Commit Graph
69 Commits
Author SHA1 Message Date
Tam Nhu Tran 3b550205dd fix(auth): require resource mode value 2026-05-08 23:36:12 -04:00
Tam Nhu Tran bfe32257b6 fix(auth): reject resource mode outside resources command 2026-05-08 23:29:03 -04:00
Tam Nhu Tran 64e1d1f815 feat(auth): add shared resource controls 2026-05-08 11:15:28 -04:00
Kai (Tam Nhu) TranandGitHub be9effcce3 feat: clarify account history sync route (#1187)
* feat: clarify account history sync route

* fix: clarify shared context command examples

* fix: report missing bare profile settings
2026-05-05 13:33:04 -04:00
Tam Nhu Tran 4f6e61739c refactor(config): adopt config-loader-facade across the codebase
Issue #1161. Sweeps 127 files to import from
src/config/config-loader-facade.ts instead of unified-config-loader or
utils/config-manager directly.

WRITE callers (32 files): replaced raw saveUnifiedConfig /
mutateUnifiedConfig / updateUnifiedConfig calls with the facade's
cache-coherent wrappers saveConfig / mutateConfig / updateConfig. This
fixes a latent stale-cache window where direct writes through the
underlying loader bypassed the facade's memoization.

READ callers (95 files): mechanical import-path migration only —
function names unchanged because the facade re-exports them. No
behavior change.

Also updated:
- tests/unit/utils/browser/browser-setup.test.ts (DI interface rename)
- src/management/checks/image-analysis-check.ts (dynamic import rename)
- src/web-server/health-service.ts (dynamic require rename)
- src/ccs.ts (path prefix fix from sweep script)

After sweep: zero raw write callers remain outside src/config/. Direct
imports of config-manager remain only for symbols not in the facade
(getConfigPath, getCcsDirSource, etc). Behavior unchanged; full suite
passes 1824/1824.

Out of scope: switching loadOrCreateUnifiedConfig() callers to
getCachedConfig() — needs per-callsite cache-safety analysis. Tracked
as follow-up.

Refs #1161
2026-05-03 01:42:53 -04:00
Tam Nhu Tran bf8759460d feat(auth,commands): instrument oauth handler, profile registry, and doctor pipeline
Emit auth-stage events around OAuth round-trips and profile lookups so auth
flows are traceable end-to-end. Doctor command emits dispatch stages around
each health-check phase for clearer diagnostic logs.

Refs #1141, #1138
2026-04-30 13:00:16 -04:00
Tam Nhu Tran ccdd0b6e8e fix(windows): align escaped wrapper shell handling
Use ComSpec-aware shell selection for escaped wrapper launches.

Apply it to the remaining Windows Claude launch paths.

Rewrite the Codex exec regression test to use scoped spies so the full suite stays isolated.
2026-04-19 14:27:27 -04:00
Tam Nhu Tran 3b5941c60b feat(cursor): split legacy bridge from cliproxy provider 2026-04-15 17:04:37 -04:00
Tam Nhu Tran 2d9f8c9695 feat(cliproxy): integrate missing provider support 2026-04-15 00:26:12 -04:00
Tam Nhu Tran 1b3528f61a fix(auth): keep resume lane warning non-blocking
- extract account resume lane guidance into a dedicated auth helper

- swallow diagnostic failures so account launches still reach execClaude

- add focused tests for the warning success and failure paths
2026-04-04 12:31:19 -04:00
Tam Nhu Tran 2830c2ae9e feat(auth): add resume lane diagnostics and recovery
- add runtime-aware resume lane diagnostics and auth backup flows

- warn when account resume uses a different plain ccs continuity lane

- surface lane mismatch guidance in the accounts dashboard, docs, and tests
2026-04-04 12:17:32 -04:00
Tam Nhu Tran f7ddad6c19 fix(cursor): harden runtime follow-up regressions 2026-04-02 03:21:38 -04:00
Tam Nhu Tran 2d67f40175 fix(cursor): route bare cursor through runtime profile 2026-04-01 22:50:58 -04:00
Tam Nhu Tran 4df08f6d99 feat: make cliproxy provider nicknames optional by default 2026-03-23 11:02:08 -04:00
Tam Nhu Tran 36e8ed5d87 fix(management): serialize lifecycle maintenance paths
- serialize deleteInstance with the same profile and plugin-layout locks as ensure

- lock non-account marketplace normalization paths and ignore .locks as an instance source
2026-03-18 08:04:48 -04:00
Tam Nhu Tran c409a4522c fix: normalize stale copilot raptor-mini model 2026-03-10 17:55:28 +07:00
Tam Nhu Tran 8f8684ce85 fix(auth): preserve bare profile behavior across runtime and sync 2026-03-05 12:36:51 +07:00
Tam Nhu Tran bc9b04444e feat(auth): add --bare flag and MCP server sync for profiles
- Add --bare flag to `ccs auth create` to skip shared symlinks
  (commands/, skills/, agents/, settings.json). Bare profiles are
  clean instances without ClaudeKit or other global extensions.
  `ccs sync` respects bare flag and skips re-linking.

- Add MCP server sync from global ~/.claude.json to instances.
  Claude Code stores MCP config in ~/.claude.json (not settings.json),
  which was invisible to CCS profiles using CLAUDE_CONFIG_DIR isolation.
  Selective copy of mcpServers key only (not OAuth sessions/caches).
  `ccs sync` refreshes MCP servers across all non-bare instances.

Closes #691
Closes #692
2026-03-05 11:42:41 +07:00
Tam Nhu Tran a4c5bb7421 fix(security): harden API endpoints and resolve PR #674 review findings
- Fix X-Forwarded-For header spoofing in requireSensitiveLocalAccess (use socket-level address only)
- Add model ID length validation (max 256 chars) in PUT /models/:provider
- Add provider name validation (alphanumeric, max 64 chars) to prevent path traversal
- Add stale entry eviction for unbounded quotaRateLimits Map (>1000 entries)
- Fix concurrent refresh race in usage aggregator (wait for in-flight before forced refresh)
- Sanitize internal URLs/paths from OAuth failure diagnostics
- Add ValidationError class for denylist violations (distinct from system errors)
- Make CLIProxy sync interval configurable via CCS_CLIPROXY_SYNC_INTERVAL env var
- Improve legacy continuity config error logging (unconditional warn)
- Add CACHE_VERSION history comments
2026-03-04 01:30:46 +07:00
Tam Nhu Tran d827c3ab0b fix(auth): scope km alias mapping to settings profiles
- prevent km continuity mappings from affecting kimi cliproxy executions

- apply canonical alias fallback only for settings profile lookups

- add regression test for cross-type alias isolation
2026-03-03 02:58:49 +07:00
Tam Nhu Tran 8a45727b31 fix(auth): harden continuity inheritance resolution
- resolve mappings with alias/canonical profile candidates

- fail open when source account initialization errors

- remove metadata touch side effects from inheritance preflight
2026-03-03 02:49:17 +07:00
Tam Nhu Tran 0b9f9826e2 feat(continuity): support cross-profile continuity inheritance from account profiles 2026-03-03 02:49:17 +07:00
Tam Nhu Tran b6475baab3 feat(accounts): add advanced deeper continuity mode and claude pool discoverability 2026-02-26 19:01:13 +07:00
Tam Nhu Tran 5c6fe20d3f fix(accounts): improve shared-context editing and discoverability 2026-02-26 18:10:06 +07:00
Kai (Tam Nhu) TranandGitHub a30d55777f Merge pull request #627 from kaitranntt/kai/feat/624-share-context
fix(auth): harden shared-context isolation edge cases
2026-02-26 01:47:39 -05:00
Tam Nhu Tran 9a63f9bd36 feat(config): support legacy profile target overrides
- add profile_targets map to legacy config typing

- load target defaults for settings/default profiles from config.json

- expose target metadata for legacy cliproxy variants in profile detection
2026-02-25 15:52:50 +07:00
Tam Nhu Tran 0309630193 fix(auth): harden shared-context isolation and config safety 2026-02-25 04:19:28 +07:00
Tam Nhu Tran 0b070a3f34 fix(auth): close shared-context isolation edge cases 2026-02-25 04:09:46 +07:00
Tam Nhu Tran 7d5e604e53 fix(auth): harden shared-context isolation edge cases 2026-02-25 04:09:46 +07:00
Tam Nhu Tran 4fed74c64b feat(auth): add opt-in shared context groups across accounts 2026-02-24 23:54:03 +07:00
Tam Nhu Tran c6c44d0341 fix(memory): use async fs APIs to satisfy maintainability gate 2026-02-23 23:29:22 +07:00
Tam Nhu Tran 8e57d59479 fix(execution): strip claudecode in remaining claude paths
- sanitize Copilot profile Claude launch environment

- sanitize auth create isolated instance launch environment

- sanitize doctor Claude CLI version check spawn environment

Refs #588
2026-02-20 23:00:59 +07:00
Tam Nhu Tran cf8070b5f0 fix(profile): handle km compatibility for legacy kimi api users 2026-02-19 12:43:41 +07:00
Tam Nhu Tran 08b2a67913 feat(cliproxy): add Kimi as OAuth CLIProxy provider
- add 'kimi' to CLIProxyProvider union type
- register Kimi capabilities (device_code flow, moonshot alias)
- add OAuth config, auth prefixes, type values, channel maps
- add CLIProxy-delegated token refresh for Kimi
- add Kimi model catalog (k2.5, k2-thinking, k2)
- switch base-kimi.settings.json to CLIProxy mode (127.0.0.1:8317)
- update comments removing kimi from settings-based profile mentions

Closes #574
2026-02-17 17:02:55 +07:00
Tam Nhu Tran 3da3407f9a fix(targets): harden adapter lifecycle and droid model edge cases 2026-02-17 04:09:48 +07:00
Tam Nhu Tran 0431adf306 fix(targets): close all remaining multi-target droid edge cases 2026-02-17 03:22:45 +07:00
Tam Nhu Tran 2816c6652d chore(merge): resolve conflicts with origin/dev 2026-02-12 16:25:25 +07:00
Tam Nhu Tran 924e3686c8 refactor(cliproxy): centralize provider capability registry 2026-02-12 12:59:17 +07:00
Tam Nhu Tran 0c7dc398f7 fix(cliproxy): add defensive null checks for composite tier config
- Add optional chaining for tier access in env-resolver
- Throw error if default tier model missing in env-builder
- Add null checks for composite.tiers in profile-detector
2026-02-12 11:01:00 +07:00
Tam Nhu Tran 07bef9f50e feat(cliproxy): wire composite variant into main execution flow
- Detect composite variants in ProfileDetector with tier metadata
- Pass isComposite/compositeTiers/compositeDefaultTier through ccs.ts
- Handle composite in loadConfigSafe() legacy adapter
- Add validateCompositeVariants() for provider string validation
- Display 'composite' label in API profile listing

Refs #506
2026-02-12 04:09:19 +07:00
kaitranntt 0e140f83e4 fix(auth): show command checks unified config for accounts
Use getAllProfilesMerged() and getDefaultResolved() to check both
unified config and legacy profiles when showing account details.

Fixes #458
2026-02-04 18:08:39 -05:00
kaitranntt 28d8bd84a5 feat(cliproxy): add Claude (Anthropic) OAuth provider support
Add Claude as a first-class OAuth provider in CCS CLI and dashboard.
Backend support already exists in CLIProxyAPIPlus (port 54545).

Changes:
- Add 'claude' to CLIProxyProvider type and profile detector
- Add Claude OAuth config (port 54545, --anthropic-login flag)
- Add Claude to oauth-port-diagnostics flow types
- Add Claude token discovery prefixes (claude-, anthropic-)
- Add Claude model catalog (Opus 4.5, Sonnet 4.5/4, Haiku 4.5)
- Add Claude logo and provider display name
- Update variant config types and adapters

Closes #380
2026-01-27 15:43:21 -05:00
kaitranntt 9b61f5318e fix(isolation): use getCcsDir() for test isolation
Replace os.homedir() with getCcsDir() in 11 source files to ensure
tests don't touch the user's real ~/.ccs/ directory. The getCcsDir()
function from config-manager.ts respects CCS_HOME env var for
test isolation.

Files fixed:
- src/auth/profile-detector.ts
- src/auth/profile-registry.ts
- src/delegation/headless-executor.ts
- src/delegation/session-manager.ts
- src/glmt/glmt-transformer.ts
- src/management/checks/config-check.ts
- src/management/checks/profile-check.ts
- src/management/checks/system-check.ts
- src/management/instance-manager.ts
- src/management/shared-manager.ts
- src/utils/update-checker.ts
2026-01-25 21:38:27 -05:00
Kai (Tam Nhu) TranGitHubgithub-actions[bot] <github-actions[bot]@users.noreply.github.com>Shun KakinokiClaude Opus 4.5
b3ef76a07b feat(release): CLI flag passthrough, proxy fixes, and UI improvements (#239)
* fix(cliproxy): pass variant port to executor for isolation

Variants configured with dedicated ports (8318-8417) were not using
their assigned port. The executor always defaulted to 8317.

Changes:
- Add port field to ProfileDetectionResult interface
- Pass variant.port from profile-detector to ccs.ts
- Forward port to execClaudeWithCLIProxy options
- Update executor priority: CLI flags > variant port > config.yaml > default

Closes #228

* fix(cliproxy): propagate port in unified config and UI preset handlers

Edge case fixes identified in codebase review:
- Unified config variant detection: add settingsPath and port fields
- Provider editor: use variant port in handleApplyPreset/handleCustomPresetApply
- preset-utils: add optional port parameter to applyDefaultPreset()

* chore(release): 7.11.1-dev.1 [skip ci]

* fix(cliproxy): use correct default port (8317) for remote HTTP connections

Root cause: Inconsistent default port logic across code paths.
- Test Connection used 8317 (correct)
- Actual API calls used 80 (wrong)

Changes:
- Add centralized getRemoteDefaultPort() helper in config-generator.ts
- Fix proxy-target-resolver.ts to use shared helper
- Fix rewriteLocalhostUrls() and getRemoteEnvVars() in config-generator.ts
- Update remote-proxy-client.ts to use shared helper (DRY)

Fixes all 3 reported issues:
1. Port empty → now correctly uses :8317 instead of :80
2. BASEURL construction → now includes correct port
3. CLIProxy Plus auth → now fetches from remote on correct port

* chore(release): 7.11.1-dev.2 [skip ci]

* feat(delegation): add Claude Code CLI flag passthrough

Add explicit passthrough support for key Claude Code CLI flags:
- --max-turns: Limit agentic turns (prevents infinite loops)
- --fallback-model: Auto-fallback when model overloaded
- --agents: Dynamic subagent JSON injection
- --betas: Enable experimental features

Maintain extraArgs catch-all for future Claude Code flags.
Update help command with new "Delegation Flags" section.

Closes #89

* test(delegation): add comprehensive CLI flag passthrough tests

Add 45 test cases covering all edge cases for CLI flag passthrough:
- DelegationHandler: timeout/max-turns/fallback-model/agents/betas validation
- HeadlessExecutor: duplicate flag filtering, undefined vs truthy checks

* chore(release): 7.11.1-dev.3 [skip ci]

* fix(ui): enable cancel button during OAuth authentication

Resolves #234 - Cancel button was disabled during authentication flow,
preventing users from canceling the OAuth process.

Changes:
- Add auth-session-manager.ts for tracking active OAuth sessions
- Add POST /cliproxy/auth/:provider/cancel endpoint to abort sessions
- Kill spawned CLIProxy auth process when cancel is triggered
- Enable Cancel button in AddAccountDialog during authentication
- Add cancel support to QuickSetupWizard auth step
- Update useCancelAuth hook to call backend cancel endpoint

* chore(release): 7.11.1-dev.4 [skip ci]

* fix(prompt): add stdin.pause() to prevent process hang after password input

Fixes #236. The password() method called resume() on stdin but never
paused it in cleanup, keeping the event loop alive indefinitely.

* chore(release): 7.11.1-dev.5 [skip ci]

* feat(cliproxy): add --allow-self-signed flag for HTTPS connections (#227)

Previously, allowSelfSigned was hardcoded to true for all HTTPS protocol
connections, forcing use of the native https module which has issues with
Cloudflare-proxied connections causing timeouts.

This change:
- Adds --allow-self-signed CLI flag (default: false)
- Adds CCS_ALLOW_SELF_SIGNED environment variable
- Uses standard fetch API by default for HTTPS (works with valid certs)
- Only uses native https module when --allow-self-signed is specified

Usage:
- For production HTTPS proxies with valid certs: no flag needed
- For dev proxies with self-signed certs: use --allow-self-signed

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

* chore(release): 7.11.1-dev.6 [skip ci]

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Shun Kakinoki <39187513+shunkakinoki@users.noreply.github.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-31 16:36:18 -08:00
kaitranntt 9722e1905d fix(dashboard): support unified config across health checks and settings
- health-service.ts: respect isUnifiedMode() in fixHealthIssue()
- config-checks.ts: check config.yaml in unified mode
- profile-checks.ts: read profiles from unified config
- settings-routes.ts: use atomic writes (temp+rename) for presets
- profile-registry.ts: add DRY helpers getAllProfilesMerged(), getDefaultResolved()

Closes #203
2025-12-25 16:50:55 -05:00
kaitranntt 92a79aa78b test(auth): add comprehensive tests for GLM auth persistence fix
Add 26 new unit tests covering:
- isFirstTimeInstall() legacy config detection (8 tests)
- loadSettingsFromFile() path expansion (5 tests)
- ProfileDetector detectProfileType() (4 tests)
- expandPath() cross-platform handling (10 tests)

Test coverage for issue #195:
- Legacy config.json/profiles.json detection
- Tilde expansion to home directory
- Environment variable expansion (${VAR}, $VAR, %VAR%)
- Mixed path separator normalization
- Corrupted config graceful handling

Files:
- tests/unit/commands/setup-command.test.ts
- tests/unit/auth/profile-detector.test.ts
- tests/unit/utils/expand-path.test.ts
2025-12-24 18:33:52 -05:00
kaitranntt cc2d62db38 fix(profiles): prevent GLM auth regression from first-time install detection
- Check legacy config.json/profiles.json in isFirstTimeInstall()
- Use expandPath() for cross-platform path handling in profile-detector
- Add pre-flight API key validation for better error messages
- Enhance 401 error handling with Z.AI refresh guidance

Fixes #195
2025-12-24 18:09:09 -05:00
kaitranntt 036714c774 feat(cliproxy): add kiro and ghcp providers to CLIProxyProvider type
- extend CLIProxyProvider union with 'kiro' and 'ghcp'

- add both to CLIPROXY_PROFILES array
2025-12-22 00:44:03 -05:00
kaitranntt 2b441f6498 feat(auth): add Kiro and GitHub Copilot OAuth providers
- Add kiro (port 8329) and copilot (port 8330) to auth-types
- Implement OAuth flows in oauth-handler
- Update token-manager to include new providers
- Add new providers to CLIPROXY_PROFILES
- Update diagnostics and API routes for new providers
2025-12-21 22:26:11 -05:00
kaitranntt 4f4ab43eb3 refactor(config): remove secrets.yaml architecture
- delete secrets-manager.ts entirely

- remove secrets API routes and client methods

- simplify unified-config-types (remove vault/secrets)

- update profile-reader to remove secrets loading

- clean up unused hooks and API client methods
2025-12-20 23:10:35 -05:00