- Add --bare flag to `ccs auth create` to skip shared symlinks
(commands/, skills/, agents/, settings.json). Bare profiles are
clean instances without ClaudeKit or other global extensions.
`ccs sync` respects bare flag and skips re-linking.
- Add MCP server sync from global ~/.claude.json to instances.
Claude Code stores MCP config in ~/.claude.json (not settings.json),
which was invisible to CCS profiles using CLAUDE_CONFIG_DIR isolation.
Selective copy of mcpServers key only (not OAuth sessions/caches).
`ccs sync` refreshes MCP servers across all non-bare instances.
Closes#691Closes#692
- Add llamacpp provider preset to provider-presets.ts
- Add base-llamacpp.settings.json configuration
- Update help-command.ts with ccs llamacpp documentation
- Update UI provider presets for dashboard parity
llama.cpp is a popular C++ inference engine for LLaMA models.
This complements existing Ollama support for local inference.
Usage: ccs llamacpp (requires llama.cpp server on port 8080)
Closes#690
Support native Anthropic API keys (sk-ant-...) via `ccs api create --preset anthropic`.
Profiles use ANTHROPIC_API_KEY env var without BASE_URL, letting Claude CLI
authenticate natively with x-api-key header instead of proxy Bearer token.
- Add anthropic preset to provider catalog
- Branch profile-writer env structure (native vs proxy)
- Add validateAnthropicKey() preflight with x-api-key header
- Auto-detect api.anthropic.com URL in interactive flow
- Fix hasApiKey/isConfigured to recognize ANTHROPIC_API_KEY
- Update delegation-validator for native mode profiles
- Add Droid target API key fallback (ANTHROPIC_API_KEY)
Closes#688
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Extract generic shouldCacheQuotaResult replacing 4 identical functions
- Move parseTarget to route-helpers.ts (was duplicated in profile/variant routes)
- Add createRouteErrorHelpers factory (was duplicated in auth/settings routes)
- Fix config read-then-write race in proxy-routes.ts and misc-routes.ts
using mutateUnifiedConfig for atomic read-modify-write
- Replace raw error messages in 500 responses with generic messages +
server-side logging across all cliproxy-stats-routes handlers
- Convert extractErrorLogMetadata from sync fs to async fs.promises
- Fix X-Forwarded-For header spoofing in requireSensitiveLocalAccess (use socket-level address only)
- Add model ID length validation (max 256 chars) in PUT /models/:provider
- Add provider name validation (alphanumeric, max 64 chars) to prevent path traversal
- Add stale entry eviction for unbounded quotaRateLimits Map (>1000 entries)
- Fix concurrent refresh race in usage aggregator (wait for in-flight before forced refresh)
- Sanitize internal URLs/paths from OAuth failure diagnostics
- Add ValidationError class for denylist violations (distinct from system errors)
- Make CLIProxy sync interval configurable via CCS_CLIPROXY_SYNC_INTERVAL env var
- Improve legacy continuity config error logging (unconditional warn)
- Add CACHE_VERSION history comments
- share one full-refresh promise across usage loaders to avoid duplicate work
- sync CLIProxy snapshot before source refresh and start sync lazily
- make refresh handler execute full refresh with proper error response
- reset pending cache state and guard sync interval double-start
- prevent km continuity mappings from affecting kimi cliproxy executions
- apply canonical alias fallback only for settings profile lookups
- add regression test for cross-type alias isolation
- resolve mappings with alias/canonical profile candidates
- fail open when source account initialization errors
- remove metadata touch side effects from inheritance preflight