Commit Graph
1847 Commits
Author SHA1 Message Date
Tam Nhu Tran 4c002caee1 fix(cliproxy): address code review feedback (attempt 4/5)
- Add default_tier and provider validation in POST/PUT routes
- Extract shared validateCompositeTiers() helper for DRY
- Validate providers against CLIPROXY_SUPPORTED_PROVIDERS
2026-02-12 08:46:38 +07:00
Tam Nhu Tran 6cfbdd649b fix(cliproxy): address code review feedback (attempt 3/5)
- Allow partial composite updates in PUT endpoint (|| -> &&)
- Map service validation errors to 400 status, not 404
- Widen 4xx regex to cover full 400-499 range
2026-02-12 08:39:46 +07:00
Tam Nhu Tran 240dfe29cf fix(ui): fix TypeScript error in composite edit dialog tier mapping
Map variant tiers to form data type, stripping thinking field and
casting provider to CLIProxyProvider enum type.
2026-02-12 08:29:15 +07:00
Tam Nhu Tran ac574e0baf fix(cliproxy): address code review feedback (attempt 2/5)
- Add tiers shape validation in variant-routes POST/PUT endpoints
- Use process.exit(1) for blocked --config on composite variants
2026-02-12 08:26:03 +07:00
Tam Nhu Tran 854b198b64 fix(cliproxy): address code review feedback (attempt 1/5)
- Add composite fields to UpdateVariant type (default_tier, tiers)
- Handle forceAuth (--auth) for composite multi-provider variants
2026-02-12 08:15:27 +07:00
Tam Nhu Tran e0ae5f20ff test(cliproxy): add composite variant v2 unit tests
- Thinking config: 24 tests for applyThinkingSuffix, detectTierFromModel,
  getThinkingValueForTier, and applyThinkingConfig with compositeTierThinking
- Fallback: 42 tests for isProviderError, detectFailedTier, applyFallback,
  and PROVIDER_ERROR_PATTERNS
- Variant service: 9 tests for updateCompositeVariant,
  saveCompositeVariantUnified, and listVariantsFromConfig with composite types
2026-02-12 07:40:40 +07:00
Tam Nhu Tran efd3f21e29 fix(cliproxy): strip thinking suffix in detectFailedTier matching
Model names with thinking suffixes like "model(high)" now match stderr
that contains the base model name without the suffix.
2026-02-12 07:40:15 +07:00
Tam Nhu Tran 1ebd9f43d6 feat(cliproxy): add dashboard CRUD for composite variants
- Extend create dialog with composite mode toggle and per-tier config tabs
- Add cliproxy-edit-dialog for modifying existing single and composite variants
- Add Edit action and composite type badge to variant table
- Extend API types with composite variant fields
- Update variant routes: GET (composite fields), POST (composite create), PUT (composite update)
2026-02-12 04:25:12 +07:00
Tam Nhu Tran ed22c1aa1e feat(cliproxy): add per-tier thinking config for composite variants
- Extend applyThinkingConfig() with compositeTierThinking parameter
- Priority chain: CLI --thinking > per-tier config > global config > defaults
- thinking: 'off' skips suffix for that tier
- Wire compositeTierThinking extraction in buildClaudeEnvironment()
- Add applyFallback() helper for tier-level env var modification
2026-02-12 04:24:50 +07:00
Tam Nhu Tran 478e9e8f73 feat(cliproxy): add provider error detection for composite fallback
- Add PROVIDER_ERROR_PATTERNS for HTTP 4xx/5xx, overloaded, quota, rate limit
- Add detectFailedTier() to identify which composite tier failed from stderr
- Add isProviderError() to distinguish provider failures from normal exits
2026-02-12 04:24:29 +07:00
Tam Nhu Tran 43e73f335f feat(cliproxy): add CLI edit command for composite variants
- Add handleEdit() interactive wizard for modifying existing variants
- Add updateCompositeVariant() to variant-service for partial tier updates
- Route 'edit' subcommand in cliproxy index
- Update help text with edit command documentation
- Export updateCompositeVariant from services index
2026-02-12 04:24:09 +07:00
Tam Nhu Tran 20d60791ff feat(cliproxy): extend composite schema with fallback and thinking fields
- Add fallback? (provider+model) to CompositeTierConfig for per-tier retry
- Add thinking? string to CompositeTierConfig for per-tier thinking budget
- Add hasFallback flag to VariantConfig for runtime detection
- Propagate new fields in listVariantsFromConfig()

Refs #506
2026-02-12 04:11:00 +07:00
Tam Nhu Tran 07bef9f50e feat(cliproxy): wire composite variant into main execution flow
- Detect composite variants in ProfileDetector with tier metadata
- Pass isComposite/compositeTiers/compositeDefaultTier through ccs.ts
- Handle composite in loadConfigSafe() legacy adapter
- Add validateCompositeVariants() for provider string validation
- Display 'composite' label in API profile listing

Refs #506
2026-02-12 04:09:19 +07:00
Tam Nhu Tran 4926c200f2 feat(cliproxy): add composite variant CLI wizard
- Add --composite flag to 'ccs cliproxy variant create'
- Implement selectTierConfig() interactive prompt per tier
- Add default tier selection after all tiers configured
- Display composite label in auth list and variant remove
- Show per-tier details in remove confirmation
- Update help text with --composite usage

Refs #506
2026-02-12 04:09:19 +07:00
Tam Nhu Tran 44b30b8753 feat(cliproxy): add composite variant runtime execution
- Add getCompositeEnvVars() for root URL + per-tier model env vars
- Extend ProxyChainConfig with composite fields
- Route composite variants through root URL in buildClaudeEnvironment()
- Multi-provider auth check for composite (all tiers must pass)
- Multi-provider token refresh for composite
- Per-tier broken model check
- Block --config for composite variants
- Pass composite config through to env resolver

Refs #506
2026-02-12 04:09:19 +07:00
Tam Nhu Tran c58fdc931e feat(cliproxy): implement composite variant CRUD and settings
- Add saveCompositeVariantUnified() for persisting composite configs
- Add createCompositeVariant() with per-tier backend validation
- Add createCompositeSettingsFile() with root URL + per-tier model env vars
- Add getCompositeRelativeSettingsPath() helper
- Handle composite in listVariantsFromConfig() and removeVariantFromUnifiedConfig()
- Block model update for composite variants (edit config.yaml instead)
- Export new functions from services barrel

Refs #506
2026-02-12 04:09:18 +07:00
Tam Nhu Tran 3d207faac5 feat(cliproxy): add composite variant type definitions
- Add CompositeVariantConfig, CompositeTierConfig interfaces
- Add CLIPROXY_SUPPORTED_PROVIDERS const array
- Extend ExecutorConfig with composite fields (isComposite, compositeTiers, compositeDefaultTier)
- Update variants record type to accept composite configs
- Export CLIProxyVariantConfig from types barrel

Refs #506
2026-02-12 04:09:18 +07:00
github-actions[bot] 0c898466fb chore(release): 7.43.0-dev.2 [skip ci] 2026-02-11 20:49:34 +00:00
Kai (Tam Nhu) TranandGitHub 5df2965642 Merge pull request #525 from kaitranntt/kai/feat/518-cursor-protobuf-executor
feat(cursor): add ConnectRPC protobuf encoder/decoder and HTTP/2 executor
2026-02-12 03:48:23 +07:00
Tam Nhu Tran 79ba1de4e2 fix(cursor): tighten rate limit detection string matching
Use specific patterns ('rate limit', 'resource_exhausted', 'too many
requests') instead of broad 'rate' or 'limit' substrings that would
false-positive on unrelated errors like 'character limit exceeded'.
2026-02-12 03:38:31 +07:00
Tam Nhu Tran c5e8241393 fix(cursor): address fourth-round review feedback for protobuf module 2026-02-12 03:27:58 +07:00
github-actions[bot] a7b89df54e chore(release): 7.43.0-dev.1 [skip ci] 2026-02-11 20:17:58 +00:00
Kai (Tam Nhu) TranandGitHub cb981db356 Merge pull request #526 from kaitranntt/kai/feat/519-cursor-auth-module
feat(cursor): add credential detection, SQLite token extraction, and auth status
2026-02-12 03:16:47 +07:00
Tam Nhu Tran 66a93ee46f fix(cursor): address third-round review feedback for protobuf module
HIGH PRIORITY FIXES:
- Extract shared buffer parsing logic into parseProtobufFrames generator
  method (DRY violation fix) - both JSON and SSE transformers now use
  common frame parsing loop, eliminating ~60% code duplication
- Use COMPRESS_FLAG constants instead of hardcoded 0x01/0x02/0x03 in
  parseConnectRPCFrame for better maintainability

MEDIUM PRIORITY FIXES:
- Return empty buffer on gzip decompression failure (prevents silent
  data corruption) - ALREADY FIXED
- Add debug warning for unknown message roles in convertMessages
- Create GitHub issue #535 for FIELD namespace refactoring follow-up
- Add test coverage: transformProtobufToSSE, error paths, unknown roles

LOW PRIORITY FIXES:
- Rename checksum test to clarify timestamp granularity (~16 min)
- Fix debug log function name in SSE transformer - FIXED BY REFACTOR
- Add comment to TOOL_RESULT_RESULT field documenting future use

All tests pass (1593 pass, 0 fail)
All validation checks pass (typecheck + lint + format + tests)
2026-02-12 03:15:24 +07:00
Tam Nhu Tran a8a68c9599 fix(cursor): address third-round review feedback for auth module 2026-02-12 03:09:35 +07:00
semantic-release-bot f3e7e2ad3c chore(release): 7.43.0 [skip ci]
## [7.43.0](https://github.com/kaitranntt/ccs/compare/v7.42.0...v7.43.0) (2026-02-11)

### Features

* **cliproxy:** add account safety guards to prevent Google account bans ([#516](https://github.com/kaitranntt/ccs/issues/516)) ([e055dac](https://github.com/kaitranntt/ccs/commit/e055dac1996bd3cd3c4e5ee0f11dad22d8d2a838)), closes [#509](https://github.com/kaitranntt/ccs/issues/509) [#512](https://github.com/kaitranntt/ccs/issues/512)
* **cliproxy:** runtime quota monitoring during active sessions ([#529](https://github.com/kaitranntt/ccs/issues/529)) ([c6c94a0](https://github.com/kaitranntt/ccs/commit/c6c94a0c1e7bf82dd56295a76d833d7d52694718)), closes [#524](https://github.com/kaitranntt/ccs/issues/524)
* **glm:** update default model to GLM-5 and fix all GLM pricing ([3e26dee](https://github.com/kaitranntt/ccs/commit/3e26dee0134fa576a57f216f232a0215084e74a3)), closes [#532](https://github.com/kaitranntt/ccs/issues/532)

### Bug Fixes

* **cliproxy:** add fork:true for Claude model aliases in config generator ([#523](https://github.com/kaitranntt/ccs/issues/523)) ([4065399](https://github.com/kaitranntt/ccs/commit/4065399d8aa46ccdb115081e461c5651d0afaa2e)), closes [#522](https://github.com/kaitranntt/ccs/issues/522)
* **cliproxy:** address all review feedback (Low + informational) ([7d049d8](https://github.com/kaitranntt/ccs/commit/7d049d8f1e8655856a1a9636d21f6eb3992752a0))
* **cliproxy:** mask email in ban detection and fix JSDoc default ([fcc605b](https://github.com/kaitranntt/ccs/commit/fcc605bc1f02af4da518d21c10f8c77b38a793ad))
* **cliproxy:** migrate deprecated gemini-claude-* model names to upstream claude-* names ([#515](https://github.com/kaitranntt/ccs/issues/515)) ([6afbb72](https://github.com/kaitranntt/ccs/commit/6afbb72b472029358fc3d9b2fed488fd4779695b)), closes [#513](https://github.com/kaitranntt/ccs/issues/513)
* **glm:** fix missed help text reference and glm-4.5-air pricing ([7d9c538](https://github.com/kaitranntt/ccs/commit/7d9c538248f93089ae6483af4ea1d01e555e2e20))
* **hooks:** isolate image type check before error-prone processing ([#514](https://github.com/kaitranntt/ccs/issues/514)) ([19de427](https://github.com/kaitranntt/ccs/commit/19de42704f683a29134982dfb643e97c3123bf7c)), closes [#511](https://github.com/kaitranntt/ccs/issues/511)
2026-02-11 19:24:41 +00:00
Kai (Tam Nhu) TranandGitHub fe77f6ddfe Merge pull request #534 from kaitranntt/dev
feat(glm): update default model to GLM-5 and fix all GLM pricing
2026-02-12 02:23:34 +07:00
github-actions[bot] 273e290bc0 chore(release): 7.42.0-dev.1 [skip ci] 2026-02-11 19:21:43 +00:00
Kai (Tam Nhu) TranandGitHub 0f871b619a Merge pull request #533 from kaitranntt/kai/feat/532-glm5-update
feat(glm): update default model to GLM-5 and fix all GLM pricing
2026-02-12 02:20:37 +07:00
Tam Nhu Tran 7d9c538248 fix(glm): fix missed help text reference and glm-4.5-air pricing
- Update delegation help text from "GLM-4.6" to "GLM-5"
- Fix glm-4.5-air pricing to OpenRouter verified rates:
  input $0.20 -> $0.13, output $1.10 -> $0.85, cache $0.03 -> $0.025
2026-02-12 01:52:32 +07:00
Tam Nhu Tran 3e26dee013 feat(glm): update default model to GLM-5 and fix all GLM pricing
- Update default GLM model from glm-4.7 to glm-5 across configs, presets, help text, and fallbacks
- Add glm-5 pricing entry ($1.00/$3.20 per M tokens, OpenRouter verified)
- Fix incorrect glm-4.7 pricing: $0.60/$2.20 -> $0.40/$1.50 (OpenRouter verified)
- Fix incorrect glm-4.6 pricing: $0.60/$2.20 -> $0.35/$1.50 (OpenRouter verified)
- Fix incorrect glm-4.5 pricing: $0.60/$2.20 -> $0.35/$1.55 (OpenRouter verified)
- Keep all previous GLM model entries for backward compatibility

Closes #532
2026-02-12 01:43:59 +07:00
Tam Nhu Tran e177a4b097 fix(cursor): address second-round review feedback for protobuf module
HIGH Priority:
- Add comprehensive unit tests (27 tests covering encoder, decoder, translator, executor)
  * encodeVarint/decodeVarint round-trip (0, 1, 127, 128, 16383, 0xFFFFFFFF)
  * encodeField/decodeField round-trip (VARINT, LEN string, LEN binary)
  * wrapConnectRPCFrame/parseConnectRPCFrame (compressed/uncompressed)
  * buildCursorRequest message translation (system, user, assistant, tool)
  * generateChecksum header format validation
  * buildHeaders output validation
  * transformProtobufToJSON basic conversion
- Create GitHub issue #531 for true streaming implementation
- Update TODO comment to reference issue #531

MEDIUM Priority:
- Export CursorCredentials from cursor-protobuf-schema.ts
- Add JSDoc grouping comments to FIELD constant for clarity
- Make hardcoded values configurable (CURSOR_CLIENT_VERSION, CURSOR_USER_AGENT)
- Add debug logging to 9 silent catch blocks (respects CCS_DEBUG env var)
- Fix stream check: stream !== false → stream === true

Bug Fixes:
- Fix decodeVarint to return unsigned values (>>> 0)
- Fix test assertion for Response.text() async API
2026-02-12 01:26:47 +07:00
Tam Nhu Tran 84a256d0ac fix(cursor): address second-round review feedback for auth module
- Add comprehensive unit tests for cursor-auth.test.ts
  - validateToken: valid/invalid tokens, short tokens, UUID formats, empty strings
  - extractUserInfo: JWT parsing, email handling, non-JWT tokens, malformed base64
  - saveCredentials/loadCredentials: round-trip, invalid JSON/types, missing fields
  - checkAuthStatus: authenticated/not authenticated, expired tokens, JWT exp, invalid dates
  - deleteCredentials: delete existing/non-existent files, multiple deletes
  - All tests use CCS_HOME env var for isolation, real file I/O, no mocks

- Fix dead try-catch around new Date() in checkAuthStatus()
  - Replace try-catch with isNaN check (new Date('garbage') returns Invalid Date, not throw)
  - Properly handle Invalid Date by checking isNaN(getTime())

- Fix email populated with sub claim in extractUserInfo()
  - Change email: decoded.email || decoded.sub to email: decoded.email || undefined
  - Prevent non-email values (UUIDs) from populating email field

- Add type guards for JSON.parse result in extractUserInfo()
  - Cast to Record<string, unknown> and validate types
  - Use typeof checks for email, userId, exp fields
2026-02-12 01:23:29 +07:00
Tam Nhu Tran b412ba2a9e fix(cursor): address remaining review items in auth module
- Enhanced extractUserInfo to return JWT exp claim for expiry detection
- Updated checkAuthStatus to use JWT exp when available, fallback to importedAt heuristic
- Added typeof validation for loadCredentials fields
- Added ENOENT detection for sqlite3 availability in queryStateDb
- Added deleteCredentials function for cleanup
- Updated PR #526 description to remove refreshToken mention
2026-02-12 01:07:25 +07:00
Tam Nhu Tran f3d532afd9 fix(cursor): address remaining LOW review items in protobuf module 2026-02-12 01:06:33 +07:00
github-actions[bot] dd7fb94e7e chore(sync): merge main into dev after release [skip ci]
# Conflicts:
#	package.json
2026-02-11 17:58:27 +00:00
semantic-release-bot f62f732249 chore(release): 7.42.0 [skip ci]
## [7.42.0](https://github.com/kaitranntt/ccs/compare/v7.41.0...v7.42.0) (2026-02-11)

### Features

* account safety, quota monitoring, and stability fixes ([#530](https://github.com/kaitranntt/ccs/issues/530)) ([0518050](https://github.com/kaitranntt/ccs/commit/051805074eb80db839a4deb8ab1dcb89f29766de)), closes [#515](https://github.com/kaitranntt/ccs/issues/515) [#513](https://github.com/kaitranntt/ccs/issues/513) [#514](https://github.com/kaitranntt/ccs/issues/514) [#511](https://github.com/kaitranntt/ccs/issues/511) [#523](https://github.com/kaitranntt/ccs/issues/523) [#522](https://github.com/kaitranntt/ccs/issues/522) [#516](https://github.com/kaitranntt/ccs/issues/516) [#509](https://github.com/kaitranntt/ccs/issues/509) [#512](https://github.com/kaitranntt/ccs/issues/512) [#529](https://github.com/kaitranntt/ccs/issues/529) [#524](https://github.com/kaitranntt/ccs/issues/524)
2026-02-11 17:57:36 +00:00
github-actions[bot] 77be8d7c9b chore(release): 7.41.0-dev.7 [skip ci] 2026-02-11 17:49:57 +00:00
Tam Nhu Tran a76e11e2de Merge remote-tracking branch 'origin/main' into dev 2026-02-12 00:48:46 +07:00
Kai (Tam Nhu) TranGitHubgithub-actions[bot] <github-actions[bot]@users.noreply.github.com>
051805074e feat: account safety, quota monitoring, and stability fixes (#530)
* fix(cliproxy): migrate deprecated gemini-claude-* model names to upstream claude-* names (#515)

* fix(cliproxy): migrate deprecated gemini-claude-* model names to upstream claude-* names

CLIProxyAPI registry no longer recognizes the gemini-claude-* prefix convention.
Model names in catalog, base config, and user settings are migrated to upstream
claude-* names. Auto-migration in env-builder rewrites existing user settings on
load and persists the change.

Closes #513

* fix: address code review feedback — sync UI layer and add migration tests

- Sync UI isNativeGeminiModel() with backend (remove gemini-claude- exclusion)
- Update UI model catalog agy entries from gemini-claude-* to claude-*
- Update CI/CD workflow and code-reviewer default model names
- Add unit tests for migrateDeprecatedModelNames() logic

* fix(hooks): isolate image type check before error-prone processing (#514)

* fix(hooks): isolate image type check before error-prone processing

Restructure processHook() into two phases so non-image Read calls
never see hook error messages. Phase 1 defensively checks tool name
and file extension, exiting 0 silently on any failure. Phase 2 only
runs for confirmed image/PDF files where errors are relevant.

Closes #511

* fix(hooks): sync image analyzer hook file on every profile launch

Add installImageAnalyzerHook() call to cliproxy executor, matching
the existing installWebSearchHook() pattern. This ensures the .cjs
file in ~/.ccs/hooks/ gets refreshed from the npm package on every
launch, so users receive hook updates after npm update.

* chore(release): 7.41.0-dev.1 [skip ci]

* fix(cliproxy): add fork:true for Claude model aliases in config generator (#523)

Config generator now outputs fork:true for Claude model alias entries,
ensuring both upstream (claude-*) and aliased (gemini-claude-*) model
names appear in /v1/models listings. Also preserves fork flag when
parsing user-added aliases during config regeneration.

Bumps config version to v7 to trigger regeneration on next ccs doctor.

Closes #522

* chore(release): 7.41.0-dev.2 [skip ci]

* feat(cliproxy): add account safety guards to prevent Google account bans (#516)

* feat(cliproxy): add account safety guards to prevent Google account bans

Implements cross-provider isolation to prevent Google from flagging
concurrent OAuth usage across different client IDs (ref: #509, #512).

Three pillars:
1. Auto-pause enforcement at session launch — conflicting accounts in
   other Google OAuth providers are paused so CLIProxyAPI can't use them,
   restored on session exit with crash recovery via auto-paused.json
2. Ban/disable detection — error responses matching Google ban patterns
   auto-pause the affected account to prevent further damage
3. Cross-provider conflict warnings during OAuth registration

Key design decisions:
- PID-based session tracking for crash recovery (dead PID = restore)
- Timestamp comparison prevents restoring ban-paused accounts on exit
- Schema validation on auto-paused.json prevents corrupted state
- Falls back to warn-only when another session is managing isolation

* fix(cliproxy): address code review feedback (attempt 1/5)

- Re-read auto-paused.json before write in enforceProviderIsolation to
  reduce concurrent write race window
- Use actual email from registry for display instead of raw accountId
- Export maskEmail for testability
- Add 27 unit tests covering ban detection, email masking,
  cross-provider duplicate detection, enforcement lifecycle,
  crash recovery, and timestamp-guarded restore

* fix(cliproxy): address remaining review feedback (attempt 2/5)

- Add handleBanDetection test verifying account pause on ban error
- Add warnCrossProviderDuplicates tests (true/false/non-Google)
- Document PID reuse limitation in isPidAlive JSDoc comment

* chore(release): 7.41.0-dev.3 [skip ci]

* feat(cliproxy): runtime quota monitoring during active sessions (#529)

* feat(cliproxy): add runtime quota monitoring during active sessions

Adds adaptive background quota polling to detect and respond to quota
exhaustion during active CLIProxy sessions. Prevents rate-limit-driven
account bans by auto-cooling exhausted accounts and switching defaults.

- Adaptive polling: 300s normal, 60s at 20% threshold, stops at 0%
- Stderr warnings at 20%, boxed exhaustion alerts at 0%
- Cooldown + default switch on exhaustion (existing patterns)
- Configurable via quota_management.runtime_monitor in config.yaml
- Timer.unref() prevents blocking process exit
- monitorStopped guard for in-flight poll safety

Closes #524

* fix: address code review feedback (attempt 1/5)

- M1: Round quotaPercent display with Math.round() to avoid ugly floats
- M2: Rename exhaust_threshold -> exhaustion_threshold for consistency
  with existing auto.exhaustion_threshold config field
- M3: Replace async not.toThrow() with direct await assertion pattern

* fix: address code review feedback (attempt 2/5)

- Remove .claude/agent-memory/ from tracking and add to .gitignore
- Unify cooldown_minutes default to 5 (was 10 in runtime_monitor, 5 in auto)
- Add threshold validation in startQuotaMonitor (warn > exhaustion)
- Document intentional post-switch monitoring gap in code comment

* chore(release): 7.41.0-dev.4 [skip ci]

* fix(cliproxy): mask email in ban detection and fix JSDoc default

- Use maskEmail() in handleBanDetection output for consistency
- Fix cooldown_minutes JSDoc: default is 5, not 10

* chore(release): 7.41.0-dev.5 [skip ci]

* fix(cliproxy): address all review feedback (Low + informational)

- Add sync constraint comment on process.exit handler (executor)
- Add TOCTOU race acceptability comment (account-safety)
- Mask email in handleQuotaExhaustion reason string
- Use realistic exhaustion_threshold (5) in test configs

* chore(release): 7.41.0-dev.6 [skip ci]

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-12 00:48:29 +07:00
github-actions[bot] 5fb67a5e0c chore(release): 7.41.0-dev.6 [skip ci] 2026-02-11 17:44:03 +00:00
Tam Nhu Tran 7d049d8f1e fix(cliproxy): address all review feedback (Low + informational)
- Add sync constraint comment on process.exit handler (executor)
- Add TOCTOU race acceptability comment (account-safety)
- Mask email in handleQuotaExhaustion reason string
- Use realistic exhaustion_threshold (5) in test configs
2026-02-12 00:42:54 +07:00
github-actions[bot] a7495cdd4f chore(release): 7.41.0-dev.5 [skip ci] 2026-02-11 17:35:23 +00:00
Tam Nhu Tran fcc605bc1f fix(cliproxy): mask email in ban detection and fix JSDoc default
- Use maskEmail() in handleBanDetection output for consistency
- Fix cooldown_minutes JSDoc: default is 5, not 10
2026-02-12 00:34:03 +07:00
github-actions[bot] 753ba3e249 chore(release): 7.41.0-dev.4 [skip ci] 2026-02-11 15:52:03 +00:00
Kai (Tam Nhu) TranandGitHub c6c94a0c1e feat(cliproxy): runtime quota monitoring during active sessions (#529)
* feat(cliproxy): add runtime quota monitoring during active sessions

Adds adaptive background quota polling to detect and respond to quota
exhaustion during active CLIProxy sessions. Prevents rate-limit-driven
account bans by auto-cooling exhausted accounts and switching defaults.

- Adaptive polling: 300s normal, 60s at 20% threshold, stops at 0%
- Stderr warnings at 20%, boxed exhaustion alerts at 0%
- Cooldown + default switch on exhaustion (existing patterns)
- Configurable via quota_management.runtime_monitor in config.yaml
- Timer.unref() prevents blocking process exit
- monitorStopped guard for in-flight poll safety

Closes #524

* fix: address code review feedback (attempt 1/5)

- M1: Round quotaPercent display with Math.round() to avoid ugly floats
- M2: Rename exhaust_threshold -> exhaustion_threshold for consistency
  with existing auto.exhaustion_threshold config field
- M3: Replace async not.toThrow() with direct await assertion pattern

* fix: address code review feedback (attempt 2/5)

- Remove .claude/agent-memory/ from tracking and add to .gitignore
- Unify cooldown_minutes default to 5 (was 10 in runtime_monitor, 5 in auto)
- Add threshold validation in startQuotaMonitor (warn > exhaustion)
- Document intentional post-switch monitoring gap in code comment
2026-02-11 22:50:50 +07:00
Tam Nhu Tran 7e4f08004c fix(cursor): address code review feedback on auth module
- Sanitize SQL key parameter in queryStateDb to prevent injection
- Fix UUID regex: use exact {32} length, remove redundant hyphen from
  stripped character class
- Remove unused types from types.ts (YAGNI): CursorDaemonStatus,
  CursorModel, MessageRole, CursorMessage, CursorToolCall,
  CursorToolResult, ProtobufExtractResult — belong in their respective
  module PRs
2026-02-11 19:31:04 +07:00
Tam Nhu Tran 31f574118d fix(cursor): address code review feedback (attempt 1/5)
- Fix bitwise shift overflow in generateChecksum: use Math.trunc
  division for >>40/>>32 which wrap modulo 32 in JS
- Add FIXED64/FIXED32 bounds checks in protobuf decoder to prevent
  out-of-bounds slice on truncated buffers
- Consolidate COMPRESS_FLAG to single definition in schema (DRY):
  executor now imports from schema, added GZIP_ALT/GZIP_BOTH values
- Fix token split edge case: use indexOf+slice instead of split('::')[1]
  to handle tokens containing multiple :: delimiters
- Fix AbortSignal listener leak: store handler ref, use once:true,
  remove listener on request end/error
2026-02-11 19:27:39 +07:00
github-actions[bot] 0838b96429 chore(release): 7.41.0-dev.3 [skip ci] 2026-02-11 12:22:44 +00:00
Kai (Tam Nhu) TranandGitHub e055dac199 feat(cliproxy): add account safety guards to prevent Google account bans (#516)
* feat(cliproxy): add account safety guards to prevent Google account bans

Implements cross-provider isolation to prevent Google from flagging
concurrent OAuth usage across different client IDs (ref: #509, #512).

Three pillars:
1. Auto-pause enforcement at session launch — conflicting accounts in
   other Google OAuth providers are paused so CLIProxyAPI can't use them,
   restored on session exit with crash recovery via auto-paused.json
2. Ban/disable detection — error responses matching Google ban patterns
   auto-pause the affected account to prevent further damage
3. Cross-provider conflict warnings during OAuth registration

Key design decisions:
- PID-based session tracking for crash recovery (dead PID = restore)
- Timestamp comparison prevents restoring ban-paused accounts on exit
- Schema validation on auto-paused.json prevents corrupted state
- Falls back to warn-only when another session is managing isolation

* fix(cliproxy): address code review feedback (attempt 1/5)

- Re-read auto-paused.json before write in enforceProviderIsolation to
  reduce concurrent write race window
- Use actual email from registry for display instead of raw accountId
- Export maskEmail for testability
- Add 27 unit tests covering ban detection, email masking,
  cross-provider duplicate detection, enforcement lifecycle,
  crash recovery, and timestamp-guarded restore

* fix(cliproxy): address remaining review feedback (attempt 2/5)

- Add handleBanDetection test verifying account pause on ban error
- Add warnCrossProviderDuplicates tests (true/false/non-Google)
- Document PID reuse limitation in isPidAlive JSDoc comment
2026-02-11 19:21:31 +07:00