Commit Graph
3943 Commits
Author SHA1 Message Date
Kai (Tam Nhu) TranandGitHub 775f438d78 refactor(docker): drop Bun from runtime stage; generate npm lockfile in build stage (#1256)
- Build stage keeps Bun for fast installs; appends `npm install --package-lock-only`
  to generate an ephemeral package-lock.json immediately after `bun run build:all`.
- Runtime stage removes BUN_VERSION ARG/ENV, the bun.sh curl install, and
  `bun install --frozen-lockfile --production`. Replaces with:
    COPY --from=build /app/package.json /app/package-lock.json ./
    RUN npm ci --omit=dev --ignore-scripts
- --ignore-scripts rationale: postinstall (scripts/postinstall.js) writes ~/.ccs/
  config — not needed in Docker context. bcrypt v6+ is pure-JS, no native compile.
- package-lock.json already in .gitignore (line 33); never committed.
- docker/Dockerfile.integrated unchanged — no Bun present there (alpine + npm).
- Targets: image size reduction >= 300 MB by eliminating ~130 MB Bun binary + installer.
2026-05-16 12:33:45 -04:00
Kai (Tam Nhu) TranandGitHub d558cd2e36 feat(docker): publish ccs:latest + ccs:full integrated images (P1 of #1251) (#1257)
* feat(docker): parameterize Dockerfile.integrated with ARG FLAVOR=minimal|full

Add FLAVOR build arg that gates the AI CLI install layer (claude-code,
gemini-cli, grok-cli, opencode) so one Dockerfile produces both the
minimal (< 350 MB) and full (< 600 MB) integrated images.

Use BuildKit cache mount for /root/.npm to speed up repeated builds.
Part of #1251 (P1 — publish integrated images).

* feat(docker): emit startup deprecation warning in legacy ccs-dashboard entrypoint

Prepend a [WARN] line to stderr on every container start so operators
running ghcr.io/kaitranntt/ccs-dashboard:latest are notified to migrate
to ghcr.io/kaitranntt/ccs:latest. Sunset window: 2 releases. See #1251.

* test(docker): add image-size.sh budget assertion + unit test suite

image-size.sh: asserts docker image inspect .Size against a byte budget.
  Usage: image-size.sh <image:tag> <max-bytes>
  Budgets: minimal=350 MB (367001600), full=600 MB (629145600)

image-size-logic.test.sh: 6 mock-docker unit tests covering pass/fail
boundaries, bad arg count, and non-integer input. All 6 pass locally.
Part of #1251 (P1).

* ci(docker): extend docker-release.yml to publish ccs:latest and ccs:full

- Add publish-integrated job with matrix flavor: [minimal, full]
  - minimal -> ghcr.io/kaitranntt/ccs:<ver> + :latest (when promoted)
  - full    -> ghcr.io/kaitranntt/ccs:full-<ver> + :full (when promoted)
  - Multi-arch: linux/amd64 + linux/arm64 via buildx
  - Scoped GHA cache per flavor to avoid cross-contamination

- Add promote_to_latest workflow_dispatch input (default false)
  - rc.1 soak: first publish only pushes immutable version tag
  - Mutable :latest/:full promoted only on release event OR explicit opt-in

- Add smoke-test job (post-publish) for each flavor
  - Pulls the just-published version tag
  - Asserts image size via tests/docker/image-size.sh
  - Boots container, waits for healthcheck, probes :3000 and :8317

- Keep publish-dashboard job unchanged (legacy 2-release sunset)
  - Updated labels to note deprecation status

All jobs run on self-hosted cliproxy runners. Part of #1251 (P1).

* docs(docker): document new image tags, add ccs-dashboard deprecation notices

docker/README.md:
- Add "Choosing an image" table (ccs:latest / ccs:full / ccs-dashboard deprecated)
- Update Quick Start section to use ccs:latest as primary example
- Add legacy image note with sunset timeline

CHANGELOG.md:
- Add Unreleased > ### Deprecated entry for ccs-dashboard:latest
  pointing to migration path and #1251

README.md:
- Add one-line deprecation banner near top routing users to ccs:latest

Part of #1251 (P1).
2026-05-16 12:33:42 -04:00
github-actions[bot] 423708f28f chore(release): 7.79.1-dev.3 2026-05-15 13:55:25 +00:00
Kai (Tam Nhu) TranandGitHub 609bed0c39 fix(codex): normalize native cliproxy tuning aliases (#1254) 2026-05-15 09:51:42 -04:00
github-actions[bot] 53730c0165 chore(release): 7.79.1-dev.2 2026-05-14 23:41:42 +00:00
Kai (Tam Nhu) TranandGitHub b0db476943 Merge pull request #1249 from kaitranntt/kai/feat/1241-korean-i18n
feat(dashboard): add Korean language support (#1241)
2026-05-14 19:38:07 -04:00
Tam Nhu Tran 8ad7653a2e feat(dashboard): add Korean language support
Adds Korean (ko) as a supported dashboard locale alongside en, zh-CN, vi, ja.
Browser locales starting with `ko` (e.g. `ko-KR`) normalize to `ko` and the
Language switcher exposes "Korean" / "한국어" as a selectable option.

The full ~2670-key translation block was translated from the English source
with the formal-polite register (하십시오체) appropriate for an enterprise
dashboard. Technical names (CCS, Claude, CLIProxy, OAuth, provider names,
env vars, paths) are kept untranslated. All placeholders (e.g. {{name}},
{{count}}, {{provider}}) are preserved verbatim, matching the parity test.

Also backfills 23 keys missing from zh-CN, vi, and ja that were added to en
with the recent "Shared Resource Controls" feature (#1206 -> 2a422b3b):
accountsPage.resources*, accountsTable.{sharedResources,resourcesTitle,
resourcesShared,resourcesProfileLocal,badges.profileLocal},
commonToast.resourcesUpdated, and the full editAccountSharedResources
section. Without this backfill the existing i18n parity test was red for
all non-en locales on dev.

Closes #1241
2026-05-14 19:14:13 -04:00
github-actions[bot] 0213aac178 chore(release): 7.79.1-dev.1 2026-05-14 22:27:40 +00:00
Kai (Tam Nhu) TranandGitHub 1112fd0465 Merge pull request #1248 from kaitranntt/kai/fix/codex-config-toml-selection
fix(ui): make codex config.toml viewer selectable
2026-05-14 18:23:53 -04:00
Tam Nhu Tran 15a1faf3ab fix(ui): handle TOML triple-quotes in arrays and AST-aware JSON keys
PR-Agent on #1248 flagged two remaining sensitive-mask edge cases:

1. The TOML array walker stepped through triple-quoted strings one
   single quote at a time. With a body containing both quotes and
   structural characters, like """abc"]xyz""", a stray `]` inside the
   string body could escape the string-skip pair and terminate the
   array scan early. Add skipTomlString that recognizes triple-quoted
   strings ("""…""", '''…''') and skips them as one unit.

2. The JSON regex matched any "...":  pattern, so substrings inside
   escaped value strings, like "description": "use \\"API_KEY\\": header",
   could mask unrelated text. Replace the JSON branch with a state-aware
   scanner that only registers a string as a key when it sits at an
   object-key position (preceded by `{` or `,`, followed by `:`).

Adds regression tests for both cases.
2026-05-14 18:10:26 -04:00
Tam Nhu Tran a633ee0af4 fix(ui): skip TOML comments when scanning sensitive array values
PR-Agent on #1248 flagged that the TOML array walker did not skip
`#` line comments while balancing brackets. A sensitive array with a
comment containing `]` could terminate the scan early and leave the
real tail of the secret unmasked. Skip from `#` to the next newline at
the array's top level. Adds a regression test.
2026-05-14 17:57:06 -04:00
Tam Nhu Tran f404e52439 perf(ui): tighten sensitive-mask decoration scope and reveal selector
PR-Agent review on #1248 flagged two follow-ups:

1. The reveal CSS used `.cm-editor.cm-sensitive-revealed`, but
   @uiw/react-codemirror puts the consumer className on its outer
   wrapper, not on .cm-editor. The selector never matched, so the Eye
   toggle could not un-blur masked values. Drop `.cm-editor` from the
   selector so it matches the wrapper that actually carries the class.

2. The sensitive-decoration plugin rebuilt on every `viewportChanged`,
   which means each scroll event re-stringified and rescanned the
   entire document even though decorations are doc-only-dependent.
   Rebuild only on `docChanged` to remove scroll-time work.
2026-05-14 17:50:50 -04:00
Tam Nhu Tran bac51ce1ff fix(ui): honor TOML quoted keys and escaped quotes in sensitive masking
Two remaining gaps in the sensitive-value detector flagged by PR-Agent
on #1248:

1. The TOML/YAML key regex only matched bare keys, so values written
   under quoted keys like `"API_KEY" = "secret"` were never masked.
   Accept basic-string and literal-string quoted keys and normalize the
   captured key (strip quotes, unescape) before isSensitiveKey.

2. The string-skip helper used indexOf for the next quote character, so
   a value like `AUTH_TOKEN = ["a \"quoted\" value", "x"]` could
   terminate scanning early and leak unrelated text or under-mask the
   secret. Introduce skipString that honors backslash escapes for basic
   strings and is used by both the TOML array walker and the JSON
   balanced-brace walker.

Adds regression tests for both edge cases.
2026-05-14 17:44:52 -04:00
Tam Nhu Tran eefb76214e fix(ui): mask multi-line sensitive values in CodeEditor
Extend the sensitive-key decoration to cover the full logical value, not
just the rest of the current line. Adds value-extent detection for:

- TOML triple-quoted strings (multi-line literal/basic strings)
- TOML arrays ([ ... ] across multiple lines, string-aware)
- YAML block scalars (| and > with indent-based termination)
- JSON arrays and objects (balanced braces, string-aware)

Without this, a secret value spanning multiple lines (multi-line API
key, certificate, private key) was only blurred on its opening line and
the rest stayed readable when the Eye toggle was masked.

Adds regression tests for the TOML triple-quote and array cases.
Flagged by PR-Agent review on #1248.
2026-05-14 17:38:06 -04:00
Tam Nhu Tran 0ce01d4c65 chore(ui): bump bundle size guard for CodeMirror editor upgrade
Total dist/ui gzipped grew from ~1.5MB to ~1.6MB after the CodeEditor
switch from react-simple-code-editor + prism-react-renderer to
CodeMirror 6. The verify-bundle script preamble notes the cap is a
sanity check for accidental large dependencies, not a hard
performance target; this is an intentional editor upgrade to restore
native selection/copy in the codex config.toml viewer.
2026-05-14 17:27:19 -04:00
Tam Nhu Tran 420494e0e0 fix(ui): make codex config.toml viewer selectable
Replace the hand-rolled textarea+Prism overlay in CodeEditor with
CodeMirror 6. The overlay hid the textarea selection with
`selection:bg-transparent` and `WebkitTextFillColor: transparent` as a
workaround for wrap drift between the highlight layer and the textarea,
which left Ctrl+A / drag-select / Ctrl+C with no visible result.

CodeMirror handles selection, copy, undo, and wrap natively. Custom
themes match the previous prism-react-renderer github (light) and
nightOwl (dark) palettes; background is transparent so the surrounding
bg-muted/30 still shows; font, font-size, line-height, padding, and
gutter-less layout are preserved.

Public CodeEditor props are unchanged (value, onChange, language,
readonly, exactText, className, minHeight, heightMode) so all seven
call sites keep working. The sensitive-key blur is reimplemented as a
CodeMirror Decoration and stays gated behind the existing Eye toggle.

Test setup gets a Range.getClientRects polyfill so CM mounts cleanly in
JSDOM, and shared-page.test.tsx checks .cm-content text directly.

Closes #1247
2026-05-14 17:22:26 -04:00
semantic-release-bot aba15d8646 chore(release): 7.79.1 [skip ci]
## [7.79.1](https://github.com/kaitranntt/ccs/compare/v7.79.0...v7.79.1) (2026-05-14)

### Hotfixes

* **codex:** tolerate BOM in Codex TOML config ([5b664d2](https://github.com/kaitranntt/ccs/commit/5b664d2105b81ec263c05a37c4549a4a6c409bb3))
2026-05-14 17:24:12 +00:00
Kai (Tam Nhu) TranandGitHub e1a34ce056 Merge pull request #1246 from kaitranntt/kai/hotfix-codex-toml-bom
hotfix(codex): tolerate BOM in Codex TOML config
2026-05-14 13:20:58 -04:00
Tam Nhu Tran 5b664d2105 hotfix(codex): tolerate BOM in Codex TOML config 2026-05-14 13:13:55 -04:00
semantic-release-bot 1773586d4d chore(release): 7.79.0 [skip ci]
## [7.79.0](https://github.com/kaitranntt/ccs/compare/v7.78.1...v7.79.0) (2026-05-14)

### Features

* **dispatcher:** pass through Claude subcommands without interactive-session args ([c2b00b7](https://github.com/kaitranntt/ccs/commit/c2b00b7ad6f01f5d83db6d19e2ceb4e3d10d741b))

### Bug Fixes

* **ci:** run pull request validation on hosted runners ([e7174d6](https://github.com/kaitranntt/ccs/commit/e7174d63bb2ed8b2cf9f013aa69ad178ebbcee4f))
* clarify CLIProxy setup actions ([ac333dd](https://github.com/kaitranntt/ccs/commit/ac333dd1d50538e8164d921099f8ac85cd914999))
* **cliproxy:** explain headless Codex OAuth recovery ([29da75c](https://github.com/kaitranntt/ccs/commit/29da75c0d42ed473029d1222c7fe4e5e655f5b03)), closes [#1213](https://github.com/kaitranntt/ccs/issues/1213)
* **codex:** require local access for dashboard config routes ([bd588a2](https://github.com/kaitranntt/ccs/commit/bd588a271df8be95149d6e87eb302139cb2b4cb9))
* **codex:** self-heal ccsxp cliproxy provider ([#1243](https://github.com/kaitranntt/ccs/issues/1243)) ([4748c45](https://github.com/kaitranntt/ccs/commit/4748c452bd8bc0c18a0a1267324d5ec015a7a578))
* **config:** bind dashboard to loopback by default ([d61469e](https://github.com/kaitranntt/ccs/commit/d61469edcbdd162d9fce04b0aefe6c0506568974))
* ignore internal instance directories in health scans ([667b1d1](https://github.com/kaitranntt/ccs/commit/667b1d1e1f0db7f56f88bb88feaee9e2ce994f5c)), closes [#1236](https://github.com/kaitranntt/ccs/issues/1236)
* **proxy:** avoid exposing local auth token in daemon argv ([#1230](https://github.com/kaitranntt/ccs/issues/1230)) ([a840793](https://github.com/kaitranntt/ccs/commit/a840793a9b091b911afc7aa6ee91666a1c258366))
* **proxy:** strip stale encoding from upstream error responses ([1932b2c](https://github.com/kaitranntt/ccs/commit/1932b2ca61f084629654941efdd09fd1b971efed))
* **proxy:** strip stale encoding from upstream error responses ([#1239](https://github.com/kaitranntt/ccs/issues/1239)) ([54f1aa7](https://github.com/kaitranntt/ccs/commit/54f1aa70c0f16a965608f935ce4a39128e829688))
* **security:** constrain image fallback hook to workspace ([#1232](https://github.com/kaitranntt/ccs/issues/1232)) ([40300c2](https://github.com/kaitranntt/ccs/commit/40300c286ec9f40e89cb2b040a416cba04680930))
* **security:** protect dashboard WebSocket upgrades ([f09cdfc](https://github.com/kaitranntt/ccs/commit/f09cdfcf2ba0b14ffd20f69a1c0923343f245a39))
* **settings:** confine dashboard settings paths ([#1231](https://github.com/kaitranntt/ccs/issues/1231)) ([349db83](https://github.com/kaitranntt/ccs/commit/349db830dfbc1f91b44f287a2aa40426756338a9))
* support Claude subcommands and background sessions ([35b6210](https://github.com/kaitranntt/ccs/commit/35b6210cd2ef3b79d317cd76926b55a126084b1d))
* **ui:** keep codex toml tokens inline ([#1219](https://github.com/kaitranntt/ccs/issues/1219)) ([5138741](https://github.com/kaitranntt/ccs/commit/5138741b5c0fdc0da87982bd59227fad56f8a046))
* **ui:** render codex config as exact text ([#1215](https://github.com/kaitranntt/ccs/issues/1215)) ([225401c](https://github.com/kaitranntt/ccs/commit/225401ceca433705d11c119b3373913c95129c56))
* **ui:** restore codex config highlighting ([#1216](https://github.com/kaitranntt/ccs/issues/1216)) ([e177724](https://github.com/kaitranntt/ccs/commit/e1777247b371749ac717373f0d4299415990413c))
* **ui:** wrap codex config highlight editor ([#1217](https://github.com/kaitranntt/ccs/issues/1217)) ([ba761a0](https://github.com/kaitranntt/ccs/commit/ba761a0d1e75dac9090f58848bf1f0f10d855519))
* **windows:** pin cmd shell for wrapper launches ([#1229](https://github.com/kaitranntt/ccs/issues/1229)) ([9c5d497](https://github.com/kaitranntt/ccs/commit/9c5d4976c51696a86251c507902ea03e4d78a8b0))
2026-05-14 16:55:30 +00:00
Kai (Tam Nhu) TranandGitHub 78c5c85e2b Merge pull request #1244 from kaitranntt/dev
feat: promote dev to main
2026-05-14 12:52:25 -04:00
github-actions[bot] e694f3cd38 chore(release): 7.78.1-dev.8 2026-05-14 16:38:52 +00:00
Kai (Tam Nhu) TranandGitHub 4748c452bd fix(codex): self-heal ccsxp cliproxy provider (#1243) 2026-05-14 12:35:31 -04:00
github-actions[bot] 9748ba4ee0 chore(release): 7.78.1-dev.7 2026-05-14 14:21:39 +00:00
walker1211andGitHub 35b6210cd2 fix: support Claude subcommands and background sessions
Squash merge PR #1240.\n\nValidated locally from the PR head because trusted-author GitHub CI was skipped for this fork PR:\n- bun run validate\n- bun run build:all\n- bun run test:all\n- CCS_E2E_SKIP_BUILD=1 bun run test:e2e
2026-05-14 10:18:23 -04:00
github-actions[bot] e87b627764 chore(release): 7.78.1-dev.6 2026-05-13 13:38:07 +00:00
Kai (Tam Nhu) TranandGitHub 54f1aa70c0 fix(proxy): strip stale encoding from upstream error responses (#1239) 2026-05-13 09:31:43 -04:00
Tam Nhu Tran 1932b2ca61 fix(proxy): strip stale encoding from upstream error responses 2026-05-13 09:13:28 -04:00
github-actions[bot] ab096ac37e chore(release): 7.78.1-dev.5 2026-05-13 02:23:37 +00:00
Kai (Tam Nhu) TranandGitHub 667b1d1e1f fix: ignore internal instance directories in health scans
Closes #1236
2026-05-12 22:17:16 -04:00
github-actions[bot] ac00ba4f00 chore(release): 7.78.1-dev.4 2026-05-12 23:27:59 +00:00
Kai (Tam Nhu) TranandGitHub ac333dd1d5 fix: clarify CLIProxy setup actions
Make account setup the primary CLIProxy CTA, keep advanced variant creation secondary, and contain setup dialogs across narrow viewports.
2026-05-12 19:23:59 -04:00
github-actions[bot] 26311f7752 chore(release): 7.78.1-dev.3 2026-05-12 22:18:38 +00:00
Kai (Tam Nhu) TranandGitHub 40300c286e fix(security): constrain image fallback hook to workspace (#1232) 2026-05-12 18:13:32 -04:00
Kai (Tam Nhu) TranandGitHub 349db830df fix(settings): confine dashboard settings paths (#1231) 2026-05-12 18:13:26 -04:00
Kai (Tam Nhu) TranandGitHub a840793a9b fix(proxy): avoid exposing local auth token in daemon argv (#1230) 2026-05-12 18:13:20 -04:00
Kai (Tam Nhu) TranandGitHub 9c5d4976c5 fix(windows): pin cmd shell for wrapper launches (#1229) 2026-05-12 18:13:13 -04:00
github-actions[bot] 2e5439290e chore(release): 7.78.1-dev.2 2026-05-12 20:49:48 +00:00
Kai (Tam Nhu) TranandGitHub d9b6abf134 Merge pull request #1233 from kaitranntt/kai/feat/1218-claude-subcommand-passthrough
feat(dispatcher): pass through Claude subcommands without interactive-session args
2026-05-12 16:46:12 -04:00
Tam Nhu Tran c2b00b7ad6 feat(dispatcher): pass through Claude subcommands without interactive-session args
Closes #1218.

When the user invokes `ccs <profile> agents` (and other Claude subcommands
like `mcp`, `doctor`, `plugin`, ...), CCS was unconditionally injecting
session-only Claude flags (`--append-system-prompt`, `--disallowedTools`,
`--settings`, official-channels plugin specs) and forwarding the
`DISABLE_TELEMETRY=1` env var from profile settings. Each of those
either errored out the subcommand (`error: unknown option
'--append-system-prompt'`) or silently flipped Claude into
non-interactive list mode, so the new `claude agents` agent view never
opened under CCS.

Add a small `claude-subcommand-detector` that recognizes the documented
Claude subcommand set after skipping known value-taking flags, then have
the three steering-prompt injectors (websearch, image-analysis, browser),
the cliproxy and settings launchers, and the official-channels plan
short-circuit when a subcommand invocation is detected. Also strip
`DISABLE_TELEMETRY` from the spawned env only for subcommand
invocations — upstream Claude Code uses that var as a kill switch for
the subcommand TUIs, and the user's telemetry preference still applies
to every normal interactive session.

Verified end-to-end against `ccs glm agents` and `ccs ck agents`: the
agent view opens correctly, no `unknown option` error, and all 1938
existing tests pass.
2026-05-12 16:35:37 -04:00
github-actions[bot] 72f2f9993d chore(release): 7.78.1-dev.1 2026-05-12 16:50:48 +00:00
Tam Nhu Tran 4c0aa83c82 chore(sync): merge main into dev after release
# Conflicts:
#	.github/workflows/ci.yml
#	package.json
2026-05-12 12:43:02 -04:00
semantic-release-bot 4099dfc3ca chore(release): 7.78.1 [skip ci]
## [7.78.1](https://github.com/kaitranntt/ccs/compare/v7.78.0...v7.78.1) (2026-05-12)

### Bug Fixes

* **ci:** harden self-hosted workflow trust boundaries ([2273757](https://github.com/kaitranntt/ccs/commit/2273757c837254edd2277c785530835d6db2a977))
2026-05-12 16:37:30 +00:00
Kai (Tam Nhu) TranandGitHub 2273757c83 fix(ci): harden self-hosted workflow trust boundaries
Keep active CCS workflows on self-hosted runners, gate self-hosted PR execution to trusted authors, and scope privileged release credentials to the exact git operations that need them.
2026-05-12 12:34:15 -04:00
github-actions[bot] 9afb09aad3 chore(release): 7.78.0-dev.10 2026-05-12 15:04:01 +00:00
Kai (Tam Nhu) TranandGitHub d61469edcb fix(config): bind dashboard to loopback by default 2026-05-12 10:59:49 -04:00
github-actions[bot] 837f7f46e3 chore(release): 7.78.0-dev.9 2026-05-12 14:45:34 +00:00
Kai (Tam Nhu) TranandGitHub f09cdfcf2b fix(security): protect dashboard WebSocket upgrades 2026-05-12 10:42:05 -04:00
github-actions[bot] 25e21d311c chore(release): 7.78.0-dev.8 2026-05-12 14:37:27 +00:00
Kai (Tam Nhu) TranandGitHub e7174d63bb fix(ci): run pull request validation on hosted runners 2026-05-12 10:33:47 -04:00