Commit Graph
1543 Commits
Author SHA1 Message Date
Kai (Tam Nhu) Tran 216fae7d57 fix(proxy): load pid-only profile daemon state 2026-05-30 14:56:46 -04:00
Kai (Tam Nhu) TranandGitHub 8335f0c73c fix(dispatcher): also treat -p as non-subcommand short for --print (#1352)
Red-team follow-up to #1341: the original fix only guarded --print but
Claude accepts -p as the short form, and CCS itself passes -p in
headless-executor.ts. Without this check the security bypass survived
via the short flag.

Added regression tests: ['-p', 'agents'], ['-p', 'doctor'], ['-p']
alone, and injector short-circuit verification for -p form.
2026-05-23 17:33:38 -04:00
Kai (Tam Nhu) TranandGitHub 9a420988bc fix(analytics): support sqlite3 path resolution on Windows and NixOS (#1354)
- Add CCS_SQLITE_BIN env-var override; validated with fs.realpathSync so
  symlinks are fully resolved before prefix check
- Reject any override whose realpath does not start under a trusted system
  prefix (prevents PATH-hijack reintroduction from #1347)
- Add TRUSTED_PREFIX_UNIX covering /nix/store/, /opt/local/ (MacPorts),
  /snap/, /run/current-system/ in addition to existing /usr/* and
  /opt/homebrew/ entries
- Add TRUSTED_PREFIX_WINDOWS covering Program Files, System32, and the
  Chocolatey managed bin dir (no canonical winget/Scoop path exists)
- Keep TRUSTED_SQLITE_PATHS_WINDOWS empty — Windows users set CCS_SQLITE_BIN
- Pass env as optional third param to querySqliteJson (backward compatible)
- Add 16-test suite covering env-var acceptance, /tmp rejection, symlink
  traversal, NixOS paths, MacPorts, Windows fallback, and prefix safety
2026-05-23 17:29:52 -04:00
Kai (Tam Nhu) TranandGitHub 5d27f10367 refactor(cliproxy): remove orphaned bg keepalive wiring (#1353)
Red-team review of #1340 found that backgroundProbe / shouldKeepSessionProxiesAlive /
startKeepAliveWatcher and related types were never reachable: the sole caller
(claude-launcher.ts) passed no hasBackgroundWorkerUsingBaseUrl detector, so
backgroundProbe was always undefined and the keepalive branch never executed.

Remove the unreachable scaffold:
- Delete CLAUDE_BG_WORKER_ARGS, hasClaudeBackgroundWorkerUsingBaseUrl{,InProcessList},
  shouldKeepSessionProxiesAlive, ShouldKeepSessionProxiesAliveOptions, and the
  SessionProxyKeepAliveOptions interface from session-bridge.ts
- Remove the backgroundProbe/startKeepAliveWatcher block and keepalive exit branch
  from setupCleanupHandlers; the function now always calls stopSessionResources on
  Claude exit
- Remove backgroundKeepAliveBaseUrl wiring from claude-launcher.ts
- Remove the execFileSync import (was only used by the deleted ps-based detector)
- Update test file: remove tests for deleted exports, keep placeholder

A trusted bg-worker detector can be re-added in a future PR if the feature is
actually needed; the keepalive logic in shouldKeepSessionProxiesAlive can be
restored then.
2026-05-23 17:29:18 -04:00
Kai (Tam Nhu) TranandGitHub 9cd9b796ca fix(models-dev): sanitize models.dev registry entries and harden pricing resolver (#1345)
* fix(models-dev): sanitize cached model entries before pricing lookup

* style: apply prettier formatting
2026-05-23 17:03:49 -04:00
Kai (Tam Nhu) TranandGitHub 825efb8b10 fix(codex-auth): stop spawning powershell in shell detection (#1348) 2026-05-23 16:56:44 -04:00
Kai (Tam Nhu) TranandGitHub 469c9ffde4 fix(analytics): harden sqlite3 invocation for native Droid usage scan (#1347)
* fix(analytics): use trusted sqlite3 binary path

* style: apply prettier formatting
2026-05-23 16:56:20 -04:00
Kai (Tam Nhu) TranandGitHub b71fe5dd6e fix(codex-quota): guard feature label type in quota windows (#1346) 2026-05-23 16:55:55 -04:00
Kai (Tam Nhu) TranandGitHub 66966f3527 fix(pricing): guard malformed models.dev model entries (#1344)
* fix(pricing): guard malformed models.dev model entries

* style: apply prettier formatting
2026-05-23 16:55:05 -04:00
Kai (Tam Nhu) TranandGitHub af7aa0c2dd fix(cliproxy): sanitize local port before config regeneration (#1342) 2026-05-23 16:54:48 -04:00
Kai (Tam Nhu) TranandGitHub fd561b59bc fix(dispatcher): treat --print as non-subcommand Claude session (#1341)
* fix(dispatcher): treat --print as non-subcommand Claude session

* style: apply prettier formatting

* fix(dispatcher): correct return type in subcommand detector

getClaudeSubcommandName returns string | null; return false (boolean)
was invalid after dev refactored isClaudeSubcommandInvocation to
delegate to it. Change to return null to preserve the --print safety
fix intent.
2026-05-23 16:54:30 -04:00
Kai (Tam Nhu) TranandGitHub f0ec820054 fix(cliproxy): disable spoofable default bg keepalive probe (#1340) 2026-05-23 16:54:13 -04:00
Kai (Tam Nhu) TranandGitHub 923bfee6fa fix: pause exhausted CLIProxy rotation accounts
Refs #1337
2026-05-23 00:08:53 -04:00
Tam Nhu Tran bbcf9e8b15 fix: mask Docker key rotation banner 2026-05-22 17:04:19 -04:00
Tam Nhu Tran 30971ebb28 fix: preserve Docker legacy API key during rotation 2026-05-22 16:49:16 -04:00
Tam Nhu Tran 37a14525cc fix: repair ccsx codex profile resources 2026-05-22 16:27:00 -04:00
Tam Nhu Tran f667628411 fix: resolve ccsx auth profiles before CCS profiles 2026-05-22 15:54:55 -04:00
Tam Nhu Tran db4b938c0e fix: treat remote-control as a Claude subcommand 2026-05-22 15:39:15 -04:00
Tam Nhu Tran 1af6625f5c feat: add OAuth paste-callback traceability 2026-05-22 14:12:53 -04:00
Kai (Tam Nhu) TranandGitHub 07cef20c76 Merge pull request #1324 from kaitranntt/kai/fix/dashboard-cliproxy-restart-button
fix: ensure dashboard cliproxy restart waits for recovery
2026-05-22 13:51:42 -04:00
Tam Nhu Tran fc5851e3a2 fix: ensure dashboard cliproxy restart waits for recovery 2026-05-22 13:37:21 -04:00
Tam Nhu Tran 6bc04dee97 fix: normalize ccsxp codex model flag aliases 2026-05-22 13:03:00 -04:00
Kai (Tam Nhu) TranandGitHub ca85d2a3aa Merge pull request #1307 from kaitranntt/codex/propose-fix-for-oauth-log-redaction-issue
fix(cliproxy): redact token-like OAuth trace snippets
2026-05-22 12:50:34 -04:00
Kai (Tam Nhu) TranandGitHub fa17ad5af1 Merge pull request #1318 from kaitranntt/kai/feat/1255-analytics-profile-filter
feat: filter analytics dashboard by profile
2026-05-22 12:38:50 -04:00
Kai (Tam Nhu) TranandGitHub d0359dc479 Merge pull request #1322 from kaitranntt/kai/feat/1304-doctor-stale-translator-paths
feat: share stale Codex translator paths with doctor
2026-05-22 12:29:11 -04:00
Tam Nhu Tran 46d73ae79f feat: share stale Codex translator path scanner 2026-05-22 12:10:54 -04:00
Tam Nhu Tran acf9fd690a fix: prevent Docker dashboard from orphaning CLIProxy 2026-05-22 12:04:28 -04:00
Kai (Tam Nhu) TranandGitHub 8e2a89ea56 Merge pull request #1316 from kaitranntt/kai/feat/1303-persist-receipt
feat: report permission mode persist receipt status
2026-05-22 11:34:24 -04:00
Kai (Tam Nhu) TranandGitHub 9aeb1c1e99 Merge pull request #1315 from kaitranntt/kai/fix/1275-codex-diagnostics-redaction
fix: redact Codex diagnostics metadata
2026-05-22 11:25:10 -04:00
Tam Nhu Tran f1d655e425 feat: filter analytics by profile 2026-05-22 11:24:21 -04:00
Tam Nhu Tran 3dc1810540 feat: report permission mode persist receipt status 2026-05-22 11:14:17 -04:00
Tam Nhu Tran 29eebff7c5 fix(cliproxy): harden oauth trace snippet redaction 2026-05-22 11:12:37 -04:00
Tam Nhu Tran e2f2c7dc2e fix: redact Codex diagnostics metadata 2026-05-22 11:12:20 -04:00
Kai (Tam Nhu) TranandTam Nhu Tran a526eb469a fix(cliproxy): redact token-like oauth trace snippets 2026-05-22 11:11:06 -04:00
SoungRyoul Kim ef4b746876 fix(dispatcher): preserve --permission-mode for claude agents subcommand
`stripClaudeSubcommandSessionArgs` was unconditionally stripping
`--permission-mode`, `--dangerously-skip-permissions`, and
`--allow-dangerously-skip-permissions` from every Claude subcommand
invocation. That's correct for `auth`/`doctor`/`mcp`/etc. — their
parsers reject those flags with `error: unknown option '...'`.

But `claude agents` does accept all three (see `claude agents --help`):
they configure the default permission mode for sessions dispatched from
the agent view. As a result, `ccs <profile> agents --permission-mode
bypassPermissions` silently dropped the flag before forwarding to Claude
and the agent view kept its previous default.

Add a small per-subcommand allowlist (`SUBCOMMAND_ALLOWED_SESSION_FLAGS`)
and a `getClaudeSubcommandName(args)` helper, then branch the strip
logic on the detected subcommand. `agents` keeps the three permission
flags; every other subcommand (including unknown future ones) falls
through to the existing strip behavior. `--teammate-mode` is still
stripped for every subcommand — no upstream subcommand accepts it.

Tests cover both before- and after-position arguments, the
`--flag=value` form, the `--teammate-mode` exclusion for `agents`, and
regression coverage for non-`agents` subcommands.
2026-05-21 20:53:57 +09:00
Tam Nhu Tran 6569eed15b feat: support minimal codex effort aliases 2026-05-20 11:11:46 -04:00
Kai (Tam Nhu) TranandGitHub 67fe6d9c7f fix(persist): print recovery receipt after settings write (#1302) 2026-05-19 15:23:37 -04:00
Kai (Tam Nhu) TranandGitHub 2f50fe393d fix(cliproxy): bound Claude quota error-body reads and preserve timeout
Squash merge PR #1300 into dev.
2026-05-19 08:21:29 -04:00
Kai (Tam Nhu) TranandGitHub 24478135dc fix(proxy): scope insecure TLS to routed profile
Squash merge PR #1299 into dev.
2026-05-19 08:13:40 -04:00
Kai (Tam Nhu) TranandGitHub fa31bea672 fix(proxy): require owned daemon PID before reusing legacy/profile proxy session
Squash merge PR #1298 into dev.
2026-05-19 08:05:45 -04:00
Kai (Tam Nhu) TranandGitHub 100308a3cf fix(logging): redact CLI argv in lifecycle start logs
Squash merge PR #1297 into dev.
2026-05-19 07:57:43 -04:00
Kai (Tam Nhu) TranandGitHub b7ba3c743f fix(cliproxy): cap oauth log parsing size in stats fallback
Squash merge PR #1292 into dev.
2026-05-19 07:51:57 -04:00
Kai (Tam Nhu) TranandGitHub 857dac8751 fix(docker): harden integrated service exposure
Squash merge PR #1291 into dev.
2026-05-19 07:45:20 -04:00
Kai (Tam Nhu) TranandGitHub 3b2016462a fix(persist): block codex claude settings bridge 2026-05-19 07:32:04 -04:00
Kai (Tam Nhu) TranandGitHub 8a37578702 fix(codex): pass native ccsx subcommands through (#1290) 2026-05-18 10:48:44 -04:00
Kai (Tam Nhu) TranandGitHub 5a54c1b536 fix(codex): pass ccsx resume through to native codex
Closes #1287
2026-05-18 09:45:20 -04:00
Tam Nhu Tran e461c7a67e fix(codex-auth): address persistent review focus 2026-05-17 18:33:20 -04:00
Tam Nhu Tran 81c4acc73a fix(codex-auth): harden registry fail-closed paths 2026-05-17 18:20:56 -04:00
Tam Nhu Tran 54738e88f7 fix(codex-auth): surface registry corruption 2026-05-17 18:02:13 -04:00
Tam Nhu Tran c90b3cb9da fix(codex-auth): reject stray profile args 2026-05-17 17:51:32 -04:00