feat: add codeep review, resumable limits, fix $ corruption in edits

- Add `codeep review` for offline, CI-friendly code review (markdown/JSON, --fail-on)
- Pause at step/time safety limits with a resumable "continue" prompt
- Fix edit_file and skill params silently corrupting text containing `$` ($&, ${…})

Author: VladoIvankovic

CHANGELOG.md

@@ -11,6 +11,35 @@ For releases before v1.3.35, see [GitHub Releases](https://github.com/VladoIvank
 > as the social-share summary (IFTTT → X/Bluesky), capped at 220 chars.
 > If omitted, the feed falls back to the first paragraph.
 
+## [2.5.0] — 2026-06-04
+
+> New: `codeep review` (offline, CI-friendly code review) and Continue (a paused-at-the-limit run resumes when you say "continue" instead of dead-ending). Plus a fix where file edits or skill params containing `$` ($&, ${…}) could be written corrupted.
+
+### Added
+
+- **`codeep review`** — a headless, deterministic code review you can drop into
+  CI (no API key, no TUI). Reviews the files you pass (or your unstaged git
+  changes, falling back to a `src/` scan), prints a markdown report or `--json`,
+  and exits non-zero when an issue at or above `--fail-on <error|warning|info|none>`
+  is found (default `error`). Pairs with a GitHub Action to gate PRs.
+- **Continue after a safety limit.** When the agent reaches its step or time
+  limit it no longer dead-ends — the run pauses with a clear, resumable notice
+  (`⏸ Paused … say **continue** to pick up where it left off`) instead of looking
+  like a failure, and saying *continue* resumes it with full context. Works in
+  the TUI and in ACP clients (Zed, the VS Code extension).
+
+### Fixed
+
+- **Edits containing `$` are written literally.** `edit_file` (and the diff
+  preview) applied replacements with `String.replace(text, newText)`, which
+  interprets `$&`, `$$`, `$1` etc. in the replacement — so any edit whose new
+  text contained `$` (template literals, shell variables, regex) was silently
+  corrupted on write. Replacements are now inserted verbatim.
+- **Skill parameter expansion is `$`-safe and literal.** `${param}` substitution
+  had the same `$`-interpretation bug in the value, and interpolated the param
+  name into a regex unescaped (so a `.` over-matched and a `(` could throw).
+  Both are fixed.
+
 ## [2.4.2] — 2026-06-02
 
 > Stability: an unexpected error no longer crashes Codeep to a garbled terminal — it's logged, your conversation is saved, and recoverable background errors keep the session alive. Also fixes `codeep account` occasionally linking without storing the sync token.

README.md

@@ -1050,6 +1050,7 @@ In `dangerous` mode, configure which tools require confirmation via `/settings`:
 | `codeep account` | Link CLI to codeep.dev (GitHub OAuth) |
 | `codeep account sync` | Pull API keys + personalities + commands from codeep.dev → local |
 | `codeep account push` | Push local API keys + personalities + commands → codeep.dev |
+| `codeep review [files…]` | Offline, deterministic code review for CI — markdown or `--json`, `--fail-on <error\|warning\|info\|none>` sets the exit code. No API key needed. |
 
 ### Authentication
 

package.json

@@ -1,6 +1,6 @@
 {
   "name": "codeep",
-  "version": "2.4.2",
+  "version": "2.5.0",
   "description": "AI-powered coding assistant built for the terminal. Multiple LLM providers, project-aware context, and a seamless development workflow.",
   "type": "module",
   "main": "dist/index.js",

src/acp/session.ts

@@ -184,7 +184,9 @@ export async function runAgentSession(opts: AgentSessionOptions): Promise<void>
 
   // result.finalResponse is already emitted via onChunk streaming above;
   // only emit it here if nothing was streamed (e.g. non-streaming fallback path)
-  if (result.finalResponse && chunksEmitted === 0) {
+  // — except a paused/interrupted run, whose finalResponse is a fresh "say
+  // continue" notice that was never streamed and must always reach the client.
+  if (result.finalResponse && (chunksEmitted === 0 || result.interrupted)) {
     opts.onChunk(result.finalResponse);
   }
 

src/acp/transport.test.ts

@@ -0,0 +1,115 @@
+import { describe, it, expect, vi, afterEach } from 'vitest';
+import { StdioTransport } from './transport';
+
+// StdioTransport is the ACP wire layer: newline-delimited JSON-RPC over stdio.
+// We exercise its framing/routing by driving the private onData() directly (so
+// we never touch the real process.stdin) and spying on process.stdout for the
+// outbound side.
+
+function makeTransport(handler = vi.fn()) {
+  const t = new StdioTransport();
+  (t as unknown as { handler: unknown }).handler = handler;
+  return { t, handler };
+}
+function feed(t: StdioTransport, chunk: string) {
+  (t as unknown as { onData(c: string): void }).onData(chunk);
+}
+
+afterEach(() => vi.restoreAllMocks());
+
+describe('StdioTransport — inbound framing', () => {
+  it('parses a complete line and forwards it to the handler', () => {
+    const { t, handler } = makeTransport();
+    feed(t, '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{}}\n');
+    expect(handler).toHaveBeenCalledTimes(1);
+    expect(handler.mock.calls[0][0]).toMatchObject({ id: 1, method: 'initialize' });
+  });
+
+  it('buffers a partial message until the newline arrives', () => {
+    const { t, handler } = makeTransport();
+    feed(t, '{"jsonrpc":"2.0",');
+    expect(handler).not.toHaveBeenCalled();
+    feed(t, '"method":"x"}\n');
+    expect(handler).toHaveBeenCalledTimes(1);
+    expect(handler.mock.calls[0][0]).toMatchObject({ method: 'x' });
+  });
+
+  it('splits multiple messages in one chunk, in order', () => {
+    const { t, handler } = makeTransport();
+    feed(t, '{"jsonrpc":"2.0","method":"a"}\n{"jsonrpc":"2.0","method":"b"}\n');
+    expect(handler.mock.calls.map((c) => (c[0] as { method: string }).method)).toEqual(['a', 'b']);
+  });
+
+  it('ignores malformed JSON and blank lines without throwing', () => {
+    const { t, handler } = makeTransport();
+    expect(() => feed(t, 'not json\n\n   \n')).not.toThrow();
+    expect(handler).not.toHaveBeenCalled();
+  });
+
+  it('routes a response to the matching pending request, not the handler', () => {
+    const { t, handler } = makeTransport();
+    const resolve = vi.fn();
+    (t as unknown as { pendingRequests: Map<number, unknown> }).pendingRequests.set(5, resolve);
+    feed(t, '{"jsonrpc":"2.0","id":5,"result":{"ok":true}}\n');
+    expect(resolve).toHaveBeenCalledWith({ ok: true });
+    expect(handler).not.toHaveBeenCalled();
+    expect((t as unknown as { pendingRequests: Map<number, unknown> }).pendingRequests.has(5)).toBe(false);
+  });
+
+  it('resets the buffer instead of growing past the 10MB cap', () => {
+    const { t, handler } = makeTransport();
+    feed(t, 'x'.repeat(10 * 1024 * 1024 + 1)); // no newline — would otherwise buffer forever
+    expect(handler).not.toHaveBeenCalled();
+    expect((t as unknown as { buffer: string }).buffer).toBe('');
+  });
+});
+
+describe('StdioTransport — outbound frames', () => {
+  it('respond() writes a JSON-RPC result line', () => {
+    const write = vi.spyOn(process.stdout, 'write').mockImplementation(() => true);
+    new StdioTransport().respond(1, { x: 1 });
+    expect(write).toHaveBeenCalledWith('{"jsonrpc":"2.0","id":1,"result":{"x":1}}\n');
+  });
+
+  it('error() writes a JSON-RPC error line', () => {
+    const write = vi.spyOn(process.stdout, 'write').mockImplementation(() => true);
+    new StdioTransport().error(2, -32601, 'Method not found');
+    const sent = JSON.parse((write.mock.calls[0][0] as string).trim());
+    expect(sent).toEqual({ jsonrpc: '2.0', id: 2, error: { code: -32601, message: 'Method not found' } });
+  });
+
+  it('notify() writes a JSON-RPC notification (no id)', () => {
+    const write = vi.spyOn(process.stdout, 'write').mockImplementation(() => true);
+    new StdioTransport().notify('session/update', { a: 1 });
+    const sent = JSON.parse((write.mock.calls[0][0] as string).trim());
+    expect(sent).toEqual({ jsonrpc: '2.0', method: 'session/update', params: { a: 1 } });
+    expect('id' in sent).toBe(false);
+  });
+});
+
+describe('StdioTransport — outbound request round-trip', () => {
+  it('sends a request with an incrementing id and resolves on the matching response', async () => {
+    const write = vi.spyOn(process.stdout, 'write').mockImplementation(() => true);
+    const t = new StdioTransport();
+    const p = t.request('session/request_permission', { foo: 1 });
+
+    const sent = JSON.parse((write.mock.calls[0][0] as string).trim());
+    expect(sent).toMatchObject({ jsonrpc: '2.0', method: 'session/request_permission', params: { foo: 1 } });
+    expect(typeof sent.id).toBe('number');
+
+    feed(t, JSON.stringify({ jsonrpc: '2.0', id: sent.id, result: { ok: true } }) + '\n');
+    await expect(p).resolves.toEqual({ ok: true });
+  });
+
+  it('resolves to null when the request times out', async () => {
+    vi.useFakeTimers();
+    try {
+      vi.spyOn(process.stdout, 'write').mockImplementation(() => true);
+      const p = new StdioTransport().request('m', {});
+      vi.advanceTimersByTime(30_000);
+      await expect(p).resolves.toBeNull();
+    } finally {
+      vi.useRealTimers();
+    }
+  });
+});

src/renderer/agentExecution.ts

@@ -405,6 +405,13 @@ export async function executeAgentTask(
       }
     } else if (result.aborted) {
       app.addMessage({ role: 'assistant', content: 'Agent stopped by user.' });
+    } else if (result.interrupted) {
+      // Paused at a step/time safety limit — resumable, not a failure. Show the
+      // agent's partial summary and nudge the user to resume.
+      if (result.finalResponse) {
+        app.addMessage({ role: 'assistant', content: result.finalResponse });
+      }
+      app.notify('Paused at the safety limit — say "continue" to keep going');
     } else {
       // Show the agent's summary if available, with error details below
       if (result.finalResponse) {

src/renderer/ansi.test.ts

@@ -0,0 +1,115 @@
+import { describe, it, expect } from 'vitest';
+import {
+  styled,
+  stripAnsi,
+  stringWidth,
+  charWidth,
+  visibleLength,
+  truncate,
+  wordWrap,
+  gradientText,
+  style,
+  fg,
+} from './ansi';
+
+// These pure helpers underpin every bit of TUI layout — width math, wrapping,
+// truncation. A subtle bug here misaligns the whole renderer, so pin the
+// behaviour down.
+
+describe('charWidth', () => {
+  it('counts ASCII as one column', () => {
+    expect(charWidth('a')).toBe(1);
+    expect(charWidth(' ')).toBe(1);
+  });
+
+  it('counts CJK and emoji as two columns', () => {
+    expect(charWidth('中')).toBe(2);   // CJK ideograph
+    expect(charWidth('あ')).toBe(2);   // hiragana
+    expect(charWidth('😀')).toBe(2);   // emoji (astral plane)
+  });
+
+  it('counts control characters as zero', () => {
+    expect(charWidth('\x00')).toBe(0);
+    expect(charWidth('\x1b')).toBe(0);
+  });
+});
+
+describe('stringWidth', () => {
+  it('sums display columns, wide chars included', () => {
+    expect(stringWidth('hello')).toBe(5);
+    expect(stringWidth('中文')).toBe(4);
+    expect(stringWidth('a中')).toBe(3);
+    expect(stringWidth('')).toBe(0);
+  });
+});
+
+describe('stripAnsi', () => {
+  it('removes SGR escape sequences, keeps the text', () => {
+    expect(stripAnsi(fg.red + 'x' + style.reset)).toBe('x');
+    expect(stripAnsi(style.bold + fg.green + 'hi' + style.reset)).toBe('hi');
+  });
+
+  it('leaves plain text untouched', () => {
+    expect(stripAnsi('plain')).toBe('plain');
+  });
+});
+
+describe('visibleLength', () => {
+  it('measures display width ignoring ANSI codes', () => {
+    expect(visibleLength(fg.green + '中' + style.reset)).toBe(2);
+    expect(visibleLength(fg.red + 'abc' + style.reset)).toBe(3);
+  });
+});
+
+describe('styled', () => {
+  it('wraps text in the given codes and a reset', () => {
+    expect(styled('x', fg.red)).toBe(fg.red + 'x' + style.reset);
+    expect(styled('x', style.bold, fg.red)).toBe(style.bold + fg.red + 'x' + style.reset);
+  });
+
+  it('returns the text unchanged when no styles are given', () => {
+    expect(styled('x')).toBe('x');
+  });
+});
+
+describe('truncate', () => {
+  it('returns the string unchanged when it already fits', () => {
+    expect(truncate('short', 10)).toBe('short');
+  });
+
+  it('truncates to the target width including the suffix', () => {
+    const out = truncate('hello world', 8);
+    expect(stripAnsi(out)).toBe('hello...');
+    expect(visibleLength(out)).toBe(8);
+  });
+
+  it('never exceeds the requested width', () => {
+    expect(visibleLength(truncate('a'.repeat(20), 10))).toBe(10);
+  });
+});
+
+describe('wordWrap', () => {
+  it('keeps a short string on one line', () => {
+    expect(wordWrap('hello', 10)).toEqual(['hello']);
+  });
+
+  it('wraps long input across lines without losing or reordering words', () => {
+    const lines = wordWrap('hello world foo bar', 11);
+    expect(lines.length).toBeGreaterThan(1);
+    expect(lines.join(' ')).toBe('hello world foo bar');
+  });
+
+  it('returns an empty array for an empty string', () => {
+    expect(wordWrap('', 10)).toEqual([]);
+  });
+});
+
+describe('gradientText', () => {
+  it('returns the text unchanged with no colour stops', () => {
+    expect(gradientText('x', [])).toBe('x');
+  });
+
+  it('only adds colour — the underlying text is preserved', () => {
+    expect(stripAnsi(gradientText('abc', [[255, 0, 0], [0, 0, 255]]))).toBe('abc');
+  });
+});

src/renderer/highlight.test.ts

@@ -0,0 +1,63 @@
+import { describe, it, expect } from 'vitest';
+import { highlightCode, SYNTAX } from './highlight';
+import { stripAnsi } from './ansi';
+
+// highlightCode only *adds* colour — stripping the ANSI must give back exactly
+// the original source (for the line-based tokenizer + HTML). That invariant is
+// what keeps copied/selected code intact in the TUI.
+
+describe('highlightCode — text preservation', () => {
+  const samples: Record<string, string> = {
+    js:   'const x = 42;\nfunction add(a, b) { return a + b }',
+    ts:   'let n: number = 1\ninterface Foo { bar: string }',
+    py:   'def f(x):\n    return x # done',
+    go:   'func main() {\n\tx := 1\n}',
+    rust: 'fn main() { let mut x = 1; }',
+  };
+  for (const [lang, code] of Object.entries(samples)) {
+    it(`leaves ${lang} source unchanged after stripping ANSI`, () => {
+      expect(stripAnsi(highlightCode(code, lang))).toBe(code);
+    });
+  }
+
+  it('preserves HTML text', () => {
+    expect(stripAnsi(highlightCode('<div>hi</div>', 'html'))).toBe('<div>hi</div>');
+  });
+});
+
+describe('highlightCode — token colouring', () => {
+  it('colours keywords', () => {
+    expect(highlightCode('const x', 'js')).toContain(SYNTAX.keyword + 'const');
+  });
+
+  it('colours numbers', () => {
+    expect(highlightCode('x = 42', 'js')).toContain(SYNTAX.number + '42');
+  });
+
+  it('colours strings', () => {
+    expect(highlightCode('"hi"', 'js')).toContain(SYNTAX.string + '"hi"');
+  });
+
+  it('colours line comments (and language-specific # comments)', () => {
+    expect(highlightCode('// note', 'js')).toContain(SYNTAX.comment);
+    expect(highlightCode('# note', 'py')).toContain(SYNTAX.comment);
+  });
+
+  it('colours a call target as a function', () => {
+    expect(highlightCode('foo()', 'js')).toContain(SYNTAX.function + 'foo');
+  });
+
+  it('colours a capitalised identifier as a type', () => {
+    expect(highlightCode('Foo bar', 'js')).toContain(SYNTAX.type + 'Foo');
+  });
+});
+
+describe('highlightCode — language aliases', () => {
+  it('maps "python" → py keywords', () => {
+    expect(highlightCode('def f', 'python')).toContain(SYNTAX.keyword + 'def');
+  });
+
+  it('maps "typescript" → ts keywords', () => {
+    expect(highlightCode('interface X', 'typescript')).toContain(SYNTAX.keyword + 'interface');
+  });
+});

src/renderer/main.ts

@@ -430,6 +430,14 @@ function showSessionPickerInline(): void {
 async function main(): Promise<void> {
   const args = process.argv.slice(2);
 
+  // Headless, deterministic code review for CI (no API key, no TUI). Handled
+  // before the global --help/--version checks so `codeep review --help` shows
+  // the review usage rather than the top-level help.
+  if (args[0] === 'review') {
+    const { runHeadlessReview } = await import('../utils/headlessReview.js');
+    process.exit(runHeadlessReview(args.slice(1)));
+  }
+
   if (args.includes('--version') || args.includes('-v')) {
     console.log(`Codeep v${getCurrentVersion()}`);
     process.exit(0);
@@ -444,6 +452,7 @@ Usage:
   codeep account sync   Pull keys + personalities + commands + profile from codeep.dev
   codeep account push   Push local keys + personalities + commands + profile to codeep.dev
   codeep acp          Start ACP server (for Zed editor integration)
+  codeep review       Offline code review for CI (--json, --fail-on <level>)
   codeep --version    Show version
   codeep --help       Show this help