Skip to content

Releases: geekchongv/ccswitch-context-guard

CCProxy Agent v0.4.97

Choose a tag to compare

@github-actions github-actions released this 15 Jul 09:46

CCProxy Agent v0.4.97

This release adds macOS distribution, user-managed multimodal credentials, and adaptive protection against local-gateway HTTP 429 responses.

Highlights

  • Downloadable macOS DMG and ZIP packages for Apple Silicon (arm64) and Intel (x64).
  • Vision Base URL, path, model list, limits, prompt, and API key are configurable from the desktop UI.
  • Vision API keys are encrypted with the operating system's credential service and are never included in renderer state, logs, source control, or release packages.
  • Local gateway 429 responses trigger a shared cooldown, respect Retry-After, lower future traffic to one concurrent request, and perform one serialized retry inside the proxy.
  • Rate-limit cooldown and recovery appear in the protection-event timeline.

macOS installation

Choose arm64 for Apple Silicon or x64 for Intel Macs. This initial macOS release is unsigned; if Gatekeeper blocks the first launch, Control-click CCProxy Agent and choose Open. Configuration and encrypted secrets live in the macOS user-data directory rather than inside the application bundle.

Security

Release automation scans Windows and macOS output directories for private config.json files and configured secret sentinels. A combined SHA256SUMS.txt covers all published binaries.

CCProxy Agent v0.4.95

Choose a tag to compare

@github-actions github-actions released this 15 Jul 08:24

CCProxy Agent v0.4.95

This release replaces the original utility-style Electron shell with a complete desktop control center while preserving the existing context-protection gateway and configuration contracts.

Highlights

  • New CC Switch-inspired desktop information architecture
  • Clear client → CCProxy Agent → CC Switch routing visualization
  • Unified proxy controls and live process status
  • Product health panel and recent protection-event timeline
  • Structured network, context-guard, Claude integration, and multimodal settings
  • Persistent light and dark themes
  • Chinese UI encoding repaired throughout the renderer
  • Application-owned Windows icon instead of the Electron default

Interaction and safety improvements

  • Settings validate ports, context thresholds, and tool-result cleanup ranges before saving.
  • Ctrl+S saves the active settings page and Ctrl+, opens proxy settings.
  • Start, stop, restart, and configuration mutations expose loading and error feedback.
  • Empty health, event, and log states explain what data will appear instead of showing blank panels.
  • The renderer keeps the existing isolated preload bridge and does not enable Node integration.

Release integrity

  • Runtime version now comes from package.json, preventing the packaged UI from displaying an older hard-coded version.
  • The Windows package is scanned for private configuration files and configured secret bytes.
  • CI runs TypeScript checks, 71 automated tests, GUI reference validation, packaging, and a packaged context-rescue smoke test before publishing.
  • SHA256SUMS.txt is included with the Release assets.

Install

  1. Download CCProxy-Agent-v0.4.95.exe from this Release.
  2. Keep config.example.json beside it only as a reference; the application creates a secret-free local config.json on first start.
  3. Close any older CCProxy Agent instance before launching the new executable.

The portable package still includes the Electron runtime and is expected to remain around 86 MB. The interface rewrite itself adds only a small amount of application code.

v0.4.94

Choose a tag to compare

@github-actions github-actions released this 14 Jul 14:53

CCProxy Agent v0.4.94

Hotfix release: the v0.4.93 portable package could not start because the Electron entry file was missing from the asar archive. v0.4.94 fixes the build so CI once again produces a runnable Windows portable EXE.

Build fix

  • build:gui now bundles electron-main.ts to dist/electron-main.js (the entry referenced by package.json "main"), in addition to gui-preload.ts.
  • build:gui cleans dist first to prevent stale or missing entry files from drifting into the packaged archive.
  • Without this, electron-builder packed an asar whose entry file was absent and the EXE failed at launch with Application entry file ... was not found in this archive.

What this release contains

  • Security-hardened open-source packaging (unchanged from v0.4.93):
    • Private config.json is not copied beside the EXE or included in app.asar.
    • First startup creates a secret-free config.json beside the portable executable.
    • Packaging scans the full release directory for private config files and configured secret bytes.
    • Every release includes SHA256SUMS.txt and config.example.json.
  • Context recovery (unchanged from v0.4.93):
    • Agent rescue clears old tool results first.
    • The newest oversized tool result preserves bounded head and tail evidence instead of being erased.
    • JSON replay removes stale entity headers.
    • Anthropic and OpenAI SSE compact reminders are supported.
    • Chunk synthesis failures enter a one-shot context retry path.

Install

  1. Download CCProxy-Agent-v0.4.94.exe.
  2. Verify it with SHA256SUMS.txt.
  3. Run the EXE; a clean config.json is generated automatically.
  4. Configure CC Switch and optional Vision access in the desktop UI.

Windows may display a SmartScreen warning because the community build is not currently distributed with a commercial Authenticode certificate.

v0.4.91

Choose a tag to compare

@geekchongv geekchongv released this 11 Jul 06:41

v0.4.91

修复

  • rescue 路径过度清理:keepRecent=0,清理目标改用上游真实值+undercountRatio 计算
  • 阈值校准:代理估算≈真实值 0.5 倍,阈值砍半(compactThreshold 180K→90K,hardLimit 200K→130K,toolResultClear 170K/150K→80K/65K)

诊断

  • 上下文超限日志新增 upstreamBody 字段
  • 成功响应捕获上游 usage 对比
  • collectRequestFlags 精简日志

v0.4.5

Choose a tag to compare

@geekchongv geekchongv released this 10 Jul 07:31

CCProxy Agent v0.4.5

Highlights

  • Final synthesis is now hard-cap aware. After chunk execution, CCProxy Agent no longer places the full original messages JSON back into the synthesis request.
  • Synthesis now carries a bounded original-task preview plus chunk outputs, then truncates to the same hard-cap budget used by chunk execution.
  • Synthesis output tokens are capped at 4,000, preventing the previous large input + huge max_tokens failure pattern from reappearing at the final step.
  • The Windows GUI release is now packaged as a clean zip containing the portable exe, config.example.json, README, docs, license, changelog, and checksum.

Notes

  • v0.4.4 fixed the oversized single-chunk bug. v0.4.5 closes the follow-up synthesis path so the whole chunking pipeline is protected.
  • Added regression tests for oversized original messages and excessive chunk outputs during synthesis.
  • Release zip intentionally excludes local config.json, logs, runtime data, unpacked build directories, and secrets.

v0.4.2

Choose a tag to compare

@geekchongv geekchongv released this 09 Jul 16:37

CCProxy Agent v0.4.2

Highlights

  • Adds a product-focused health panel to the desktop console.
  • Shows proxy, upstream, Claude routing, and vision readiness at a glance.
  • Adds a protection event feed that turns technical logs into user-facing guardrail events.
  • Surfaces token budget checks, max_tokens reductions, context-limit retries, compact reminders, chunking, and vision preprocessing as readable timeline cards.
  • Adds README dashboard screenshots so new users can understand the running product faster.

Notes

  • The raw runtime log view is still available.
  • Protection events are derived from existing structured logs, so the request orchestration path is unchanged.
  • Vision readiness checks whether the configured vision API key environment variable is present when vision is enabled.

v0.4.0

Choose a tag to compare

@geekchongv geekchongv released this 08 Jul 09:44

CCProxy Agent v0.4 Release Notes

Summary

v0.4 adds multimodal image support for text-only downstream models.

Claude Desktop can send image blocks, but your downstream model may be GLM-5.2 or another text-only model. In that case, CCProxy Agent now intercepts the image, calls a dedicated vision model, injects a text summary, and strips the original image before forwarding downstream.

Default Vision Models

{
  "vision": {
    "enabled": true,
    "models": [
      "qwen3-vl-30b-a3b-instruct",
      "Qwen3.6-35B-A3B"
    ],
    "compareModels": true
  }
}

Both models are called by default. Their summaries are combined into one [VISION SUMMARY] block.

Secret Handling

The API key is not committed to config. Set it as a user environment variable:

[Environment]::SetEnvironmentVariable("CCPROXY_VISION_API_KEY", "your-token", "User")

Restart the proxy after setting the variable.

Flow

Claude Desktop image input
-> CCProxy Agent extracts image blocks
-> calls qwen3-vl-30b-a3b-instruct
-> calls Qwen3.6-35B-A3B
-> injects [VISION SUMMARY]
-> strips image blocks
-> forwards text-only request to ccswitch / GLM-5.2

Limits

Default limits:

{
  "maxImagesPerRequest": 5,
  "maxImageBytes": 5000000,
  "summaryMaxTokens": 1500
}

These guardrails prevent image payloads from exploding context size.

Validation

  • TypeScript check passes.
  • Unit tests pass.
  • Added regression coverage for dual vision model calls.
  • Live test confirmed qwen3-vl-30b-a3b-instruct can OCR the provided screenshot.
  • Live test confirmed Qwen3.6-35B-A3B can return normal content when enable_thinking=false.

v0.3.2

Choose a tag to compare

@geekchongv geekchongv released this 08 Jul 09:24

CCProxy Agent v0.3.2 Release Notes

Summary

v0.3.2 fixes Claude Desktop gateway probe failures where Desktop reported:

Gateway returned HTTP 500
responseBody: {"error":"ccproxy-agent internal error"}

Fixed

v0.3.1 preserved authentication headers correctly, but still forwarded hop-by-hop HTTP headers such as:

  • connection
  • keep-alive
  • transfer-encoding
  • upgrade
  • te
  • trailer

Those headers belong to a single client/proxy connection and should not be forwarded into the new upstream fetch call. In some Desktop probe requests, this could make the underlying fetch fail before ccswitch received the request.

v0.3.2 filters these headers while preserving useful headers such as:

  • Authorization
  • x-api-key
  • anthropic-version
  • content-type

Validation

Commands verified:

npm run check
npm test

Regression coverage:

  • Desktop gateway authorization headers are preserved.
  • Desktop-style requests carrying connection headers no longer produce an internal proxy failure.

v0.3.1

Choose a tag to compare

@geekchongv geekchongv released this 08 Jul 09:17

CCProxy Agent v0.3.1 Release Notes

Summary

v0.3.1 fixes a Claude Desktop gateway authentication regression introduced by v0.3.

Fixed

Claude Desktop sends its gateway credential to CCProxy Agent, but v0.3 did not preserve request headers when a request entered the AI orchestration layer. As a result, ccswitch could reject the request and Claude Desktop could show:

Couldn't sign in to Gateway
The provider rejected your credentials.

v0.3.1 forwards the original non-hop request headers through all AI paths:

  • normal request forwarding
  • max_tokens reduction
  • context-limit retry
  • chunk execution
  • synthesis request

Validation

Added a regression test that requires:

Authorization: Bearer desktop-token

The test now verifies that the header reaches the mock upstream after orchestration.

Commands verified:

npm run check
npm test

v0.3.0

Choose a tag to compare

@geekchongv geekchongv released this 08 Jul 09:11

CCProxy Agent v0.3 Release Notes

Summary

v0.3 adds Claude Desktop 3P gateway support on top of the existing Claude CLI support.

When ccswitch configures Claude Desktop with a local 3P gateway such as:

http://127.0.0.1:15721/claude-desktop

CCProxy Agent can temporarily rewrite the applied Claude Desktop config to:

http://127.0.0.1:15722/claude-desktop

Requests still flow to ccswitch, but now pass through CCProxy Agent first:

Claude Desktop -> CCProxy Agent :15722 -> ccswitch :15721 -> provider

New Capabilities

  • Detects Claude Desktop 3P local config library.
  • Reads _meta.json and patches only the currently applied config.
  • Preserves the existing ccswitch-generated models, API key, auth scheme, and gateway path.
  • Restores the previous Desktop gateway URL on shutdown.
  • Recovers stale Desktop patches left by a crashed previous process.
  • Treats prefixed routes such as /claude-desktop/v1/messages as AI routes, so the v0.2 token guard still applies.

Default Policy

{
  "claudeConfigPatch": {
    "enabled": true
  },
  "claudeDesktopConfigPatch": {
    "enabled": true
  }
}

On Windows, the default Desktop config path is:

%LOCALAPPDATA%/Claude-3p/configLibrary

Important Notes

  • Claude Desktop reads 3P config on launch. Fully quit and reopen Claude Desktop after the proxy starts.
  • This feature does not edit MCP server definitions.
  • This feature does not log the full Desktop config because that file may contain secrets.
  • If a managed MDM policy overrides local Desktop config, local patching may not take effect.