Commit Graph
662 Commits
Author SHA1 Message Date
Tam Nhu Tran 945db1d690 feat(cliproxy): clarify codex effort mapping and preset UX 2026-02-14 11:31:18 +07:00
Tam Nhu Tran 826a42d8d6 fix(cliproxy): harden kiro device-code auth flow consistency 2026-02-14 10:55:14 +07:00
Tam Nhu Tran f02e7dc5c6 fix(cliproxy): address lifecycle port and thinking regressions 2026-02-14 10:23:39 +07:00
Tam Nhu Tran 8395364970 feat(cliproxy): add explicit start and restart commands 2026-02-14 09:41:40 +07:00
Kai (Tam Nhu) TranandGitHub 9796a21612 Merge pull request #559 from kaitranntt/fix/codex-reasoning-ux
fix: codex reasoning effort UX across cliproxy and -p
2026-02-14 09:08:20 +07:00
Kai (Tam Nhu) TranandGitHub 174a4c2777 Merge pull request #558 from kaitranntt/kai/fix/555-cursor-e2e
feat(cursor): complete end-to-end integration and dedicated dashboard UX
2026-02-14 09:03:09 +07:00
Tam Nhu Tran d28fb2cdbd test(cliproxy): stabilize thinking override assertion 2026-02-14 09:01:01 +07:00
Tam Nhu Tran f9df3cfa7a fix(cliproxy): unify codex reasoning flags and thinking flow 2026-02-14 07:44:59 +07:00
Tam Nhu Tran 9a76f866b0 fix(cursor): guard raw-settings save race and enforce daemon preconditions 2026-02-14 07:11:02 +07:00
Tam Nhu Tran 3410c52f7e fix(codex): preserve sonnet high alias on variant model updates 2026-02-14 06:33:46 +07:00
Tam Nhu Tran be9d7cf73e feat(cursor): complete daemon wiring and add dedicated dashboard page 2026-02-14 06:22:28 +07:00
Tam Nhu Tran 6c2083949f fix(cliproxy): mark Kiro as device_code flow for dashboard auth
CLIProxyAPIPlus uses device code flow for Kiro authentication, returning
{method: "device_code", state, status} without an immediate URL. The URL
is provided via polling the /get-auth-status endpoint.

Previously, Kiro was configured as authorization_code flow, causing
dashboard auth to fail with "No authorization URL received from CLIProxyAPI"
because the web-server routes expected synchronous URL response.

Changes:
- provider-capabilities.ts: kiro.oauthFlow = 'device_code', callbackPort = null
- provider-config.ts: Add 'kiro' to DEVICE_CODE_PROVIDERS array
- provider-capabilities.test.ts: Update test expectations

This routes Kiro through /start endpoint which properly handles device code
flow via WebSocket events (deviceCodeReceived, deviceCodeCompleted, etc).

Closes #552
2026-02-13 19:33:33 +07:00
Tam Nhu Tran bdec15f2fd chore(merge): resolve dev conflicts for pr 537
- merge latest origin/dev into feat/506-composite-provider-variant

- keep path-stable test assertions for update-checker and GLMT debug logs
2026-02-13 08:36:10 +07:00
Tam Nhu Tran c9faf6cdc9 test(cliproxy): stabilize path-sensitive CI test assertions
- infer update cache paths from runtime module behavior instead of hardcoded ~/.ccs

- assert GLMT default log path via getCcsDir to avoid cross-suite env leakage
2026-02-13 06:47:32 +07:00
Tam Nhu Tran 7dd4ce5453 test(cliproxy): add regression coverage for update consistency
- verify provider change requires model and rewrites provider-specific env

- verify composite updates preserve custom settings path and fields
2026-02-13 06:19:46 +07:00
Tam Nhu Tran 1a23f912a4 fix(cliproxy): harden composite validation and runtime safeguards 2026-02-13 05:34:30 +07:00
Tam Nhu Tran ca7bb23970 test: use getCcsDir() instead of os.homedir() for test isolation
GlmtTransformer and Beta Channel tests used hardcoded os.homedir()
paths which fail when CCS_HOME is set by other tests in full suite.
2026-02-13 05:23:23 +07:00
Tam Nhu Tran 4e5b502fc9 feat(cursor): namespace FIELD constants and implement true streaming SSE (#531, #535) 2026-02-13 04:12:29 +07:00
Tam Nhu Tran 2816c6652d chore(merge): resolve conflicts with origin/dev 2026-02-12 16:25:25 +07:00
Kai (Tam Nhu) TranandGitHub a2520d2ed8 Merge pull request #543 from kaitranntt/kai/feat/538-stream-d-hardening
chore(hardening): add debt inventory and async I/O kickoff (stream D)
2026-02-12 16:21:18 +07:00
Kai (Tam Nhu) TranandGitHub db94e7223a Merge pull request #544 from kaitranntt/kai/feat/538-stream-c-provider-cliproxy-web
refactor(cliproxy): centralize provider capability registry (stream C)
2026-02-12 16:21:05 +07:00
Tam Nhu Tran 851f870fa8 fix(test): avoid global ui mock leakage in shell completion tests 2026-02-12 15:52:52 +07:00
Tam Nhu Tran 65a1d8ae2c fix(hardening): handle regex literals after else/do 2026-02-12 15:20:22 +07:00
Tam Nhu Tran 0a8adb22fc fix(cliproxy): harden composite variant routing and validation 2026-02-12 15:18:33 +07:00
Tam Nhu Tran b98335c162 fix(commands): await async command validation 2026-02-12 14:18:48 +07:00
Tam Nhu Tran 924e3686c8 refactor(cliproxy): centralize provider capability registry 2026-02-12 12:59:17 +07:00
Tam Nhu Tran fc4b77bc52 refactor(commands): add command contract and migrate shell completion 2026-02-12 12:59:17 +07:00
Tam Nhu Tran cefb564948 chore(hardening): add debt inventory and async io kickoff 2026-02-12 12:57:46 +07:00
Tam Nhu Tran c35de7ec9a test(cliproxy): add thinking suffix test and document exit 0 behavior
- Add test case for comma-separated thinking params (32768,extended)
- Add clarifying comment to isProviderError() about exit 0 handling
2026-02-12 11:04:37 +07:00
Tam Nhu Tran 1d8d3d7671 chore: sync with dev after PR #527 merge 2026-02-12 11:01:10 +07:00
Tam Nhu Tran bfc9361701 fix(cursor): fix router fall-through, add daemon marker, use random test port
- Route all `ccs cursor *` to handleCursorCommand (no profile-switching)
- Add --ccs-daemon marker to spawned process for stable PID validation
- Use random port in lifecycle integration test to prevent CI conflicts
- Remove unnecessary .toFixed(1) on integer tokenAge
2026-02-12 08:37:01 +07:00
Tam Nhu Tran 760a5c3ca4 fix(cursor): harden stopDaemon PID validation, tighten regex, add lifecycle test
- Validate PID belongs to cursor daemon via /proc before signaling
- Tighten detectProvider regex to avoid over-matching o-prefixed models
- Add integration test for daemon start→health→stop lifecycle
- Add void cast on discarded handleHelp() return value
- Update model catalog date comment
2026-02-12 08:28:32 +07:00
Tam Nhu Tran 934238740e fix(cursor): export missing symbols, eliminate subcommand sync risk, improve tests
- Export detectProvider and formatModelName from barrel index
- Export CURSOR_SUBCOMMANDS from cursor-command.ts, import in ccs.ts
- Use getCcsDir() in tests instead of manual path construction
- Add handleCursorCommand routing test for unknown subcommand
2026-02-12 08:21:39 +07:00
Tam Nhu Tran cda037e7e5 fix(cursor): clean up PID file on startDaemon failure and improve daemon robustness
- Add removePidFile() in safeResolve on failure to prevent stale PIDs
- Only send SIGKILL in stopDaemon if SIGTERM wait loop exhausted
- Check isDaemonRunning before model fetch to avoid 5s timeout
- Add port validation unit tests for startDaemon
2026-02-12 08:11:41 +07:00
Tam Nhu Tran f9834c81c9 fix(cursor): add enabled field to tests, simplify cursor routing
- Add missing enabled field to CursorConfig in test assertions
- Consolidate duplicate dynamic import in ccs.ts cursor routing
2026-02-12 07:55:35 +07:00
Tam Nhu Tran ce1915366d fix(cursor): use stdio ignore, sequential polling, move CursorConfig to types
- Change spawn stdio from piped to 'ignore' preventing buffer deadlock
- Replace setInterval with sequential setTimeout polling
- Fix TOCTOU in SIGKILL escalation (send directly without probing)
- Move CursorConfig interface to types.ts
- Change detectProvider default from 'openai' to 'unknown'
- Remove redundant removePidFile() when PID is null
2026-02-12 07:51:22 +07:00
Tam Nhu Tran e0ae5f20ff test(cliproxy): add composite variant v2 unit tests
- Thinking config: 24 tests for applyThinkingSuffix, detectTierFromModel,
  getThinkingValueForTier, and applyThinkingConfig with compositeTierThinking
- Fallback: 42 tests for isProviderError, detectFailedTier, applyFallback,
  and PROVIDER_ERROR_PATTERNS
- Variant service: 9 tests for updateCompositeVariant,
  saveCompositeVariantUnified, and listVariantsFromConfig with composite types
2026-02-12 07:40:40 +07:00
Tam Nhu Tran 7d4e6d6b65 fix(cursor): add resolve guard, port validation, and daemon tests
- Add double-resolve guard in startDaemon with safeResolve wrapper
- Add port validation (1-65535) before Node.js script interpolation
- Fix misleading comment in stopDaemon (no PID file handling)
- Add getDaemonStatus test for no daemon running case
- Add stopDaemon tests for graceful non-existent PID handling
2026-02-12 04:27:35 +07:00
Tam Nhu Tran b8aaa58d6e fix(cursor): address remaining PR #528 review feedback
- Add comment explaining whitelist merge pattern in PUT /settings
- Add comment for bare 'ccs cursor' fallthrough (differs from copilot)
- Add unit tests for cursor settings routes validation logic
  - Tests for null/non-object/array body rejection
  - Tests for port validation (integer, range 1-65535)
  - Tests for auto_start/ghost_mode boolean validation
  - Tests for whitelist merge (ignores unknown properties)
  - Tests for /settings/raw validation and file operations
  - Tests for mtime conflict detection

All web-server tests pass. Pre-existing test failures unrelated.
2026-02-12 04:17:34 +07:00
Tam Nhu Tran afb5e746b3 fix(cursor): address remaining PR #527 review feedback
- Add SIGKILL escalation in stopDaemon after SIGTERM timeout
- Document router difference between cursor/copilot help behavior
- Fix detectProvider to handle o1/o4 models via regex pattern
- Add fetchModelsFromDaemon fallback test for unreachable daemon
- Update CLAUDE.md help table with cursor command entry
2026-02-12 04:14:28 +07:00
Tam Nhu Tran 9f0ea25448 fix(cursor): address PR #527 review feedback
- Wire cursor command into main router (ccs.ts) following copilot pattern
- Centralize default port (4242) and model (gpt-4.1) as constants
- Remove duplicate types already in cursor-protobuf-schema from dev
- Handle daemon exit code 0 before health check succeeds
- Export PID helpers and model utils for testability
- Add unit tests for cursor-daemon (PID file ops, isDaemonRunning)
- Add unit tests for cursor-models (detectProvider, formatModelName, defaults)
2026-02-12 04:03:01 +07:00
Kai (Tam Nhu) TranandGitHub 5df2965642 Merge pull request #525 from kaitranntt/kai/feat/518-cursor-protobuf-executor
feat(cursor): add ConnectRPC protobuf encoder/decoder and HTTP/2 executor
2026-02-12 03:48:23 +07:00
Tam Nhu Tran c5e8241393 fix(cursor): address fourth-round review feedback for protobuf module 2026-02-12 03:27:58 +07:00
Kai (Tam Nhu) TranandGitHub cb981db356 Merge pull request #526 from kaitranntt/kai/feat/519-cursor-auth-module
feat(cursor): add credential detection, SQLite token extraction, and auth status
2026-02-12 03:16:47 +07:00
Tam Nhu Tran 66a93ee46f fix(cursor): address third-round review feedback for protobuf module
HIGH PRIORITY FIXES:
- Extract shared buffer parsing logic into parseProtobufFrames generator
  method (DRY violation fix) - both JSON and SSE transformers now use
  common frame parsing loop, eliminating ~60% code duplication
- Use COMPRESS_FLAG constants instead of hardcoded 0x01/0x02/0x03 in
  parseConnectRPCFrame for better maintainability

MEDIUM PRIORITY FIXES:
- Return empty buffer on gzip decompression failure (prevents silent
  data corruption) - ALREADY FIXED
- Add debug warning for unknown message roles in convertMessages
- Create GitHub issue #535 for FIELD namespace refactoring follow-up
- Add test coverage: transformProtobufToSSE, error paths, unknown roles

LOW PRIORITY FIXES:
- Rename checksum test to clarify timestamp granularity (~16 min)
- Fix debug log function name in SSE transformer - FIXED BY REFACTOR
- Add comment to TOOL_RESULT_RESULT field documenting future use

All tests pass (1593 pass, 0 fail)
All validation checks pass (typecheck + lint + format + tests)
2026-02-12 03:15:24 +07:00
Tam Nhu Tran a8a68c9599 fix(cursor): address third-round review feedback for auth module 2026-02-12 03:09:35 +07:00
Tam Nhu Tran 3e26dee013 feat(glm): update default model to GLM-5 and fix all GLM pricing
- Update default GLM model from glm-4.7 to glm-5 across configs, presets, help text, and fallbacks
- Add glm-5 pricing entry ($1.00/$3.20 per M tokens, OpenRouter verified)
- Fix incorrect glm-4.7 pricing: $0.60/$2.20 -> $0.40/$1.50 (OpenRouter verified)
- Fix incorrect glm-4.6 pricing: $0.60/$2.20 -> $0.35/$1.50 (OpenRouter verified)
- Fix incorrect glm-4.5 pricing: $0.60/$2.20 -> $0.35/$1.55 (OpenRouter verified)
- Keep all previous GLM model entries for backward compatibility

Closes #532
2026-02-12 01:43:59 +07:00
Tam Nhu Tran e177a4b097 fix(cursor): address second-round review feedback for protobuf module
HIGH Priority:
- Add comprehensive unit tests (27 tests covering encoder, decoder, translator, executor)
  * encodeVarint/decodeVarint round-trip (0, 1, 127, 128, 16383, 0xFFFFFFFF)
  * encodeField/decodeField round-trip (VARINT, LEN string, LEN binary)
  * wrapConnectRPCFrame/parseConnectRPCFrame (compressed/uncompressed)
  * buildCursorRequest message translation (system, user, assistant, tool)
  * generateChecksum header format validation
  * buildHeaders output validation
  * transformProtobufToJSON basic conversion
- Create GitHub issue #531 for true streaming implementation
- Update TODO comment to reference issue #531

MEDIUM Priority:
- Export CursorCredentials from cursor-protobuf-schema.ts
- Add JSDoc grouping comments to FIELD constant for clarity
- Make hardcoded values configurable (CURSOR_CLIENT_VERSION, CURSOR_USER_AGENT)
- Add debug logging to 9 silent catch blocks (respects CCS_DEBUG env var)
- Fix stream check: stream !== false → stream === true

Bug Fixes:
- Fix decodeVarint to return unsigned values (>>> 0)
- Fix test assertion for Response.text() async API
2026-02-12 01:26:47 +07:00
Tam Nhu Tran 84a256d0ac fix(cursor): address second-round review feedback for auth module
- Add comprehensive unit tests for cursor-auth.test.ts
  - validateToken: valid/invalid tokens, short tokens, UUID formats, empty strings
  - extractUserInfo: JWT parsing, email handling, non-JWT tokens, malformed base64
  - saveCredentials/loadCredentials: round-trip, invalid JSON/types, missing fields
  - checkAuthStatus: authenticated/not authenticated, expired tokens, JWT exp, invalid dates
  - deleteCredentials: delete existing/non-existent files, multiple deletes
  - All tests use CCS_HOME env var for isolation, real file I/O, no mocks

- Fix dead try-catch around new Date() in checkAuthStatus()
  - Replace try-catch with isNaN check (new Date('garbage') returns Invalid Date, not throw)
  - Properly handle Invalid Date by checking isNaN(getTime())

- Fix email populated with sub claim in extractUserInfo()
  - Change email: decoded.email || decoded.sub to email: decoded.email || undefined
  - Prevent non-email values (UUIDs) from populating email field

- Add type guards for JSON.parse result in extractUserInfo()
  - Cast to Record<string, unknown> and validate types
  - Use typeof checks for email, userId, exp fields
2026-02-12 01:23:29 +07:00
Tam Nhu Tran 7d049d8f1e fix(cliproxy): address all review feedback (Low + informational)
- Add sync constraint comment on process.exit handler (executor)
- Add TOCTOU race acceptability comment (account-safety)
- Mask email in handleQuotaExhaustion reason string
- Use realistic exhaustion_threshold (5) in test configs
2026-02-12 00:42:54 +07:00