Commit Graph
31 Commits
Author SHA1 Message Date
Kai (Tam Nhu) TranandGitHub 1b5376239f fix: preserve native Claude passthrough args
Closes #1189
2026-05-07 06:14:12 -04:00
d6b705e6a9 fix(dispatcher): re-inject anthropic auth env for anthropic-compatible api profiles (#1181)
* fix(dispatcher): preserve anthropic auth env for settings profiles on non-proxy path

API profiles whose `ANTHROPIC_BASE_URL` is classified as `'anthropic'`
(anthropic.com, paths containing `/anthropic`, ollama.com) skip the
local OpenAI-compat proxy. The non-proxy launch path stripped
`ANTHROPIC_BASE_URL` / `ANTHROPIC_AUTH_TOKEN` / `ANTHROPIC_API_KEY`
from the subprocess env without re-injecting them, so Claude Code
launched with no routing/auth in `process.env` and failed with
`Not logged in - Please run /login`. The `--settings` env block does
not satisfy Claude Code's auth check.

Pre-existing for `anthropic.com` and `/anthropic` profiles. Newly
broken in v7.77.0 for Ollama Cloud profiles - PR #1175 reclassified
`ollama.com` from `generic-chat-completion-api` to `anthropic`,
moving it from the proxy path onto this broken non-proxy path.

Fix by extending `stripAnthropicRoutingEnv` with an optional
`preserveFrom` parameter. Routing keys present in `preserveFrom`
survive the strip (with values from `preserveFrom`). Settings-type
profiles pass their own `settings.env` as the preserve source so
routing they explicitly supplied is kept while routing leaked from
the parent shell or `global.env` is dropped.

Wired into both call sites:
- `headless-executor.ts` (the `-p` headless executor)
- `settings-flow.ts` (the interactive flow, which then calls
  `execClaude` - whose own `stripAnthropicRoutingEnv` pass on the
  merged env now also takes `envVars` as the preserve source so the
  caller-supplied routing is not stripped a second time before spawn)

Native Anthropic / Bedrock / Vertex profiles are unaffected (they
don't put routing keys in `settings.env`). The OpenAI-compat proxy
path is unaffected because `buildOpenAICompatProxyEnv` overrides
`BASE_URL` / `AUTH_TOKEN` with localhost values and explicitly deletes
`API_KEY` after this strip.

Replaces the Apr 21 defensive double-strip test (which was the
mechanism causing this regression on the interactive path) with a
test asserting the new contract: caller-supplied routing in `envVars`
survives, parent-process routing is still stripped.

* test: harden anthropic settings env preservation coverage

* fix: preserve explicit blank anthropic routing env

---------

Co-authored-by: Tam Nhu Tran <kaitran.ntt@gmail.com>
2026-05-04 20:22:13 -04:00
Tam Nhu Tran 3862411bb7 fix(cliproxy): harden custom local port handling 2026-05-03 14:07:31 -04:00
Tam Nhu Tran 4f6e61739c refactor(config): adopt config-loader-facade across the codebase
Issue #1161. Sweeps 127 files to import from
src/config/config-loader-facade.ts instead of unified-config-loader or
utils/config-manager directly.

WRITE callers (32 files): replaced raw saveUnifiedConfig /
mutateUnifiedConfig / updateUnifiedConfig calls with the facade's
cache-coherent wrappers saveConfig / mutateConfig / updateConfig. This
fixes a latent stale-cache window where direct writes through the
underlying loader bypassed the facade's memoization.

READ callers (95 files): mechanical import-path migration only —
function names unchanged because the facade re-exports them. No
behavior change.

Also updated:
- tests/unit/utils/browser/browser-setup.test.ts (DI interface rename)
- src/management/checks/image-analysis-check.ts (dynamic import rename)
- src/web-server/health-service.ts (dynamic require rename)
- src/ccs.ts (path prefix fix from sweep script)

After sweep: zero raw write callers remain outside src/config/. Direct
imports of config-manager remain only for symbols not in the facade
(getConfigPath, getCcsDirSource, etc). Behavior unchanged; full suite
passes 1824/1824.

Out of scope: switching loadOrCreateUnifiedConfig() callers to
getCachedConfig() — needs per-callsite cache-safety analysis. Tracked
as follow-up.

Refs #1161
2026-05-03 01:42:53 -04:00
Tam Nhu Tran e5fe86f520 feat: add native Claude effort override 2026-04-30 22:36:47 -04:00
Tam Nhu Tran 47fbe8bb3a fix(proxy): clean up temp launch settings 2026-04-28 11:59:37 -04:00
Tam Nhu Tran 3dcf150978 fix(proxy): preserve settings-profile launches for openai bridge 2026-04-28 11:42:56 -04:00
Tam Nhu Tran f78c30ac50 fix(runtime): isolate nested Anthropic env across delegation paths 2026-04-22 22:09:08 -04:00
Tam Nhu Tran 64ecd8b3dc feat(image-analysis): make MCP-first provisioning self-healing 2026-04-08 13:36:05 -04:00
Tam Nhu Tran 77b488f8b1 fix(image-analysis): harden runtime and provisioning 2026-04-02 18:36:19 -04:00
Tam Nhu Tran 813b2dd4d0 feat(image-analysis): add provider-backed runtime 2026-04-02 15:44:13 -04:00
Tam Nhu Tran cae5b710b8 fix(websearch): close review gaps in managed runtime 2026-03-30 23:02:20 -04:00
Tam Nhu Tran de7171d810 feat(websearch): finish managed third-party rollout
- steer third-party launches toward the managed WebSearch MCP tool

- add opt-in trace diagnostics across launch, MCP, provider, and headless paths

- extend docs and regression coverage for the first-class runtime

Refs #862
2026-03-30 22:41:51 -04:00
Tam Nhu Tran 4cdb6594f8 fix: respect auto_update preference by disabling Claude auto-updater 2026-03-02 21:13:15 +07:00
Tam Nhu Tran 50412dc679 fix(delegation): strip claudecode in core delegation spawn paths
- add shared CLAUDECODE sanitizer for child env construction

- apply sanitizer in execClaude and headless delegation execution

- sanitize GLMT embedded Claude spawn environment

Refs #588
2026-02-20 23:00:33 +07:00
Tam Nhu Tran 4303ee48c9 fix(delegation): strip CLAUDECODE env var to bypass nested session guard
Claude Code v2.1.39+ sets CLAUDECODE env var and refuses to launch
if detected, breaking CCS auto-delegation which spawns child Claude
processes. Strip the var from both interactive (execClaude) and
headless (HeadlessExecutor) spawn paths.

Closes #588
2026-02-20 22:22:11 +07:00
Tam Nhu Tran cf8070b5f0 fix(profile): handle km compatibility for legacy kimi api users 2026-02-19 12:43:41 +07:00
Tam Nhu Tran c8800b418a fix(config): resolve remaining hardcoded paths and improve readability
- Replace hardcoded ~/.ccs in error messages: ccs.ts (lines 83, 151)
  and delegation-handler.ts (line 333) now use getCcsDir()
- Cache repeated getter calls in local vars for readability:
  openrouter-catalog.ts getCachedModels/setCachedModels,
  aggregator.ts getInstancePaths
- Add path.resolve() for CCS_HOME env var consistency with CCS_DIR
2026-02-11 11:35:44 +07:00
Tam Nhu Tran dc9b27623b test(utils): add unit tests for killWithEscalation
- Add 7 test cases covering SIGTERM/SIGKILL escalation, timer cleanup,
  default and custom grace periods, and already-exited process edge case
- Add timer.unref() to prevent keeping event loop alive during shutdown
- Add comment explaining 10s grace period in headless-executor timeout
2026-02-11 02:25:10 +07:00
Tam Nhu Tran 90b4627740 refactor(utils): extract killWithEscalation to shared process-utils
- Move killWithEscalation to src/utils/process-utils.ts (DRY)
- Fix handleCancel to use exitCode === null and killWithEscalation
- Fix import ordering in both oauth-process.ts and headless-executor.ts
2026-02-11 02:08:12 +07:00
Tam Nhu Tran 4b1fcacf30 fix(delegation): use exitCode instead of killed for process termination checks
- Replace `!proc.killed` with `proc.exitCode === null` in headless-executor
- Extract `killWithEscalation` helper for SIGTERM→SIGKILL escalation
- Fixes pre-existing dead code where SIGKILL was never sent
2026-02-11 01:58:35 +07:00
kaitranntt f6b7045023 fix(delegation): dynamic model display from settings
- Read ANTHROPIC_MODEL from profile settings instead of hardcoding
- Display model name in full uppercase (GLM-4.7, not Glm-4.7)
- Add null/undefined guard to getModelDisplayName
- Remove hardcoded GLM-4.6/GLM-4.6 (Thinking) display names

Closes #431
2026-02-03 00:01:30 -05:00
kaitranntt 9b61f5318e fix(isolation): use getCcsDir() for test isolation
Replace os.homedir() with getCcsDir() in 11 source files to ensure
tests don't touch the user's real ~/.ccs/ directory. The getCcsDir()
function from config-manager.ts respects CCS_HOME env var for
test isolation.

Files fixed:
- src/auth/profile-detector.ts
- src/auth/profile-registry.ts
- src/delegation/headless-executor.ts
- src/delegation/session-manager.ts
- src/glmt/glmt-transformer.ts
- src/management/checks/config-check.ts
- src/management/checks/profile-check.ts
- src/management/checks/system-check.ts
- src/management/instance-manager.ts
- src/management/shared-manager.ts
- src/utils/update-checker.ts
2026-01-25 21:38:27 -05:00
Kai (Tam Nhu) TranGitHubgithub-actions[bot] <github-actions[bot]@users.noreply.github.com>Shun KakinokiClaude Opus 4.5
b3ef76a07b feat(release): CLI flag passthrough, proxy fixes, and UI improvements (#239)
* fix(cliproxy): pass variant port to executor for isolation

Variants configured with dedicated ports (8318-8417) were not using
their assigned port. The executor always defaulted to 8317.

Changes:
- Add port field to ProfileDetectionResult interface
- Pass variant.port from profile-detector to ccs.ts
- Forward port to execClaudeWithCLIProxy options
- Update executor priority: CLI flags > variant port > config.yaml > default

Closes #228

* fix(cliproxy): propagate port in unified config and UI preset handlers

Edge case fixes identified in codebase review:
- Unified config variant detection: add settingsPath and port fields
- Provider editor: use variant port in handleApplyPreset/handleCustomPresetApply
- preset-utils: add optional port parameter to applyDefaultPreset()

* chore(release): 7.11.1-dev.1 [skip ci]

* fix(cliproxy): use correct default port (8317) for remote HTTP connections

Root cause: Inconsistent default port logic across code paths.
- Test Connection used 8317 (correct)
- Actual API calls used 80 (wrong)

Changes:
- Add centralized getRemoteDefaultPort() helper in config-generator.ts
- Fix proxy-target-resolver.ts to use shared helper
- Fix rewriteLocalhostUrls() and getRemoteEnvVars() in config-generator.ts
- Update remote-proxy-client.ts to use shared helper (DRY)

Fixes all 3 reported issues:
1. Port empty → now correctly uses :8317 instead of :80
2. BASEURL construction → now includes correct port
3. CLIProxy Plus auth → now fetches from remote on correct port

* chore(release): 7.11.1-dev.2 [skip ci]

* feat(delegation): add Claude Code CLI flag passthrough

Add explicit passthrough support for key Claude Code CLI flags:
- --max-turns: Limit agentic turns (prevents infinite loops)
- --fallback-model: Auto-fallback when model overloaded
- --agents: Dynamic subagent JSON injection
- --betas: Enable experimental features

Maintain extraArgs catch-all for future Claude Code flags.
Update help command with new "Delegation Flags" section.

Closes #89

* test(delegation): add comprehensive CLI flag passthrough tests

Add 45 test cases covering all edge cases for CLI flag passthrough:
- DelegationHandler: timeout/max-turns/fallback-model/agents/betas validation
- HeadlessExecutor: duplicate flag filtering, undefined vs truthy checks

* chore(release): 7.11.1-dev.3 [skip ci]

* fix(ui): enable cancel button during OAuth authentication

Resolves #234 - Cancel button was disabled during authentication flow,
preventing users from canceling the OAuth process.

Changes:
- Add auth-session-manager.ts for tracking active OAuth sessions
- Add POST /cliproxy/auth/:provider/cancel endpoint to abort sessions
- Kill spawned CLIProxy auth process when cancel is triggered
- Enable Cancel button in AddAccountDialog during authentication
- Add cancel support to QuickSetupWizard auth step
- Update useCancelAuth hook to call backend cancel endpoint

* chore(release): 7.11.1-dev.4 [skip ci]

* fix(prompt): add stdin.pause() to prevent process hang after password input

Fixes #236. The password() method called resume() on stdin but never
paused it in cleanup, keeping the event loop alive indefinitely.

* chore(release): 7.11.1-dev.5 [skip ci]

* feat(cliproxy): add --allow-self-signed flag for HTTPS connections (#227)

Previously, allowSelfSigned was hardcoded to true for all HTTPS protocol
connections, forcing use of the native https module which has issues with
Cloudflare-proxied connections causing timeouts.

This change:
- Adds --allow-self-signed CLI flag (default: false)
- Adds CCS_ALLOW_SELF_SIGNED environment variable
- Uses standard fetch API by default for HTTPS (works with valid certs)
- Only uses native https module when --allow-self-signed is specified

Usage:
- For production HTTPS proxies with valid certs: no flag needed
- For dev proxies with self-signed certs: use --allow-self-signed

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

* chore(release): 7.11.1-dev.6 [skip ci]

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Shun Kakinoki <39187513+shunkakinoki@users.noreply.github.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-31 16:36:18 -08:00
kaitranntt c3baaa8251 refactor(delegation): modularize headless-executor into executor/ directory
- extract types, stream-parser, result-aggregator

- consolidate ExecutionResult to executor/types.ts (DRY)

- slim headless-executor.ts from 729 to 391 lines (46% reduction)

- add barrel exports at executor/index.ts and delegation/index.ts
2025-12-19 12:35:59 -05:00
kaitranntt 4005f1c01c feat(cli): standardize UI output with ui.ts abstraction layer 2025-12-12 05:11:59 -05:00
kaitranntt 26d72cfa5b feat(delegation): add passthrough args for claude cli flags
Support passing through additional CLI flags like --agent, --system-prompt-file
to the underlying Claude CLI when using delegation mode.
2025-12-05 16:43:08 -05:00
kaitranntt 716193a682 feat(ui): enhance delegation with listr2 task lists and styled output
Phase 5 of CLI UI/UX Enhancement - Delegation + Listr2

Added Listr2 integration for enhanced delegation progress display:
- Intelligent renderer selection (TTY/CI/Claude Code context detection)
- Styled result boxes and tables using ui layer
- Graceful fallback chain: Listr2 → Spinners → Plain text
- All delegation formatters converted to async

Changes:
- src/utils/ui.ts: Added taskList wrapper, isClaudeCodeContext detection
- src/delegation/result-formatter.ts: Async formatting with styled boxes/tables
- src/delegation/delegation-handler.ts: Async format calls
- src/delegation/headless-executor.ts: UI layer progress messages
- tests: Updated all formatter tests to handle async
- docs: Enhanced code standards and codebase summary

All validation passing (157/157 tests)
Phase 5 complete - All 5 phases delivered
2025-12-01 20:53:04 -05:00
kaitranntt 7a413a81b7 refactor: enhance TypeScript types and improve delegation system 2025-11-27 09:25:12 -05:00
kaitranntt 0139333146 feat: set up quality gates for CCS TypeScript package
- Migrate package manager from npm to bun
- Add ESLint configuration with TypeScript support
- Add Prettier configuration and .prettierignore
- Format all TypeScript source files
- Update CLAUDE.md with bun instructions
- Verify 39 tests passing
2025-11-26 20:43:21 -05:00
kaitranntt 77d026869e fix(tsconfig): remove duplicate compiler options
- Remove duplicate allowSyntheticDefaultImports (lines 16 & 42)
- Remove duplicate skipLibCheck (lines 18 & 46)
- Add TypeScript source files for npm package migration
- Verify build pipeline works (42/42 tests pass)
2025-11-26 19:24:40 -05:00