Commit Graph
842 Commits
Author SHA1 Message Date
Sergey Galuza 5157a922a5 test(accounts): align stale free-tier expectations with current behavior
Commit 72ea1fc9 ("fix(accounts): simplify codex free tier badges") split
free codex accounts out of the `personal` audience into a distinct
`free` audience and dropped the `'Personal · '` prefix on inlineLabel,
but `account-visual-groups.test.ts` was not updated and has been
failing in CI ever since.

Update expectations to match the shipped behavior:
- `audience` for `-free` tokens is `'free'`, not `'personal'`
- `inlineLabel` for a bare free account is `'Free'`, not `'Personal · Free'`
- `compactDetailLabel` is `null` when no extra parts are present
- Sort order: business -> personal -> free -> unknown

Drive-by fix unrelated to the Opus 4.8 work in this PR but caught
because these tests started failing on every push to the branch.

Built [OnSteroids](https://onsteroids.ai)
2026-05-30 23:01:58 +02:00
Sergey Galuza c74ad22bd4 Merge remote-tracking branch 'upstream/dev' into feat/claude-opus-4-8 2026-05-30 22:31:55 +02:00
Kai (Tam Nhu) TranandGitHub b75b8772fb Merge pull request #1424 from kaitranntt/codex/fix-logs-filtering-to-show-dashboard-audits
fix(ui): show dashboard audit logs by default
2026-05-30 16:15:18 -04:00
Kai (Tam Nhu) TranandGitHub f41480cdbd Merge pull request #1431 from kaitranntt/codex/fix-privacy-mode-account-label-exposure
fix(ui): blur account identity badges in privacy mode
2026-05-30 16:12:09 -04:00
Kai (Tam Nhu) TranandGitHub 7778ab7d39 Merge pull request #1453 from kaitranntt/codex/propose-fix-for-timeline-display-issue
fix(dashboard): respect actual timeline base time
2026-05-30 16:00:33 -04:00
Kai (Tam Nhu) TranandGitHub a6ea3f2d19 Merge pull request #1450 from kaitranntt/codex/fix-hidden-stale-default-model-in-live-catalogs
fix: keep live catalog defaults visible
2026-05-30 15:59:59 -04:00
Tam Nhu Tran 3d9636351e Merge remote-tracking branch 'origin/dev' into codex/fix-logs-filtering-to-show-dashboard-audits 2026-05-30 15:57:03 -04:00
Kai (Tam Nhu) TranandGitHub 80fcb54c67 Merge pull request #1440 from kaitranntt/codex/fix-log-detail-panel-timestamp-handling
fix(ui): guard invalid log detail timestamps
2026-05-30 15:46:14 -04:00
Kai (Tam Nhu) TranandGitHub 7b1e6cd209 Merge pull request #1449 from kaitranntt/codex/fix-gemini-tooltip-rendering-bug
fix(ui): preserve Gemini tier fallback without entitlement
2026-05-30 15:45:44 -04:00
Tam Nhu Tran f592260049 fix(ui): suppress privacy mode account title leaks 2026-05-30 15:37:47 -04:00
Kai (Tam Nhu) TranandGitHub f815db391d Merge pull request #1308 from simonsmh/feat/add-qoder-provider
feat(cliproxy): Qoder provider
2026-05-30 15:35:55 -04:00
Kai (Tam Nhu) TranandGitHub c0f5413523 fix(ui): preserve distinct log detail rows 2026-05-30 15:29:47 -04:00
Kai (Tam Nhu) Tran 70601e6364 fix(dashboard): respect account last-used timeline base 2026-05-30 14:57:09 -04:00
Kai (Tam Nhu) Tran f9dec01cfd fix: keep live catalog defaults visible 2026-05-30 14:57:02 -04:00
Kai (Tam Nhu) Tran 1f7ed656b2 fix(ui): preserve Gemini tier fallback without entitlement 2026-05-30 14:56:55 -04:00
Kai (Tam Nhu) Tran 4ce6669e26 fix(ui): guard invalid log detail timestamps 2026-05-30 14:55:56 -04:00
Kai (Tam Nhu) Tran dd62027d3f fix(ui): blur account identity badges in privacy mode 2026-05-30 14:54:33 -04:00
Kai (Tam Nhu) Tran 2b59e040c4 fix(ui): show dashboard audit logs by default 2026-05-30 14:53:51 -04:00
Kai (Tam Nhu) TranandGitHub c12174db12 fix: gate auth monitor stats polling (#1421) 2026-05-30 14:08:53 -04:00
Kai (Tam Nhu) TranandGitHub aee322ea88 fix: compare cliproxy fork release suffixes (#1419) 2026-05-30 13:42:31 -04:00
Sergey Galuza 357ce8b07a feat(catalog): add Claude Opus 4.8 to Anthropic model registry
Register `claude-opus-4-8` in the cliproxy model catalog, web-server
pricing table, and UI catalog as an additive entry next to 4.7. Defaults
are unchanged (claude provider stays on sonnet-4-6); users opt into 4.8
explicitly via ANTHROPIC_MODEL or the dashboard.

Configuration mirrors 4.7:
- adaptive thinking levels (low through max), max distinct from xhigh
- extendedContext (1M) available
- nativeImageInput
- pricing $5/$25 in/out, $6.25/$0.5 cache

Built [OnSteroids](https://onsteroids.ai)
2026-05-30 17:16:27 +02:00
Kai (Tam Nhu) TranandGitHub 5f1976f69c fix: add CLIProxy account reauthentication 2026-05-27 10:13:03 -04:00
Tam Nhu Tran bfa4c704eb fix(analytics): tighten top-bar layout (single-line trigger, grouped cluster, compact timestamp)
Three design taste fixes that ride on top of the disclaimer collapse:

- Single-line profile trigger: render only `option.label` in the
  Select trigger; keep label+description in the open menu where the
  description earns its keep. Removes the two-line trigger that broke
  the row baseline (taller pill, vertical-center cascade).
- Group Select + Info icon in an `inline-flex … shrink-0` cluster so
  they wrap as a single unit and the icon never orphans onto a second
  row under the refresh button.
- Compact timestamp: "Updated less than a minute ago" → "1m ago"
  rendered in font-mono. Full phrase preserved via `title`
  attribute. Drops the localized prefix into a tooltip-only context.
- Trigger width trimmed 190px → 170px since it no longer needs to fit
  a description line.
2026-05-24 11:34:57 -04:00
Tam Nhu Tran 9130c7d869 fix(analytics): collapse profile-scope disclaimer into tooltip icon
The disclaimer paragraph rendered as a two-line block under the
controls row, eating vertical real-estate while the cards stayed
empty. Replace it with a small Info icon beside the profile
dropdown that surfaces the same copy in a tooltip on hover/focus.

- Same copy preserved verbatim; no informational loss
- Icon only renders when a non-All profile is selected
- Reclaims ~32px of vertical space on the analytics header

Closes #1390
2026-05-23 23:40:02 -04:00
Kai (Tam Nhu) TranandGitHub 6c0f7ac39c fix(dashboard): clear local control-panel management key (#1372) 2026-05-23 21:44:53 -04:00
Kai (Tam Nhu) TranandGitHub 58df9999db fix(ui-docs): remove third-party runtime assets from health report (#1349)
* fix(ui-docs): remove third-party runtime assets from health report

* style: apply prettier formatting
2026-05-23 16:57:08 -04:00
Kai (Tam Nhu) TranandGitHub b71fe5dd6e fix(codex-quota): guard feature label type in quota windows (#1346) 2026-05-23 16:55:55 -04:00
Tam Nhu Tran f1d655e425 feat: filter analytics by profile 2026-05-22 11:24:21 -04:00
b52c0627ca feat(qoder): add model catalog entries for backend and UI
Add Qoder provider models to both backend MODEL_CATALOG and UI
MODEL_CATALOGS with 11 models (5 auto-routing tiers + 6 frontier
models). Frontier models use unified preset mappings except
DeepSeek which routes haiku to Flash.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-21 20:34:55 +08:00
shiminhao964andClaude Opus 4.7 d82cc13afc feat(qoder): add provider logo asset and dashboard mapping
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-21 19:37:15 +08:00
dea4de45fd fix(test): add qoder to PLUS_EXTRA_CLIPROXY_PROVIDERS test expectation
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-21 15:19:57 +08:00
Simon Shi 1e60fe186e feat(cliproxy): add Qoder to channel catalog, model routing, and UI
Add Qoder provider to integration layers and dashboard UI:
- Channel-to-provider mapping in catalog-cache
- Model routing owner hints
- Provider editor owner map
- Setup wizard provider list
- Fallback visuals and brand color
2026-05-21 03:06:18 +09:00
Tam Nhu Tran 6569eed15b feat: support minimal codex effort aliases 2026-05-20 11:11:46 -04:00
Tam Nhu Tran 5c79df4311 fix(codex-auth): close remaining review gaps 2026-05-17 16:51:22 -04:00
Tam Nhu Tran 08fe63c626 fix(codex-auth): fail fast on missing active profile 2026-05-17 16:06:32 -04:00
Tam Nhu Tran 4e7d648967 fix(codex-auth): remove unused React import causing UI build failure 2026-05-17 14:57:45 -04:00
Tam Nhu Tran e99c4612a8 feat(codex-auth): add dashboard Auth Profiles tab + GET /api/codex/profiles
Adds a read-only dashboard surface for the codex-auth profile registry.
Power users can see which profile is active and its decoded email/plan
without leaving the browser; mutations stay CLI-only.

- codex-auth-dashboard-service: builds the response shape (active +
  default + profiles[]), reads each profile's auth.json, decodes id_token
  via Phase 1 decoder (nested URI claims per C1), 5s in-memory single-key
  cache plus exported invalidateCodexAuthProfilesCache() hook for
  in-process Phase 2 callers (D7); strict field whitelist — id_token /
  access_token / refresh_token NEVER appear in response body or logs
- GET /api/codex/profiles registered INSIDE the
  requireLocalAccessWhenAuthDisabled middleware (H6) — emails are PII
  and must not leak when dashboard is exposed remotely; integration
  test asserts 403 from non-localhost origin
- NEW Auth Profiles tab (D5) in ui/src/pages/codex.tsx — distinct from
  the existing codex-profiles-card (which edits config.toml [profiles],
  a different concept); active profile + email + plan tier highlighted,
  table of all profiles below, disabled Switch/Remove buttons redirect
  to terminal commands
- accountId returned by API for power users (curl) but hidden from
  the default UI (D6)
- 11 service unit tests + 4 endpoint integration tests, all green
2026-05-17 14:45:35 -04:00
Tam Nhu Tran 8ad7653a2e feat(dashboard): add Korean language support
Adds Korean (ko) as a supported dashboard locale alongside en, zh-CN, vi, ja.
Browser locales starting with `ko` (e.g. `ko-KR`) normalize to `ko` and the
Language switcher exposes "Korean" / "한국어" as a selectable option.

The full ~2670-key translation block was translated from the English source
with the formal-polite register (하십시오체) appropriate for an enterprise
dashboard. Technical names (CCS, Claude, CLIProxy, OAuth, provider names,
env vars, paths) are kept untranslated. All placeholders (e.g. {{name}},
{{count}}, {{provider}}) are preserved verbatim, matching the parity test.

Also backfills 23 keys missing from zh-CN, vi, and ja that were added to en
with the recent "Shared Resource Controls" feature (#1206 -> 2a422b3b):
accountsPage.resources*, accountsTable.{sharedResources,resourcesTitle,
resourcesShared,resourcesProfileLocal,badges.profileLocal},
commonToast.resourcesUpdated, and the full editAccountSharedResources
section. Without this backfill the existing i18n parity test was red for
all non-en locales on dev.

Closes #1241
2026-05-14 19:14:13 -04:00
Tam Nhu Tran 15a1faf3ab fix(ui): handle TOML triple-quotes in arrays and AST-aware JSON keys
PR-Agent on #1248 flagged two remaining sensitive-mask edge cases:

1. The TOML array walker stepped through triple-quoted strings one
   single quote at a time. With a body containing both quotes and
   structural characters, like """abc"]xyz""", a stray `]` inside the
   string body could escape the string-skip pair and terminate the
   array scan early. Add skipTomlString that recognizes triple-quoted
   strings ("""…""", '''…''') and skips them as one unit.

2. The JSON regex matched any "...":  pattern, so substrings inside
   escaped value strings, like "description": "use \\"API_KEY\\": header",
   could mask unrelated text. Replace the JSON branch with a state-aware
   scanner that only registers a string as a key when it sits at an
   object-key position (preceded by `{` or `,`, followed by `:`).

Adds regression tests for both cases.
2026-05-14 18:10:26 -04:00
Tam Nhu Tran a633ee0af4 fix(ui): skip TOML comments when scanning sensitive array values
PR-Agent on #1248 flagged that the TOML array walker did not skip
`#` line comments while balancing brackets. A sensitive array with a
comment containing `]` could terminate the scan early and leave the
real tail of the secret unmasked. Skip from `#` to the next newline at
the array's top level. Adds a regression test.
2026-05-14 17:57:06 -04:00
Tam Nhu Tran f404e52439 perf(ui): tighten sensitive-mask decoration scope and reveal selector
PR-Agent review on #1248 flagged two follow-ups:

1. The reveal CSS used `.cm-editor.cm-sensitive-revealed`, but
   @uiw/react-codemirror puts the consumer className on its outer
   wrapper, not on .cm-editor. The selector never matched, so the Eye
   toggle could not un-blur masked values. Drop `.cm-editor` from the
   selector so it matches the wrapper that actually carries the class.

2. The sensitive-decoration plugin rebuilt on every `viewportChanged`,
   which means each scroll event re-stringified and rescanned the
   entire document even though decorations are doc-only-dependent.
   Rebuild only on `docChanged` to remove scroll-time work.
2026-05-14 17:50:50 -04:00
Tam Nhu Tran bac51ce1ff fix(ui): honor TOML quoted keys and escaped quotes in sensitive masking
Two remaining gaps in the sensitive-value detector flagged by PR-Agent
on #1248:

1. The TOML/YAML key regex only matched bare keys, so values written
   under quoted keys like `"API_KEY" = "secret"` were never masked.
   Accept basic-string and literal-string quoted keys and normalize the
   captured key (strip quotes, unescape) before isSensitiveKey.

2. The string-skip helper used indexOf for the next quote character, so
   a value like `AUTH_TOKEN = ["a \"quoted\" value", "x"]` could
   terminate scanning early and leak unrelated text or under-mask the
   secret. Introduce skipString that honors backslash escapes for basic
   strings and is used by both the TOML array walker and the JSON
   balanced-brace walker.

Adds regression tests for both edge cases.
2026-05-14 17:44:52 -04:00
Tam Nhu Tran eefb76214e fix(ui): mask multi-line sensitive values in CodeEditor
Extend the sensitive-key decoration to cover the full logical value, not
just the rest of the current line. Adds value-extent detection for:

- TOML triple-quoted strings (multi-line literal/basic strings)
- TOML arrays ([ ... ] across multiple lines, string-aware)
- YAML block scalars (| and > with indent-based termination)
- JSON arrays and objects (balanced braces, string-aware)

Without this, a secret value spanning multiple lines (multi-line API
key, certificate, private key) was only blurred on its opening line and
the rest stayed readable when the Eye toggle was masked.

Adds regression tests for the TOML triple-quote and array cases.
Flagged by PR-Agent review on #1248.
2026-05-14 17:38:06 -04:00
Tam Nhu Tran 420494e0e0 fix(ui): make codex config.toml viewer selectable
Replace the hand-rolled textarea+Prism overlay in CodeEditor with
CodeMirror 6. The overlay hid the textarea selection with
`selection:bg-transparent` and `WebkitTextFillColor: transparent` as a
workaround for wrap drift between the highlight layer and the textarea,
which left Ctrl+A / drag-select / Ctrl+C with no visible result.

CodeMirror handles selection, copy, undo, and wrap natively. Custom
themes match the previous prism-react-renderer github (light) and
nightOwl (dark) palettes; background is transparent so the surrounding
bg-muted/30 still shows; font, font-size, line-height, padding, and
gutter-less layout are preserved.

Public CodeEditor props are unchanged (value, onChange, language,
readonly, exactText, className, minHeight, heightMode) so all seven
call sites keep working. The sensitive-key blur is reimplemented as a
CodeMirror Decoration and stays gated behind the existing Eye toggle.

Test setup gets a Range.getClientRects polyfill so CM mounts cleanly in
JSDOM, and shared-page.test.tsx checks .cm-content text directly.

Closes #1247
2026-05-14 17:22:26 -04:00
Kai (Tam Nhu) TranandGitHub 4748c452bd fix(codex): self-heal ccsxp cliproxy provider (#1243) 2026-05-14 12:35:31 -04:00
Kai (Tam Nhu) TranandGitHub ac333dd1d5 fix: clarify CLIProxy setup actions
Make account setup the primary CLIProxy CTA, keep advanced variant creation secondary, and contain setup dialogs across narrow viewports.
2026-05-12 19:23:59 -04:00
Kai (Tam Nhu) TranandGitHub 5138741b5c fix(ui): keep codex toml tokens inline (#1219) 2026-05-12 07:51:59 -04:00
Kai (Tam Nhu) TranandGitHub ba761a0d1e fix(ui): wrap codex config highlight editor (#1217) 2026-05-11 21:58:55 -04:00
Kai (Tam Nhu) TranandGitHub e1777247b3 fix(ui): restore codex config highlighting (#1216) 2026-05-11 21:33:33 -04:00
Kai (Tam Nhu) TranandGitHub 225401ceca fix(ui): render codex config as exact text (#1215) 2026-05-11 20:43:26 -04:00