- Add defensive type guard in misc-routes.ts to prevent runtime crash
if malformed tier_defaults object is passed to PUT /api/thinking
- Extract VALID_THINKING_TIERS constant to thinking-validator.ts
to eliminate duplication across validation code
- Export constant from cliproxy barrel file
Addresses P2/P3 items from PR #351 review
- Fix config-generator test assertion for parseUserApiKeys
- Update model-catalog tests to expect codex provider
- Remove outdated codex unsupported test from model-config
Add maxLevel field to ThinkingSupport interface to cap reasoning
effort at model's maximum supported level. This fixes Issue #344
where gpt-5-mini fails with xhigh reasoning (only supports high).
- Add Codex provider to model catalog with gpt-5.2-codex and gpt-5-mini
- Add capLevelAtMax() and capEffortAtModelMax() for runtime capping
- Update UI presets with new Codex models and tier mappings
Changed layout from vertical stack (space-y-1) to horizontal flex
with gap (flex items-center gap-2) to properly space the Port label
and input field in the local proxy settings card.
Reverts to the original guided output format with:
- Visual hierarchy with emojis and separators
- Priority tags (High/Medium/Low)
- Security and code quality checklists
- Ultrathink directive
- Reaction comments for /review triggers
- Model signature in review footer
claude-code-action validates that anthropic_api_key is non-empty before
running. CLIProxy ignores this value and uses ANTHROPIC_AUTH_TOKEN for
actual authentication.
- Use anthropics/claude-code-action@v1 directly
- Remove ccs-reviewer wrapper dependency
- Match pr-review-comprehensive.yml pattern
- Keep CLIProxy env vars for model routing
- Restore comprehensive allowedTools for posting
- Remove duplicate CLIProxyBackend type from platform-detector.ts (import from types.ts)
- Add warning for invalid --backend CLI value (was silently ignored)
- Show toast notification when backend change blocked by running proxy
- Migrate from deprecated CLIPROXY_FALLBACK_VERSION to getFallbackVersion()
- Add comprehensive JSDoc for backend API endpoints
Add cliproxy.backend config field to choose between CLIProxyAPI (original)
and CLIProxyAPIPlus backends. Includes CLI --backend flag, Dashboard toggle,
and provider validation to block Kiro/ghcp on original backend.
The previous test relied on client socket receiving close event from
server-side destroy, which is timing-dependent and flaky in CI.
New approach:
- Verify stop() behavior directly via getPort() returning null
- Test what we control (server state) not what we observe (client state)
- Remove timing-dependent assertions
- Faster and more reliable (83ms vs 1000ms+ timeout)
- Fix connection tracking test: wait for 'close' event instead of only
checking socket.destroyed (more reliable in CI environments)
- Increase timeout from 500ms to 1000ms for CI latency
- Add proper socket cleanup after test
- Merge dev changes: add projectId parameter to registerAccount()
- Add Pause icon with amber color for paused accounts
- Show styled "PAUSED" badge instead of plain error text
- Distinguish paused state from other errors visually
- Check isAccountPaused() before readAuthData() in fetchAccountQuota()
- Return "Account is paused" instead of confusing "Auth file not found"
- Improves UX by explaining why quota fetch fails for paused accounts
CLIProxyAPI's watcher uses filepath.Walk() which recursively scans
all subdirectories of auth/. Moving paused tokens to auth/paused/
subdirectory didn't hide them from CLIProxyAPI, causing token refresh
loops where paused tokens were immediately recreated.
Solution: Use auth-paused/ as a sibling directory instead of auth/paused/
subdirectory. This places paused tokens completely outside CLIProxyAPI's
scan path, preventing token discovery and refresh.
Path change:
- Before: ~/.ccs/cliproxy/auth/paused/
- After: ~/.ccs/cliproxy/auth-paused/
Address PR review feedback:
- Wrap fs.renameSync() in try-catch for pauseAccount/resumeAccount
- Wrap fs.mkdirSync() in try-catch for paused directory creation
- Add idempotent checks (skip if already paused/active)
- Rely on syncRegistryWithTokenFiles() for recovery on failure
Follows same error handling pattern as removeAccount().
- Validate empty string projectId with typeof check and trim()
- Include projectId in registerAccount return value
- Update projectId when changed (not just when missing)
- Add aria-hidden/aria-label for accessibility
- Add max-width + truncate for long projectId overflow