Commit Graph
66 Commits
Author SHA1 Message Date
Tam Nhu Tran 343c36f97d ci(release): use PAT_TOKEN for semantic-release branch protection bypass
semantic-release needs to push version bump + CHANGELOG commits directly
to main. GITHUB_TOKEN cannot bypass branch protection rules, causing
@semantic-release/git to fail with "push declined due to repository rule
violations". PAT_TOKEN has admin bypass and resolves the issue.
2026-03-04 01:42:29 +07:00
Tam Nhu Tran a259d957b1 fix(ci): remove PAT dependency from release workflow checkouts 2026-03-02 21:44:16 +07:00
Tam Nhu Tran b35c85d308 fix(ci): harden release workflows against PAT checkout failures 2026-03-02 21:33:21 +07:00
Tam Nhu Tran fdb32e2c53 fix(maintainability): make gate parallel-pr friendly 2026-02-26 14:46:56 +07:00
Tam Nhu Tran 68405239cd fix: resolve package.json version conflict from main merge 2026-02-24 00:12:56 +07:00
Tam Nhu Tran 0aed60febb fix(ci): enforce parity gate and stabilize test execution 2026-02-23 23:53:09 +07:00
Tam Nhu Tran b6f2d5d249 fix(ci): auto-close released issues in stable release workflow 2026-02-23 22:20:19 +07:00
Tam Nhu Tran 55ecbce3f5 ci(ai-review): switch from CLIProxy to GLM API for code reviews
Route AI code reviews through api.z.ai instead of localhost CLIProxy.
Uses GLM_API_KEY repo secret for authentication.
2026-02-17 01:55:29 +07:00
Kai (Tam Nhu) TranGitHubgithub-actions[bot] <github-actions[bot]@users.noreply.github.com>
051805074e feat: account safety, quota monitoring, and stability fixes (#530)
* fix(cliproxy): migrate deprecated gemini-claude-* model names to upstream claude-* names (#515)

* fix(cliproxy): migrate deprecated gemini-claude-* model names to upstream claude-* names

CLIProxyAPI registry no longer recognizes the gemini-claude-* prefix convention.
Model names in catalog, base config, and user settings are migrated to upstream
claude-* names. Auto-migration in env-builder rewrites existing user settings on
load and persists the change.

Closes #513

* fix: address code review feedback — sync UI layer and add migration tests

- Sync UI isNativeGeminiModel() with backend (remove gemini-claude- exclusion)
- Update UI model catalog agy entries from gemini-claude-* to claude-*
- Update CI/CD workflow and code-reviewer default model names
- Add unit tests for migrateDeprecatedModelNames() logic

* fix(hooks): isolate image type check before error-prone processing (#514)

* fix(hooks): isolate image type check before error-prone processing

Restructure processHook() into two phases so non-image Read calls
never see hook error messages. Phase 1 defensively checks tool name
and file extension, exiting 0 silently on any failure. Phase 2 only
runs for confirmed image/PDF files where errors are relevant.

Closes #511

* fix(hooks): sync image analyzer hook file on every profile launch

Add installImageAnalyzerHook() call to cliproxy executor, matching
the existing installWebSearchHook() pattern. This ensures the .cjs
file in ~/.ccs/hooks/ gets refreshed from the npm package on every
launch, so users receive hook updates after npm update.

* chore(release): 7.41.0-dev.1 [skip ci]

* fix(cliproxy): add fork:true for Claude model aliases in config generator (#523)

Config generator now outputs fork:true for Claude model alias entries,
ensuring both upstream (claude-*) and aliased (gemini-claude-*) model
names appear in /v1/models listings. Also preserves fork flag when
parsing user-added aliases during config regeneration.

Bumps config version to v7 to trigger regeneration on next ccs doctor.

Closes #522

* chore(release): 7.41.0-dev.2 [skip ci]

* feat(cliproxy): add account safety guards to prevent Google account bans (#516)

* feat(cliproxy): add account safety guards to prevent Google account bans

Implements cross-provider isolation to prevent Google from flagging
concurrent OAuth usage across different client IDs (ref: #509, #512).

Three pillars:
1. Auto-pause enforcement at session launch — conflicting accounts in
   other Google OAuth providers are paused so CLIProxyAPI can't use them,
   restored on session exit with crash recovery via auto-paused.json
2. Ban/disable detection — error responses matching Google ban patterns
   auto-pause the affected account to prevent further damage
3. Cross-provider conflict warnings during OAuth registration

Key design decisions:
- PID-based session tracking for crash recovery (dead PID = restore)
- Timestamp comparison prevents restoring ban-paused accounts on exit
- Schema validation on auto-paused.json prevents corrupted state
- Falls back to warn-only when another session is managing isolation

* fix(cliproxy): address code review feedback (attempt 1/5)

- Re-read auto-paused.json before write in enforceProviderIsolation to
  reduce concurrent write race window
- Use actual email from registry for display instead of raw accountId
- Export maskEmail for testability
- Add 27 unit tests covering ban detection, email masking,
  cross-provider duplicate detection, enforcement lifecycle,
  crash recovery, and timestamp-guarded restore

* fix(cliproxy): address remaining review feedback (attempt 2/5)

- Add handleBanDetection test verifying account pause on ban error
- Add warnCrossProviderDuplicates tests (true/false/non-Google)
- Document PID reuse limitation in isPidAlive JSDoc comment

* chore(release): 7.41.0-dev.3 [skip ci]

* feat(cliproxy): runtime quota monitoring during active sessions (#529)

* feat(cliproxy): add runtime quota monitoring during active sessions

Adds adaptive background quota polling to detect and respond to quota
exhaustion during active CLIProxy sessions. Prevents rate-limit-driven
account bans by auto-cooling exhausted accounts and switching defaults.

- Adaptive polling: 300s normal, 60s at 20% threshold, stops at 0%
- Stderr warnings at 20%, boxed exhaustion alerts at 0%
- Cooldown + default switch on exhaustion (existing patterns)
- Configurable via quota_management.runtime_monitor in config.yaml
- Timer.unref() prevents blocking process exit
- monitorStopped guard for in-flight poll safety

Closes #524

* fix: address code review feedback (attempt 1/5)

- M1: Round quotaPercent display with Math.round() to avoid ugly floats
- M2: Rename exhaust_threshold -> exhaustion_threshold for consistency
  with existing auto.exhaustion_threshold config field
- M3: Replace async not.toThrow() with direct await assertion pattern

* fix: address code review feedback (attempt 2/5)

- Remove .claude/agent-memory/ from tracking and add to .gitignore
- Unify cooldown_minutes default to 5 (was 10 in runtime_monitor, 5 in auto)
- Add threshold validation in startQuotaMonitor (warn > exhaustion)
- Document intentional post-switch monitoring gap in code comment

* chore(release): 7.41.0-dev.4 [skip ci]

* fix(cliproxy): mask email in ban detection and fix JSDoc default

- Use maskEmail() in handleBanDetection output for consistency
- Fix cooldown_minutes JSDoc: default is 5, not 10

* chore(release): 7.41.0-dev.5 [skip ci]

* fix(cliproxy): address all review feedback (Low + informational)

- Add sync constraint comment on process.exit handler (executor)
- Add TOCTOU race acceptability comment (account-safety)
- Mask email in handleQuotaExhaustion reason string
- Use realistic exhaustion_threshold (5) in test configs

* chore(release): 7.41.0-dev.6 [skip ci]

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-12 00:48:29 +07:00
Kai (Tam Nhu) TranGitHubCarlos Umanzorgithub-actions[bot] <github-actions[bot]@users.noreply.github.com>semantic-release-bot
0b394933ae feat: hybrid CLIProxy catalog sync + agent teams env fix (#486)
* fix(teams): propagate CLAUDE_CONFIG_DIR to tmux session for agent teammates

When CCS launches Claude with CLAUDE_CONFIG_DIR pointing to the isolated
instance path, agent team teammates spawned via tmux split-window don't
inherit it because tmux creates new panes from its own session environment.
This causes teammates to use ~/.claude/ instead of ~/.ccs/instances/{profile}/,
creating a split-brain in shared state (tasks, teams, mailbox).

Sets key CCS env vars in the tmux session environment via `tmux setenv` so
all new panes inherit the correct config directory.

* refactor(teams): use spawnSync array args instead of execSync string

Avoids shell interpretation of env values by passing args as array
to spawnSync instead of interpolating into a shell command string.

* chore(release): 7.38.0-dev.1 [skip ci]

* feat(cliproxy): add hybrid catalog sync with CLIProxyAPI (#485)

* chore(release): 7.38.0 [skip ci]

## [7.38.0](https://github.com/kaitranntt/ccs/compare/v7.37.1...v7.38.0) (2026-02-07)

### Features

* **release:** v7.38.0 - Extended Context, Qwen Models, Bug Fixes ([#480](https://github.com/kaitranntt/ccs/issues/480)) ([b454834](https://github.com/kaitranntt/ccs/commit/b4548341750804339c87c48259dd8741425d2acf)), closes [#472](https://github.com/kaitranntt/ccs/issues/472) [#474](https://github.com/kaitranntt/ccs/issues/474) [#103](https://github.com/kaitranntt/ccs/issues/103) [#478](https://github.com/kaitranntt/ccs/issues/478) [#482](https://github.com/kaitranntt/ccs/issues/482)

* feat(cliproxy): add hybrid catalog sync with CLIProxyAPI

Add `ccs cliproxy catalog` command family for syncing model catalogs
from CLIProxyAPI's model-definitions endpoint. Cached locally with
24h TTL, merges remote models with static catalog preserving
broken/deprecated flags. Dashboard API endpoint at /api/cliproxy/catalog.

Closes #477

---------

Co-authored-by: semantic-release-bot <semantic-release-bot@martynus.net>

* chore(reviewer): upgrade review model from opus 4.5 to opus 4.6

- update default model in code-reviewer.ts
- update REVIEW_MODEL, ANTHROPIC_MODEL, ANTHROPIC_DEFAULT_OPUS_MODEL
  in ai-review.yml workflow
- aligns reviewer with AGY model catalog default

* chore(release): 7.38.0-dev.2 [skip ci]

* fix(hooks): add image analysis env vars for settings-based profiles (#484)

* chore(release): 7.38.0 [skip ci]

## [7.38.0](https://github.com/kaitranntt/ccs/compare/v7.37.1...v7.38.0) (2026-02-07)

### Features

* **release:** v7.38.0 - Extended Context, Qwen Models, Bug Fixes ([#480](https://github.com/kaitranntt/ccs/issues/480)) ([b454834](https://github.com/kaitranntt/ccs/commit/b4548341750804339c87c48259dd8741425d2acf)), closes [#472](https://github.com/kaitranntt/ccs/issues/472) [#474](https://github.com/kaitranntt/ccs/issues/474) [#103](https://github.com/kaitranntt/ccs/issues/103) [#478](https://github.com/kaitranntt/ccs/issues/478) [#482](https://github.com/kaitranntt/ccs/issues/482)

* fix(hooks): add image analysis env vars for settings-based profiles

Image analysis hook was injected into settings files for API profiles
but the CCS_IMAGE_ANALYSIS_* env vars were never set, causing the hook
to skip. Add getImageAnalysisHookEnv() call to both settings-based and
GLMT proxy execution paths, matching CLIProxy profile behavior.

Closes #440

* fix(hooks): add hook env vars to copilot executor

Copilot profile had same gap as settings-based profiles: hooks installed
but webSearch/imageAnalysis env vars and CCS_PROFILE_TYPE never set.
Add missing env var injection matching other profile flows.

---------

Co-authored-by: semantic-release-bot <semantic-release-bot@martynus.net>

* chore(release): 7.38.0-dev.3 [skip ci]

---------

Co-authored-by: Carlos Umanzor <cumanzor@gmail.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: semantic-release-bot <semantic-release-bot@martynus.net>
2026-02-06 23:54:03 -05:00
kaitranntt d8f81b817e revert(ci): restore detailed AI review prompt structure
Reverts to the original guided output format with:
- Visual hierarchy with emojis and separators
- Priority tags (High/Medium/Low)
- Security and code quality checklists
- Ultrathink directive
- Reaction comments for /review triggers
- Model signature in review footer
2026-01-18 15:45:11 -05:00
kaitranntt 65c325d33e fix(ci): disable track_progress for workflow_dispatch events
track_progress is only supported for PR/issue events, not workflow_dispatch.
Made the setting conditional on event type.
2026-01-18 15:33:00 -05:00
kaitranntt a83a87bbc2 fix(ci): use placeholder API key to pass claude-code-action validation
claude-code-action validates that anthropic_api_key is non-empty before
running. CLIProxy ignores this value and uses ANTHROPIC_AUTH_TOKEN for
actual authentication.
2026-01-18 15:30:55 -05:00
kaitranntt bdfc40966a refactor(ci): simplify ai-review to vanilla claude-code-action
- Use anthropics/claude-code-action@v1 directly
- Remove ccs-reviewer wrapper dependency
- Match pr-review-comprehensive.yml pattern
- Keep CLIProxy env vars for model routing
- Restore comprehensive allowedTools for posting
2026-01-18 15:18:17 -05:00
kaitranntt 5e22547f3f refactor(ci): simplify ai-review to use claude-code-action directly
- Remove ccs-reviewer wrapper dependency
- Set ANTHROPIC_BASE_URL directly in env block
- Remove use_cliproxy input (no longer needed)
2026-01-18 14:58:36 -05:00
kaitranntt ac7b324d49 fix(ci): expand ai-review allowedTools to prevent token waste
- Add more allowed bash patterns: gh issue view, gh api, git commands
- Add base tools: Edit, LS for better flexibility
- Update prompt to write pr_review.md in working dir (not /tmp/)
- Add step to Read before Write to avoid security block
- Add explicit rules about avoiding shell operators (||, &&, <<)
- Allow rm pr_review.md for cleanup

Previous run had 9 tool rejections wasting ~5000 tokens due to:
- gh issue view not allowed (only gh pr view was)
- /tmp/ outside working directory
- Write without Read blocked
- Complex shell operators blocked
2026-01-14 13:31:18 -05:00
kaitranntt 7cfd3c1f9d fix(ci): add full CLIProxy env vars for AI review
- Use /api/provider/agy endpoint for proper model routing
- Set ANTHROPIC_DEFAULT_*_MODEL to route Haiku/Sonnet/Opus correctly
- Disable telemetry, error reporting, bug command
- Set max output/thinking tokens
2026-01-14 10:31:37 -05:00
kaitranntt e7dca480d3 fix(ci): add Write tool to allowedTools for PR comment posting
Root cause: Claude's allowedTools pattern matching is literal string
matching. Multiline content in --body breaks the `Bash(gh pr comment *)`
pattern. The Bash(cat *) pattern only matches reading, not writing with
redirection.

Changes:
- Add Write tool to allowedTools (enables temp file creation)
- Remove Bash(cat *) (not needed, Write replaces it)
- Update prompt to require Write + --body-file pattern
- Explicitly warn against inline --body with multiline content

Tested locally: Successfully posted comment using Write + --body-file
2026-01-14 10:06:05 -05:00
kaitranntt 0a27c6a12f fix(ci): expand allowedTools patterns for flexible comment posting
Add Bash(echo *) and Bash(cat *) patterns to allow heredocs and pipes.
This gives the AI reviewer flexibility to use any method for posting
multi-line review comments while remaining safe (shell-operator aware).
2026-01-13 16:43:39 -05:00
kaitranntt edec6f6df2 fix(ci): update allowedTools pattern to prevent token waste on retries
Changed pattern from `Bash(gh pr comment:*)` to `Bash(gh pr comment *)`
to match space-separated args. Updated prompt to discourage heredocs
and pipes which don't match the pattern, causing 6+ retry attempts.
2026-01-13 16:37:43 -05:00
kaitranntt 25d31ce432 fix(ci): prevent AI review self-cancellation with smart concurrency
Root cause: When the bot posts a review comment, GitHub fires an
issue_comment event that joins the same concurrency group and cancels
the in-progress run BEFORE job `if` conditions are evaluated.

Solution: Non-actionable triggers (bot comments, comments without
/review) get a unique per-run group via format('skip-{0}', github.run_id),
while legitimate triggers share the PR-based group for proper
cancellation of outdated reviews.
2026-01-13 16:03:02 -05:00
kaitranntt a2a13fb16e fix(ci): trigger AI review on follow-up commits to PR
- Add `synchronize` event to trigger on new commits pushed to PR
- Add `reopened` event to trigger when PR is reopened
- Update documentation comments to reflect new behavior
- Keep cancel-in-progress to prevent stale reviews

Fixes issue where AI review only ran on PR creation, requiring
manual /review comment for subsequent commits.
2026-01-13 15:52:18 -05:00
kaitranntt 4ef2d4848c fix(ci): simplify AI review workflow by disabling progress tracking
Root cause of cancellations was track_progress posting comments that
triggered new workflow runs. Instead of complex concurrency isolation,
simply disable progress tracking.

Changes:
- track_progress: false (no intermediate comments)
- Simple concurrency: ai-review-<PR_NUMBER>
- Removed extra bot filters (no longer needed)

Result: Clean PRs with just the final review comment.
2026-01-13 14:00:14 -05:00
kaitranntt 3163509052 fix(ci): isolate concurrency groups by comment author
Previous fix was incomplete - both human /review comments and bot
progress comments were issue_comment events sharing the same
concurrency group.

Now includes comment author in concurrency group:
- Human: ai-review-issue_comment-kaitranntt-320
- Bot: ai-review-issue_comment-ccs-agy-reviewer[bot]-320
- PR/dispatch: ai-review-<event>-system-320

This completely isolates bot activity from human-triggered reviews.
2026-01-13 13:49:20 -05:00
kaitranntt 120aca466d fix(ci): prevent self-cancelling AI review workflow
Root cause: Bot progress comments triggered issue_comment events,
which created new workflow runs with the same concurrency group,
causing cancel-in-progress to kill the original review.

Fixes:
1. Add event_name to concurrency group (prevents cross-event cancellation)
2. Explicit filter for ccs-agy-reviewer[bot] comments (belt-and-suspenders)

Closes race condition causing 25+ cancelled AI review runs.
2026-01-13 13:41:30 -05:00
kaitranntt 85f6bc07d4 fix(ci): add explicit instruction to post review as PR comment
The AI reviewer was completing the review but not posting it because
the prompt didn't explicitly instruct it to use gh pr comment.
2026-01-11 15:20:46 -05:00
kaitranntt ce70617ee9 fix(ci): exclude bot comments from triggering AI review
Bot progress comments were triggering new workflow runs,
which cancelled in-progress reviews due to concurrency group.
Added check for github.event.comment.user.type != 'Bot'.
2026-01-09 01:05:37 -05:00
kaitranntt 6f65697d74 fix(ci): only auto-review on PR opened, not synchronize
Removes synchronize trigger to prevent cancel-on-push issue.
Reviews now trigger:
- Auto: when PR is first opened
- Manual: via /review comment
- Manual: via workflow_dispatch

This prevents pushes to dev from cancelling in-progress reviews.
2026-01-08 11:10:55 -05:00
kaitranntt 6dcc8b2860 style(ci): enhance ai-review prompt with rich emoji formatting
- Add emojis to review focus areas and output sections
- Use priority color indicators (🔴/🟡/🟢)
- Add  for exceptional strengths
- Request tables for checklists
- Improve visual scannability
2026-01-08 11:06:55 -05:00
Kai (Tam Nhu) TranGitHubgithub-actions[bot] <github-actions[bot]@users.noreply.github.com>
5651935797 feat(ci): migrate ai-review to claude-code-action with fork PR support (#304)
* fix(ci): add persistent logging and remove turn/diff limits for AI review (#298)

- Remove --max-turns limit (unlimited exploration)
- Remove head -8000 diff limit (full diff)
- Add persistent logging to /opt/actions-runner/logs/ai-review/
- Save prompt, stdout, stderr, timing, metadata as separate files
- Add structured metadata.json with run details
- Separate stdout/stderr capture for better debugging
- Include debug info in failure comments (exit code, duration, log path)
- Retry without tool restrictions if first attempt fails

* fix(cliproxy): correct faulty version range to v81-85 and set v89 as stable (#302)

PR #289 incorrectly marked all v81+ as faulty. v89 confirmed stable.
- CLIPROXY_MAX_STABLE_VERSION: 6.6.80-0 → 6.6.89-0
- CLIPROXY_FAULTY_RANGE max: 6.6.999-0 → 6.6.85-0

* ci(github): migrate ai-review to claude-code-action with CLIProxy

- Replace manual claude CLI setup with anthropics/claude-code-action@v1
- Add REVIEW_MODEL env var for centralized model configuration
- Configure ANTHROPIC_BASE_URL for CLIProxy routing
- Enable track_progress for live PR comment updates
- Add model attribution footer instruction
- Restrict tools to gh pr commands, Read, Glob, Grep only
- Simplify workflow from 424 to 55 lines (-369 lines)

* chore(release): 7.16.0-dev.1 [skip ci]

* fix(ci): skip ai-review when secrets unavailable

Add secrets check to job condition to gracefully skip on fork PRs
where CCS_REVIEWER_APP_ID secret is not accessible

* chore(release): 7.16.0-dev.2 [skip ci]

* feat(ci): enable ai-review for fork PRs via pull_request_target

Use pull_request_target event to allow secrets access for fork PRs.
Safe for code review since we only read diff, not execute fork code.

* chore(release): 7.16.0-dev.3 [skip ci]

* fix(ci): disable track_progress for workflow_dispatch

* chore(release): 7.16.0-dev.4 [skip ci]

* fix(ci): clear Claude install locks before each run

* perf(ci): use pre-installed Claude executable on runner

* chore(release): 7.16.0-dev.5 [skip ci]

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-01-08 09:33:21 -06:00
Kai (Tam Nhu) TranandGitHub 6e0bf7cb1b fix(cliproxy): update version range and add persistent AI review logging (#303)
* fix(ci): add persistent logging and remove turn/diff limits for AI review (#298)

- Remove --max-turns limit (unlimited exploration)
- Remove head -8000 diff limit (full diff)
- Add persistent logging to /opt/actions-runner/logs/ai-review/
- Save prompt, stdout, stderr, timing, metadata as separate files
- Add structured metadata.json with run details
- Separate stdout/stderr capture for better debugging
- Include debug info in failure comments (exit code, duration, log path)
- Retry without tool restrictions if first attempt fails

* fix(cliproxy): correct faulty version range to v81-85 and set v89 as stable (#302)

PR #289 incorrectly marked all v81+ as faulty. v89 confirmed stable.
- CLIPROXY_MAX_STABLE_VERSION: 6.6.80-0 → 6.6.89-0
- CLIPROXY_FAULTY_RANGE max: 6.6.999-0 → 6.6.85-0
2026-01-08 09:15:34 -05:00
Kai (Tam Nhu) TranGitHubgithub-actions[bot] <github-actions[bot]@users.noreply.github.com>
c915ca5922 feat(ci): AI code review workflow with Claude Code CLI (#295)
* feat(ci): add AI code review workflow with Claude via CLIProxyAPI

- Self-hosted runner calls CLIProxyAPI at localhost:8317
- Triggers on PR open/update and /review comment
- Uses gemini-claude-opus-4-5-thinking for deep reviews
- Posts summary + inline comments via gh CLI
- Handles self-PR fallback to COMMENT mode

* chore(release): 7.15.0-dev.1 [skip ci]

* refactor(ci): use GitHub App for reviewer identity + new review format

- Posts as ccs-agy-reviewer[bot] via GitHub App token
- New review format: structured markdown with verdict, summary, issues table
- Single PR comment instead of inline comments
- Concise, focused on PR changes only

* chore(release): 7.15.0-dev.2 [skip ci]

* refactor(ci): switch to Claude Code CLI for reviews

- Use claude -p instead of custom TypeScript script
- Auto-install if not present on runner
- CLIProxyAPI via env vars (ANTHROPIC_BASE_URL, ANTHROPIC_MODEL)
- Allowed tools: Read, Glob, Grep
- Max 3 turns for file exploration

* chore(release): 7.15.0-dev.3 [skip ci]

* chore(release): 7.15.0-dev.4 [skip ci]

* feat(ci): add workflow_dispatch for manual review trigger

* chore(release): 7.15.0-dev.5 [skip ci]

* refactor(cliproxy): add faulty version range infrastructure (#289)

* refactor(cliproxy): add faulty version range infrastructure

- Add CLIPROXY_FAULTY_RANGE constant for marking known buggy versions
- Add isVersionFaulty() helper to version-checker.ts
- Update lifecycle.ts to warn users on faulty versions with upgrade suggestion
- Update health checks to distinguish faulty vs experimental versions
- Update stats routes to include faultyRange in API response
- Skip faulty versions when calculating latestStable

Infrastructure ready for future version promotions. Currently:
- v80 and below: stable
- v81+: marked as faulty (context cancellation bugs)

* chore: trigger review

* chore: re-trigger review

* chore: test PR trigger

* chore(release): 7.15.0-dev.6 [skip ci]

* fix(ci): rename workflow to force GitHub re-registration (#293)

* chore(release): 7.15.0-dev.7 [skip ci]

* fix(ci): use heredoc to avoid YAML parsing issues in workflow (#294)

* chore(release): 7.15.0-dev.8 [skip ci]

* fix(ci): enhance review prompt for better output format (#296)

* fix(ci): enhance review prompt for better output format

- Add emojis for visual hierarchy
- Include model name in review header
- Use severity table with file:line references
- Add summary section and suggestions

* fix: use pipe delimiter in sed to avoid slash issues

* feat(ci): comprehensive AI code review with codebase exploration

Key enhancements:
- Increased max-turns from 3 to 10 for deeper file exploration
- Added Read/Glob/Grep tool access for codebase analysis
- Checkout PR head for full file access during review
- Expanded prompt with 10+ analysis sections matching claudekit-cli quality
- Added fallback handling for review generation failures
- Increased diff limit from 5000 to 8000 lines
- Split prompt into separate step for YAML compatibility

* fix(ci): unify checkout logic for all trigger types

Apply AI review suggestion: use gh pr checkout for all event types
to ensure Read tool sees correct files on manual /review triggers

* feat(ci): force tool usage for comprehensive code review

Key changes:
- Add MANDATORY tool exploration step before writing review
- Explicit instructions to Read each changed file in full
- Require finding and reading test files via Glob
- Require usage search via Grep for breaking change detection
- Increase max-turns from 10 to 15 for deeper exploration
- Enhanced output format with code snippet examples
- Better testing section with specific file references

* fix(ci): add --force flag and retry logic for Claude install

* fix(ci): remove invalid --force flag from install script

* fix(ci): add fallback to claude install --force on lock conflict

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-01-07 03:19:45 -08:00
Kai (Tam Nhu) TranGitHubgithub-actions[bot] <github-actions[bot]@users.noreply.github.com>
b6d65209cd feat(ci): add workflow_dispatch for AI review (#291)
* feat(ci): add AI code review workflow with Claude via CLIProxyAPI

- Self-hosted runner calls CLIProxyAPI at localhost:8317
- Triggers on PR open/update and /review comment
- Uses gemini-claude-opus-4-5-thinking for deep reviews
- Posts summary + inline comments via gh CLI
- Handles self-PR fallback to COMMENT mode

* chore(release): 7.15.0-dev.1 [skip ci]

* refactor(ci): use GitHub App for reviewer identity + new review format

- Posts as ccs-agy-reviewer[bot] via GitHub App token
- New review format: structured markdown with verdict, summary, issues table
- Single PR comment instead of inline comments
- Concise, focused on PR changes only

* chore(release): 7.15.0-dev.2 [skip ci]

* refactor(ci): switch to Claude Code CLI for reviews

- Use claude -p instead of custom TypeScript script
- Auto-install if not present on runner
- CLIProxyAPI via env vars (ANTHROPIC_BASE_URL, ANTHROPIC_MODEL)
- Allowed tools: Read, Glob, Grep
- Max 3 turns for file exploration

* chore(release): 7.15.0-dev.3 [skip ci]

* chore(release): 7.15.0-dev.4 [skip ci]

* feat(ci): add workflow_dispatch for manual review trigger

* chore(release): 7.15.0-dev.5 [skip ci]

* refactor(cliproxy): add faulty version range infrastructure (#289)

* refactor(cliproxy): add faulty version range infrastructure

- Add CLIPROXY_FAULTY_RANGE constant for marking known buggy versions
- Add isVersionFaulty() helper to version-checker.ts
- Update lifecycle.ts to warn users on faulty versions with upgrade suggestion
- Update health checks to distinguish faulty vs experimental versions
- Update stats routes to include faultyRange in API response
- Skip faulty versions when calculating latestStable

Infrastructure ready for future version promotions. Currently:
- v80 and below: stable
- v81+: marked as faulty (context cancellation bugs)

* chore: trigger review

* chore: re-trigger review

* chore: test PR trigger

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-01-07 02:25:49 -08:00
Kai (Tam Nhu) TranGitHubgithub-actions[bot] <github-actions[bot]@users.noreply.github.com>
49c4d299c0 feat(ci): Claude Code CLI for AI reviews (#290)
* feat(ci): add AI code review workflow with Claude via CLIProxyAPI

- Self-hosted runner calls CLIProxyAPI at localhost:8317
- Triggers on PR open/update and /review comment
- Uses gemini-claude-opus-4-5-thinking for deep reviews
- Posts summary + inline comments via gh CLI
- Handles self-PR fallback to COMMENT mode

* chore(release): 7.15.0-dev.1 [skip ci]

* refactor(ci): use GitHub App for reviewer identity + new review format

- Posts as ccs-agy-reviewer[bot] via GitHub App token
- New review format: structured markdown with verdict, summary, issues table
- Single PR comment instead of inline comments
- Concise, focused on PR changes only

* chore(release): 7.15.0-dev.2 [skip ci]

* refactor(ci): switch to Claude Code CLI for reviews

- Use claude -p instead of custom TypeScript script
- Auto-install if not present on runner
- CLIProxyAPI via env vars (ANTHROPIC_BASE_URL, ANTHROPIC_MODEL)
- Allowed tools: Read, Glob, Grep
- Max 3 turns for file exploration

* chore(release): 7.15.0-dev.3 [skip ci]

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-01-07 02:11:14 -08:00
kaitranntt 36386209be ci: improve issue tagging and label management in release workflows 2025-12-21 18:57:46 -05:00
kaitranntt df77745eca fix(update): correct dev version comparison semantic
- dev versions (X.Y.Z-dev.N) now treated as newer than base release (X.Y.Z)
- reflects convention that dev work is AFTER the release, not before
- update GH Actions message to use 'ccs update --dev' instead of npm install
- update tests to match new semantic
2025-12-20 19:48:05 -05:00
kaitranntt dce4b36fc6 fix(ci): use custom dev versioning to preserve stable version coupling
Replaces semantic-release for dev branch with custom script that:
- Bases dev versions on current stable (e.g., 6.7.1-dev.N)
- Increments only the dev number, not the base version
- Keeps GitHub releases, issue tagging, Discord notifications
2025-12-20 19:05:44 -05:00
kaitranntt cff38ac53d fix(ci): use built-in GITHUB_TOKEN for release comments
Changes semantic-release to use the built-in GITHUB_TOKEN instead of
PAT_TOKEN so that release comments appear from github-actions[bot]
instead of the repository owner's personal account.

PAT_TOKEN is still used for checkout to ensure downstream workflows
can be triggered by the release commits.
2025-12-19 04:07:45 -05:00
kaitranntt 0f590c80d6 feat(ci): add semantic-release for dev branch with rich Discord notifications
- add .releaserc.cjs with branch-aware config (dev=prerelease, main=stable)

- add scripts/send-discord-release.cjs that parses CHANGELOG.md

- replace custom VERSION bumping with semantic-release

- add Discord webhook URL validation

- add release detection to prevent false notifications
2025-12-19 01:00:41 -05:00
kaitranntt ee76d663ae feat(ci): add Discord notifications for releases
- stable releases: fetch GH release, post green embed with changelog

- dev releases: post orange embed with version info

- graceful skip if webhook not configured
2025-12-19 00:26:22 -05:00
kaitranntt 4b969b6870 fix(ci): remove deprecated installer references from dev-release workflow
The native shell installers (install.sh, install.ps1) were removed in the
recent refactor, but the dev-release workflow still tried to update and
commit them, causing CI failures.
2025-12-18 18:16:39 -05:00
kaitranntt 5a8db2c1ee fix(ci): prevent shell injection from PR body markdown
Pass PR title and body via env vars instead of direct interpolation.
Prevents backticks in markdown code blocks from being executed as shell commands.
2025-12-13 23:31:52 -05:00
kaitranntt 27f9ea8f0f fix(ci): improve issue tagging - use bot, skip duplicates, simpler msg
- Use GITHUB_TOKEN for comments (posts as github-actions[bot])
- Skip issues already labeled released-dev (avoid spam)
- Simpler one-line comment format
2025-12-12 16:14:48 -05:00
kaitranntt 99f3a674b8 perf(ci): add HUSKY=0 to release workflow 2025-12-12 16:11:46 -05:00
kaitranntt d39095c7d6 perf(ci): reduce test redundancy from 4x to 1x per release
- Remove tests from pre-commit hook (keep typecheck+lint only)
- Remove build+validate from prepublishOnly/prepack (CI handles it)
- Add HUSKY=0 to CI commit step to skip hooks

Before: 4 test runs per release (pre-commit, CI validate, prepublishOnly, prepack)
After: 1 test run (CI validate only)
2025-12-12 16:11:06 -05:00
kaitranntt 763928f282 fix(ci): resolve YAML syntax error in dev-release workflow
Multi-line heredoc in issue comment was breaking YAML parsing.
Use inline multi-line string with proper indentation instead.
2025-12-12 15:57:24 -05:00
kaitranntt 5ef3e324f8 ci(release): add issue labeling for dev releases
- Add label-pending-release.yml workflow to tag issues when PR created
- Update dev-release.yml to comment and label issues after npm publish
- Labels: pending-release (yellow), released-dev (blue)
- Auto-removes pending-release when released-dev is applied
2025-12-12 05:57:58 -05:00
kaitranntt bff6acb2af chore: add GitHub Sponsors funding configuration
Add FUNDING.yml to enable "Sponsor" button on repository
2025-12-11 20:52:17 -05:00
kaitranntt 8095a4bc07 ci: optimize build pipeline to eliminate redundant builds
- validate now uses test:all directly (build already done)
- Added test:ci script for explicit CI usage
- ci.yml now builds UI deps and uses build:all
- dev-release.yml separates build and validate steps
- Reduces build count from 3-4 to 1 per release cycle
2025-12-09 17:47:33 -05:00
kaitranntt 8bffd5fc17 ci(release): update release workflows 2025-12-07 22:25:01 -05:00