Files
Kai (Tam Nhu) TranGitHubgithub-actions[bot] <github-actions[bot]@users.noreply.github.com>
051805074e feat: account safety, quota monitoring, and stability fixes (#530)
* fix(cliproxy): migrate deprecated gemini-claude-* model names to upstream claude-* names (#515)

* fix(cliproxy): migrate deprecated gemini-claude-* model names to upstream claude-* names

CLIProxyAPI registry no longer recognizes the gemini-claude-* prefix convention.
Model names in catalog, base config, and user settings are migrated to upstream
claude-* names. Auto-migration in env-builder rewrites existing user settings on
load and persists the change.

Closes #513

* fix: address code review feedback — sync UI layer and add migration tests

- Sync UI isNativeGeminiModel() with backend (remove gemini-claude- exclusion)
- Update UI model catalog agy entries from gemini-claude-* to claude-*
- Update CI/CD workflow and code-reviewer default model names
- Add unit tests for migrateDeprecatedModelNames() logic

* fix(hooks): isolate image type check before error-prone processing (#514)

* fix(hooks): isolate image type check before error-prone processing

Restructure processHook() into two phases so non-image Read calls
never see hook error messages. Phase 1 defensively checks tool name
and file extension, exiting 0 silently on any failure. Phase 2 only
runs for confirmed image/PDF files where errors are relevant.

Closes #511

* fix(hooks): sync image analyzer hook file on every profile launch

Add installImageAnalyzerHook() call to cliproxy executor, matching
the existing installWebSearchHook() pattern. This ensures the .cjs
file in ~/.ccs/hooks/ gets refreshed from the npm package on every
launch, so users receive hook updates after npm update.

* chore(release): 7.41.0-dev.1 [skip ci]

* fix(cliproxy): add fork:true for Claude model aliases in config generator (#523)

Config generator now outputs fork:true for Claude model alias entries,
ensuring both upstream (claude-*) and aliased (gemini-claude-*) model
names appear in /v1/models listings. Also preserves fork flag when
parsing user-added aliases during config regeneration.

Bumps config version to v7 to trigger regeneration on next ccs doctor.

Closes #522

* chore(release): 7.41.0-dev.2 [skip ci]

* feat(cliproxy): add account safety guards to prevent Google account bans (#516)

* feat(cliproxy): add account safety guards to prevent Google account bans

Implements cross-provider isolation to prevent Google from flagging
concurrent OAuth usage across different client IDs (ref: #509, #512).

Three pillars:
1. Auto-pause enforcement at session launch — conflicting accounts in
   other Google OAuth providers are paused so CLIProxyAPI can't use them,
   restored on session exit with crash recovery via auto-paused.json
2. Ban/disable detection — error responses matching Google ban patterns
   auto-pause the affected account to prevent further damage
3. Cross-provider conflict warnings during OAuth registration

Key design decisions:
- PID-based session tracking for crash recovery (dead PID = restore)
- Timestamp comparison prevents restoring ban-paused accounts on exit
- Schema validation on auto-paused.json prevents corrupted state
- Falls back to warn-only when another session is managing isolation

* fix(cliproxy): address code review feedback (attempt 1/5)

- Re-read auto-paused.json before write in enforceProviderIsolation to
  reduce concurrent write race window
- Use actual email from registry for display instead of raw accountId
- Export maskEmail for testability
- Add 27 unit tests covering ban detection, email masking,
  cross-provider duplicate detection, enforcement lifecycle,
  crash recovery, and timestamp-guarded restore

* fix(cliproxy): address remaining review feedback (attempt 2/5)

- Add handleBanDetection test verifying account pause on ban error
- Add warnCrossProviderDuplicates tests (true/false/non-Google)
- Document PID reuse limitation in isPidAlive JSDoc comment

* chore(release): 7.41.0-dev.3 [skip ci]

* feat(cliproxy): runtime quota monitoring during active sessions (#529)

* feat(cliproxy): add runtime quota monitoring during active sessions

Adds adaptive background quota polling to detect and respond to quota
exhaustion during active CLIProxy sessions. Prevents rate-limit-driven
account bans by auto-cooling exhausted accounts and switching defaults.

- Adaptive polling: 300s normal, 60s at 20% threshold, stops at 0%
- Stderr warnings at 20%, boxed exhaustion alerts at 0%
- Cooldown + default switch on exhaustion (existing patterns)
- Configurable via quota_management.runtime_monitor in config.yaml
- Timer.unref() prevents blocking process exit
- monitorStopped guard for in-flight poll safety

Closes #524

* fix: address code review feedback (attempt 1/5)

- M1: Round quotaPercent display with Math.round() to avoid ugly floats
- M2: Rename exhaust_threshold -> exhaustion_threshold for consistency
  with existing auto.exhaustion_threshold config field
- M3: Replace async not.toThrow() with direct await assertion pattern

* fix: address code review feedback (attempt 2/5)

- Remove .claude/agent-memory/ from tracking and add to .gitignore
- Unify cooldown_minutes default to 5 (was 10 in runtime_monitor, 5 in auto)
- Add threshold validation in startQuotaMonitor (warn > exhaustion)
- Document intentional post-switch monitoring gap in code comment

* chore(release): 7.41.0-dev.4 [skip ci]

* fix(cliproxy): mask email in ban detection and fix JSDoc default

- Use maskEmail() in handleBanDetection output for consistency
- Fix cooldown_minutes JSDoc: default is 5, not 10

* chore(release): 7.41.0-dev.5 [skip ci]

* fix(cliproxy): address all review feedback (Low + informational)

- Add sync constraint comment on process.exit handler (executor)
- Add TOCTOU race acceptability comment (account-safety)
- Mask email in handleQuotaExhaustion reason string
- Use realistic exhaustion_threshold (5) in test configs

* chore(release): 7.41.0-dev.6 [skip ci]

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-12 00:48:29 +07:00

269 lines
7.7 KiB
JavaScript

/**
* Tests for Interactive Prompt Utilities
* Verifies prompt functions including selectFromList
*/
const assert = require('assert');
describe('InteractivePrompt', () => {
const { InteractivePrompt } = require('../../../dist/utils/prompt');
let originalArgv;
let originalEnv;
beforeEach(() => {
originalArgv = [...process.argv];
originalEnv = { ...process.env };
});
afterEach(() => {
process.argv = originalArgv;
process.env = originalEnv;
});
describe('selectFromList', () => {
describe('automation flags', () => {
it('uses default when CCS_YES=1', async () => {
process.env.CCS_YES = '1';
const options = [
{ id: 'opt1', label: 'Option 1' },
{ id: 'opt2', label: 'Option 2' },
];
try {
const result = await InteractivePrompt.selectFromList('Select:', options, {
defaultIndex: 0,
});
assert.strictEqual(result, 'opt1');
} finally {
delete process.env.CCS_YES;
}
});
it('uses default when --yes flag present', async () => {
process.argv = [...process.argv, '--yes'];
const options = [
{ id: 'first', label: 'First' },
{ id: 'second', label: 'Second' },
];
const result = await InteractivePrompt.selectFromList('Pick:', options, {
defaultIndex: 1,
});
assert.strictEqual(result, 'second');
});
it('uses default when -y flag present', async () => {
process.argv = [...process.argv, '-y'];
const options = [
{ id: 'a', label: 'A' },
{ id: 'b', label: 'B' },
];
const result = await InteractivePrompt.selectFromList('Choose:', options);
assert.strictEqual(result, 'a'); // default is 0
});
it('uses default when CCS_NO_INPUT=1', async () => {
process.env.CCS_NO_INPUT = '1';
const options = [
{ id: 'model1', label: 'Model 1' },
{ id: 'model2', label: 'Model 2' },
{ id: 'model3', label: 'Model 3' },
];
try {
const result = await InteractivePrompt.selectFromList('Select model:', options, {
defaultIndex: 2,
});
assert.strictEqual(result, 'model3');
} finally {
delete process.env.CCS_NO_INPUT;
}
});
it('uses default when --no-input flag present', async () => {
process.argv = [...process.argv, '--no-input'];
const options = [
{ id: 'x', label: 'X' },
{ id: 'y', label: 'Y' },
];
const result = await InteractivePrompt.selectFromList('Pick:', options);
assert.strictEqual(result, 'x');
});
});
describe('options structure', () => {
it('accepts options with id and label', async () => {
process.env.CCS_YES = '1';
const options = [
{ id: 'claude-opus-4-5-thinking', label: 'Claude Opus 4.5 Thinking' },
{ id: 'claude-sonnet-4-5', label: 'Claude Sonnet 4.5' },
];
try {
const result = await InteractivePrompt.selectFromList('Select:', options);
assert.strictEqual(result, 'claude-opus-4-5-thinking');
} finally {
delete process.env.CCS_YES;
}
});
it('respects custom defaultIndex', async () => {
process.env.CCS_YES = '1';
const options = [
{ id: 'first', label: 'First' },
{ id: 'second', label: 'Second' },
{ id: 'third', label: 'Third' },
];
try {
const result = await InteractivePrompt.selectFromList('Select:', options, {
defaultIndex: 2,
});
assert.strictEqual(result, 'third');
} finally {
delete process.env.CCS_YES;
}
});
it('defaults to index 0 when no defaultIndex provided', async () => {
process.env.CCS_YES = '1';
const options = [
{ id: 'a', label: 'A' },
{ id: 'b', label: 'B' },
];
try {
const result = await InteractivePrompt.selectFromList('Select:', options);
assert.strictEqual(result, 'a');
} finally {
delete process.env.CCS_YES;
}
});
});
});
describe('password - bracketed paste handling', () => {
/**
* Test helper: Simulates the escape sequence filtering logic from password()
* This mirrors the implementation to verify bracketed paste sequences are stripped
*/
function stripBracketedPaste(input) {
let result = '';
let escapeBuffer = '';
for (const char of input) {
const charCode = char.charCodeAt(0);
// ESC character (start of escape sequence)
if (charCode === 27) {
escapeBuffer = '\x1b';
continue;
}
// If we're in an escape sequence, buffer chars until we detect the pattern
if (escapeBuffer) {
escapeBuffer += char;
// Check for bracketed paste sequences: ESC[200~ (start) or ESC[201~ (end)
if (escapeBuffer === '\x1b[200~' || escapeBuffer === '\x1b[201~') {
escapeBuffer = '';
continue;
}
// If buffer is getting too long without match, it's not a paste sequence
if (escapeBuffer.length > 6) {
escapeBuffer = '';
}
continue;
}
// Regular printable character
if (charCode >= 32) {
result += char;
}
}
return result;
}
it('strips ESC[200~ (start paste) sequence', () => {
const input = '\x1b[200~sk-ant-api-key\x1b[201~';
const result = stripBracketedPaste(input);
assert.strictEqual(result, 'sk-ant-api-key');
});
it('handles API key pasted with bracketed paste mode', () => {
const pastedKey = '\x1b[200~sk-ant-api03-abcdefghijklmnop\x1b[201~';
const result = stripBracketedPaste(pastedKey);
assert.strictEqual(result, 'sk-ant-api03-abcdefghijklmnop');
});
it('passes through normal typed input without escape sequences', () => {
const typedKey = 'sk-ant-api03-normal-typing';
const result = stripBracketedPaste(typedKey);
assert.strictEqual(result, 'sk-ant-api03-normal-typing');
});
it('handles only start paste sequence', () => {
const input = '\x1b[200~my-api-key';
const result = stripBracketedPaste(input);
assert.strictEqual(result, 'my-api-key');
});
it('handles only end paste sequence', () => {
const input = 'my-api-key\x1b[201~';
const result = stripBracketedPaste(input);
assert.strictEqual(result, 'my-api-key');
});
it('handles multiple paste sequences', () => {
const input = '\x1b[200~first\x1b[201~\x1b[200~second\x1b[201~';
const result = stripBracketedPaste(input);
assert.strictEqual(result, 'firstsecond');
});
it('handles empty paste', () => {
const input = '\x1b[200~\x1b[201~';
const result = stripBracketedPaste(input);
assert.strictEqual(result, '');
});
});
describe('confirm', () => {
it('returns true when CCS_YES=1', async () => {
process.env.CCS_YES = '1';
try {
const result = await InteractivePrompt.confirm('Proceed?');
assert.strictEqual(result, true);
} finally {
delete process.env.CCS_YES;
}
});
it('returns true when --yes flag present', async () => {
process.argv = [...process.argv, '--yes'];
const result = await InteractivePrompt.confirm('Continue?');
assert.strictEqual(result, true);
});
it('returns true when -y flag present', async () => {
process.argv = [...process.argv, '-y'];
const result = await InteractivePrompt.confirm('Continue?');
assert.strictEqual(result, true);
});
});
});