Skip to content

v3.9.0 — auto-1m-guard (#179) + worktree-edit-guard (#182)

Choose a tag to compare

View all tags
@vsits-proxy-builder vsits-proxy-builder released this 04 Jun 00:05
· 33 commits to main since this release
v3.9.0
3c97e32
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

First release routed through cc-triage. Two upstream-CC-bug workarounds, both load-bearing, both through full Codex + Lead + Chris human review.

Features

auto-1m-guard proxy extension (#186) — addresses CC#64919

Detects the context-1m-2025-08-07 token on the outbound anthropic-beta request header and either annotates the session JSON (warn) or removes the token before forwarding (strip). Modes via CACHE_FIX_AUTO_1M_GUARD:

  • off — extension no-op
  • warn (default) — annotation + stderr log line, no request mutation
  • strip (opt-in) — additionally removes the token from the header, defensive against duplicates, rejoins with the CC-canonical , separator

Addresses the VS Code Extension v2.1.161 behavior of force-selecting 1M context on Pro Plan and immediately consuming overage credits. The CC-side kill switch is CLAUDE_CODE_DISABLE_1M_CONTEXT=1; the proxy intercept covers the gap where that env var is reportedly unreliable on the VS Code extension surface.

Binary-walk in the directive (verified against CC v2.1.148 AND v2.1.161) established that CC strips the [1m] suffix from req.body.model client-side via the model sanitizer (sL / kJ) before sending, so the proxy-visible signal is the beta header, not the model field. See docs/directives/proxy-auto-1m-guard.md for the full binary references and name-translation table for future re-verifications.

worktree-edit-guard PreToolUse hook (#184) — addresses CC#59628

Ships under hooks/examples/worktree-edit-guard.py. PreToolUse hook script that blocks Edit/Write/MultiEdit/NotebookEdit tool calls whose realpath'd target falls outside the active git worktree, addressing the data-loss case where worktree sessions can dirty the parent main checkout's branch with no guardrail.

Strict-containment via realpath comparison. Depth-stable worktree detection via realpath-equality of git rev-parse --git-dir / --git-common-dir (works from any subdirectory). Symlink-escape covered for both existing targets and not-yet-existing targets (parent-dir realpath catches a symlinked parent). Independent of the proxy — users install by pointing at the absolute path from their own ~/.claude/settings.json. See docs/hooks/worktree-edit-guard.md for the install snippet.

A real load-bearing symlink-escape bug was caught during Codex review and fixed before release — the original implementation always used parent-dir realpath + basename, which let an existing symlink-file target resolve back to itself instead of its destination.

Other changes

  • tools/manual-compact.sh defaults to claude-opus-4-7 (was Sonnet 4.6) with relaxed per-turn truncation caps for higher-fidelity summaries (#169)
  • statusline: round bar tick like fill (community contribution, thanks @schuay, #155)
  • README (zh) refreshed to match the latest English (#178)

Packaging

  • hooks/ added to the npm files allowlist. Users installing via npm get hooks/examples/worktree-edit-guard.py and hooks/README.md locally at <npm-prefix>/lib/node_modules/claude-code-cache-fix/hooks/....

Tests

927 → 950 (+23 auto-1m-guard tests; +20 worktree-edit-guard tests from #184 also counted in the new total). All 950 pass on the exact released commit.

Install

npm install -g claude-code-cache-fix@3.9.0

Full diff

v3.8.0...v3.9.0

Contributors

schuay
Assets 2
Loading