Commit Graph
1812 Commits
Author SHA1 Message Date
semantic-release-bot f3e7e2ad3c chore(release): 7.43.0 [skip ci]
## [7.43.0](https://github.com/kaitranntt/ccs/compare/v7.42.0...v7.43.0) (2026-02-11)

### Features

* **cliproxy:** add account safety guards to prevent Google account bans ([#516](https://github.com/kaitranntt/ccs/issues/516)) ([e055dac](https://github.com/kaitranntt/ccs/commit/e055dac1996bd3cd3c4e5ee0f11dad22d8d2a838)), closes [#509](https://github.com/kaitranntt/ccs/issues/509) [#512](https://github.com/kaitranntt/ccs/issues/512)
* **cliproxy:** runtime quota monitoring during active sessions ([#529](https://github.com/kaitranntt/ccs/issues/529)) ([c6c94a0](https://github.com/kaitranntt/ccs/commit/c6c94a0c1e7bf82dd56295a76d833d7d52694718)), closes [#524](https://github.com/kaitranntt/ccs/issues/524)
* **glm:** update default model to GLM-5 and fix all GLM pricing ([3e26dee](https://github.com/kaitranntt/ccs/commit/3e26dee0134fa576a57f216f232a0215084e74a3)), closes [#532](https://github.com/kaitranntt/ccs/issues/532)

### Bug Fixes

* **cliproxy:** add fork:true for Claude model aliases in config generator ([#523](https://github.com/kaitranntt/ccs/issues/523)) ([4065399](https://github.com/kaitranntt/ccs/commit/4065399d8aa46ccdb115081e461c5651d0afaa2e)), closes [#522](https://github.com/kaitranntt/ccs/issues/522)
* **cliproxy:** address all review feedback (Low + informational) ([7d049d8](https://github.com/kaitranntt/ccs/commit/7d049d8f1e8655856a1a9636d21f6eb3992752a0))
* **cliproxy:** mask email in ban detection and fix JSDoc default ([fcc605b](https://github.com/kaitranntt/ccs/commit/fcc605bc1f02af4da518d21c10f8c77b38a793ad))
* **cliproxy:** migrate deprecated gemini-claude-* model names to upstream claude-* names ([#515](https://github.com/kaitranntt/ccs/issues/515)) ([6afbb72](https://github.com/kaitranntt/ccs/commit/6afbb72b472029358fc3d9b2fed488fd4779695b)), closes [#513](https://github.com/kaitranntt/ccs/issues/513)
* **glm:** fix missed help text reference and glm-4.5-air pricing ([7d9c538](https://github.com/kaitranntt/ccs/commit/7d9c538248f93089ae6483af4ea1d01e555e2e20))
* **hooks:** isolate image type check before error-prone processing ([#514](https://github.com/kaitranntt/ccs/issues/514)) ([19de427](https://github.com/kaitranntt/ccs/commit/19de42704f683a29134982dfb643e97c3123bf7c)), closes [#511](https://github.com/kaitranntt/ccs/issues/511)
2026-02-11 19:24:41 +00:00
Kai (Tam Nhu) TranandGitHub fe77f6ddfe Merge pull request #534 from kaitranntt/dev
feat(glm): update default model to GLM-5 and fix all GLM pricing
2026-02-12 02:23:34 +07:00
github-actions[bot] 273e290bc0 chore(release): 7.42.0-dev.1 [skip ci] 2026-02-11 19:21:43 +00:00
Kai (Tam Nhu) TranandGitHub 0f871b619a Merge pull request #533 from kaitranntt/kai/feat/532-glm5-update
feat(glm): update default model to GLM-5 and fix all GLM pricing
2026-02-12 02:20:37 +07:00
Tam Nhu Tran 7d9c538248 fix(glm): fix missed help text reference and glm-4.5-air pricing
- Update delegation help text from "GLM-4.6" to "GLM-5"
- Fix glm-4.5-air pricing to OpenRouter verified rates:
  input $0.20 -> $0.13, output $1.10 -> $0.85, cache $0.03 -> $0.025
2026-02-12 01:52:32 +07:00
Tam Nhu Tran 3e26dee013 feat(glm): update default model to GLM-5 and fix all GLM pricing
- Update default GLM model from glm-4.7 to glm-5 across configs, presets, help text, and fallbacks
- Add glm-5 pricing entry ($1.00/$3.20 per M tokens, OpenRouter verified)
- Fix incorrect glm-4.7 pricing: $0.60/$2.20 -> $0.40/$1.50 (OpenRouter verified)
- Fix incorrect glm-4.6 pricing: $0.60/$2.20 -> $0.35/$1.50 (OpenRouter verified)
- Fix incorrect glm-4.5 pricing: $0.60/$2.20 -> $0.35/$1.55 (OpenRouter verified)
- Keep all previous GLM model entries for backward compatibility

Closes #532
2026-02-12 01:43:59 +07:00
github-actions[bot] dd7fb94e7e chore(sync): merge main into dev after release [skip ci]
# Conflicts:
#	package.json
2026-02-11 17:58:27 +00:00
semantic-release-bot f62f732249 chore(release): 7.42.0 [skip ci]
## [7.42.0](https://github.com/kaitranntt/ccs/compare/v7.41.0...v7.42.0) (2026-02-11)

### Features

* account safety, quota monitoring, and stability fixes ([#530](https://github.com/kaitranntt/ccs/issues/530)) ([0518050](https://github.com/kaitranntt/ccs/commit/051805074eb80db839a4deb8ab1dcb89f29766de)), closes [#515](https://github.com/kaitranntt/ccs/issues/515) [#513](https://github.com/kaitranntt/ccs/issues/513) [#514](https://github.com/kaitranntt/ccs/issues/514) [#511](https://github.com/kaitranntt/ccs/issues/511) [#523](https://github.com/kaitranntt/ccs/issues/523) [#522](https://github.com/kaitranntt/ccs/issues/522) [#516](https://github.com/kaitranntt/ccs/issues/516) [#509](https://github.com/kaitranntt/ccs/issues/509) [#512](https://github.com/kaitranntt/ccs/issues/512) [#529](https://github.com/kaitranntt/ccs/issues/529) [#524](https://github.com/kaitranntt/ccs/issues/524)
2026-02-11 17:57:36 +00:00
github-actions[bot] 77be8d7c9b chore(release): 7.41.0-dev.7 [skip ci] 2026-02-11 17:49:57 +00:00
Tam Nhu Tran a76e11e2de Merge remote-tracking branch 'origin/main' into dev 2026-02-12 00:48:46 +07:00
Kai (Tam Nhu) TranGitHubgithub-actions[bot] <github-actions[bot]@users.noreply.github.com>
051805074e feat: account safety, quota monitoring, and stability fixes (#530)
* fix(cliproxy): migrate deprecated gemini-claude-* model names to upstream claude-* names (#515)

* fix(cliproxy): migrate deprecated gemini-claude-* model names to upstream claude-* names

CLIProxyAPI registry no longer recognizes the gemini-claude-* prefix convention.
Model names in catalog, base config, and user settings are migrated to upstream
claude-* names. Auto-migration in env-builder rewrites existing user settings on
load and persists the change.

Closes #513

* fix: address code review feedback — sync UI layer and add migration tests

- Sync UI isNativeGeminiModel() with backend (remove gemini-claude- exclusion)
- Update UI model catalog agy entries from gemini-claude-* to claude-*
- Update CI/CD workflow and code-reviewer default model names
- Add unit tests for migrateDeprecatedModelNames() logic

* fix(hooks): isolate image type check before error-prone processing (#514)

* fix(hooks): isolate image type check before error-prone processing

Restructure processHook() into two phases so non-image Read calls
never see hook error messages. Phase 1 defensively checks tool name
and file extension, exiting 0 silently on any failure. Phase 2 only
runs for confirmed image/PDF files where errors are relevant.

Closes #511

* fix(hooks): sync image analyzer hook file on every profile launch

Add installImageAnalyzerHook() call to cliproxy executor, matching
the existing installWebSearchHook() pattern. This ensures the .cjs
file in ~/.ccs/hooks/ gets refreshed from the npm package on every
launch, so users receive hook updates after npm update.

* chore(release): 7.41.0-dev.1 [skip ci]

* fix(cliproxy): add fork:true for Claude model aliases in config generator (#523)

Config generator now outputs fork:true for Claude model alias entries,
ensuring both upstream (claude-*) and aliased (gemini-claude-*) model
names appear in /v1/models listings. Also preserves fork flag when
parsing user-added aliases during config regeneration.

Bumps config version to v7 to trigger regeneration on next ccs doctor.

Closes #522

* chore(release): 7.41.0-dev.2 [skip ci]

* feat(cliproxy): add account safety guards to prevent Google account bans (#516)

* feat(cliproxy): add account safety guards to prevent Google account bans

Implements cross-provider isolation to prevent Google from flagging
concurrent OAuth usage across different client IDs (ref: #509, #512).

Three pillars:
1. Auto-pause enforcement at session launch — conflicting accounts in
   other Google OAuth providers are paused so CLIProxyAPI can't use them,
   restored on session exit with crash recovery via auto-paused.json
2. Ban/disable detection — error responses matching Google ban patterns
   auto-pause the affected account to prevent further damage
3. Cross-provider conflict warnings during OAuth registration

Key design decisions:
- PID-based session tracking for crash recovery (dead PID = restore)
- Timestamp comparison prevents restoring ban-paused accounts on exit
- Schema validation on auto-paused.json prevents corrupted state
- Falls back to warn-only when another session is managing isolation

* fix(cliproxy): address code review feedback (attempt 1/5)

- Re-read auto-paused.json before write in enforceProviderIsolation to
  reduce concurrent write race window
- Use actual email from registry for display instead of raw accountId
- Export maskEmail for testability
- Add 27 unit tests covering ban detection, email masking,
  cross-provider duplicate detection, enforcement lifecycle,
  crash recovery, and timestamp-guarded restore

* fix(cliproxy): address remaining review feedback (attempt 2/5)

- Add handleBanDetection test verifying account pause on ban error
- Add warnCrossProviderDuplicates tests (true/false/non-Google)
- Document PID reuse limitation in isPidAlive JSDoc comment

* chore(release): 7.41.0-dev.3 [skip ci]

* feat(cliproxy): runtime quota monitoring during active sessions (#529)

* feat(cliproxy): add runtime quota monitoring during active sessions

Adds adaptive background quota polling to detect and respond to quota
exhaustion during active CLIProxy sessions. Prevents rate-limit-driven
account bans by auto-cooling exhausted accounts and switching defaults.

- Adaptive polling: 300s normal, 60s at 20% threshold, stops at 0%
- Stderr warnings at 20%, boxed exhaustion alerts at 0%
- Cooldown + default switch on exhaustion (existing patterns)
- Configurable via quota_management.runtime_monitor in config.yaml
- Timer.unref() prevents blocking process exit
- monitorStopped guard for in-flight poll safety

Closes #524

* fix: address code review feedback (attempt 1/5)

- M1: Round quotaPercent display with Math.round() to avoid ugly floats
- M2: Rename exhaust_threshold -> exhaustion_threshold for consistency
  with existing auto.exhaustion_threshold config field
- M3: Replace async not.toThrow() with direct await assertion pattern

* fix: address code review feedback (attempt 2/5)

- Remove .claude/agent-memory/ from tracking and add to .gitignore
- Unify cooldown_minutes default to 5 (was 10 in runtime_monitor, 5 in auto)
- Add threshold validation in startQuotaMonitor (warn > exhaustion)
- Document intentional post-switch monitoring gap in code comment

* chore(release): 7.41.0-dev.4 [skip ci]

* fix(cliproxy): mask email in ban detection and fix JSDoc default

- Use maskEmail() in handleBanDetection output for consistency
- Fix cooldown_minutes JSDoc: default is 5, not 10

* chore(release): 7.41.0-dev.5 [skip ci]

* fix(cliproxy): address all review feedback (Low + informational)

- Add sync constraint comment on process.exit handler (executor)
- Add TOCTOU race acceptability comment (account-safety)
- Mask email in handleQuotaExhaustion reason string
- Use realistic exhaustion_threshold (5) in test configs

* chore(release): 7.41.0-dev.6 [skip ci]

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-12 00:48:29 +07:00
github-actions[bot] 5fb67a5e0c chore(release): 7.41.0-dev.6 [skip ci] 2026-02-11 17:44:03 +00:00
Tam Nhu Tran 7d049d8f1e fix(cliproxy): address all review feedback (Low + informational)
- Add sync constraint comment on process.exit handler (executor)
- Add TOCTOU race acceptability comment (account-safety)
- Mask email in handleQuotaExhaustion reason string
- Use realistic exhaustion_threshold (5) in test configs
2026-02-12 00:42:54 +07:00
github-actions[bot] a7495cdd4f chore(release): 7.41.0-dev.5 [skip ci] 2026-02-11 17:35:23 +00:00
Tam Nhu Tran fcc605bc1f fix(cliproxy): mask email in ban detection and fix JSDoc default
- Use maskEmail() in handleBanDetection output for consistency
- Fix cooldown_minutes JSDoc: default is 5, not 10
2026-02-12 00:34:03 +07:00
github-actions[bot] 753ba3e249 chore(release): 7.41.0-dev.4 [skip ci] 2026-02-11 15:52:03 +00:00
Kai (Tam Nhu) TranandGitHub c6c94a0c1e feat(cliproxy): runtime quota monitoring during active sessions (#529)
* feat(cliproxy): add runtime quota monitoring during active sessions

Adds adaptive background quota polling to detect and respond to quota
exhaustion during active CLIProxy sessions. Prevents rate-limit-driven
account bans by auto-cooling exhausted accounts and switching defaults.

- Adaptive polling: 300s normal, 60s at 20% threshold, stops at 0%
- Stderr warnings at 20%, boxed exhaustion alerts at 0%
- Cooldown + default switch on exhaustion (existing patterns)
- Configurable via quota_management.runtime_monitor in config.yaml
- Timer.unref() prevents blocking process exit
- monitorStopped guard for in-flight poll safety

Closes #524

* fix: address code review feedback (attempt 1/5)

- M1: Round quotaPercent display with Math.round() to avoid ugly floats
- M2: Rename exhaust_threshold -> exhaustion_threshold for consistency
  with existing auto.exhaustion_threshold config field
- M3: Replace async not.toThrow() with direct await assertion pattern

* fix: address code review feedback (attempt 2/5)

- Remove .claude/agent-memory/ from tracking and add to .gitignore
- Unify cooldown_minutes default to 5 (was 10 in runtime_monitor, 5 in auto)
- Add threshold validation in startQuotaMonitor (warn > exhaustion)
- Document intentional post-switch monitoring gap in code comment
2026-02-11 22:50:50 +07:00
github-actions[bot] 0838b96429 chore(release): 7.41.0-dev.3 [skip ci] 2026-02-11 12:22:44 +00:00
Kai (Tam Nhu) TranandGitHub e055dac199 feat(cliproxy): add account safety guards to prevent Google account bans (#516)
* feat(cliproxy): add account safety guards to prevent Google account bans

Implements cross-provider isolation to prevent Google from flagging
concurrent OAuth usage across different client IDs (ref: #509, #512).

Three pillars:
1. Auto-pause enforcement at session launch — conflicting accounts in
   other Google OAuth providers are paused so CLIProxyAPI can't use them,
   restored on session exit with crash recovery via auto-paused.json
2. Ban/disable detection — error responses matching Google ban patterns
   auto-pause the affected account to prevent further damage
3. Cross-provider conflict warnings during OAuth registration

Key design decisions:
- PID-based session tracking for crash recovery (dead PID = restore)
- Timestamp comparison prevents restoring ban-paused accounts on exit
- Schema validation on auto-paused.json prevents corrupted state
- Falls back to warn-only when another session is managing isolation

* fix(cliproxy): address code review feedback (attempt 1/5)

- Re-read auto-paused.json before write in enforceProviderIsolation to
  reduce concurrent write race window
- Use actual email from registry for display instead of raw accountId
- Export maskEmail for testability
- Add 27 unit tests covering ban detection, email masking,
  cross-provider duplicate detection, enforcement lifecycle,
  crash recovery, and timestamp-guarded restore

* fix(cliproxy): address remaining review feedback (attempt 2/5)

- Add handleBanDetection test verifying account pause on ban error
- Add warnCrossProviderDuplicates tests (true/false/non-Google)
- Document PID reuse limitation in isPidAlive JSDoc comment
2026-02-11 19:21:31 +07:00
github-actions[bot] cfa207e0b6 chore(release): 7.41.0-dev.2 [skip ci] 2026-02-11 12:05:51 +00:00
Kai (Tam Nhu) TranandGitHub 4065399d8a fix(cliproxy): add fork:true for Claude model aliases in config generator (#523)
Config generator now outputs fork:true for Claude model alias entries,
ensuring both upstream (claude-*) and aliased (gemini-claude-*) model
names appear in /v1/models listings. Also preserves fork flag when
parsing user-added aliases during config regeneration.

Bumps config version to v7 to trigger regeneration on next ccs doctor.

Closes #522
2026-02-11 19:04:41 +07:00
github-actions[bot] 8244162ff3 chore(release): 7.41.0-dev.1 [skip ci] 2026-02-11 10:49:09 +00:00
Kai (Tam Nhu) TranandGitHub 19de42704f fix(hooks): isolate image type check before error-prone processing (#514)
* fix(hooks): isolate image type check before error-prone processing

Restructure processHook() into two phases so non-image Read calls
never see hook error messages. Phase 1 defensively checks tool name
and file extension, exiting 0 silently on any failure. Phase 2 only
runs for confirmed image/PDF files where errors are relevant.

Closes #511

* fix(hooks): sync image analyzer hook file on every profile launch

Add installImageAnalyzerHook() call to cliproxy executor, matching
the existing installWebSearchHook() pattern. This ensures the .cjs
file in ~/.ccs/hooks/ gets refreshed from the npm package on every
launch, so users receive hook updates after npm update.
2026-02-11 17:48:02 +07:00
Kai (Tam Nhu) TranandGitHub 6afbb72b47 fix(cliproxy): migrate deprecated gemini-claude-* model names to upstream claude-* names (#515)
* fix(cliproxy): migrate deprecated gemini-claude-* model names to upstream claude-* names

CLIProxyAPI registry no longer recognizes the gemini-claude-* prefix convention.
Model names in catalog, base config, and user settings are migrated to upstream
claude-* names. Auto-migration in env-builder rewrites existing user settings on
load and persists the change.

Closes #513

* fix: address code review feedback — sync UI layer and add migration tests

- Sync UI isNativeGeminiModel() with backend (remove gemini-claude- exclusion)
- Update UI model catalog agy entries from gemini-claude-* to claude-*
- Update CI/CD workflow and code-reviewer default model names
- Add unit tests for migrateDeprecatedModelNames() logic
2026-02-11 17:47:37 +07:00
semantic-release-bot 59e3e0286e chore(release): 7.41.0 [skip ci]
## [7.41.0](https://github.com/kaitranntt/ccs/compare/v7.40.0...v7.41.0) (2026-02-11)

### Features

* **config:** add CCS_DIR env var and --config-dir flag for config directory override ([7a0e6a4](https://github.com/kaitranntt/ccs/commit/7a0e6a4112b50dad14bf48004b07a77d1a5fd4d8)), closes [#507](https://github.com/kaitranntt/ccs/issues/507)
* **env:** add ccs env command for third-party tool integration ([2e85064](https://github.com/kaitranntt/ccs/commit/2e85064b8a6a3eed694abb56bef70bf889f648d3)), closes [#503](https://github.com/kaitranntt/ccs/issues/503)
* update cliproxy, config loader, glmt transformer, and provider routes ([8c6afe2](https://github.com/kaitranntt/ccs/commit/8c6afe2e73049ecfbb12cb29a894e83eb2576354))

### Bug Fixes

* **cliproxy:** prevent OAuth process hang on Qwen device code flow ([086bf95](https://github.com/kaitranntt/ccs/commit/086bf958e9c6c9d6d745e78a29a95a9a58490bf1)), closes [#314](https://github.com/kaitranntt/ccs/issues/314)
* **cliproxy:** strip Gemini-unsupported schema fields including "examples" ([505d6d0](https://github.com/kaitranntt/ccs/commit/505d6d0f111b11e4e231742d65d2a3bbfb73864a)), closes [#155](https://github.com/kaitranntt/ccs/issues/155)
* **config:** dynamic health message, cache getters, static imports, cloud hint ([706cca8](https://github.com/kaitranntt/ccs/commit/706cca8b3e57c1f9e6c559dc4c1a18ed6854a96d))
* **config:** lazy-evaluate paths, fix TOCTOU, segment-boundary cloud detection ([d5abc7d](https://github.com/kaitranntt/ccs/commit/d5abc7d69170132cc5c604c453e45f54fa2973b6))
* **config:** migrate all hardcoded paths to getCcsDir() and improve validation ([60d6bbd](https://github.com/kaitranntt/ccs/commit/60d6bbd0271a4bad4df1eaa705c11d34f7abd464))
* **config:** resolve remaining hardcoded paths and improve readability ([c8800b4](https://github.com/kaitranntt/ccs/commit/c8800b418a8ee2143366a2e199c42384ff5693f4))
* **delegation:** use exitCode instead of killed for process termination checks ([4b1fcac](https://github.com/kaitranntt/ccs/commit/4b1fcacf307e0bb8935495202f0322210eb395ea))
* **env:** add key sanitization and shell completions ([76457a5](https://github.com/kaitranntt/ccs/commit/76457a567d7d1fe52a983a3c6e37b49d503071c9))
* **env:** add missing CLIProxy profiles to bash completion and shell validation ([6d9351d](https://github.com/kaitranntt/ccs/commit/6d9351dcbc1baa4135d75361301e36cafc3556a3))
* **env:** address all PR review feedback ([44b3152](https://github.com/kaitranntt/ccs/commit/44b3152d347a7f0c96af4e2e4cd8027ea30634fc))
* **env:** address P1-P3 review items from code review ([3f5ecd4](https://github.com/kaitranntt/ccs/commit/3f5ecd4d6963a25ce909cd7e17fcca610d9dc978))
* **env:** fix fish escaping, profile parsing, and add OPENAI_MODEL mapping ([d5c03d1](https://github.com/kaitranntt/ccs/commit/d5c03d1f2d2ad600b4106a9a2fb38a028d099338))
* **env:** improve empty profile UX and consolidate shell validation constants ([b96eacf](https://github.com/kaitranntt/ccs/commit/b96eacfc06a97e89796620c1ea675aaac290e427))
* **env:** sync CLIProxy profiles across all shell completions and improve error messages ([a98f4a5](https://github.com/kaitranntt/ccs/commit/a98f4a54278f9f8d9e4b30ccccc900514c08b32f))
* **env:** use single quotes to prevent shell injection via eval ([a5dc15d](https://github.com/kaitranntt/ccs/commit/a5dc15d174dec2e39b251d63bc4a4093003fc0cb))
* separate type-only exports and migrate test imports from dist/ to src/ ([0483444](https://github.com/kaitranntt/ccs/commit/048344486456bd561c03a1441060bfc4ca650655))

### Documentation

* update local docs for ccs env command ([38bd562](https://github.com/kaitranntt/ccs/commit/38bd562687865c2cb523734509143390f83a5dcc))

### Code Refactoring

* **config:** DRY precedence logic, dynamic recovery messages, CCS_HOME cloud warning ([9699e01](https://github.com/kaitranntt/ccs/commit/9699e01725c3b33ca1bf24a4eeea7ec7f7e9c220))
* **utils:** extract killWithEscalation to shared process-utils ([90b4627](https://github.com/kaitranntt/ccs/commit/90b4627740ae90374b06e0013c09bd583e1ddb39))

### Tests

* **cliproxy:** add edge case coverage for Gemini schema sanitizer ([917f0bb](https://github.com/kaitranntt/ccs/commit/917f0bbef7b7132dca0c37e474a82a9bb07f0df1))
* **utils:** add unit tests for killWithEscalation ([dc9b276](https://github.com/kaitranntt/ccs/commit/dc9b27623bd3cd92dd1b556329d20fd62043b37b))
2026-02-11 07:13:59 +00:00
Kai (Tam Nhu) TranandGitHub 3c4678b2e8 Merge pull request #510 from kaitranntt/dev
feat: v7.40.0 — env command, config dir override, Gemini schema fix, OAuth hang fix
2026-02-11 14:12:44 +07:00
github-actions[bot] a0431466c1 chore(release): 7.40.0-dev.6 [skip ci] 2026-02-11 07:06:55 +00:00
Tam Nhu Tran 0483444864 fix: separate type-only exports and migrate test imports from dist/ to src/
Spinner interface re-exported as value in checks/index.ts caused Bun
runtime crash. Test files importing from dist/ failed without build step.
2026-02-11 14:05:33 +07:00
github-actions[bot] 8262c8d205 chore(release): 7.40.0-dev.5 [skip ci] 2026-02-11 05:12:38 +00:00
Kai (Tam Nhu) TranandGitHub 355a127910 Merge pull request #508 from kaitranntt/kai/feat/507-config-dir-override
feat(config): add CCS_DIR env var and --config-dir flag
2026-02-11 12:11:34 +07:00
Tam Nhu Tran 706cca8b3e fix(config): dynamic health message, cache getters, static imports, cloud hint
- Fix hardcoded 'Created ~/.ccs directory' in health-service.ts fixHealthIssue()
- Cache getCacheFile() in local vars: readDiskCache, writeDiskCache, clearDiskCache
- Convert dynamic imports of setGlobalConfigDir/detectCloudSyncPath to static
- Add remediation hint to cloud sync warning: 'Consider: CCS_DIR=/path/outside/cloud'
2026-02-11 12:05:07 +07:00
Tam Nhu Tran 9699e01725 refactor(config): DRY precedence logic, dynamic recovery messages, CCS_HOME cloud warning
- Extract shared _resolveCcsDir() to prevent getCcsDir/getCcsDirSource divergence
- Replace all hardcoded ~/.ccs/ and ~/.claude/ in recovery-manager.ts with
  dynamic paths from instance properties (ccsDir, claudeDir, sharedDir, etc.)
- Add cloud sync detection for CCS_HOME env var (parity with CCS_DIR/--config-dir)
- Cache getSessionSecretPath() in local var in auth-middleware.ts
- Cache getCacheDir() in local var in disk-cache.ts ensureCacheDir()
2026-02-11 11:52:30 +07:00
Tam Nhu Tran c8800b418a fix(config): resolve remaining hardcoded paths and improve readability
- Replace hardcoded ~/.ccs in error messages: ccs.ts (lines 83, 151)
  and delegation-handler.ts (line 333) now use getCcsDir()
- Cache repeated getter calls in local vars for readability:
  openrouter-catalog.ts getCachedModels/setCachedModels,
  aggregator.ts getInstancePaths
- Add path.resolve() for CCS_HOME env var consistency with CCS_DIR
2026-02-11 11:35:44 +07:00
github-actions[bot] 687c3f2b83 chore(release): 7.40.0-dev.4 [skip ci] 2026-02-11 04:31:16 +00:00
Kai (Tam Nhu) TranandGitHub 7ec60a5be9 Merge pull request #505 from kaitranntt/kai/feat/503-ccs-env-command
feat(env): add ccs env command for third-party tool integration
2026-02-11 11:30:11 +07:00
Tam Nhu Tran d5abc7d691 fix(config): lazy-evaluate paths, fix TOCTOU, segment-boundary cloud detection
- Convert 4 module-level constants to lazy-evaluated functions to avoid
  import-time caching: openrouter-catalog, aggregator, disk-cache, auth-middleware
- Fix symlink-checks.ts to use ccsDir parameter instead of homedir/.ccs,
  remove unused homedir parameter from checkSettingsSymlinks()
- Replace TOCTOU existsSync+statSync with single statSync in try/catch
  for --config-dir validation in ccs.ts
- Switch detectCloudSyncPath from substring to path-segment-boundary matching
  to prevent false positives (e.g., megauser != MEGA, Dropbox-api != Dropbox)
- Add test for false-positive protection
2026-02-11 11:24:34 +07:00
Tam Nhu Tran b96eacfc06 fix(env): improve empty profile UX and consolidate shell validation constants
- Return {} instead of null for valid-but-empty settings profiles
- Consolidate VALID_SHELLS and validShellInputs into VALID_SHELL_INPUTS
- Fix docs test count 33 → 34
2026-02-11 11:20:25 +07:00
Tam Nhu Tran 60d6bbd027 fix(config): migrate all hardcoded paths to getCcsDir() and improve validation
- Replace os.homedir() + '.ccs' with getCcsDir() across 14 instances in 13 files:
  version-command, model-config, openrouter-catalog, config-checks, disk-cache,
  aggregator, auth-middleware, shell-completion, shared-manager, recovery-manager,
  auto-repair, delegation-validator, claude-dir-installer, cliproxy executor
- Add isDirectory() validation for --config-dir argument in ccs.ts
- Make detectCloudSyncPath() case-insensitive for cloud provider matching
- Fix help-command.ts to use dynamic dirDisplay for all path references
- Add 5 new tests: setGlobalConfigDir precedence, relative path resolution,
  reset behavior, getCcsDirSource with --config-dir, case-insensitive detection
- Clean up unused os imports after migration
2026-02-11 11:15:08 +07:00
Tam Nhu Tran a98f4a5427 fix(env): sync CLIProxy profiles across all shell completions and improve error messages
- Add profile name completions to fish env subcommand
- Add iflow, kiro, ghcp, claude to zsh proxy_profiles and PS1 cliproxyProfiles
- Distinguish non-API profile type error from "profile not found"
2026-02-11 11:02:34 +07:00
Tam Nhu Tran 7a0e6a4112 feat(config): add CCS_DIR env var and --config-dir flag for config directory override
Allow users to relocate the entire ~/.ccs/ directory via CCS_DIR env var
or --config-dir CLI flag. Precedence: --config-dir > CCS_DIR > CCS_HOME > default.
Includes cloud sync path detection warning and doctor diagnostics.

Closes #507
2026-02-11 10:55:00 +07:00
Tam Nhu Tran 6d9351dcbc fix(env): add missing CLIProxy profiles to bash completion and shell validation
- Add iflow, kiro, ghcp, claude to bash completion env block
- Add --shell flag validation matching --format pattern
- Add backtick injection test case
2026-02-11 10:50:55 +07:00
Tam Nhu Tran 38bd562687 docs: update local docs for ccs env command
- codebase-summary: add env-command.ts and test file, update test count
- system-architecture: add env-command to CLI commands list
- project-overview-pdr: add FR-011 third-party tool integration, v7.39
- project-roadmap: add Phase 15 and v7.39 milestone
2026-02-11 07:29:36 +07:00
Tam Nhu Tran 3f5ecd4d69 fix(env): address P1-P3 review items from code review
- P1: Fix bash completion $cliproxy_profiles scoping — inline profiles
  in env block since variable is only defined at COMP_CWORD=1 scope
- P2: Detect account-based profiles and show specific error message
  instead of generic "not found"
- P2: Show `ccs migrate` hint when unified mode is disabled and settings
  profile resolution fails
- P2: transformToOpenAI omits empty entries at transform time instead of
  relying on output filter (removes fragile coupling)
- P3: Add zsh and auto to --shell completions across all 4 shells; map
  --shell zsh to bash in command handler since syntax is identical
- P3: Auto-detect PowerShell from SHELL containing pwsh on non-Windows
- Tests: 33 pass (+1 pwsh detection test, updated transform assertions)
2026-02-11 07:09:58 +07:00
Tam Nhu Tran d5c03d1f2d fix(env): fix fish escaping, profile parsing, and add OPENAI_MODEL mapping
- Fix P0: fish single-quote escaping uses '\'' (end-quote, literal, reopen)
  instead of \' which fish doesn't support inside single-quoted strings
- Fix P0: profile arg parsing now skips flag values via findProfile() so
  `ccs env --format openai gemini` correctly resolves to 'gemini'
- Add OPENAI_MODEL mapping from ANTHROPIC_MODEL in transformToOpenAI
- Add stderr warning when invalid env var keys are silently dropped
- Update --shell help text to mention zsh compatibility
- Add findProfile tests (6) and OPENAI_MODEL omission test
2026-02-11 06:52:21 +07:00
Tam Nhu Tran 44b3152d34 fix(env): address all PR review feedback
- Add settings profiles to zsh env completion (was proxy-only)
- Document intentional ANTHROPIC_MODEL omission in transformToOpenAI
- Use getCcsDir() in error hint instead of hardcoded ~/.ccs/
- Export parseFlag and add 5 unit tests for flag parsing
- Add fish and PowerShell single-quote escaping tests
2026-02-11 06:46:12 +07:00
Tam Nhu Tran 041e1c6cc2 chore: update lockfiles 2026-02-11 06:41:33 +07:00
Tam Nhu Tran 76457a567d fix(env): add key sanitization and shell completions
- Validate env var keys match ^[A-Za-z_][A-Za-z0-9_]*$ before output
  to prevent injection via crafted config files
- Add env command to all 4 shell completion scripts (bash, zsh, fish,
  PowerShell) with sub-completions for --format and --shell flags
2026-02-11 06:36:51 +07:00
Tam Nhu Tran a5dc15d174 fix(env): use single quotes to prevent shell injection via eval
Switch formatExportLine from double quotes to single quotes to prevent
shell metacharacter expansion ($(), backticks, etc.) when output is
consumed via eval. Also fix parseFlag to handle values containing =,
remove unused test imports, and add empty-output guard after format
transformation.
2026-02-11 06:26:52 +07:00
Tam Nhu Tran 2e85064b8a feat(env): add ccs env command for third-party tool integration
New `ccs env <profile>` command exports shell-evaluable environment
variables for OpenCode, Cursor, Continue, and other third-party tools.

Supports --format (openai|anthropic|raw) and --shell (auto|bash|fish|
powershell) flags. Auto-detects shell from $SHELL env var.

Closes #503
2026-02-11 02:38:29 +07:00
github-actions[bot] 372b04e6a9 chore(release): 7.40.0-dev.3 [skip ci] 2026-02-10 19:30:48 +00:00