Commit Graph
972 Commits
Author SHA1 Message Date
kaitranntt 7a6341f0d9 feat(ui): add Settings link to control panel key hint
Adds a gear icon link next to the masked key hint that navigates
to Settings > Auth, improving UX for users who need to manage
their auth tokens.
2025-12-26 12:23:24 -05:00
kaitranntt a762563f1b fix(ui): use effective management secret in control panel embed
- Fetch auth tokens from /api/settings/auth/tokens/raw
- Use effective management secret for local mode auto-login
- Remove hardcoded CCS_CONTROL_PANEL_SECRET constant
- Key hint now shows correct secret (custom or default)
2025-12-25 17:15:00 -05:00
kaitranntt 7e031b5097 fix(ui): simplify config header and add explicit save button
- Reduce config.yaml header from 26 lines to 2 lines
- Replace auto-save on blur with explicit Save button in Auth section
- Add hasChanges detection to enable/disable Save button
- Remove unused saveApiKey and saveSecret functions
2025-12-25 17:02:14 -05:00
kaitranntt ed6776aadc test(cliproxy): add comprehensive auth token test suite
- auth-token-manager.test.js: token generation, masking, inheritance (35 tests)
- tokens-command.test.js: CLI parsing and flag handling (24 tests)
- settings-routes-auth.test.js: API endpoint responses (22 tests)
- Total: 81 new tests covering all auth token functionality
2025-12-25 16:43:39 -05:00
kaitranntt 133aebaabc fix(cliproxy): use auth inheritance in stats-fetcher and config-generator
- Replace hardcoded CCS_CONTROL_PANEL_SECRET with getEffectiveManagementSecret()
- Replace hardcoded CCS_INTERNAL_API_KEY with getEffectiveApiKey()
- Ensures custom tokens work across entire CLIProxy integration
2025-12-25 14:37:53 -05:00
kaitranntt 71335a6193 feat(ui): add auth tokens settings tab
- Add AuthSection component with API key and management secret inputs
- Show/hide toggle, copy to clipboard, regenerate secret button
- Reset to defaults action with disabled state when using defaults
- Add Auth tab to settings navigation with KeyRound icon
- Update SettingsTab type to include 'auth'
2025-12-25 14:37:03 -05:00
kaitranntt ffd499698e feat(api): add auth tokens REST endpoints
- GET /api/settings/auth/tokens - masked token status
- GET /api/settings/auth/tokens/raw - unmasked (Cache-Control: no-store)
- PUT /api/settings/auth/tokens - update API key or management secret
- POST /api/settings/auth/tokens/regenerate-secret - generate secure secret
- POST /api/settings/auth/tokens/reset - reset to defaults
2025-12-25 14:36:34 -05:00
kaitranntt 0c6491c9d2 feat(cli): add tokens command for auth token management
- Add ccs tokens command with subcommands:
  --show, --api-key, --secret, --regenerate-secret, --reset, --variant
- Integrate tokens command into main CLI (ccs.ts)
- Display masked tokens by default, --show for unmasked
- Auto-regenerate CLIProxy config on token changes
2025-12-25 14:36:11 -05:00
kaitranntt c4f09168ff feat(cliproxy): add customizable auth token manager
- Add CLIProxyAuthConfig type with api_key and management_secret fields
- Implement auth-token-manager.ts with inheritance chain:
  variant auth → global auth → default constants
- Add secure token generation using crypto.randomBytes (256-bit entropy)
- Export auth functions from cliproxy barrel (index.ts)
- Bump UNIFIED_CONFIG_VERSION to 6
2025-12-25 14:35:43 -05:00
github-actions[bot] af071cd467 chore(release): 7.7.0-dev.2 [skip ci] 2025-12-25 10:20:06 +00:00
Kai (Tam Nhu) TranandGitHub 459d730029 Merge pull request #184 from kaitranntt/kai/feat/variant-port-isolation
feat(cliproxy): add variant port isolation
2025-12-25 05:19:06 -05:00
kaitranntt 8f120b515f test(cliproxy): add integration tests for variant port isolation
Add comprehensive test suite mapping to PR #184 test plan:
- Create multiple variants with unique ports (8318-8417)
- Verify port persistence in config and separate config-{port}.yaml
- Run multiple variants concurrently with isolated sessions
- Verify list shows port column for each variant
- Remove variant cleans config, session, and port-specific files

25 new tests covering edge cases:
- Port exhaustion (100 variant max)
- Port reuse after deletion
- Legacy variants without port field
- Stale session cleanup for dead PIDs
- Default port special handling (sessions.json)
2025-12-25 05:15:49 -05:00
github-actions[bot] b2a7c7b3d2 chore(release): 7.7.0-dev.1 [skip ci] 2025-12-25 10:05:10 +00:00
Kai (Tam Nhu) TranandGitHub 7cf79732b1 Merge pull request #202 from kaitranntt/fix/status-line-colors-init
fix(ui): initialize colors early for consistent status output
2025-12-25 05:04:11 -05:00
kaitranntt e38af6ad6e fix(ui): initialize colors early for consistent status output
Call initUI() at the start of main() to ensure chalk is loaded
before any status messages. Previously, colors only worked when
an update notification was displayed because showUpdateNotification()
was the only place calling initUI().

Fixes #201
2025-12-25 04:53:32 -05:00
semantic-release-bot 2c977f686a chore(release): 7.7.0 [skip ci]
## [7.7.0](https://github.com/kaitranntt/ccs/compare/v7.6.0...v7.7.0) (2025-12-25)

### Features

* **api:** add Minimax, DeepSeek, Qwen provider presets ([e7066b9](https://github.com/kaitranntt/ccs/commit/e7066b99972129114fb223c6cde40f3127599ae6)), closes [#123](https://github.com/kaitranntt/ccs/issues/123)
* **kiro:** add UI toggle and auth hint for --no-incognito option ([083e674](https://github.com/kaitranntt/ccs/commit/083e67426c382ce534bed4830bedbede94cfdca7))
* **kiro:** improve auth UX with normal browser default and URL display ([df0c947](https://github.com/kaitranntt/ccs/commit/df0c94781e5f198f867723e1b5bccf17d6c4b250))

### Bug Fixes

* **cliproxy:** preserve user API keys during config regeneration ([2b4d21e](https://github.com/kaitranntt/ccs/commit/2b4d21e8ae615c840d76007d733017d375e6036f)), closes [#200](https://github.com/kaitranntt/ccs/issues/200)
* **core:** address all code review issues from PR [#199](https://github.com/kaitranntt/ccs/issues/199) ([f2a4200](https://github.com/kaitranntt/ccs/commit/f2a4200625e13754c7f79738dba0562e8ff27895))
* **kiro:** add --no-incognito option for normal browser auth ([13e4bac](https://github.com/kaitranntt/ccs/commit/13e4baca228313462b3e0e83d0b97594654a989b))
* **profiles:** prevent GLM auth regression from first-time install detection ([cc2d62d](https://github.com/kaitranntt/ccs/commit/cc2d62db38977fd5a0597388c2882e3600e5e179)), closes [#195](https://github.com/kaitranntt/ccs/issues/195)
* **qwen:** inherit stdin for Device Code flows to enable interactive prompts ([c811fdf](https://github.com/kaitranntt/ccs/commit/c811fdfc7914cc3bde3811ea04281055ebb3e273)), closes [#188](https://github.com/kaitranntt/ccs/issues/188)
* **ui:** add gemini-3-flash-preview to model dropdowns ([50653d1](https://github.com/kaitranntt/ccs/commit/50653d1054f89f0eaff24a6d8f471266269383b6)), closes [#194](https://github.com/kaitranntt/ccs/issues/194)
* **ui:** respect initialMode in profile create dialog ([db3662b](https://github.com/kaitranntt/ccs/commit/db3662b47986269ba9c12385021f4aa4bd1633f6))

### Code Refactoring

* **paths:** use expandPath() consistently for cross-platform path handling ([adb6222](https://github.com/kaitranntt/ccs/commit/adb6222bc671c3c4ade1bb019705a985de1947fa))

### Tests

* **auth:** add comprehensive tests for GLM auth persistence fix ([92a79aa](https://github.com/kaitranntt/ccs/commit/92a79aa78ba14aaf2b22f10eaab23f6e04220b17))
2025-12-25 03:18:32 +00:00
Kai (Tam Nhu) TranandGitHub 485da53780 Merge pull request #199 from kaitranntt/dev
feat: v7.6.0 release - provider presets, Kiro auth, CLIProxy key preservation
2025-12-24 22:17:26 -05:00
github-actions[bot] 4d3d3b16f2 chore(release): 7.6.0-dev.6 [skip ci] 2025-12-25 03:13:24 +00:00
kaitranntt 2b4d21e8ae fix(cliproxy): preserve user API keys during config regeneration
When CCS updates trigger CLIProxy config regeneration, user-added API
keys in ~/.ccs/cliproxy/config.yaml were being overwritten with only
the internal CCS key.

Changes:
- Add parseUserApiKeys() to extract user keys from existing config
- Modify regenerateConfig() to preserve user API keys alongside port
- Update generateUnifiedConfigContent() to accept userApiKeys param
- Add comprehensive test suite (14 tests) for key preservation

Fixes #200
2025-12-24 22:12:09 -05:00
github-actions[bot] 7dafed663b chore(release): 7.6.0-dev.5 [skip ci] 2025-12-25 03:00:22 +00:00
Kai (Tam Nhu) TranandGitHub b52e6d69d6 Merge pull request #193 from kaitranntt/kai/fix/kiro-incognito
fix(kiro): add --no-incognito option for normal browser auth
2025-12-24 21:59:19 -05:00
github-actions[bot] e2d8af5d90 chore(release): 7.6.0-dev.4 [skip ci] 2025-12-25 01:20:33 +00:00
kaitranntt f2a4200625 fix(core): address all code review issues from PR #199
Critical fixes:
- CRIT-1: Fix placeholder detection case sensitivity in api-key-validator
- CRIT-2: Add TOCTOU protection via loadMigrationCheckData() for atomic config reads
- CRIT-3: Restore fs.existsSync mock in profile-detector tests

High priority fixes:
- H1-H3: API validator HTTP/HTTPS support, timeout abort, debug log
- H4-H6: OAuth explicit flow type, signal handling, TTY detection
- H7-H8: Profile collision warning, config-first save order
- H9-H11: expandPath consistency, preset sync CLI/UI
2025-12-24 20:18:57 -05:00
github-actions[bot] ff7c3b6c4a chore(release): 7.6.0-dev.3 [skip ci] 2025-12-24 23:49:39 +00:00
Kai (Tam Nhu) TranandGitHub 080ad11804 Merge pull request #197 from kaitranntt/fix/glm-auth-persistence
fix(profiles): prevent GLM auth regression from first-time install detection
2025-12-24 18:48:40 -05:00
Kai (Tam Nhu) TranandGitHub 40aa6de72a Merge pull request #198 from kaitranntt/feat/add-more-models
feat(api): add Minimax, DeepSeek, Qwen provider presets
2025-12-24 18:47:33 -05:00
kaitranntt db3662b479 fix(ui): respect initialMode in profile create dialog
- Fix "Create Custom API Profile" button to open Custom tab instead of OpenRouter
- Improve Custom button visibility with dashed border and better contrast
- Improve Quick Templates styling with better spacing and font weight
- Enhance CompactPresetCard with larger icons and clearer badge styling
2025-12-24 18:43:41 -05:00
kaitranntt 92a79aa78b test(auth): add comprehensive tests for GLM auth persistence fix
Add 26 new unit tests covering:
- isFirstTimeInstall() legacy config detection (8 tests)
- loadSettingsFromFile() path expansion (5 tests)
- ProfileDetector detectProfileType() (4 tests)
- expandPath() cross-platform handling (10 tests)

Test coverage for issue #195:
- Legacy config.json/profiles.json detection
- Tilde expansion to home directory
- Environment variable expansion (${VAR}, $VAR, %VAR%)
- Mixed path separator normalization
- Corrupted config graceful handling

Files:
- tests/unit/commands/setup-command.test.ts
- tests/unit/auth/profile-detector.test.ts
- tests/unit/utils/expand-path.test.ts
2025-12-24 18:33:52 -05:00
kaitranntt e7066b9997 feat(api): add Minimax, DeepSeek, Qwen provider presets
Add three new Anthropic-compatible API providers as presets:
- Minimax: M2.1/M2.1-lightning/M2 models with 1M context
- DeepSeek: V3.2 and R1 reasoning model (128K context)
- Qwen: Alibaba Cloud qwen3-coder-plus (256K context)

Closes #123
2025-12-24 18:32:07 -05:00
kaitranntt adb6222bc6 refactor(paths): use expandPath() consistently for cross-platform path handling
- variant-settings.ts: Use expandPath() in deleteSettingsFile()
- profile-writer.ts: Use expandPath() in removeApiProfileUnified()
- migration-manager.ts: Remove local expandPath(), import from helpers

All path expansion now uses the central expandPath() from utils/helpers.ts
which handles ~, ~\, ${VAR}, $VAR, and %VAR% on all platforms.
2025-12-24 18:19:47 -05:00
kaitranntt cc2d62db38 fix(profiles): prevent GLM auth regression from first-time install detection
- Check legacy config.json/profiles.json in isFirstTimeInstall()
- Use expandPath() for cross-platform path handling in profile-detector
- Add pre-flight API key validation for better error messages
- Enhance 401 error handling with Z.AI refresh guidance

Fixes #195
2025-12-24 18:09:09 -05:00
github-actions[bot] fdc5439c78 chore(release): 7.6.0-dev.2 [skip ci] 2025-12-24 22:53:56 +00:00
Kai (Tam Nhu) TranandGitHub 83b2645202 Merge pull request #196 from kaitranntt/fix/194-gemini-3-flash-preview-dropdown
fix(ui): add gemini-3-flash-preview to model dropdowns
2025-12-24 17:52:53 -05:00
kaitranntt 50653d1054 fix(ui): add gemini-3-flash-preview to model dropdowns
Added gemini-3-flash-preview model to agy and gemini provider catalogs
in the UI. This enables users to select the fast Gemini 3 Flash model
from dropdown menus.

Closes #194
2025-12-24 17:07:56 -05:00
kaitranntt df0c94781e feat(kiro): improve auth UX with normal browser default and URL display
- Change default to noIncognito=true (normal browser) for reliability
- Always print OAuth URL to terminal for VS Code popup detection
- Move incognito toggle from Proxy settings to Kiro provider page
- Add --incognito flag to opt into incognito mode (was --no-incognito)
- Update help text to reflect new defaults
2025-12-24 06:17:17 -05:00
kaitranntt 083e67426c feat(kiro): add UI toggle and auth hint for --no-incognito option
- Add "Kiro: Use normal browser" toggle in config dashboard (Proxy section)
- Add --no-incognito documentation to ccs --help output
- Show hint after successful Kiro auth about saving AWS credentials
2025-12-24 05:26:02 -05:00
kaitranntt 13e4baca22 fix(kiro): add --no-incognito option for normal browser auth
Kiro OAuth always opens in incognito browser mode, which doesn't save
login credentials. Users need to re-enter email each authentication.

Changes:
- Add noIncognito option to OAuthOptions interface
- Add kiro_no_incognito config option to CLIProxyConfig
- Pass --no-incognito flag to CLIProxyAPI binary when enabled
- Support both CLI flag (--no-incognito) and config.yaml setting

Usage:
- CLI: ccs kiro --auth --no-incognito
- Config: cliproxy.kiro_no_incognito: true in config.yaml
2025-12-24 05:02:33 -05:00
kaitranntt 0bcaf4bc68 feat(cliproxy): add variant port isolation for concurrent proxy instances
Enables running multiple CLIProxy variants simultaneously on different
ports. Each variant now gets a unique port in the 18100-18199 range,
allowing concurrent use of providers like Gemini + Codex + custom variants.

Key changes:
- Add port field to variant config schema
- Implement automatic port allocation (18100 + variant index)
- Support variant-specific settings paths in config generator
- Display port in dashboard UI for debugging
- Show all models in variant editor dropdown
- Add comprehensive tests for port allocation edge cases

Closes related variant isolation work.
2025-12-24 04:15:04 -05:00
github-actions[bot] a1e93eb940 chore(release): 7.6.0-dev.1 [skip ci] 2025-12-24 09:12:01 +00:00
Kai (Tam Nhu) TranandGitHub 1f31d68dd2 Merge pull request #192 from kaitranntt/fix/qwen-login-stdin-forward
fix(qwen): inherit stdin for Device Code flows to enable interactive prompts
2025-12-24 04:11:02 -05:00
kaitranntt c811fdfc79 fix(qwen): inherit stdin for Device Code flows to enable interactive prompts
Device Code flows (Qwen, GHCP) may require interactive terminal input
before generating the device code. For example, Qwen prompts for email.

Previously, all auth processes used piped stdin which blocked user input.
Now Device Code flows use 'inherit' for stdin, allowing users to respond
to prompts directly in the terminal.

Authorization Code flows (Gemini, Codex) still use piped stdin for
programmatic project selection.

Closes #188
2025-12-24 04:04:22 -05:00
semantic-release-bot df90bacf6b chore(release): 7.6.0 [skip ci]
## [7.6.0](https://github.com/kaitranntt/ccs/compare/v7.5.1...v7.6.0) (2025-12-24)

### Features

* **cli:** add config command hints to help and error messages ([e981c39](https://github.com/kaitranntt/ccs/commit/e981c391a26d51de749099ca844915ffc06976e2))
* **setup:** add first-time setup wizard for config initialization ([cec616d](https://github.com/kaitranntt/ccs/commit/cec616d530d9cf61a3a45032465b01e9a4037558)), closes [#142](https://github.com/kaitranntt/ccs/issues/142)

### Bug Fixes

* **cliproxy:** respect enabled:false and use protocol-based port defaults ([a99b6eb](https://github.com/kaitranntt/ccs/commit/a99b6eb93f06c6788bbf13a196bbca908fa06f4c))
* **config:** improve edge case handling for config initialization ([ca78993](https://github.com/kaitranntt/ccs/commit/ca78993e7612143b3193e3cec3f8976be909e2d6))
* **ghcp:** display device code during OAuth device code flow ([46f1699](https://github.com/kaitranntt/ccs/commit/46f1699b1c6f716d06c1eaa3dc6aac94dd5761ec)), closes [#189](https://github.com/kaitranntt/ccs/issues/189)

### Code Refactoring

* **config:** migrate to config.yaml as primary format ([b34469d](https://github.com/kaitranntt/ccs/commit/b34469d75fd2c2b7fd4f4cc4c0cc28885001649b)), closes [#142](https://github.com/kaitranntt/ccs/issues/142)
* **ghcp:** remove unused device code session management ([5de6ccc](https://github.com/kaitranntt/ccs/commit/5de6cccee08aa06d6533181a1db189a595c5e123))
2025-12-24 08:43:29 +00:00
Kai (Tam Nhu) TranandGitHub 948a20d342 Merge pull request #191 from kaitranntt/dev
feat(release): config setup wizard, device code display, and proxy bug fixes
2025-12-24 03:42:21 -05:00
github-actions[bot] 91a079ad20 chore(release): 7.5.1-dev.4 [skip ci] 2025-12-24 08:38:07 +00:00
kaitranntt a99b6eb93f fix(cliproxy): respect enabled:false and use protocol-based port defaults
- Fix port default logic: HTTP→8317, HTTPS→443 (was always 8317)
- Fix enabled:false being ignored in proxy config resolution
- Update stale comments referencing HTTP:80 to HTTP:8317
- Add 9 unit tests for edge cases (enabled handling, port defaults)
2025-12-24 03:36:48 -05:00
github-actions[bot] 659761f019 chore(release): 7.5.1-dev.3 [skip ci] 2025-12-24 08:24:13 +00:00
Kai (Tam Nhu) TranandGitHub 1a8ba4e40c Merge pull request #190 from kaitranntt/fix/ghcp-auth-code-display
fix(ghcp): display device code during OAuth device code flow
2025-12-24 03:23:11 -05:00
kaitranntt 5de6cccee0 refactor(ghcp): remove unused device code session management
- Remove unused functions: registerDeviceCode, completeDeviceCode,
  failDeviceCode, getActiveDeviceCode, hasActiveDeviceCode,
  getAllActiveDeviceCodes, ActiveSession interface, activeSessions Map
- Reduce device-code-handler.ts from 168 to 33 lines (YAGNI)
- Add ARIA labels to copy button for accessibility
- Fix timer to stop at 0 seconds instead of continuing negative
- Add "(Code expired)" visual indicator with destructive styling
- Change void sessionId to data-session-id attribute for debugging

Code review findings applied. Gemini OAuth unaffected (uses separate
project-selection-handler.ts with Authorization Code Flow).
2025-12-24 03:15:57 -05:00
kaitranntt 46f1699b1c fix(ghcp): display device code during OAuth device code flow
When authenticating with GitHub Copilot using device code flow,
the user code was not being displayed. This fix:

- Parses device codes from CLIProxy output in oauth-process.ts
- Displays code prominently in CLI terminal with box formatting
- Broadcasts device code events via WebSocket for UI display
- Creates DeviceCodeDialog component for web UI (ccs config)
- Follows same pattern as Gemini project selection dialog

Closes #189
2025-12-24 03:02:36 -05:00
github-actions[bot] 8d1f1a6a94 chore(release): 7.5.1-dev.2 [skip ci] 2025-12-24 04:03:58 +00:00