- fall back to stale CLIProxy version caches instead of surfacing 500s
- remove duplicate dashboard update-check fetches and disable retry/focus refetch
- add backend and UI regressions for the degraded-path behavior
The dashboard restart button and install service used local-mode process
management (stopProxy + ensureCliproxyService) which conflicts with
supervisord in Docker deployments. Killing the CLIProxy binary caused the
bootstrap wrapper to exit, supervisord to attempt a restart, but
ensureCliproxyService already spawned an orphaned process on :8317
resulting in EADDRINUSE and supervisord entering FATAL state.
Detect supervisord via /var/run/supervisor.sock and delegate to
supervisorctl restart, matching the pattern already used by
ccs docker update.
Closes#964
- Updated websearch.md to include SearXNG in the configuration guide.
- Implemented SearXNG JSON API integration in websearch-transformer.cjs.
- Enhanced unified-config-loader.ts to support SearXNG settings.
- Defined SearXNG configuration types in unified-config-types.ts.
- Updated hook-env.ts to manage SearXNG environment variables.
- Modified status.ts to include SearXNG in web search provider checks.
- Added SearXNG routes and validation in websearch-routes.ts.
- Implemented SearXNG provider tests in websearch-transformer.test.ts.
- Updated readiness tests to account for SearXNG in status.test.ts.
- Enhanced websearch routes tests to validate SearXNG settings.
- Added SearXNG configuration fields in the UI settings.
- fetch live provider model definitions through /api/cliproxy/catalog
- overlay CCS preset metadata without keeping UI dropdowns as the source of truth
- wire /cliproxy and quick setup to the upstream-backed catalog path
Replace local mtime-only ProviderTokenSnapshot type and
listProviderTokenSnapshots/findNewTokenSnapshotForPendingAuth in
cliproxy-auth-routes with shared implementations from token-manager.
Ensures dashboard parity with CLI-side SHA-256 fingerprint detection.
- add explicit access modes so remote users see setup guidance instead of an ambiguous login
- redesign the login page with remote setup messaging, password visibility, and light/dark controls
- cover the access-state contract and login UI with focused tests
- keep headless paste routing aligned with the selected Kiro auth method
- validate local callback replay targets and add prompt cancellation safeguards
- wire IDC params through the dashboard start route and support equals-form CLI flags
- auto-select Builder ID for the default Kiro AWS auth flow
- support IDC auth flags and callback-based Kiro paste replay
- update regression coverage for Kiro auth routing
- add runtime-aware resume lane diagnostics and auth backup flows
- warn when account resume uses a different plain ccs continuity lane
- surface lane mismatch guidance in the accounts dashboard, docs, and tests
- route dashboard WebSocket traffic through /ws to avoid Vite HMR collisions
- run the dev entrypoint with node so bun run dev stays stable in this repo
- restore the Image settings scroll container contract and add regression coverage
- Add 30s timeout on proxy requests to prevent indefinite hangs
- Wrap resolveLocalCliproxyPort in try/catch with default port fallback
- Simplify buildProxyBody: remove fragile content-length check that
caused Bun to fall through to req.pipe() on consumed streams
- Replace proxyRes.pipe(res) with manual streaming for Bun compatibility
(pipe hangs after writeHead in Bun runtime)
- Replace deprecated req.on('aborted') with res.on('close') cleanup
(req.on('close') fires with req.destroyed=true in Bun after body
consumption, prematurely destroying the proxy connection)
- Explicitly end proxy request for bodyless methods (GET/HEAD/OPTIONS)
instead of piping an already-consumed express stream
- Add server.closeAllConnections() in test cleanup to prevent hangs
- Add GET passthrough and 502 unreachable test cases