it": "Email salvata con successo",
+        "pt": "Email salvo com sucesso",
+        "es": "Correo electrónico guardado con éxito",
+        "ar": "تم حفظ البريد الإلكتروني بنجاح",
+        "fr": "Email enregistré avec succès",
+        "tr": "E-posta başarıyla kaydedildi",
+        "de": "E-Mail erfolgreich gespeichert",
+        "uk": "Електронну пошту успішно збережено"
+    },
+    "SETTINGS$EMAIL_VERIFIED_SUCCESSFULLY": {
+        "en": "Your email has been verified successfully!",
+        "ja": "メールアドレスの確認が完了しました！",
+        "zh-CN": "您的邮箱已成功验证！",
+        "zh-TW": "您的郵箱已成功驗證！",
+        "ko-KR": "이메일이 성공적으로 인증되었습니다!",
+        "no": "E-posten din er bekreftet!",
+        "it": "La tua email è stata verificata con successo!",
+        "pt": "Seu email foi verificado com sucesso!",
+        "es": "¡Tu correo electrónico ha sido verificado con éxito!",
+        "ar": "تم التحقق من بريدك الإلكتروني بنجاح!",
+        "fr": "Votre email a été vérifié avec succès !",
+        "tr": "E-postanız başarıyla doğrulandı!",
+        "de": "Ihre E-Mail wurde erfolgreich verifiziert!",
+        "uk": "Вашу електронну пошту успішно підтверджено!"
+    },
+    "SETTINGS$FAILED_TO_SAVE_EMAIL": {
+        "en": "Failed to save email",
+        "ja": "メールの保存に失敗しました",
+        "zh-CN": "保存邮箱失败",
+        "zh-TW": "儲存郵箱失敗",
+        "ko-KR": "이메일 저장 실패",
+        "no": "Kunne ikke lagre e-post",
+        "it": "Impossibile salvare l'email",
+        "pt": "Falha ao salvar email",
+        "es": "Error al guardar el correo electrónico",
+        "ar": "فشل في حفظ البريد الإلكتروني",
+        "fr": "Échec de l'enregistrement de l'email",
+        "tr": "E-posta kaydedilemedi",
+        "de": "E-Mail konnte nicht gespeichert werden",
+        "uk": "Не вдалося зберегти електронну пошту"
+    },
+    "SETTINGS$SENDING": {
+        "en": "Sending",
+        "ja": "送信中",
+        "zh-CN": "发送中",
+        "zh-TW": "發送中",
+        "ko-KR": "전송 중",
+        "no": "Sender",
+        "it": "Invio in corso",
+        "pt": "Enviando",
+        "es": "Enviando",
+        "ar": "جاري الإرسال",
+        "fr": "Envoi en cours",
+        "tr": "Gönderiliyor",
+        "de": "Wird gesendet",
+        "uk": "Надсилання"
+    },
+    "SETTINGS$VERIFICATION_EMAIL_SENT": {
+        "en": "Verification email sent",
+        "ja": "確認メールを送信しました",
+        "zh-CN": "验证邮件已发送",
+        "zh-TW": "驗證郵件已發送",
+        "ko-KR": "인증 이메일이 전송되었습니다",
+        "no": "Bekreftelsese-post sendt",
+        "it": "Email di verifica inviata",
+        "pt": "Email de verificação enviado",
+        "es": "Correo de verificación enviado",
+        "ar": "تم إرسال بريد التحقق",
+        "fr": "Email de vérification envoyé",
+        "tr": "Doğrulama e-postası gönderildi",
+        "de": "Bestätigungs-E-Mail gesendet",
+        "uk": "Лист підтвердження надіслано"
+    },
+    "SETTINGS$EMAIL_VERIFICATION_REQUIRED": {
+        "en": "You must verify your email address before using All Hands",
+        "ja": "All Handsを使用する前にメールアドレスを確認する必要があります",
+        "zh-CN": "使用All Hands前，您必须验证您的电子邮件地址",
+        "zh-TW": "使用All Hands前，您必須驗證您的電子郵件地址",
+        "ko-KR": "All Hands를 사용하기 전에 이메일 주소를 확인해야 합니다",
+        "no": "Du må bekrefte e-postadressen din før du bruker All Hands",
+        "it": "Devi verificare il tuo indirizzo email prima di utilizzare All Hands",
+        "pt": "Você deve verificar seu endereço de e-mail antes de usar o All Hands",
+        "es": "Debe verificar su dirección de correo electrónico antes de usar All Hands",
+        "ar": "يجب عليك التحقق من عنوان بريدك الإلكتروني قبل استخدام All Hands",
+        "fr": "Vous devez vérifier votre adresse e-mail avant d'utiliser All Hands",
+        "tr": "All Hands'i kullanmadan önce e-posta adresinizi doğrulamanız gerekiyor",
+        "de": "Sie müssen Ihre E-Mail-Adresse bestätigen, bevor Sie All Hands verwenden können",
+        "uk": "Ви повинні підтвердити свою електронну адресу перед використанням All Hands"
+    },
+    "SETTINGS$INVALID_EMAIL_FORMAT": {
+        "en": "Please enter a valid email address",
+        "ja": "有効なメールアドレスを入力してください",
+        "zh-CN": "请输入有效的电子邮件地址",
+        "zh-TW": "請輸入有效的電子郵件地址",
+        "ko-KR": "유효한 이메일 주소를 입력하세요",
+        "no": "Vennligst skriv inn en gyldig e-postadresse",
+        "it": "Inserisci un indirizzo email valido",
+        "pt": "Por favor, insira um endereço de e-mail válido",
+        "es": "Por favor, introduzca una dirección de correo electrónico válida",
+        "ar": "الرجاء إدخال عنوان بريد إلكتروني صالح",
+        "fr": "Veuillez entrer une adresse e-mail valide",
+        "tr": "Lütfen geçerli bir e-posta adresi girin",
+        "de": "Bitte geben Sie eine gültige E-Mail-Adresse ein",
+        "uk": "Будь ласка, введіть дійсну електронну адресу"
+    },
+    "SETTINGS$EMAIL_VERIFICATION_RESTRICTION_MESSAGE": {
+        "en": "Your access is limited until your email is verified. You can only access this settings page.",
+        "ja": "メールが確認されるまでアクセスが制限されています。この設定ページにのみアクセスできます。",
+        "zh-CN": "在验证您的电子邮件之前，您的访问权限受到限制。您只能访问此设置页面。",
+        "zh-TW": "在驗證您的電子郵件之前，您的訪問權限受到限制。您只能訪問此設置頁面。",
+        "ko-KR": "이메일이 확인될 때까지 액세스가 제한됩니다. 이 설정 페이지만 액세스할 수 있습니다.",
+        "no": "Din tilgang er begrenset til e-posten din er bekreftet. Du kan bare få tilgang til denne innstillingssiden.",
+        "it": "Il tuo accesso è limitato fino a quando la tua email non viene verificata. Puoi accedere solo a questa pagina delle impostazioni.",
+        "pt": "Seu acesso é limitado até que seu e-mail seja verificado. Você só pode acessar esta página de configurações.",
+        "es": "Su acceso es limitado hasta que se verifique su correo electrónico. Solo puede acceder a esta página de configuración.",
+        "ar": "وصولك محدود حتى يتم التحقق من بريدك الإلكتروني. يمكنك فقط الوصول إلى صفحة الإعدادات هذه.",
+        "fr": "Votre accès est limité jusqu'à ce que votre e-mail soit vérifié. Vous ne pouvez accéder qu'à cette page de paramètres.",
+        "tr": "E-postanız doğrulanana kadar erişiminiz sınırlıdır. Yalnızca bu ayarlar sayfasına erişebilirsiniz.",
+        "de": "Ihr Zugriff ist eingeschränkt, bis Ihre E-Mail-Adresse bestätigt wurde. Sie können nur auf diese Einstellungsseite zugreifen.",
+        "uk": "Ваш доступ обмежений, доки ваша електронна пошта не буде підтверджена. Ви можете отримати доступ лише до цієї сторінки налаштувань."
+    },
+    "SETTINGS$RESEND_VERIFICATION": {
+        "en": "Resend verification",
+        "ja": "確認メールを再送信",
+        "zh-CN": "重新发送验证",
+        "zh-TW": "重新發送驗證",
+        "ko-KR": "인증 재전송",
+        "no": "Send bekreftelse på nytt",
+        "it": "Rinvia verifica",
+        "pt": "Reenviar verificação",
+        "es": "Reenviar verificación",
+        "ar": "إعادة إرسال التحقق",
+        "fr": "Renvoyer la vérification",
+        "tr": "Doğrulamayı yeniden gönder",
+        "de": "Bestätigung erneut senden",
+        "uk": "Надіслати підтвердження повторно"
+    },
+    "SETTINGS$FAILED_TO_RESEND_VERIFICATION": {
+        "en": "Failed to resend verification email",
+        "ja": "確認メールの再送信に失敗しました",
+        "zh-CN": "重新发送验证邮件失败",
+        "zh-TW": "重新發送驗證郵件失敗",
+        "ko-KR": "인증 이메일 재전송 실패",
+        "no": "Kunne ikke sende bekreftelsese-post på nytt",
+        "it": "Impossibile rinviare l'email di verifica",
+        "pt": "Falha ao reenviar email de verificação",
+        "es": "Error al reenviar el correo de verificación",
+        "ar": "فشل في إعادة إرسال بريد التحقق",
+        "fr": "Échec du renvoi de l'email de vérification",
+        "tr": "Doğrulama e-postası yeniden gönderilemedi",
+        "de": "Bestätigungs-E-Mail konnte nicht erneut gesendet werden",
+        "uk": "Не вдалося повторно надіслати лист підтвердження"
     }
 }

frontend/src/routes.ts

@@ -12,6 +12,7 @@ export default [
     route("settings", "routes/settings.tsx", [
       index("routes/llm-settings.tsx"),
       route("mcp", "routes/mcp-settings.tsx"),
+      route("user", "routes/user-settings.tsx"),
       route("git", "routes/git-settings.tsx"),
       route("app", "routes/app-settings.tsx"),
       route("billing", "routes/billing.tsx"),

frontend/src/routes/conversation.tsx

@@ -43,7 +43,7 @@ function AppContent() {
   const { t } = useTranslation();
   const { data: settings } = useSettings();
   const { conversationId } = useConversationId();
-  const { data: conversation, isFetched } = useActiveConversation();
+  const { data: conversation, isFetched, refetch } = useActiveConversation();
   const { data: isAuthed } = useIsAuthed();
 
   const { curAgentState } = useSelector((state: RootState) => state.agent);
@@ -61,8 +61,13 @@ function AppContent() {
         "This conversation does not exist, or you do not have permission to access it.",
       );
       navigate("/");
+    } else if (conversation?.status === "STOPPED") {
+      // start the conversation if the state is stopped on initial load
+      OpenHands.startConversation(conversation.conversation_id).then(() =>
+        refetch(),
+      );
     }
-  }, [conversation, isFetched, isAuthed]);
+  }, [conversation?.conversation_id, isFetched, isAuthed]);
 
   React.useEffect(() => {
     dispatch(clearTerminal());

frontend/src/routes/llm-settings.tsx

@@ -469,6 +469,9 @@ function LlmSettingsScreen() {
                       label: analyzer,
                     })) || []
                   }
+                  placeholder={t(
+                    I18nKey.SETTINGS$SECURITY_ANALYZER_PLACEHOLDER,
+                  )}
                   defaultSelectedKey={settings.SECURITY_ANALYZER}
                   isClearable
                   showOptionalTag

frontend/src/routes/root-layout.tsx

@@ -25,6 +25,7 @@ import { useIsOnTosPage } from "#/hooks/use-is-on-tos-page";
 import { useAutoLogin } from "#/hooks/use-auto-login";
 import { useAuthCallback } from "#/hooks/use-auth-callback";
 import { LOCAL_STORAGE_KEYS } from "#/utils/local-storage";
+import { EmailVerificationGuard } from "#/components/features/guards/email-verification-guard";
 
 export function ErrorBoundary() {
   const error = useRouteError();
@@ -204,7 +205,9 @@ export default function MainApp() {
         id="root-outlet"
         className="h-[calc(100%-50px)] md:h-full w-full relative overflow-auto"
       >
-        <Outlet />
+        <EmailVerificationGuard>
+          <Outlet />
+        </EmailVerificationGuard>
       </div>
 
       {renderAuthModal && (

frontend/src/routes/settings.tsx

@@ -15,6 +15,7 @@ function SettingsScreen() {
   const isSaas = config?.APP_MODE === "saas";
 
   const saasNavItems = [
+    { to: "/settings/user", text: t("SETTINGS$NAV_USER") },
     { to: "/settings/git", text: t("SETTINGS$NAV_GIT") },
     { to: "/settings/app", text: t("SETTINGS$NAV_APPLICATION") },
     { to: "/settings/billing", text: t("SETTINGS$NAV_CREDITS") },
@@ -33,10 +34,11 @@ function SettingsScreen() {
   React.useEffect(() => {
     if (isSaas) {
       if (pathname === "/settings") {
-        navigate("/settings/git");
+        navigate("/settings/user");
       }
     } else {
       const noEnteringPaths = [
+        "/settings/user",
         "/settings/billing",
         "/settings/credits",
         "/settings/api-keys",

frontend/src/routes/user-settings.tsx

@@ -0,0 +1,229 @@
+import React, { useState, useEffect, useRef } from "react";
+import { useTranslation } from "react-i18next";
+import { useQueryClient } from "@tanstack/react-query";
+import { useSettings } from "#/hooks/query/use-settings";
+import { openHands } from "#/api/open-hands-axios";
+import { displaySuccessToast } from "#/utils/custom-toast-handlers";
+
+// Email validation regex pattern
+const EMAIL_REGEX = /^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/;
+
+function EmailInputSection({
+  email,
+  onEmailChange,
+  onSaveEmail,
+  onResendVerification,
+  isSaving,
+  isResendingVerification,
+  isEmailChanged,
+  emailVerified,
+  isEmailValid,
+  children,
+}: {
+  email: string;
+  onEmailChange: (e: React.ChangeEvent<HTMLInputElement>) => void;
+  onSaveEmail: () => void;
+  onResendVerification: () => void;
+  isSaving: boolean;
+  isResendingVerification: boolean;
+  isEmailChanged: boolean;
+  emailVerified?: boolean;
+  isEmailValid: boolean;
+  children: React.ReactNode;
+}) {
+  const { t } = useTranslation();
+  return (
+    <div className="flex flex-col gap-4">
+      <div className="flex flex-col gap-2">
+        <label className="text-sm">{t("SETTINGS$USER_EMAIL")}</label>
+        <div className="flex items-center gap-3">
+          <input
+            type="email"
+            value={email}
+            onChange={onEmailChange}
+            className={`text-base text-white p-2 bg-base-tertiary rounded border ${
+              isEmailChanged && !isEmailValid
+                ? "border-red-500"
+                : "border-tertiary"
+            } flex-grow focus:outline-none focus:border-transparent focus:ring-0`}
+            placeholder={t("SETTINGS$USER_EMAIL_LOADING")}
+            data-testid="email-input"
+          />
+        </div>
+
+        {isEmailChanged && !isEmailValid && (
+          <div
+            className="text-red-500 text-sm mt-1"
+            data-testid="email-validation-error"
+          >
+            {t("SETTINGS$INVALID_EMAIL_FORMAT")}
+          </div>
+        )}
+
+        <div className="flex items-center gap-3 mt-2">
+          <button
+            type="button"
+            onClick={onSaveEmail}
+            disabled={!isEmailChanged || isSaving || !isEmailValid}
+            className="px-4 py-2 rounded bg-primary text-white hover:opacity-80 disabled:opacity-30 disabled:cursor-not-allowed disabled:text-[#0D0F11]"
+            data-testid="save-email-button"
+          >
+            {isSaving ? t("SETTINGS$SAVING") : t("SETTINGS$SAVE")}
+          </button>
+
+          {emailVerified === false && (
+            <button
+              type="button"
+              onClick={onResendVerification}
+              disabled={isResendingVerification}
+              className="px-4 py-2 rounded bg-primary text-white hover:opacity-80 disabled:opacity-30 disabled:cursor-not-allowed disabled:text-[#0D0F11]"
+              data-testid="resend-verification-button"
+            >
+              {isResendingVerification
+                ? t("SETTINGS$SENDING")
+                : t("SETTINGS$RESEND_VERIFICATION")}
+            </button>
+          )}
+        </div>
+
+        {children}
+      </div>
+    </div>
+  );
+}
+
+function VerificationAlert() {
+  const { t } = useTranslation();
+  return (
+    <div
+      className="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded mt-4"
+      role="alert"
+    >
+      <p className="font-bold">{t("SETTINGS$EMAIL_VERIFICATION_REQUIRED")}</p>
+      <p className="text-sm">
+        {t("SETTINGS$EMAIL_VERIFICATION_RESTRICTION_MESSAGE")}
+      </p>
+    </div>
+  );
+}
+
+// These components have been replaced with toast notifications
+
+function UserSettingsScreen() {
+  const { t } = useTranslation();
+  const { data: settings, isLoading, refetch } = useSettings();
+  const [email, setEmail] = useState("");
+  const [originalEmail, setOriginalEmail] = useState("");
+  const [isSaving, setIsSaving] = useState(false);
+  const [isResendingVerification, setIsResendingVerification] = useState(false);
+  const [isEmailValid, setIsEmailValid] = useState(true);
+  const queryClient = useQueryClient();
+  const pollingIntervalRef = useRef<number | null>(null);
+  const prevVerificationStatusRef = useRef<boolean | undefined>(undefined);
+
+  useEffect(() => {
+    if (settings?.EMAIL) {
+      setEmail(settings.EMAIL);
+      setOriginalEmail(settings.EMAIL);
+      setIsEmailValid(EMAIL_REGEX.test(settings.EMAIL));
+    }
+  }, [settings?.EMAIL]);
+
+  useEffect(() => {
+    if (pollingIntervalRef.current) {
+      window.clearInterval(pollingIntervalRef.current);
+      pollingIntervalRef.current = null;
+    }
+
+    if (
+      prevVerificationStatusRef.current === false &&
+      settings?.EMAIL_VERIFIED === true
+    ) {
+      // Display toast notification instead of setting state
+      displaySuccessToast(t("SETTINGS$EMAIL_VERIFIED_SUCCESSFULLY"));
+      setTimeout(() => {
+        queryClient.invalidateQueries({ queryKey: ["settings"] });
+      }, 2000);
+    }
+
+    prevVerificationStatusRef.current = settings?.EMAIL_VERIFIED;
+
+    if (settings?.EMAIL_VERIFIED === false) {
+      pollingIntervalRef.current = window.setInterval(() => {
+        refetch();
+      }, 5000);
+    }
+
+    return () => {
+      if (pollingIntervalRef.current) {
+        window.clearInterval(pollingIntervalRef.current);
+        pollingIntervalRef.current = null;
+      }
+    };
+  }, [settings?.EMAIL_VERIFIED, refetch, queryClient, t]);
+
+  const handleEmailChange = (e: React.ChangeEvent<HTMLInputElement>) => {
+    const newEmail = e.target.value;
+    setEmail(newEmail);
+    setIsEmailValid(EMAIL_REGEX.test(newEmail));
+  };
+
+  const handleSaveEmail = async () => {
+    if (email === originalEmail || !isEmailValid) return;
+    try {
+      setIsSaving(true);
+      await openHands.post("/api/email", { email }, { withCredentials: true });
+      setOriginalEmail(email);
+      // Display toast notification instead of setting state
+      displaySuccessToast(t("SETTINGS$EMAIL_SAVED_SUCCESSFULLY"));
+      queryClient.invalidateQueries({ queryKey: ["settings"] });
+    } catch (error) {
+      // eslint-disable-next-line no-console
+      console.error(t("SETTINGS$FAILED_TO_SAVE_EMAIL"), error);
+    } finally {
+      setIsSaving(false);
+    }
+  };
+
+  const handleResendVerification = async () => {
+    try {
+      setIsResendingVerification(true);
+      await openHands.put("/api/email/verify", {}, { withCredentials: true });
+      // Display toast notification instead of setting state
+      displaySuccessToast(t("SETTINGS$VERIFICATION_EMAIL_SENT"));
+    } catch (error) {
+      // eslint-disable-next-line no-console
+      console.error(t("SETTINGS$FAILED_TO_RESEND_VERIFICATION"), error);
+    } finally {
+      setIsResendingVerification(false);
+    }
+  };
+
+  const isEmailChanged = email !== originalEmail;
+
+  return (
+    <div data-testid="user-settings-screen" className="flex flex-col h-full">
+      <div className="p-9 flex flex-col gap-6">
+        {isLoading ? (
+          <div className="animate-pulse h-8 w-64 bg-tertiary rounded" />
+        ) : (
+          <EmailInputSection
+            email={email}
+            onEmailChange={handleEmailChange}
+            onSaveEmail={handleSaveEmail}
+            onResendVerification={handleResendVerification}
+            isSaving={isSaving}
+            isResendingVerification={isResendingVerification}
+            isEmailChanged={isEmailChanged}
+            emailVerified={settings?.EMAIL_VERIFIED}
+            isEmailValid={isEmailValid}
+          >
+            {settings?.EMAIL_VERIFIED === false && <VerificationAlert />}
+          </EmailInputSection>
+        )}
+      </div>
+    </div>
+  );
+}
+
+export default UserSettingsScreen;

frontend/src/routes/vscode-tab.tsx

@@ -1,10 +1,11 @@
-import React from "react";
+import React, { useState, useEffect } from "react";
 import { useTranslation } from "react-i18next";
 import { useSelector } from "react-redux";
 import { I18nKey } from "#/i18n/declaration";
 import { RootState } from "#/store";
 import { RUNTIME_INACTIVE_STATES } from "#/types/agent-state";
 import { useVSCodeUrl } from "#/hooks/query/use-vscode-url";
+import { VSCODE_IN_NEW_TAB } from "#/utils/feature-flags";
 
 function VSCodeTab() {
   const { t } = useTranslation();
@@ -12,6 +13,31 @@ function VSCodeTab() {
   const { curAgentState } = useSelector((state: RootState) => state.agent);
   const isRuntimeInactive = RUNTIME_INACTIVE_STATES.includes(curAgentState);
   const iframeRef = React.useRef<HTMLIFrameElement>(null);
+  const [isCrossProtocol, setIsCrossProtocol] = useState(false);
+  const [iframeError, setIframeError] = useState<string | null>(null);
+
+  useEffect(() => {
+    if (data?.url) {
+      try {
+        const iframeProtocol = new URL(data.url).protocol;
+        const currentProtocol = window.location.protocol;
+
+        // Check if the iframe URL has a different protocol than the current page
+        setIsCrossProtocol(
+          VSCODE_IN_NEW_TAB() || iframeProtocol !== currentProtocol,
+        );
+      } catch (e) {
+        // Silently handle URL parsing errors
+        setIframeError(t("VSCODE$URL_PARSE_ERROR"));
+      }
+    }
+  }, [data?.url]);
+
+  const handleOpenInNewTab = () => {
+    if (data?.url) {
+      window.open(data.url, "_blank", "noopener,noreferrer");
+    }
+  };
 
   if (isRuntimeInactive) {
     return (
@@ -29,14 +55,36 @@ function VSCodeTab() {
     );
   }
 
-  if (error || (data && data.error) || !data?.url) {
+  if (error || (data && data.error) || !data?.url || iframeError) {
     return (
       <div className="w-full h-full flex items-center text-center justify-center text-2xl text-tertiary-light">
-        {data?.error || String(error) || t(I18nKey.VSCODE$URL_NOT_AVAILABLE)}
+        {iframeError ||
+          data?.error ||
+          String(error) ||
+          t(I18nKey.VSCODE$URL_NOT_AVAILABLE)}
       </div>
     );
   }
 
+  // If cross-origin, show a button to open in new tab
+  if (isCrossProtocol) {
+    return (
+      <div className="w-full h-full flex flex-col items-center justify-center gap-4">
+        <div className="text-xl text-tertiary-light text-center max-w-md">
+          {t("VSCODE$CROSS_ORIGIN_WARNING")}
+        </div>
+        <button
+          type="button"
+          onClick={handleOpenInNewTab}
+          className="px-4 py-2 bg-primary text-white rounded hover:bg-primary-dark transition-colors"
+        >
+          {t("VSCODE$OPEN_IN_NEW_TAB")}
+        </button>
+      </div>
+    );
+  }
+
+  // If same origin, use the iframe
   return (
     <div className="h-full w-full">
       <iframe
@@ -44,7 +92,7 @@ function VSCodeTab() {
         title={t(I18nKey.VSCODE$TITLE)}
         src={data.url}
         className="w-full h-full border-0"
-        allow={t(I18nKey.VSCODE$IFRAME_PERMISSIONS)}
+        allow="clipboard-read; clipboard-write"
       />
     </div>
   );

frontend/src/services/settings.ts

@@ -19,6 +19,8 @@ export const DEFAULT_SETTINGS: Settings = {
   ENABLE_PROACTIVE_CONVERSATION_STARTERS: false,
   SEARCH_API_KEY: "",
   IS_NEW_USER: true,
+  EMAIL: "",
+  EMAIL_VERIFIED: true, // Default to true to avoid restricting access unnecessarily
   MCP_CONFIG: {
     sse_servers: [],
     stdio_servers: [],

frontend/src/types/settings.ts

@@ -45,6 +45,8 @@ export type Settings = {
   SEARCH_API_KEY?: string;
   IS_NEW_USER?: boolean;
   MCP_CONFIG?: MCPConfig;
+  EMAIL?: string;
+  EMAIL_VERIFIED?: boolean;
 };
 
 export type ApiSettings = {
@@ -68,6 +70,8 @@ export type ApiSettings = {
     sse_servers: (string | MCPSSEServer)[];
     stdio_servers: MCPStdioServer[];
   };
+  email?: string;
+  email_verified?: boolean;
 };
 
 export type PostSettings = Settings & {

frontend/src/utils/feature-flags.ts

@@ -14,5 +14,6 @@ export function loadFeatureFlag(
 
 export const BILLING_SETTINGS = () => loadFeatureFlag("BILLING_SETTINGS");
 export const HIDE_LLM_SETTINGS = () => loadFeatureFlag("HIDE_LLM_SETTINGS");
+export const VSCODE_IN_NEW_TAB = () => loadFeatureFlag("VSCODE_IN_NEW_TAB");
 export const ENABLE_TRAJECTORY_REPLAY = () =>
   loadFeatureFlag("TRAJECTORY_REPLAY");

frontend/src/utils/tips.ts

@@ -30,7 +30,7 @@ export const TIPS: Tip[] = [
   },
   {
     key: I18nKey.TIPS$GITHUB_HOOK,
-    link: "https://docs.all-hands.dev/usage/cloud/cloud-issue-resolver",
+    link: "https://docs.all-hands.dev/usage/cloud/github-installation#working-on-github-issues-and-pull-requests-using-openhands",
   },
   {
     key: I18nKey.TIPS$BLOG_SIGNUP,

microagents/README.md

@@ -117,7 +117,10 @@ You can see an example of a repo agent in [the agent for the OpenHands repo itse
    - Include repository structure details
    - Specify testing and build procedures
    - List environment requirements
+   - Document CI workflows and checks
+   - Include information about code quality standards
    - Maintain up-to-date team practices
+   - Consider using OpenHands to generate a comprehensive repo.md (see [Creating a Repository Agent](#creating-a-repository-agent))
    - YAML frontmatter is optional - files without frontmatter will be loaded with default settings
 
 ### Submission Process

openhands/cli/main.py

@@ -3,6 +3,8 @@ import logging
 import os
 import sys
 
+from prompt_toolkit import print_formatted_text
+from prompt_toolkit.formatted_text import HTML
 from prompt_toolkit.shortcuts import clear
 
 import openhands.agenthub  # noqa F401 (we import this to get the agents registered)
@@ -10,6 +12,7 @@ from openhands.cli.commands import (
     check_folder_security_agreement,
     handle_commands,
 )
+from openhands.cli.settings import modify_llm_settings_basic
 from openhands.cli.tui import (
     UsageMetrics,
     display_agent_running_message,
@@ -109,6 +112,7 @@ async def run_session(
     task_content: str | None = None,
     conversation_instructions: str | None = None,
     session_name: str | None = None,
+    skip_banner: bool = False,
 ) -> bool:
     reload_microagents = False
     new_session_requested = False
@@ -263,14 +267,12 @@ async def run_session(
     # Add MCP tools to the agent
     if agent.config.enable_mcp:
         # Add OpenHands' MCP server by default
-        openhands_mcp_server, openhands_mcp_stdio_servers = (
+        _, openhands_mcp_stdio_servers = (
             OpenHandsMCPConfigImpl.create_default_mcp_server_config(
                 config.mcp_host, config, None
             )
         )
-        # FIXME: OpenHands' SSE server may not be running when CLI mode is started
-        # if openhands_mcp_server:
-        #     config.mcp.sse_servers.append(openhands_mcp_server)
+
         config.mcp.stdio_servers.extend(openhands_mcp_stdio_servers)
 
         await add_mcp_tools_to_agent(agent, runtime, memory, config)
@@ -281,8 +283,9 @@ async def run_session(
     # Clear the terminal
     clear()
 
-    # Show OpenHands banner and session ID
-    display_banner(session_id=sid)
+    # Show OpenHands banner and session ID if not skipped
+    if not skip_banner:
+        display_banner(session_id=sid)
 
     welcome_message = 'What do you want to build?'  # from the application
     initial_message = ''  # from the user
@@ -327,7 +330,24 @@ async def run_session(
     return new_session_requested
 
 
-async def main(loop: asyncio.AbstractEventLoop) -> None:
+async def run_setup_flow(config: OpenHandsConfig, settings_store: FileSettingsStore):
+    """Run the setup flow to configure initial settings.
+
+    Returns:
+        bool: True if settings were successfully configured, False otherwise.
+    """
+    # Display the banner with ASCII art first
+    display_banner(session_id='setup')
+
+    print_formatted_text(
+        HTML('<grey>No settings found. Starting initial setup...</grey>\n')
+    )
+
+    # Use the existing settings modification function for basic setup
+    await modify_llm_settings_basic(config, settings_store)
+
+
+async def main_with_loop(loop: asyncio.AbstractEventLoop) -> None:
     """Runs the agent in CLI mode."""
     args = parse_arguments()
 
@@ -341,6 +361,19 @@ async def main(loop: asyncio.AbstractEventLoop) -> None:
     settings_store = await FileSettingsStore.get_instance(config=config, user_id=None)
     settings = await settings_store.load()
 
+    # Track if we've shown the banner during setup
+    banner_shown = False
+
+    # If settings don't exist, automatically enter the setup flow
+    if not settings:
+        # Clear the terminal before showing the banner
+        clear()
+
+        await run_setup_flow(config, settings_store)
+        banner_shown = True
+
+        settings = await settings_store.load()
+
     # Use settings from settings store if available and override with command line arguments
     if settings:
         if args.agent_cls:
@@ -410,6 +443,7 @@ async def main(loop: asyncio.AbstractEventLoop) -> None:
         current_dir,
         task_str,
         session_name=args.name,
+        skip_banner=banner_shown,
     )
 
     # If a new session was requested, run it
@@ -419,11 +453,11 @@ async def main(loop: asyncio.AbstractEventLoop) -> None:
         )
 
 
-if __name__ == '__main__':
+def main():
     loop = asyncio.new_event_loop()
     asyncio.set_event_loop(loop)
     try:
-        loop.run_until_complete(main(loop))
+        loop.run_until_complete(main_with_loop(loop))
     except KeyboardInterrupt:
         print('Received keyboard interrupt, shutting down...')
     except ConnectionRefusedError as e:
@@ -445,3 +479,7 @@ if __name__ == '__main__':
         except Exception as e:
             print(f'Error during cleanup: {e}')
             sys.exit(1)
+
+
+if __name__ == '__main__':
+    main()

openhands/cli/settings.py

@@ -158,18 +158,48 @@ async def modify_llm_settings_basic(
     provider_completer = FuzzyWordCompleter(provider_list)
     session = PromptSession(key_bindings=kb_cancel())
 
-    provider = None
+    # Set default provider - use the first available provider from the list
+    provider = provider_list[0] if provider_list else 'openai'
     model = None
     api_key = None
 
     try:
-        provider = await get_validated_input(
-            session,
-            '(Step 1/3) Select LLM Provider (TAB for options, CTRL-c to cancel): ',
-            completer=provider_completer,
-            validator=lambda x: x in organized_models,
-            error_message='Invalid provider selected',
+        # Show the default provider but allow changing it
+        print_formatted_text(
+            HTML(f'\n<grey>Default provider: </grey><green>{provider}</green>')
         )
+        change_provider = (
+            cli_confirm(
+                'Do you want to use a different provider?',
+                [f'Use {provider}', 'Select another provider'],
+            )
+            == 1
+        )
+
+        if change_provider:
+            # Define a validator function that prints an error message
+            def provider_validator(x):
+                is_valid = x in organized_models
+                if not is_valid:
+                    print_formatted_text(
+                        HTML('<grey>Invalid provider selected: {}</grey>'.format(x))
+                    )
+                return is_valid
+
+            provider = await get_validated_input(
+                session,
+                '(Step 1/3) Select LLM Provider (TAB for options, CTRL-c to cancel): ',
+                completer=provider_completer,
+                validator=provider_validator,
+                error_message='Invalid provider selected',
+            )
+
+        # Make sure the provider exists in organized_models
+        if provider not in organized_models:
+            # If the provider doesn't exist, use the first available provider
+            provider = (
+                next(iter(organized_models.keys())) if organized_models else 'openai'
+            )
 
         provider_models = organized_models[provider]['models']
         if provider == 'openai':
@@ -183,14 +213,45 @@ async def modify_llm_settings_basic(
             ]
             provider_models = VERIFIED_ANTHROPIC_MODELS + provider_models
 
-        model_completer = FuzzyWordCompleter(provider_models)
-        model = await get_validated_input(
-            session,
-            '(Step 2/3) Select LLM Model (TAB for options, CTRL-c to cancel): ',
-            completer=model_completer,
-            validator=lambda x: x in provider_models,
-            error_message=f'Invalid model selected for provider {provider}',
+        # Set default model to the first model in the list
+        default_model = provider_models[0] if provider_models else 'gpt-4'
+
+        # Show the default model but allow changing it
+        print_formatted_text(
+            HTML(f'\n<grey>Default model: </grey><green>{default_model}</green>')
         )
+        change_model = (
+            cli_confirm(
+                'Do you want to use a different model?',
+                [f'Use {default_model}', 'Select another model'],
+            )
+            == 1
+        )
+
+        if change_model:
+            model_completer = FuzzyWordCompleter(provider_models)
+
+            # Define a validator function that prints an error message
+            def model_validator(x):
+                is_valid = x in provider_models
+                if not is_valid:
+                    print_formatted_text(
+                        HTML(
+                            f'<grey>Invalid model selected for provider {provider}: {x}</grey>'
+                        )
+                    )
+                return is_valid
+
+            model = await get_validated_input(
+                session,
+                '(Step 2/3) Select LLM Model (TAB for options, CTRL-c to cancel): ',
+                completer=model_completer,
+                validator=model_validator,
+                error_message=f'Invalid model selected for provider {provider}',
+            )
+        else:
+            # Use the default model
+            model = default_model
 
         api_key = await get_validated_input(
             session,

openhands/core/config/mcp_config.py

@@ -54,6 +54,10 @@ class MCPStdioServerConfig(BaseModel):
             and set(self.env.items()) == set(other.env.items())
         )
 
+class MCPSHTTPServerConfig(BaseModel):
+    url: str
+    api_key: str | None = None
+
 
 class MCPConfig(BaseModel):
     """Configuration for MCP (Message Control Protocol) settings.
@@ -65,11 +69,12 @@ class MCPConfig(BaseModel):
 
     sse_servers: list[MCPSSEServerConfig] = Field(default_factory=list)
     stdio_servers: list[MCPStdioServerConfig] = Field(default_factory=list)
+    shttp_servers: list[MCPSHTTPServerConfig] = Field(default_factory=list)
 
     model_config = {'extra': 'forbid'}
 
     @staticmethod
-    def _normalize_sse_servers(servers_data: list[dict | str]) -> list[dict]:
+    def _normalize_servers(servers_data: list[dict | str]) -> list[dict]:
         """Helper method to normalize SSE server configurations."""
         normalized = []
         for server in servers_data:
@@ -82,8 +87,13 @@ class MCPConfig(BaseModel):
     @model_validator(mode='before')
     def convert_string_urls(cls, data):
         """Convert string URLs to MCPSSEServerConfig objects."""
-        if isinstance(data, dict) and 'sse_servers' in data:
-            data['sse_servers'] = cls._normalize_sse_servers(data['sse_servers'])
+        if isinstance(data, dict):
+            if 'sse_servers' in data:
+                data['sse_servers'] = cls._normalize_servers(data['sse_servers'])
+
+            if 'shttp_servers' in data:
+                data['shttp_servers'] = cls._normalize_servers(data['shttp_servers'])
+
         return data
 
     def validate_servers(self) -> None:
@@ -119,7 +129,7 @@ class MCPConfig(BaseModel):
         try:
             # Convert all entries in sse_servers to MCPSSEServerConfig objects
             if 'sse_servers' in data:
-                data['sse_servers'] = cls._normalize_sse_servers(data['sse_servers'])
+                data['sse_servers'] = cls._normalize_servers(data['sse_servers'])
                 servers = []
                 for server in data['sse_servers']:
                     servers.append(MCPSSEServerConfig(**server))
@@ -132,6 +142,13 @@ class MCPConfig(BaseModel):
                     servers.append(MCPStdioServerConfig(**server))
                 data['stdio_servers'] = servers
 
+            if 'shttp_servers' in data:
+                data['shttp_servers'] = cls._normalize_servers(data['shttp_servers'])
+                servers = []
+                for server in data['shttp_servers']:
+                    servers.append(MCPSHTTPServerConfig(**server))
+                data['shttp_servers'] = servers
+
             # Create SSE config if present
             mcp_config = MCPConfig.model_validate(data)
             mcp_config.validate_servers()
@@ -169,7 +186,7 @@ class OpenHandsMCPConfig:
     @staticmethod
     def create_default_mcp_server_config(
         host: str, config: 'OpenHandsConfig', user_id: str | None = None
-    ) -> tuple[MCPSSEServerConfig, list[MCPStdioServerConfig]]:
+    ) -> tuple[MCPSHTTPServerConfig, list[MCPStdioServerConfig]]:
         """
         Create a default MCP server configuration.
 
@@ -179,12 +196,13 @@ class OpenHandsMCPConfig:
         Returns:
             tuple[MCPSSEServerConfig, list[MCPStdioServerConfig]]: A tuple containing the default SSE server configuration and a list of MCP stdio server configurations
         """
-        sse_server = MCPSSEServerConfig(url=f'http://{host}/mcp/sse', api_key=None)
         stdio_servers = []
         search_engine_stdio_server = OpenHandsMCPConfig.add_search_engine(config)
         if search_engine_stdio_server:
             stdio_servers.append(search_engine_stdio_server)
-        return sse_server, stdio_servers
+
+        shttp_servers = MCPSHTTPServerConfig(url=f'http://{host}/mcp/mcp', api_key=None)
+        return shttp_servers, stdio_servers
 
 
 openhands_mcp_config_cls = os.environ.get(

openhands/core/config/openhands_config.py

@@ -64,7 +64,7 @@ class OpenHandsConfig(BaseModel):
     extended: ExtendedConfig = Field(default_factory=lambda: ExtendedConfig({}))
     runtime: str = Field(default='docker')
     file_store: str = Field(default='local')
-    file_store_path: str = Field(default='/tmp/openhands_file_store')
+    file_store_path: str = Field(default='~/.openhands/file_store')
     file_store_web_hook_url: str | None = Field(default=None)
     file_store_web_hook_headers: dict | None = Field(default=None)
     save_trajectory_path: str | None = Field(default=None)

openhands/core/config/sandbox_config.py

@@ -73,7 +73,10 @@ class SandboxConfig(BaseModel):
     runtime_startup_env_vars: dict[str, str] = Field(default_factory=dict)
     browsergym_eval_env: str | None = Field(default=None)
     platform: str | None = Field(default=None)
-    close_delay: int = Field(default=15)
+    close_delay: int = Field(
+        default=3600,
+        description='The delay in seconds before closing the sandbox after the agent is done.',
+    )
     remote_runtime_resource_factor: int = Field(default=1)
     enable_gpu: bool = Field(default=False)
     docker_runtime_kwargs: dict | None = Field(default=None)

openhands/core/main.py

@@ -134,14 +134,11 @@ async def run_controller(
     # Add MCP tools to the agent
     if agent.config.enable_mcp:
         # Add OpenHands' MCP server by default
-        openhands_mcp_server, openhands_mcp_stdio_servers = (
+        _, openhands_mcp_stdio_servers = (
             OpenHandsMCPConfigImpl.create_default_mcp_server_config(
                 config.mcp_host, config, None
             )
         )
-        # FIXME: OpenHands' SSE server may not be running when headless mode is started
-        # if openhands_mcp_server:
-        #     config.mcp.sse_servers.append(openhands_mcp_server)
         config.mcp.stdio_servers.extend(openhands_mcp_stdio_servers)
 
         await add_mcp_tools_to_agent(agent, runtime, memory, config)

openhands/experiments/experiment_manager.py

@@ -0,0 +1,19 @@
+import os
+
+from openhands.server.session.conversation_init_data import ConversationInitData
+from openhands.utils.import_utils import get_impl
+
+
+class ExperimentManager:
+    @staticmethod
+    def run_conversation_variant_test(
+        user_id: str, conversation_id: str, conversation_settings: ConversationInitData
+    ) -> ConversationInitData:
+        return conversation_settings
+
+
+experiment_manager_cls = os.environ.get(
+    'OPENHANDS_EXPERIMENT_MANAGER_CLS',
+    'openhands.experiments.experiment_manager.ExperimentManager',
+)
+ExperimentManagerImpl = get_impl(ExperimentManager, experiment_manager_cls)

openhands/integrations/github/github_service.py

@@ -28,6 +28,17 @@ from openhands.utils.import_utils import get_impl
 
 
 class GitHubService(BaseGitService, GitService):
+    """Default implementation of GitService for GitHub integration.
+
+    TODO: This doesn't seem a good candidate for the get_impl() pattern. What are the abstract methods we should actually separate and implement here?
+    This is an extension point in OpenHands that allows applications to customize GitHub
+    integration behavior. Applications can substitute their own implementation by:
+    1. Creating a class that inherits from GitService
+    2. Implementing all required methods
+    3. Setting server_config.github_service_class to the fully qualified name of the class
+
+    The class is instantiated via get_impl() in openhands.server.shared.py.
+    """
     BASE_URL = 'https://api.github.com'
     token: SecretStr = SecretStr('')
     refresh = False
@@ -472,35 +483,30 @@ class GitHubService(BaseGitService, GitService):
             - PR URL when successful
             - Error message when unsuccessful
         """
-        try:
-            url = f'{self.BASE_URL}/repos/{repo_name}/pulls'
 
-            # Set default body if none provided
-            if not body:
-                body = f'Merging changes from {source_branch} into {target_branch}'
+        url = f'{self.BASE_URL}/repos/{repo_name}/pulls'
 
-            # Prepare the request payload
-            payload = {
-                'title': title,
-                'head': source_branch,
-                'base': target_branch,
-                'body': body,
-                'draft': draft,
-            }
+        # Set default body if none provided
+        if not body:
+            body = f'Merging changes from {source_branch} into {target_branch}'
 
-            # Make the POST request to create the PR
-            response, _ = await self._make_request(
-                url=url, params=payload, method=RequestMethod.POST
-            )
+        # Prepare the request payload
+        payload = {
+            'title': title,
+            'head': source_branch,
+            'base': target_branch,
+            'body': body,
+            'draft': draft,
+        }
 
-            # Return the HTML URL of the created PR
-            if 'html_url' in response:
-                return response['html_url']
-            else:
-                return f'PR created but URL not found in response: {response}'
+        # Make the POST request to create the PR
+        response, _ = await self._make_request(
+            url=url, params=payload, method=RequestMethod.POST
+        )
+
+        # Return the HTML URL of the created PR
+        return response['html_url']
 
-        except Exception as e:
-            return f'Error creating pull request: {str(e)}'
 
 
 github_service_cls = os.environ.get(

openhands/integrations/gitlab/gitlab_service.py

@@ -21,6 +21,17 @@ from openhands.utils.import_utils import get_impl
 
 
 class GitLabService(BaseGitService, GitService):
+    """Default implementation of GitService for GitLab integration.
+
+    TODO: This doesn't seem a good candidate for the get_impl() pattern. What are the abstract methods we should actually separate and implement here?
+    This is an extension point in OpenHands that allows applications to customize GitLab
+    integration behavior. Applications can substitute their own implementation by:
+    1. Creating a class that inherits from GitService
+    2. Implementing all required methods
+    3. Setting server_config.gitlab_service_class to the fully qualified name of the class
+
+    The class is instantiated via get_impl() in openhands.server.shared.py.
+    """
     BASE_URL = 'https://gitlab.com/api/v4'
     GRAPHQL_URL = 'https://gitlab.com/api/graphql'
     token: SecretStr = SecretStr('')
@@ -167,10 +178,14 @@ class GitLabService(BaseGitService, GitService):
         url = f'{self.BASE_URL}/user'
         response, _ = await self._make_request(url)
 
+        # Use a default avatar URL if not provided
+        # In some self-hosted GitLab instances, the avatar_url field may be returned as None.
+        avatar_url = response.get('avatar_url') or ''
+
         return User(
             id=response.get('id'),
             username=response.get('username'),
-            avatar_url=response.get('avatar_url'),
+            avatar_url=avatar_url,
             name=response.get('name'),
             email=response.get('email'),
             company=response.get('organization'),
@@ -461,38 +476,33 @@ class GitLabService(BaseGitService, GitService):
             - MR URL when successful
             - Error message when unsuccessful
         """
-        try:
-            # Convert string ID to URL-encoded path if needed
-            project_id = str(id).replace('/', '%2F') if isinstance(id, str) else id
-            url = f'{self.BASE_URL}/projects/{project_id}/merge_requests'
 
-            # Set default description if none provided
-            if not description:
-                description = (
-                    f'Merging changes from {source_branch} into {target_branch}'
-                )
+        # Convert string ID to URL-encoded path if needed
+        project_id = str(id).replace('/', '%2F') if isinstance(id, str) else id
+        url = f'{self.BASE_URL}/projects/{project_id}/merge_requests'
 
-            # Prepare the request payload
-            payload = {
-                'source_branch': source_branch,
-                'target_branch': target_branch,
-                'title': title,
-                'description': description,
-            }
-
-            # Make the POST request to create the MR
-            response, _ = await self._make_request(
-                url=url, params=payload, method=RequestMethod.POST
+        # Set default description if none provided
+        if not description:
+            description = (
+                f'Merging changes from {source_branch} into {target_branch}'
             )
 
-            # Return the web URL of the created MR
-            if 'web_url' in response:
-                return response['web_url']
-            else:
-                return f'MR created but URL not found in response: {response}'
+        # Prepare the request payload
+        payload = {
+            'source_branch': source_branch,
+            'target_branch': target_branch,
+            'title': title,
+            'description': description,
+        }
+
+        # Make the POST request to create the MR
+        response, _ = await self._make_request(
+            url=url, params=payload, method=RequestMethod.POST
+        )
+
+
+        return response['web_url']
 
-        except Exception as e:
-            return f'Error creating merge request: {str(e)}'
 
 
 gitlab_service_cls = os.environ.get(

openhands/integrations/provider.py

@@ -130,6 +130,7 @@ class ProviderHandler:
             external_auth_token=self.external_auth_token,
             token=token.token,
             external_token_manager=self.external_token_manager,
+            base_domain=token.host,
         )
 
     async def get_user(self) -> User:

openhands/integrations/service_types.py

@@ -167,11 +167,11 @@ class BaseGitService(ABC):
             return RateLimitError('GitHub API rate limit exceeded')
 
         logger.warning(f'Status error on {self.provider} API: {e}')
-        return UnknownException('Unknown error')
+        return UnknownException(f'Unknown error: {e}')
 
     def handle_http_error(self, e: HTTPError) -> UnknownException:
         logger.warning(f'HTTP error on {self.provider} API: {type(e).__name__} : {e}')
-        return UnknownException(f'HTTP error {type(e).__name__}')
+        return UnknownException(f'HTTP error {type(e).__name__} : {e}')
 
 
 class GitService(Protocol):
@@ -184,6 +184,7 @@ class GitService(Protocol):
         external_auth_id: str | None = None,
         external_auth_token: SecretStr | None = None,
         external_token_manager: bool = False,
+        base_domain: str | None = None,
     ) -> None:
         """Initialize the service with authentication details"""
         ...

openhands/integrations/templates/resolver/github/issue_comment_conversation_instructions.j2

@@ -15,4 +15,3 @@ When you're done, make sure to
 2. Use the `create_pr` tool to open a new PR
 3. Name the branch using `openhands/` as a prefix (e.g `openhands/update-readme`)
 4. The PR description should mention that it "fixes" or "closes" the issue number
-5. Make sure to leave the following sentence at the end of the PR description: `@{{ username }} can click here to [continue refining the PR]({{ conversation_url }})`

openhands/integrations/templates/resolver/github/issue_labeled_conversation_instructions.j2

@@ -9,4 +9,3 @@ When you're done, make sure to
 
 1. Use the `create_pr` tool to open a new PR
 2. The PR description should mention that it "fixes" or "closes" the issue number
-3. Make sure to leave the following sentence at the end of the PR description: `@{{ username }} can click here to [continue refining the PR]({{ conversation_url }})`

openhands/integrations/templates/resolver/gitlab/issue_comment_conversation_instructions.j2

@@ -15,4 +15,3 @@ When you're done, make sure to
 2. Use the `create_mr` tool to open a new MR
 3. Name the branch using `openhands/` as a prefix (e.g `openhands/update-readme`)
 4. The MR description should mention that it "fixes" or "closes" the issue number
-5. Make sure to leave the following sentence at the end of the MR description: `@{{ username }} can click here to [continue refining the MR]({{ conversation_url }})`

openhands/integrations/templates/resolver/gitlab/issue_labeled_conversation_instructions.j2

@@ -9,4 +9,3 @@ When you're done, make sure to
 
 1. Use the `create_mr` tool to open a new MR
 2. The MR description should mention that it "fixes" or "closes" the issue number
-3. Make sure to leave the following sentence at the end of the MR description: `@{{ username }} can click here to [continue refining the MR]({{ conversation_url }})`

openhands/integrations/templates/resolver/slack/user_message_conversation_instructions.j2

@@ -5,7 +5,3 @@ These are a list of text messages attached in order of most recent.
 {{ message }}
 {% if not loop.last %}\n\n{% endif %}
 {% endfor %}
-
-
-If you opened a pull request, please leave the following comment at the end your summary and pull request description
-`{{ username }} can click here to [continue refining the PR]({{ conversation_url }})`

openhands/integrations/templates/resolver/summary_prompt.j2

@@ -1,5 +1,8 @@
-Please summarize your work.
+Please send a final message summarizing your work.
 
-If you answered a question, please re-state the answer to the question
-If you made changes, please create a concise overview on whether the request has been addressed successfully or if there are were issues with the attempt.
-If successful, make sure your changes are pushed to the remote branch.
+If you simply answered a question, this final message should re-state the answer to the question.
+
+If you made changes, please first double-check the git diff, think carefully about the user's request(s), and check:
+1. whether the request has been completely addressed and all of the instructions have been followed faithfully (in checklist format if appropriate).
+2. whether the changes are concise (if there are any extraneous changes not important to addressing the user's request they should be reverted).
+If the request has been addressed and the changes are concise, then push your changes to the remote branch and send a final message summarizing the changes.

openhands/integrations/utils.py

@@ -1,5 +1,8 @@
+import traceback
+
 from pydantic import SecretStr
 
+from openhands.core.logger import openhands_logger as logger
 from openhands.integrations.github.github_service import GitHubService
 from openhands.integrations.gitlab.gitlab_service import GitLabService
 from openhands.integrations.provider import ProviderType
@@ -25,15 +28,19 @@ async def validate_provider_token(
         github_service = GitHubService(token=token, base_domain=base_domain)
         await github_service.verify_access()
         return ProviderType.GITHUB
-    except Exception:
-        pass
+    except Exception as e:
+        logger.debug(
+            f'Failed to validate Github token: {e} \n {traceback.format_exc()}'
+        )
 
     # Try GitLab next
     try:
         gitlab_service = GitLabService(token=token, base_domain=base_domain)
         await gitlab_service.get_user()
         return ProviderType.GITLAB
-    except Exception:
-        pass
+    except Exception as e:
+        logger.debug(
+            f'Failed to validate GitLab token: {e} \n {traceback.format_exc()}'
+        )
 
     return None

openhands/mcp/client.py

@@ -1,11 +1,12 @@
-import asyncio
-from contextlib import AsyncExitStack
 from typing import Optional
 
-from mcp import ClientSession
-from mcp.client.sse import sse_client
+from fastmcp import Client
+from fastmcp.client.transports import SSETransport, StreamableHttpTransport
+from mcp import McpError
+from mcp.types import CallToolResult
 from pydantic import BaseModel, Field
 
+from openhands.core.config.mcp_config import MCPSHTTPServerConfig, MCPSSEServerConfig
 from openhands.core.logger import openhands_logger as logger
 from openhands.mcp.tool import MCPClientTool
 
@@ -15,8 +16,7 @@ class MCPClient(BaseModel):
     A collection of tools that connects to an MCP server and manages available tools through the Model Context Protocol.
     """
 
-    session: Optional[ClientSession] = None
-    exit_stack: AsyncExitStack = AsyncExitStack()
+    client: Optional[Client] = None
     description: str = 'MCP client tools for server interaction'
     tools: list[MCPClientTool] = Field(default_factory=list)
     tool_map: dict[str, MCPClientTool] = Field(default_factory=dict)
@@ -24,111 +24,87 @@ class MCPClient(BaseModel):
     class Config:
         arbitrary_types_allowed = True
 
-    async def connect_sse(
-        self,
-        server_url: str,
-        api_key: str | None = None,
-        conversation_id: str | None = None,
-        timeout: float = 30.0,
-    ) -> None:
-        """Connect to an MCP server using SSE transport.
-
-        Args:
-            server_url: The URL of the SSE server to connect to.
-            timeout: Connection timeout in seconds. Default is 30 seconds.
-        """
-        if not server_url:
-            raise ValueError('Server URL is required.')
-        if self.session:
-            await self.disconnect()
-
-        try:
-            # Use asyncio.wait_for to enforce the timeout
-            async def connect_with_timeout():
-                headers = (
-                    {
-                        'Authorization': f'Bearer {api_key}',
-                        's': api_key,  # We need this for action execution server's MCP Router
-                        'X-Session-API-Key': api_key,  # We need this for Remote Runtime
-                    }
-                    if api_key
-                    else {}
-                )
-
-                if conversation_id:
-                    headers['X-OpenHands-Conversation-ID'] = conversation_id
-
-                streams_context = sse_client(
-                    url=server_url,
-                    headers=headers if headers else None,
-                    timeout=timeout,
-                )
-                streams = await self.exit_stack.enter_async_context(streams_context)
-                self.session = await self.exit_stack.enter_async_context(
-                    ClientSession(*streams)
-                )
-                await self._initialize_and_list_tools()
-
-            # Apply timeout to the entire connection process
-            await asyncio.wait_for(connect_with_timeout(), timeout=timeout)
-        except asyncio.TimeoutError:
-            logger.error(
-                f'Connection to {server_url} timed out after {timeout} seconds'
-            )
-            await self.disconnect()  # Clean up resources
-            raise  # Re-raise the TimeoutError
-        except Exception as e:
-            logger.error(f'Error connecting to {server_url}: {str(e)}')
-            await self.disconnect()  # Clean up resources
-            raise
-
     async def _initialize_and_list_tools(self) -> None:
         """Initialize session and populate tool map."""
-        if not self.session:
+        if not self.client:
             raise RuntimeError('Session not initialized.')
 
-        await self.session.initialize()
-        response = await self.session.list_tools()
+        async with self.client:
+            tools = await self.client.list_tools()
 
         # Clear existing tools
         self.tools = []
 
         # Create proper tool objects for each server tool
-        for tool in response.tools:
+        for tool in tools:
             server_tool = MCPClientTool(
                 name=tool.name,
                 description=tool.description,
                 inputSchema=tool.inputSchema,
-                session=self.session,
+                session=self.client,
             )
             self.tool_map[tool.name] = server_tool
             self.tools.append(server_tool)
 
-        logger.info(
-            f'Connected to server with tools: {[tool.name for tool in response.tools]}'
-        )
+        logger.info(f'Connected to server with tools: {[tool.name for tool in tools]}')
 
-    async def call_tool(self, tool_name: str, args: dict):
+    async def connect_http(
+        self,
+        server: MCPSSEServerConfig | MCPSHTTPServerConfig,
+        conversation_id: str | None = None,
+        timeout: float = 30.0,
+    ):
+        """Connect to MCP server using SHTTP or SSE transport"""
+        server_url = server.url
+        api_key = server.api_key
+
+        if not server_url:
+            raise ValueError('Server URL is required.')
+
+        try:
+            headers = (
+                {
+                    'Authorization': f'Bearer {api_key}',
+                    's': api_key,  # We need this for action execution server's MCP Router
+                    'X-Session-API-Key': api_key,  # We need this for Remote Runtime
+                }
+                if api_key
+                else {}
+            )
+
+            if conversation_id:
+                headers['X-OpenHands-ServerConversation-ID'] = conversation_id
+
+            # Instantiate custom transports due to custom headers
+            if isinstance(server, MCPSHTTPServerConfig):
+                transport = StreamableHttpTransport(
+                    url=server_url,
+                    headers=headers if headers else None,
+                )
+            else:
+                transport = SSETransport(
+                    url=server_url,
+                    headers=headers if headers else None,
+                )
+
+            self.client = Client(transport, timeout=timeout)
+
+            await self._initialize_and_list_tools()
+        except McpError as e:
+            logger.error(f'McpError connecting to {server_url}: {e}')
+            raise  # Re-raise the error
+
+        except Exception as e:
+            logger.error(f'Error connecting to {server_url}: {e}')
+            raise
+
+    async def call_tool(self, tool_name: str, args: dict) -> CallToolResult:
         """Call a tool on the MCP server."""
         if tool_name not in self.tool_map:
             raise ValueError(f'Tool {tool_name} not found.')
         # The MCPClientTool is primarily for metadata; use the session to call the actual tool.
-        if not self.session:
+        if not self.client:
             raise RuntimeError('Client session is not available.')
-        return await self.session.call_tool(name=tool_name, arguments=args)
 
-    async def disconnect(self) -> None:
-        """Disconnect from the MCP server and clean up resources."""
-        if self.session:
-            try:
-                # Close the session first
-                if hasattr(self.session, 'close'):
-                    await self.session.close()
-                # Then close the exit stack
-                await self.exit_stack.aclose()
-            except Exception as e:
-                logger.error(f'Error during disconnect: {str(e)}')
-            finally:
-                self.session = None
-                self.tools = []
-                logger.info('Disconnected from MCP server')
+        async with self.client:
+            return await self.client.call_tool_mcp(name=tool_name, arguments=args)

openhands/mcp/utils.py

@@ -4,8 +4,10 @@ from typing import TYPE_CHECKING
 if TYPE_CHECKING:
     from openhands.controller.agent import Agent
 
+
 from openhands.core.config.mcp_config import (
     MCPConfig,
+    MCPSHTTPServerConfig,
     MCPSSEServerConfig,
 )
 from openhands.core.config.openhands_config import OpenHandsConfig
@@ -48,7 +50,9 @@ def convert_mcp_clients_to_tools(mcp_clients: list[MCPClient] | None) -> list[di
 
 
 async def create_mcp_clients(
-    sse_servers: list[MCPSSEServerConfig], conversation_id: str | None = None
+    sse_servers: list[MCPSSEServerConfig],
+    shttp_servers: list[MCPSHTTPServerConfig],
+    conversation_id: str | None = None,
 ) -> list[MCPClient]:
     import sys
 
@@ -59,42 +63,44 @@ async def create_mcp_clients(
         )
         return []
 
-    mcp_clients: list[MCPClient] = []
-    # Initialize SSE connections
-    if sse_servers:
-        for server_url in sse_servers:
-            logger.info(
-                f'Initializing MCP agent for {server_url} with SSE connection...'
-            )
+    servers: list[MCPSSEServerConfig | MCPSHTTPServerConfig] = sse_servers.copy()
+    servers.extend(shttp_servers.copy())
 
-            client = MCPClient()
-            try:
-                await client.connect_sse(
-                    server_url.url,
-                    api_key=server_url.api_key,
-                    conversation_id=conversation_id,
-                )
-                # Only add the client to the list after a successful connection
-                mcp_clients.append(client)
-                logger.info(f'Connected to MCP server {server_url} via SSE')
-            except Exception as e:
-                logger.error(
-                    f'Failed to connect to {server_url}: {str(e)}', exc_info=True
-                )
-                try:
-                    await client.disconnect()
-                except Exception as disconnect_error:
-                    logger.error(
-                        f'Error during disconnect after failed connection: {str(disconnect_error)}'
-                    )
+    if not servers:
+        return []
+
+    mcp_clients = []
+
+    for server in servers:
+        is_shttp = isinstance(server, MCPSHTTPServerConfig)
+        connection_type = 'SHTTP' if is_shttp else 'SSE'
+        logger.info(
+            f'Initializing MCP agent for {server} with {connection_type} connection...'
+        )
+        client = MCPClient()
+
+        try:
+            await client.connect_http(server, conversation_id=conversation_id)
+
+            # Only add the client to the list after a successful connection
+            mcp_clients.append(client)
+
+        except Exception as e:
+            logger.error(f'Failed to connect to {server}: {str(e)}', exc_info=True)
 
     return mcp_clients
 
 
-async def fetch_mcp_tools_from_config(mcp_config: MCPConfig) -> list[dict]:
+async def fetch_mcp_tools_from_config(
+    mcp_config: MCPConfig, conversation_id: str | None = None
+) -> list[dict]:
     """
     Retrieves the list of MCP tools from the MCP clients.
 
+    Args:
+        mcp_config: The MCP configuration
+        conversation_id: Optional conversation ID to associate with the MCP clients
+
     Returns:
         A list of tool dictionaries. Returns an empty list if no connections could be established.
     """
@@ -111,7 +117,7 @@ async def fetch_mcp_tools_from_config(mcp_config: MCPConfig) -> list[dict]:
         logger.debug(f'Creating MCP clients with config: {mcp_config}')
         # Create clients - this will fetch tools but not maintain active connections
         mcp_clients = await create_mcp_clients(
-            mcp_config.sse_servers,
+            mcp_config.sse_servers, mcp_config.shttp_servers, conversation_id
         )
 
         if not mcp_clients:
@@ -121,13 +127,6 @@ async def fetch_mcp_tools_from_config(mcp_config: MCPConfig) -> list[dict]:
         # Convert tools to the format expected by the agent
         mcp_tools = convert_mcp_clients_to_tools(mcp_clients)
 
-        # Always disconnect clients to clean up resources
-        for mcp_client in mcp_clients:
-            try:
-                await mcp_client.disconnect()
-            except Exception as disconnect_error:
-                logger.error(f'Error disconnecting MCP client: {str(disconnect_error)}')
-
     except Exception as e:
         logger.error(f'Error fetching MCP tools: {str(e)}')
         return []

openhands/memory/view.py

@@ -50,6 +50,8 @@ class View(BaseModel):
         for event in events:
             if isinstance(event, CondensationAction):
                 forgotten_event_ids.update(event.forgotten)
+                # Make sure we also forget the condensation action itself
+                forgotten_event_ids.add(event.id)
 
         kept_events = [event for event in events if event.id not in forgotten_event_ids]
 

openhands/runtime/action_execution_server.py

@@ -65,7 +65,6 @@ from openhands.runtime.browser.browser_env import BrowserEnv
 from openhands.runtime.file_viewer_server import start_file_viewer_server
 from openhands.runtime.plugins import ALL_PLUGINS, JupyterPlugin, Plugin, VSCodePlugin
 from openhands.runtime.utils import find_available_tcp_port
-from openhands.runtime.utils.async_bash import AsyncBashSession
 from openhands.runtime.utils.bash import BashSession
 from openhands.runtime.utils.files import insert_lines, read_lines
 from openhands.runtime.utils.log_capture import capture_logs
@@ -254,12 +253,10 @@ class ActionExecutor:
         # If we get here, the browser is ready
         logger.debug('Browser is ready')
 
-    async def ainit(self):
-        # bash needs to be initialized first
-        logger.debug('Initializing bash session')
+    def _create_bash_session(self, cwd: str | None = None):
         if sys.platform == 'win32':
-            self.bash_session = WindowsPowershellSession(  # type: ignore[name-defined]
-                work_dir=self._initial_cwd,
+            return WindowsPowershellSession(  # type: ignore[name-defined]
+                work_dir=cwd or self._initial_cwd,
                 username=self.username,
                 no_change_timeout_seconds=int(
                     os.environ.get('NO_CHANGE_TIMEOUT_SECONDS', 10)
@@ -267,15 +264,21 @@ class ActionExecutor:
                 max_memory_mb=self.max_memory_gb * 1024 if self.max_memory_gb else None,
             )
         else:
-            self.bash_session = BashSession(
-                work_dir=self._initial_cwd,
+            bash_session = BashSession(
+                work_dir=cwd or self._initial_cwd,
                 username=self.username,
                 no_change_timeout_seconds=int(
                     os.environ.get('NO_CHANGE_TIMEOUT_SECONDS', 10)
                 ),
                 max_memory_mb=self.max_memory_gb * 1024 if self.max_memory_gb else None,
             )
-            self.bash_session.initialize()
+            bash_session.initialize()
+            return bash_session
+
+    async def ainit(self):
+        # bash needs to be initialized first
+        logger.debug('Initializing bash session')
+        self.bash_session = self._create_bash_session()
         logger.debug('Bash session initialized')
 
         # Start browser initialization in the background
@@ -388,18 +391,11 @@ class ActionExecutor:
         self, action: CmdRunAction
     ) -> CmdOutputObservation | ErrorObservation:
         try:
+            bash_session = self.bash_session
             if action.is_static:
-                path = action.cwd or self._initial_cwd
-                result = await AsyncBashSession.execute(action.command, path)
-                obs = CmdOutputObservation(
-                    content=result.content,
-                    exit_code=result.exit_code,
-                    command=action.command,
-                )
-                return obs
-
-            assert self.bash_session is not None
-            obs = await call_sync_from_async(self.bash_session.execute, action)
+                bash_session = self._create_bash_session(action.cwd)
+            assert bash_session is not None
+            obs = await call_sync_from_async(bash_session.execute, action)
             return obs
         except Exception as e:
             logger.error(f'Error running command: {e}')

openhands/runtime/base.py

@@ -90,10 +90,33 @@ def _default_env_vars(sandbox_config: SandboxConfig) -> dict[str, str]:
 
 
 class Runtime(FileEditRuntimeMixin):
-    """The runtime is how the agent interacts with the external environment.
-    This includes a bash sandbox, a browser, and filesystem interactions.
+    """Abstract base class for agent runtime environments.
 
-    sid is the session id, which is used to identify the current user session.
+    This is an extension point in OpenHands that allows applications to customize how
+    agents interact with the external environment. The runtime provides a sandbox with:
+    - Bash shell access
+    - Browser interaction
+    - Filesystem operations
+    - Git operations
+    - Environment variable management
+
+    Applications can substitute their own implementation by:
+    1. Creating a class that inherits from Runtime
+    2. Implementing all required methods
+    3. Setting the runtime name in configuration or using get_runtime_cls()
+
+    The class is instantiated via get_impl() in get_runtime_cls().
+
+    Built-in implementations include:
+    - DockerRuntime: Containerized environment using Docker
+    - E2BRuntime: Secure sandbox using E2B
+    - RemoteRuntime: Remote execution environment
+    - ModalRuntime: Scalable cloud environment using Modal
+    - LocalRuntime: Local execution for development
+    - DaytonaRuntime: Cloud development environment using Daytona
+
+    Args:
+        sid: Session ID that uniquely identifies the current user session
     """
 
     sid: str
@@ -377,7 +400,7 @@ class Runtime(FileEditRuntimeMixin):
                     'No repository selected. Initializing a new git repository in the workspace.'
                 )
                 action = CmdRunAction(
-                    command='git init',
+                    command=f'git init && git config --global --add safe.directory {self.workspace_root}'
                 )
                 self.run_action(action)
             else:
@@ -398,6 +421,10 @@ class Runtime(FileEditRuntimeMixin):
 
         domain = provider_domains[provider]
 
+        # If git_provider_tokens is provided, use the host from the token if available
+        if git_provider_tokens and provider in git_provider_tokens:
+            domain = git_provider_tokens[provider].host or domain
+
         # Try to use token if available, otherwise use public URL
         if git_provider_tokens and provider in git_provider_tokens:
             git_token = git_provider_tokens[provider].token
@@ -925,6 +952,9 @@ fi
         exit_code = 0
         content = ''
 
+        if isinstance(obs, ErrorObservation):
+            exit_code = -1
+
         if hasattr(obs, 'exit_code'):
             exit_code = obs.exit_code
         if hasattr(obs, 'content'):

openhands/runtime/impl/action_execution/action_execution_client.py

@@ -406,7 +406,7 @@ class ActionExecutionClient(Runtime):
                 'POST',
                 f'{self.action_execution_server_url}/update_mcp_server',
                 json=stdio_tools,
-                timeout=10,
+                timeout=60,
             )
             result = response.json()
             if response.status_code != 200:
@@ -464,16 +464,13 @@ class ActionExecutionClient(Runtime):
         )
 
         # Create clients for this specific operation
-        mcp_clients = await create_mcp_clients(updated_mcp_config.sse_servers, self.sid)
+        mcp_clients = await create_mcp_clients(
+            updated_mcp_config.sse_servers, updated_mcp_config.shttp_servers, self.sid
+        )
 
         # Call the tool and return the result
         # No need for try/finally since disconnect() is now just resetting state
         result = await call_tool_mcp_handler(mcp_clients, action)
-
-        # Reset client state (no active connections to worry about)
-        for client in mcp_clients:
-            await client.disconnect()
-
         return result
 
     def close(self) -> None:

openhands/runtime/impl/docker/docker_runtime.py

@@ -1,6 +1,7 @@
 import os
 from functools import lru_cache
 from typing import Callable
+import typing
 from uuid import UUID
 
 import docker
@@ -41,7 +42,7 @@ APP_PORT_RANGE_1 = (50000, 54999)
 APP_PORT_RANGE_2 = (55000, 59999)
 
 
-def _is_retryablewait_until_alive_error(exception):
+def _is_retryablewait_until_alive_error(exception: Exception) -> bool:
     if isinstance(exception, tenacity.RetryError):
         cause = exception.last_attempt.exception()
         return _is_retryablewait_until_alive_error(cause)
@@ -140,10 +141,10 @@ class DockerRuntime(ActionExecutionClient):
             )
 
     @property
-    def action_execution_server_url(self):
+    def action_execution_server_url(self) -> str:
         return self.api_url
 
-    async def connect(self):
+    async def connect(self) -> None:
         self.send_status_message('STATUS$STARTING_RUNTIME')
         try:
             await call_sync_from_async(self._attach_to_container)
@@ -164,7 +165,7 @@ class DockerRuntime(ActionExecutionClient):
                 f'Container started: {self.container_name}. VSCode URL: {self.vscode_url}',
             )
 
-        if DEBUG_RUNTIME:
+        if DEBUG_RUNTIME and self.container:
             self.log_streamer = LogStreamer(self.container, self.log)
         else:
             self.log_streamer = None
@@ -264,7 +265,7 @@ class DockerRuntime(ActionExecutionClient):
 
         return volumes
 
-    def init_container(self):
+    def init_container(self) -> None:
         self.log('debug', 'Preparing to start container...')
         self.send_status_message('STATUS$PREPARING_CONTAINER')
         self._host_port = self._find_available_port(EXECUTION_SERVER_PORT_RANGE)
@@ -281,7 +282,7 @@ class DockerRuntime(ActionExecutionClient):
         self.api_url = f'{self.config.sandbox.local_runtime_url}:{self._container_port}'
 
         use_host_network = self.config.sandbox.use_host_network
-        network_mode: str | None = 'host' if use_host_network else None
+        network_mode: typing.Literal['host'] | None = 'host' if use_host_network else None
 
         # Initialize port mappings
         port_mapping: dict[str, list[dict[str, str]]] | None = None
@@ -317,15 +318,18 @@ class DockerRuntime(ActionExecutionClient):
             )
 
         # Combine environment variables
-        environment = {
-            'port': str(self._container_port),
-            'PYTHONUNBUFFERED': '1',
-            # Passing in the ports means nested runtimes do not come up with their own ports!
-            'VSCODE_PORT': str(self._vscode_port),
-            'APP_PORT_1': self._app_ports[0],
-            'APP_PORT_2': self._app_ports[1],
-            'PIP_BREAK_SYSTEM_PACKAGES': '1',
-        }
+        environment = dict(**self.initial_env_vars)
+        environment.update(
+            {
+                'port': str(self._container_port),
+                'PYTHONUNBUFFERED': '1',
+                # Passing in the ports means nested runtimes do not come up with their own ports!
+                'VSCODE_PORT': str(self._vscode_port),
+                'APP_PORT_1': str(self._app_ports[0]),
+                'APP_PORT_2': str(self._app_ports[1]),
+                'PIP_BREAK_SYSTEM_PACKAGES': '1',
+            }
+        )
         if self.config.debug or DEBUG:
             environment['DEBUG'] = 'true'
         # also update with runtime_startup_env_vars
@@ -350,6 +354,8 @@ class DockerRuntime(ActionExecutionClient):
         command = self.get_action_execution_server_startup_command()
 
         try:
+            if self.runtime_container_image is None:
+                raise ValueError("Runtime container image is not set")
             self.container = self.docker_client.containers.run(
                 self.runtime_container_image,
                 command=command,
@@ -361,7 +367,7 @@ class DockerRuntime(ActionExecutionClient):
                 name=self.container_name,
                 detach=True,
                 environment=environment,
-                volumes=volumes,
+                volumes=volumes,  # type: ignore
                 device_requests=(
                     [docker.types.DeviceRequest(capabilities=[['gpu']], count=-1)]
                     if self.config.sandbox.enable_gpu
@@ -371,32 +377,15 @@ class DockerRuntime(ActionExecutionClient):
             )
             self.log('debug', f'Container started. Server url: {self.api_url}')
             self.send_status_message('STATUS$CONTAINER_STARTED')
-        except docker.errors.APIError as e:
-            if '409' in str(e):
-                self.log(
-                    'warning',
-                    f'Container {self.container_name} already exists. Removing...',
-                )
-                stop_all_containers(self.container_name)
-                return self.init_container()
-
-            else:
-                self.log(
-                    'error',
-                    f'Error: Instance {self.container_name} FAILED to start container!\n',
-                )
-                self.log('error', str(e))
-                raise e
         except Exception as e:
             self.log(
                 'error',
                 f'Error: Instance {self.container_name} FAILED to start container!\n',
             )
-            self.log('error', str(e))
             self.close()
             raise e
 
-    def _attach_to_container(self):
+    def _attach_to_container(self) -> None:
         self.container = self.docker_client.containers.get(self.container_name)
         if self.container.status == 'exited':
             self.container.start()
@@ -432,7 +421,7 @@ class DockerRuntime(ActionExecutionClient):
         reraise=True,
         wait=tenacity.wait_fixed(2),
     )
-    def wait_until_alive(self):
+    def wait_until_alive(self) -> None:
         try:
             container = self.docker_client.containers.get(self.container_name)
             if container.status == 'exited':
@@ -446,7 +435,7 @@ class DockerRuntime(ActionExecutionClient):
 
         self.check_if_alive()
 
-    def close(self, rm_all_containers: bool | None = None):
+    def close(self, rm_all_containers: bool | None = None) -> None:
         """Closes the DockerRuntime and associated objects
 
         Parameters:
@@ -466,7 +455,7 @@ class DockerRuntime(ActionExecutionClient):
         )
         stop_all_containers(close_prefix)
 
-    def _is_port_in_use_docker(self, port):
+    def _is_port_in_use_docker(self, port: int) -> bool:
         containers = self.docker_client.containers.list()
         for container in containers:
             container_ports = container.ports
@@ -474,7 +463,9 @@ class DockerRuntime(ActionExecutionClient):
                 return True
         return False
 
-    def _find_available_port(self, port_range, max_attempts=5):
+    def _find_available_port(
+        self, port_range: tuple[int, int], max_attempts: int = 5
+    ) -> int:
         port = port_range[1]
         for _ in range(max_attempts):
             port = find_available_tcp_port(port_range[0], port_range[1])
@@ -493,7 +484,7 @@ class DockerRuntime(ActionExecutionClient):
         return vscode_url
 
     @property
-    def web_hosts(self):
+    def web_hosts(self) -> dict[str, int]:
         hosts: dict[str, int] = {}
 
         host_addr = os.environ.get('DOCKER_HOST_ADDR', 'localhost')
@@ -502,7 +493,7 @@ class DockerRuntime(ActionExecutionClient):
 
         return hosts
 
-    def pause(self):
+    def pause(self) -> None:
         """Pause the runtime by stopping the container.
         This is different from container.stop() as it ensures environment variables are properly preserved."""
         if not self.container:
@@ -515,7 +506,7 @@ class DockerRuntime(ActionExecutionClient):
         self.container.stop()
         self.log('debug', f'Container {self.container_name} paused')
 
-    def resume(self):
+    def resume(self) -> None:
         """Resume the runtime by starting the container.
         This is different from container.start() as it ensures environment variables are properly restored."""
         if not self.container:
@@ -529,7 +520,7 @@ class DockerRuntime(ActionExecutionClient):
         self.wait_until_alive()
 
     @classmethod
-    async def delete(cls, conversation_id: str):
+    async def delete(cls, conversation_id: str) -> None:
         docker_client = cls._init_docker_client()
         try:
             container_name = CONTAINER_NAME_PREFIX + conversation_id
@@ -542,7 +533,7 @@ class DockerRuntime(ActionExecutionClient):
         finally:
             docker_client.close()
 
-    def get_action_execution_server_startup_command(self):
+    def get_action_execution_server_startup_command(self) -> list[str]:
         return get_action_execution_server_startup_command(
             server_port=self._container_port,
             plugins=self.plugins,

openhands/runtime/utils/async_bash.py

@@ -1,54 +0,0 @@
-import asyncio
-import os
-
-from openhands.runtime.base import CommandResult
-
-
-class AsyncBashSession:
-    @staticmethod
-    async def execute(command: str, work_dir: str) -> CommandResult:
-        """Execute a command in the bash session asynchronously."""
-        work_dir = os.path.abspath(work_dir)
-
-        if not os.path.exists(work_dir):
-            raise ValueError(f'Work directory {work_dir} does not exist.')
-
-        command = command.strip()
-        if not command:
-            return CommandResult(content='', exit_code=0)
-
-        try:
-            process = await asyncio.subprocess.create_subprocess_shell(
-                command,
-                stdout=asyncio.subprocess.PIPE,
-                stderr=asyncio.subprocess.PIPE,
-                cwd=work_dir,
-            )
-
-            try:
-                stdout, stderr = await asyncio.wait_for(
-                    process.communicate(), timeout=30
-                )
-                output = stdout.decode('utf-8')
-
-                if stderr:
-                    output = stderr.decode('utf-8')
-                    print(f'!##! Error running command: {stderr.decode("utf-8")}')
-
-                return CommandResult(content=output, exit_code=process.returncode or 0)
-
-            except asyncio.TimeoutError:
-                process.terminate()
-
-                # Allow a brief moment for cleanup
-                try:
-                    await asyncio.wait_for(process.wait(), timeout=1.0)
-                except asyncio.TimeoutError:
-                    process.kill()  # Force kill if it doesn't terminate cleanly
-
-                return CommandResult(content='Command timed out.', exit_code=-1)
-
-        except Exception as e:
-            return CommandResult(
-                content=f'Error running command: {str(e)}', exit_code=-1
-            )

openhands/runtime/utils/bash.py

@@ -17,6 +17,7 @@ from openhands.events.observation.commands import (
     CmdOutputMetadata,
     CmdOutputObservation,
 )
+from openhands.runtime.utils.bash_constants import TIMEOUT_MESSAGE_TEMPLATE
 from openhands.utils.shutdown_listener import should_continue
 
 
@@ -379,9 +380,7 @@ class BashSession:
         metadata = CmdOutputMetadata()  # No metadata available
         metadata.suffix = (
             f'\n[The command has no new output after {self.NO_CHANGE_TIMEOUT_SECONDS} seconds. '
-            "You may wait longer to see additional output by sending empty command '', "
-            'send other commands to interact with the current process, '
-            'or send keys to interrupt/kill the command.]'
+            f'{TIMEOUT_MESSAGE_TEMPLATE}]'
         )
         command_output = self._get_command_output(
             command,
@@ -414,9 +413,7 @@ class BashSession:
         metadata = CmdOutputMetadata()  # No metadata available
         metadata.suffix = (
             f'\n[The command timed out after {timeout} seconds. '
-            "You may wait longer to see additional output by sending empty command '', "
-            'send other commands to interact with the current process, '
-            'or send keys to interrupt/kill the command.]'
+            f'{TIMEOUT_MESSAGE_TEMPLATE}]'
         )
         command_output = self._get_command_output(
             command,

openhands/runtime/utils/bash_constants.py

@@ -0,0 +1,7 @@
+# Common timeout message that can be used across different timeout scenarios
+TIMEOUT_MESSAGE_TEMPLATE = (
+    "You may wait longer to see additional output by sending empty command '', "
+    'send other commands to interact with the current process, '
+    'send keys to interrupt/kill the command, '
+    'or use the timeout parameter in execute_bash for future commands.'
+)

openhands/runtime/utils/git_handler.py

@@ -44,7 +44,7 @@ class GitHandler:
         Returns:
             bool: True if inside a Git repository, otherwise False.
         """
-        cmd = 'git rev-parse --is-inside-work-tree'
+        cmd = 'git --no-pager rev-parse --is-inside-work-tree'
         output = self.execute(cmd, self.cwd)
         return output.content.strip() == 'true'
 
@@ -71,7 +71,7 @@ class GitHandler:
         Returns:
             bool: True if the reference exists, otherwise False.
         """
-        cmd = f'git rev-parse --verify {ref}'
+        cmd = f'git --no-pager rev-parse --verify {ref}'
         output = self.execute(cmd, self.cwd)
         return output.exit_code == 0
 
@@ -86,9 +86,9 @@ class GitHandler:
         default_branch = self._get_default_branch()
 
         ref_current_branch = f'origin/{current_branch}'
-        ref_non_default_branch = f'$(git merge-base HEAD "$(git rev-parse --abbrev-ref origin/{default_branch})")'
+        ref_non_default_branch = f'$(git --no-pager merge-base HEAD "$(git --no-pager rev-parse --abbrev-ref origin/{default_branch})")'
         ref_default_branch = 'origin/' + default_branch
-        ref_new_repo = '$(git rev-parse --verify 4b825dc642cb6eb9a060e54bf8d69288fbee4904)'  # compares with empty tree
+        ref_new_repo = '$(git --no-pager rev-parse --verify 4b825dc642cb6eb9a060e54bf8d69288fbee4904)'  # compares with empty tree
 
         refs = [
             ref_current_branch,
@@ -116,7 +116,7 @@ class GitHandler:
         if not ref:
             return ''
 
-        cmd = f'git show {ref}:{file_path}'
+        cmd = f'git --no-pager show {ref}:{file_path}'
         output = self.execute(cmd, self.cwd)
         return output.content if output.exit_code == 0 else ''
 
@@ -127,7 +127,7 @@ class GitHandler:
         Returns:
             str: The name of the primary branch.
         """
-        cmd = 'git remote show origin | grep "HEAD branch"'
+        cmd = 'git --no-pager remote show origin | grep "HEAD branch"'
         output = self.execute(cmd, self.cwd)
         return output.content.split()[-1].strip()
 
@@ -138,7 +138,7 @@ class GitHandler:
         Returns:
             str: The name of the current branch.
         """
-        cmd = 'git rev-parse --abbrev-ref HEAD'
+        cmd = 'git --no-pager rev-parse --abbrev-ref HEAD'
         output = self.execute(cmd, self.cwd)
         return output.content.strip()
 
@@ -153,8 +153,12 @@ class GitHandler:
         if not ref:
             return []
 
-        diff_cmd = f'git diff --name-status {ref}'
+        diff_cmd = f'git --no-pager diff --name-status {ref}'
         output = self.execute(diff_cmd, self.cwd)
+        if output.exit_code != 0:
+            raise RuntimeError(
+                f'Failed to get diff for ref {ref} in {self.cwd}. Command output: {output.content}'
+            )
         return output.content.splitlines()
 
     def _get_untracked_files(self) -> list[dict[str, str]]:
@@ -164,7 +168,7 @@ class GitHandler:
         Returns:
             list[dict[str, str]]: A list of dictionaries containing file paths and statuses.
         """
-        cmd = 'git ls-files --others --exclude-standard'
+        cmd = 'git --no-pager ls-files --others --exclude-standard'
         output = self.execute(cmd, self.cwd)
         obs_list = output.content.splitlines()
         return (

openhands/runtime/utils/windows_bash.py

@@ -20,6 +20,7 @@ from openhands.events.observation.commands import (
     CmdOutputMetadata,
     CmdOutputObservation,
 )
+from openhands.runtime.utils.bash_constants import TIMEOUT_MESSAGE_TEMPLATE
 from openhands.utils.shutdown_listener import should_continue
 
 pythonnet.load('coreclr')
@@ -559,9 +560,7 @@ class WindowsPowershellSession:
             else:
                 metadata.suffix = (
                     f'\n[The command timed out after {timeout_seconds} seconds. '
-                    "You may wait longer to see additional output by sending empty command '', "
-                    'send other commands to interact with the current process, '
-                    'or send keys to interrupt/kill the command.]'
+                    f'{TIMEOUT_MESSAGE_TEMPLATE}]'
                 )
 
             return CmdOutputObservation(
@@ -1331,9 +1330,7 @@ class WindowsPowershellSession:
             # Align suffix with bash.py timeout message
             suffix = (
                 f'\n[The command timed out after {timeout_seconds} seconds. '
-                "You may wait longer to see additional output by sending empty command '', "
-                'send other commands to interact with the current process, '
-                'or send keys to interrupt/kill the command.]'
+                f'{TIMEOUT_MESSAGE_TEMPLATE}]'
             )
         elif shutdown_requested:
             # Align suffix with bash.py equivalent (though bash.py might not have specific shutdown message)

openhands/server/app.py

@@ -1,3 +1,4 @@
+import contextlib
 import warnings
 from contextlib import asynccontextmanager
 from typing import AsyncIterator
@@ -29,6 +30,20 @@ from openhands.server.routes.settings import app as settings_router
 from openhands.server.routes.trajectory import app as trajectory_router
 from openhands.server.shared import conversation_manager
 
+mcp_app = mcp_server.http_app(path='/mcp')
+
+
+def combine_lifespans(*lifespans):
+    # Create a combined lifespan to manage multiple session managers
+    @contextlib.asynccontextmanager
+    async def combined_lifespan(app):
+        async with contextlib.AsyncExitStack() as stack:
+            for lifespan in lifespans:
+                await stack.enter_async_context(lifespan(app))
+            yield
+
+    return combined_lifespan
+
 
 @asynccontextmanager
 async def _lifespan(app: FastAPI) -> AsyncIterator[None]:
@@ -40,8 +55,8 @@ app = FastAPI(
     title='OpenHands',
     description='OpenHands: Code Less, Make More',
     version=__version__,
-    lifespan=_lifespan,
-    routes=[Mount(path='/mcp', app=mcp_server.sse_app())],
+    lifespan=combine_lifespans(_lifespan, mcp_app.lifespan),
+    routes=[Mount(path='/mcp', app=mcp_app)],
 )
 
 

openhands/server/config/server_config.py

@@ -48,12 +48,12 @@ class ServerConfig(ServerConfigInterface):
         return config
 
 
-def load_server_config():
+def load_server_config() -> ServerConfig:
     config_cls = os.environ.get('OPENHANDS_CONFIG_CLS', None)
     logger.info(f'Using config class {config_cls}')
 
     server_config_cls = get_impl(ServerConfig, config_cls)
-    server_config = server_config_cls()
+    server_config : ServerConfig = server_config_cls()
     server_config.verify_config()
 
     return server_config

openhands/server/conversation_manager/conversation_manager.py

@@ -21,6 +21,24 @@ class ConversationManager(ABC):
     This class defines the interface for managing conversations, whether in standalone
     or clustered mode. It handles the lifecycle of conversations, including creation,
     attachment, detachment, and cleanup.
+
+    This is an extension point in OpenHands, that applications built on it can use to modify behavior via server configuration, without modifying its code.
+    Applications can provide their own
+    implementation by:
+    1. Creating a class that inherits from ConversationManager
+    2. Implementing all required abstract methods
+    3. Setting server_config.conversation_manager_class to the fully qualified name
+       of the implementation class
+
+    The default implementation is StandaloneConversationManager, which handles
+    conversations in a single-server deployment. Applications might want to provide
+    their own implementation for scenarios like:
+    - Clustered deployments with distributed conversation state
+    - Custom persistence or caching strategies
+    - Integration with external conversation management systems
+    - Enhanced monitoring or logging capabilities
+
+    The implementation class is instantiated via get_impl() in openhands.server.shared.py.
     """
 
     sio: socketio.AsyncServer

openhands/server/conversation_manager/docker_nested_conversation_manager.py

@@ -54,6 +54,7 @@ class DockerNestedConversationManager(ConversationManager):
     docker_client: docker.DockerClient = field(default_factory=docker.from_env)
     _conversation_store_class: type[ConversationStore] | None = None
     _starting_conversation_ids: set[str] = field(default_factory=set)
+    _runtime_container_image: str | None = None
 
     async def __aenter__(self):
         # No action is required on startup for this implementation
@@ -89,7 +90,8 @@ class DockerNestedConversationManager(ConversationManager):
         """
         Get the running agent loops directly from docker.
         """
-        names = (container.name for container in self.docker_client.containers.list())
+        containers : list[Container]  = self.docker_client.containers.list()
+        names = (container.name or '' for container in containers)
         conversation_ids = {
             name[len('openhands-runtime-') :]
             for name in names
@@ -155,6 +157,12 @@ class DockerNestedConversationManager(ConversationManager):
         try:
             # Build the runtime container image if it is missing
             await call_sync_from_async(runtime.maybe_build_runtime_container_image)
+            self._runtime_container_image = runtime.runtime_container_image
+
+            # check that the container already exists...
+            if await self._start_existing_container(runtime):
+                self._starting_conversation_ids.discard(sid)
+                return
 
             # initialize the container but dont wait for it to start
             await call_sync_from_async(runtime.init_container)
@@ -172,7 +180,7 @@ class DockerNestedConversationManager(ConversationManager):
             )
 
         except Exception:
-            self._starting_conversation_ids.remove(sid)
+            self._starting_conversation_ids.discard(sid)
             raise
 
     async def _start_conversation(
@@ -262,7 +270,7 @@ class DockerNestedConversationManager(ConversationManager):
                 )
                 assert response.status_code == status.HTTP_200_OK
         finally:
-            self._starting_conversation_ids.remove(sid)
+            self._starting_conversation_ids.discard(sid)
 
     async def send_to_event_stream(self, connection_id: str, data: dict):
         # Not supported - clients should connect directly to the nested server!
@@ -273,13 +281,29 @@ class DockerNestedConversationManager(ConversationManager):
         raise ValueError('unsupported_operation')
 
     async def close_session(self, sid: str):
-        stop_all_containers(f'openhands-runtime-{sid}')
+        # First try to graceful stop server.
+        try:
+            container = self.docker_client.containers.get(f'openhands-runtime-{sid}')
+        except docker.errors.NotFound as e:
+            return
+        try:
+            nested_url = self.get_nested_url_for_container(container)
+            async with httpx.AsyncClient(
+                headers={
+                    'X-Session-API-Key': self._get_session_api_key_for_conversation(sid)
+                }
+            ) as client:
+                response = await client.post(f'{nested_url}/api/conversations/{sid}/stop')
+                response.raise_for_status()
+        except Exception:
+            logger.exception("error_stopping_container")
+        container.stop()
 
-    async def get_agent_loop_info(self, user_id=None, filter_to_sids=None):
+    async def get_agent_loop_info(self, user_id: str | None = None, filter_to_sids: set[str] | None = None) -> list[AgentLoopInfo]:
         results = []
-        containers = self.docker_client.containers.list()
+        containers : list[Container] = self.docker_client.containers.list()
         for container in containers:
-            if not container.name.startswith('openhands-runtime-'):
+            if not container.name or not container.name.startswith('openhands-runtime-'):
                 continue
             conversation_id = container.name[len('openhands-runtime-') :]
             if filter_to_sids is not None and conversation_id not in filter_to_sids:
@@ -342,11 +366,12 @@ class DockerNestedConversationManager(ConversationManager):
     def get_nested_url_for_container(self, container: Container) -> str:
         env = container.attrs['Config']['Env']
         container_port = int(next(e[5:] for e in env if e.startswith('port=')))
-        conversation_id = container.name[len('openhands-runtime-') :]
+        container_name = container.name or ''
+        conversation_id = container_name[len('openhands-runtime-') :]
         nested_url = f'{self.config.sandbox.local_runtime_url}:{container_port}/api/conversations/{conversation_id}'
         return nested_url
 
-    def _get_session_api_key_for_conversation(self, conversation_id: str):
+    def _get_session_api_key_for_conversation(self, conversation_id: str) -> str:
         jwt_secret = self.config.jwt_secret.get_secret_value()  # type:ignore
         conversation_key = f'{jwt_secret}:{conversation_id}'.encode()
         session_api_key = (
@@ -356,7 +381,7 @@ class DockerNestedConversationManager(ConversationManager):
         )
         return session_api_key
 
-    async def ensure_num_conversations_below_limit(self, sid: str, user_id: str | None):
+    async def ensure_num_conversations_below_limit(self, sid: str, user_id: str | None) -> None:
         response_ids = await self.get_running_agent_loops(user_id)
         if len(response_ids) >= self.config.max_concurrent_conversations:
             logger.info(
@@ -388,7 +413,7 @@ class DockerNestedConversationManager(ConversationManager):
                 )
                 await self.close_session(oldest_conversation_id)
 
-    def _get_provider_handler(self, settings: Settings):
+    def _get_provider_handler(self, settings: Settings) -> ProviderHandler:
         provider_tokens = None
         if isinstance(settings, ConversationInitData):
             provider_tokens = settings.git_provider_tokens
@@ -398,7 +423,7 @@ class DockerNestedConversationManager(ConversationManager):
         )
         return provider_handler
 
-    async def _create_runtime(self, sid: str, user_id: str | None, settings: Settings):
+    async def _create_runtime(self, sid: str, user_id: str | None, settings: Settings) -> DockerRuntime:
         # This session is created here only because it is the easiest way to get a runtime, which
         # is the easiest way to create the needed docker container
         session = Session(
@@ -431,6 +456,7 @@ class DockerNestedConversationManager(ConversationManager):
         # We need to be able to specify the nested conversation id within the nested runtime
         env_vars['ALLOW_SET_CONVERSATION_ID'] = '1'
         env_vars['WORKSPACE_BASE'] = f'/workspace'
+        env_vars['SANDBOX_CLOSE_DELAY'] = '0'
 
         # Set up mounted volume for conversation directory within workspace
         # TODO: Check if we are using the standard event store and file store
@@ -440,10 +466,13 @@ class DockerNestedConversationManager(ConversationManager):
         else:
             volumes = [v.strip() for v in config.sandbox.volumes.split(',')]
         conversation_dir = get_conversation_dir(sid, user_id)
+
         volumes.append(
-            f'{config.file_store_path}/{conversation_dir}:{OpenHandsConfig.model_fields["file_store_path"].default}/{conversation_dir}:rw'
+            f'{config.file_store_path}/{conversation_dir}:/root/.openhands/file_store/{conversation_dir}:rw'
         )
         config.sandbox.volumes = ','.join(volumes)
+        if not config.sandbox.runtime_container_image:
+            config.sandbox.runtime_container_image = self._runtime_container_image
 
         # Currently this eventstream is never used and only exists because one is required in order to create a docker runtime
         event_stream = EventStream(sid, self.file_store, user_id)
@@ -463,6 +492,18 @@ class DockerNestedConversationManager(ConversationManager):
 
         return runtime
 
+    async def _start_existing_container(self, runtime: DockerRuntime) -> bool:
+        try:
+            container = self.docker_client.containers.get(runtime.container_name)
+            if container:
+                status = container.status
+                if status == 'exited':
+                    await call_sync_from_async(container.start)
+                return True
+            return False
+        except docker.errors.NotFound as e:
+            return False
+
 
 def _last_updated_at_key(conversation: ConversationMetadata) -> float:
     last_updated_at = conversation.last_updated_at

openhands/server/conversation_manager/standalone_conversation_manager.py

@@ -38,7 +38,10 @@ UPDATED_AT_CALLBACK_ID = 'updated_at_callback_id'
 
 @dataclass
 class StandaloneConversationManager(ConversationManager):
-    """Manages conversations in standalone mode (single server instance)."""
+    """Default implementation of ConversationManager for single-server deployments.
+
+    See ConversationManager for extensibility details.
+    """
 
     sio: socketio.AsyncServer
     config: OpenHandsConfig
@@ -108,7 +111,8 @@ class StandaloneConversationManager(ConversationManager):
                 return None
             end_time = time.time()
             logger.info(
-                f'ServerConversation {c.sid} connected in {end_time - start_time} seconds'
+                f'ServerConversation {c.sid} connected in {end_time - start_time} seconds',
+                extra={'session_id': sid}
             )
             self._active_conversations[sid] = (c, 1)
             return c
@@ -151,6 +155,10 @@ class StandaloneConversationManager(ConversationManager):
                         await conversation.disconnect()
                         self._detached_conversations.pop(sid, None)
 
+                # Implies disconnected sandboxes stay open indefinitely
+                if not self.config.sandbox.close_delay:
+                    return
+
                 close_threshold = time.time() - self.config.sandbox.close_delay
                 running_loops = list(self._local_agent_loops_by_sid.items())
                 running_loops.sort(key=lambda item: item[1].last_active_ts)
@@ -361,7 +369,9 @@ class StandaloneConversationManager(ConversationManager):
             f'removing connections: {connection_ids_to_remove}',
             extra={'session_id': sid},
         )
+        # Perform a graceful shutdown of each connection
         for connection_id in connection_ids_to_remove:
+            await self.sio.disconnect(connection_id)
             self._local_connection_id_to_session_id.pop(connection_id, None)
 
         session = self._local_agent_loops_by_sid.pop(sid, None)

openhands/server/listen.py

@@ -5,7 +5,6 @@ import socketio
 from openhands.server.app import app as base_app
 from openhands.server.listen_socket import sio
 from openhands.server.middleware import (
-    AttachConversationMiddleware,
     CacheControlMiddleware,
     InMemoryRateLimiter,
     LocalhostCORSMiddleware,
@@ -24,6 +23,5 @@ base_app.add_middleware(
     RateLimitMiddleware,
     rate_limiter=InMemoryRateLimiter(requests=10, seconds=1),
 )
-base_app.middleware('http')(AttachConversationMiddleware(base_app))
 
 app = socketio.ASGIApp(sio, other_asgi_app=base_app)

openhands/server/listen_socket.py

@@ -12,6 +12,7 @@ from openhands.events.action import (
 )
 from openhands.events.action.agent import RecallAction
 from openhands.events.async_event_store_wrapper import AsyncEventStoreWrapper
+from openhands.events.event_store import EventStore
 from openhands.events.observation import (
     NullObservation,
 )
@@ -19,6 +20,7 @@ from openhands.events.observation.agent import (
     AgentStateChangedObservation,
 )
 from openhands.events.serialization import event_to_dict
+from openhands.experiments.experiment_manager import ExperimentManagerImpl
 from openhands.integrations.provider import PROVIDER_TOKEN_TYPE, ProviderToken
 from openhands.integrations.service_types import ProviderType
 from openhands.server.session.conversation_init_data import ConversationInitData
@@ -49,7 +51,7 @@ def create_provider_tokens_object(
 
 
 async def setup_init_convo_settings(
-    user_id: str | None, providers_set: list[ProviderType]
+    user_id: str | None, conversation_id: str, providers_set: list[ProviderType]
 ) -> ConversationInitData:
     settings_store = await SettingsStoreImpl.get_instance(config, user_id)
     settings = await settings_store.load()
@@ -73,7 +75,11 @@ async def setup_init_convo_settings(
     if user_secrets:
         session_init_args['custom_secrets'] = user_secrets.custom_secrets
 
-    return ConversationInitData(**session_init_args)
+    convo_init_data = ConversationInitData(**session_init_args)
+    # We should recreate the same experiment conditions when restarting a conversation
+    return ExperimentManagerImpl.run_conversation_variant_test(
+        user_id, conversation_id, convo_init_data
+    )
 
 
 @sio.event
@@ -119,24 +125,28 @@ async def connect(connection_id: str, environ: dict) -> None:
             f'User {user_id} is allowed to connect to conversation {conversation_id}'
         )
 
-        conversation_init_data = await setup_init_convo_settings(user_id, providers_set)
-        agent_loop_info = await conversation_manager.join_conversation(
-            conversation_id,
-            connection_id,
-            conversation_init_data,
-            user_id,
-        )
+        try:
+            event_store = EventStore(
+                conversation_id, conversation_manager.file_store, user_id
+            )
+        except FileNotFoundError as e:
+            logger.error(
+                f'Failed to create EventStore for conversation {conversation_id}: {e}'
+            )
+            raise ConnectionRefusedError(f'Failed to access conversation events: {e}')
+
         logger.info(
-            f'Connected to conversation {conversation_id} with connection_id {connection_id}. Replaying event stream...'
+            f'Replaying event stream for conversation {conversation_id} with connection_id {connection_id}...'
         )
         agent_state_changed = None
-        if agent_loop_info is None:
-            raise ConnectionRefusedError('Failed to join conversation')
-        async_store = AsyncEventStoreWrapper(
-            agent_loop_info.event_store, latest_event_id + 1
-        )
+
+        # Create an async store to replay events
+        async_store = AsyncEventStoreWrapper(event_store, latest_event_id + 1)
+
+        # Process all available events
         async for event in async_store:
             logger.debug(f'oh_event: {event.__class__.__name__}')
+
             if isinstance(
                 event,
                 (NullAction, NullObservation, RecallAction),
@@ -146,13 +156,33 @@ async def connect(connection_id: str, environ: dict) -> None:
                 agent_state_changed = event
             else:
                 await sio.emit('oh_event', event_to_dict(event), to=connection_id)
+
+        # Send the agent state changed event last if we have one
         if agent_state_changed:
             await sio.emit(
                 'oh_event', event_to_dict(agent_state_changed), to=connection_id
             )
+
         logger.info(
             f'Finished replaying event stream for conversation {conversation_id}'
         )
+
+        conversation_init_data = await setup_init_convo_settings(
+            user_id, conversation_id, providers_set
+        )
+        agent_loop_info = await conversation_manager.join_conversation(
+            conversation_id,
+            connection_id,
+            conversation_init_data,
+            user_id,
+        )
+
+        if agent_loop_info is None:
+            raise ConnectionRefusedError('Failed to join conversation')
+
+        logger.info(
+            f'Successfully joined conversation {conversation_id} with connection_id {connection_id}'
+        )
     except ConnectionRefusedError:
         # Close the broken connection after sending an error message
         asyncio.create_task(sio.disconnect(connection_id))