WIP: Remove global state from pi-ai OAuth/API key handling

- Remove setApiKey, resolveApiKey, and global apiKeys Map from stream.ts
- Rename getApiKey to getApiKeyFromEnv (only checks env vars)
- Remove OAuth storage layer (storage.ts deleted)
- OAuth login/refresh functions now return credentials instead of saving
- getOAuthApiKey/refreshOAuthToken now take credentials as params
- Add test/oauth.ts helper for ai package tests
- Simplify root npm run check (single biome + tsgo pass)
- Remove redundant check scripts from most packages
- Add web-ui and coding-agent examples to biome/tsgo includes

coding-agent still has compile errors - needs refactoring for new API

packages/coding-agent/examples/sdk/02-custom-model.ts

@@ -4,7 +4,7 @@
  * Shows how to select a specific model and thinking level.
  */
 
-import { createAgentSession, findModel, discoverAvailableModels } from "../../src/index.js";
+import { createAgentSession, discoverAvailableModels, findModel } from "../../src/index.js";
 
 // Option 1: Find a specific model by provider/id
 const { model: sonnet } = findModel("anthropic", "claude-sonnet-4-20250514");

packages/coding-agent/examples/sdk/04-skills.ts

@@ -27,7 +27,7 @@ const customSkill: Skill = {
 };
 
 // Use filtered + custom skills
-const { session } = await createAgentSession({
+await createAgentSession({
 	skills: [...filteredSkills, customSkill],
 	sessionManager: SessionManager.inMemory(),
 });

packages/coding-agent/examples/sdk/05-tools.ts

@@ -10,31 +10,28 @@
 
 import { Type } from "@sinclair/typebox";
 import {
-	createAgentSession,
-	discoverCustomTools,
-	SessionManager,
-	codingTools, // read, bash, edit, write - uses process.cwd()
-	readOnlyTools, // read, grep, find, ls - uses process.cwd()
-	createCodingTools, // Factory: creates tools for specific cwd
-	createReadOnlyTools, // Factory: creates tools for specific cwd
-	createReadTool,
-	createBashTool,
-	createGrepTool,
-	readTool,
-	bashTool,
-	grepTool,
+	bashTool, // read, bash, edit, write - uses process.cwd()
 	type CustomAgentTool,
+	createAgentSession,
+	createBashTool,
+	createCodingTools, // Factory: creates tools for specific cwd
+	createGrepTool,
+	createReadTool,
+	grepTool,
+	readOnlyTools, // read, grep, find, ls - uses process.cwd()
+	readTool,
+	SessionManager,
 } from "../../src/index.js";
 
 // Read-only mode (no edit/write) - uses process.cwd()
-const { session: readOnly } = await createAgentSession({
+await createAgentSession({
 	tools: readOnlyTools,
 	sessionManager: SessionManager.inMemory(),
 });
 console.log("Read-only session created");
 
 // Custom tool selection - uses process.cwd()
-const { session: custom } = await createAgentSession({
+await createAgentSession({
 	tools: [readTool, bashTool, grepTool],
 	sessionManager: SessionManager.inMemory(),
 });
@@ -42,7 +39,7 @@ console.log("Custom tools session created");
 
 // With custom cwd - MUST use factory functions!
 const customCwd = "/path/to/project";
-const { session: customCwdSession } = await createAgentSession({
+await createAgentSession({
 	cwd: customCwd,
 	tools: createCodingTools(customCwd), // Tools resolve paths relative to customCwd
 	sessionManager: SessionManager.inMemory(),
@@ -50,7 +47,7 @@ const { session: customCwdSession } = await createAgentSession({
 console.log("Custom cwd session created");
 
 // Or pick specific tools for custom cwd
-const { session: specificTools } = await createAgentSession({
+await createAgentSession({
 	cwd: customCwd,
 	tools: [createReadTool(customCwd), createBashTool(customCwd), createGrepTool(customCwd)],
 	sessionManager: SessionManager.inMemory(),

packages/coding-agent/examples/sdk/06-hooks.ts

@@ -4,7 +4,7 @@
  * Hooks intercept agent events for logging, blocking, or modification.
  */
 
-import { createAgentSession, discoverHooks, SessionManager, type HookFactory } from "../../src/index.js";
+import { createAgentSession, type HookFactory, SessionManager } from "../../src/index.js";
 
 // Logging hook
 const loggingHook: HookFactory = (api) => {

packages/coding-agent/examples/sdk/07-context-files.ts

@@ -14,7 +14,7 @@ for (const file of discovered) {
 }
 
 // Use custom context files
-const { session } = await createAgentSession({
+await createAgentSession({
 	contextFiles: [
 		...discovered,
 		{

packages/coding-agent/examples/sdk/08-slash-commands.ts

@@ -4,7 +4,7 @@
  * File-based commands that inject content when invoked with /commandname.
  */
 
-import { createAgentSession, discoverSlashCommands, SessionManager, type FileSlashCommand } from "../../src/index.js";
+import { createAgentSession, discoverSlashCommands, type FileSlashCommand, SessionManager } from "../../src/index.js";
 
 // Discover commands from cwd/.pi/commands/ and ~/.pi/agent/commands/
 const discovered = discoverSlashCommands();
@@ -21,12 +21,12 @@ const deployCommand: FileSlashCommand = {
 	content: `# Deploy Instructions
 
 1. Build: npm run build
-2. Test: npm test  
+2. Test: npm test
 3. Deploy: npm run deploy`,
 };
 
 // Use discovered + custom commands
-const { session } = await createAgentSession({
+await createAgentSession({
 	slashCommands: [...discovered, deployCommand],
 	sessionManager: SessionManager.inMemory(),
 });

packages/coding-agent/examples/sdk/09-api-keys-and-oauth.ts

@@ -4,22 +4,17 @@
  * Configure API key resolution. Default checks: models.json, OAuth, env vars.
  */
 
-import {
-	createAgentSession,
-	configureOAuthStorage,
-	defaultGetApiKey,
-	SessionManager,
-} from "../../src/index.js";
 import { getAgentDir } from "../../src/config.js";
+import { configureOAuthStorage, createAgentSession, defaultGetApiKey, SessionManager } from "../../src/index.js";
 
 // Default: uses env vars (ANTHROPIC_API_KEY, etc.), OAuth, and models.json
-const { session: defaultSession } = await createAgentSession({
+await createAgentSession({
 	sessionManager: SessionManager.inMemory(),
 });
 console.log("Session with default API key resolution");
 
 // Custom resolver
-const { session: customSession } = await createAgentSession({
+await createAgentSession({
 	getApiKey: async (model) => {
 		// Custom logic (secrets manager, database, etc.)
 		if (model.provider === "anthropic") {
@@ -35,7 +30,7 @@ console.log("Session with custom API key resolver");
 // Use OAuth from ~/.pi/agent while customizing everything else
 configureOAuthStorage(getAgentDir()); // Must call before createAgentSession
 
-const { session: hybridSession } = await createAgentSession({
+await createAgentSession({
 	agentDir: "/tmp/custom-config", // Custom config location
 	// But OAuth tokens still come from ~/.pi/agent/oauth.json
 	systemPrompt: "You are helpful.",

packages/coding-agent/examples/sdk/10-settings.ts

@@ -17,7 +17,7 @@ settingsManager.applyOverrides({
 	retry: { enabled: true, maxRetries: 5, baseDelayMs: 1000 },
 });
 
-const { session } = await createAgentSession({
+await createAgentSession({
 	settingsManager,
 	sessionManager: SessionManager.inMemory(),
 });
@@ -30,7 +30,7 @@ const inMemorySettings = SettingsManager.inMemory({
 	retry: { enabled: false },
 });
 
-const { session: testSession } = await createAgentSession({
+await createAgentSession({
 	settingsManager: inMemorySettings,
 	sessionManager: SessionManager.inMemory(),
 });

packages/coding-agent/examples/sdk/12-full-control.ts

@@ -10,19 +10,19 @@
  */
 
 import { Type } from "@sinclair/typebox";
+import { getAgentDir } from "../../src/config.js";
 import {
-	createAgentSession,
+	type CustomAgentTool,
 	configureOAuthStorage,
+	createAgentSession,
+	createBashTool,
+	createReadTool,
 	defaultGetApiKey,
 	findModel,
+	type HookFactory,
 	SessionManager,
 	SettingsManager,
-	createReadTool,
-	createBashTool,
-	type HookFactory,
-	type CustomAgentTool,
 } from "../../src/index.js";
-import { getAgentDir } from "../../src/config.js";
 
 // Use OAuth from default location
 configureOAuthStorage(getAgentDir());