fix: handle missing OAuth credentials on macOS (Keychain support)#5
Merged
Nathan Schram (nathanschram) merged 2 commits intomasterfrom Feb 26, 2026
Merged
Conversation
On macOS, Claude Code stores OAuth credentials in the macOS Keychain, not in ~/.claude/.credentials.json. The plain-text file only exists on Linux. This caused FileNotFoundError crashes in the post-run usage footer, preventing message delivery to Telegram. - Add macOS Keychain fallback to _read_access_token() (tries file first, then `security find-generic-password` on darwin) - Catch FileNotFoundError and httpx.HTTPStatusError in _maybe_append_usage_footer() so messages are always delivered - Add 6 tests covering missing credentials, HTTP errors, Keychain fallback, and file-preferred-over-Keychain behaviour - Bump version to 0.23.2 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Nathan Schram (nathanschram)
deleted the
fix/v0.23.2-macos-credentials
branch
This was referenced Feb 26, 2026
4 tasks
Nathan Schram (nathanschram)
added a commit
that referenced
this pull request
Apr 15, 2026
…rs, runner, telegram, docs CodeRabbit flagged 1 critical + 15 major + 4 outside-diff issues during review of the v0.35.1 release PR. After triage, 15 are real bugs worth fixing before release; 3 are false positives and 2 are deferred. P0 — Critical functional regressions in v0.35.1 features: - triggers/cron.py: daily/weekly crons stop after first day. last_fired was keyed by (hour, minute) only, so tomorrow's 09:00 looked identical to today's and got suppressed forever. Now keyed by full date+time. (#11) - runner_bridge.py: tree_active subagent runs were force-killed at STALL_MAX_WARNINGS because the auto-cancel exemption only checked cpu_active. Now exempts tree_active when active children present. (#4) - triggers/actions.py: append_timestamp on_conflict used second-resolution names so two requests in the same second clobbered each other (the feature is meant to PREVENT that). Now uses time.time_ns() with a collision probe loop. (#9) P1 — Functional bugs in supporting features: - runners/claude.py: _PLAN_EXIT_APPROVED was only set in interactive approval. Auto-approve drain (auto permission mode + post-discuss approval) skipped the bookkeeping, defeating #283 in those flows. (#5) - telegram/parsing.py: offset was persisted before yield, so a crash between yield and consumer could record an unprocessed update as done. Now persists after yield. (#8) - triggers/rate_limit.py: per-hit warning logs flooded structured output and fed the issue watcher. Dropped to debug. (#16) - telegram/commands/config.py: reasoning levels weren't validated against engine support — manual callback_data could persist e.g. `max` on Codex. Defensive validation added. (#20) - telegram/bridge.py: docstring claimed chat_ids was hot-reloadable but it's never sourced from settings. Corrected docstring (#6). P2 — Doc/display quality: - triggers/describe.py: invalid DOW values were normalised via % 7 (8 → Mon); stepped patterns like */2 in dom/mon were rendered as "daily" due to substring check. Both now fall back to raw schedule. (#13, #14) - config.py: rs:max action had no toast entry. Added. (#19) - README.md: access matrix overstated isolation, omitted /file put, outbox, and webhook file_write/http_forward actions. Now accurate. (#3) - docs/reference/integration-testing.md: bot ID was reused as DM chat ID. Clarified that DM target is the user's chat ID. (#1) - docs/reference/specification.md: header said v0.35.1 but body said "Untether v0.35.0 specifies:". Synced to v0.35.1. (#17) - tests/test_claude_control.py: cleanup fixture only ran post-yield. Now runs pre- and post-yield. (#18) Skipped (false positives or out of scope): - #2 (version bump suggestion): user decision, not auto-applicable. - #7 (restart-only keys hot-reloaded): false positive — update_from is selective and only touches hot fields. - #12 (cron snapshot): false positive — remove_cron replaces the list, doesn't mutate in place. Deferred to follow-up issues: - #10 (Content-Type override on http_forward raw bodies) - #15 (duplicate cron ID/webhook path validation) Test additions: - test_trigger_cron.py: regression test for daily cron firing on consecutive days (covers #11) - test_describe_cron.py: 6 regression tests for #13/#14 fallback paths - test_config_command.py: split per-engine reasoning level test + regression test for codex/rs:max rejection (covers #20) - test_claude_control.py: clarified pre/post-yield cleanup (covers #18) Verified: 2172 tests pass (was 2164, +8 new), 81.51% coverage, ruff format/lint clean, build successful. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Nathan Schram (nathanschram)
added a commit
that referenced
this pull request
Apr 15, 2026
…rs, runner, telegram, docs (#311) CodeRabbit flagged 1 critical + 15 major + 4 outside-diff issues during review of the v0.35.1 release PR. After triage, 15 are real bugs worth fixing before release; 3 are false positives and 2 are deferred. P0 — Critical functional regressions in v0.35.1 features: - triggers/cron.py: daily/weekly crons stop after first day. last_fired was keyed by (hour, minute) only, so tomorrow's 09:00 looked identical to today's and got suppressed forever. Now keyed by full date+time. (#11) - runner_bridge.py: tree_active subagent runs were force-killed at STALL_MAX_WARNINGS because the auto-cancel exemption only checked cpu_active. Now exempts tree_active when active children present. (#4) - triggers/actions.py: append_timestamp on_conflict used second-resolution names so two requests in the same second clobbered each other (the feature is meant to PREVENT that). Now uses time.time_ns() with a collision probe loop. (#9) P1 — Functional bugs in supporting features: - runners/claude.py: _PLAN_EXIT_APPROVED was only set in interactive approval. Auto-approve drain (auto permission mode + post-discuss approval) skipped the bookkeeping, defeating #283 in those flows. (#5) - telegram/parsing.py: offset was persisted before yield, so a crash between yield and consumer could record an unprocessed update as done. Now persists after yield. (#8) - triggers/rate_limit.py: per-hit warning logs flooded structured output and fed the issue watcher. Dropped to debug. (#16) - telegram/commands/config.py: reasoning levels weren't validated against engine support — manual callback_data could persist e.g. `max` on Codex. Defensive validation added. (#20) - telegram/bridge.py: docstring claimed chat_ids was hot-reloadable but it's never sourced from settings. Corrected docstring (#6). P2 — Doc/display quality: - triggers/describe.py: invalid DOW values were normalised via % 7 (8 → Mon); stepped patterns like */2 in dom/mon were rendered as "daily" due to substring check. Both now fall back to raw schedule. (#13, #14) - config.py: rs:max action had no toast entry. Added. (#19) - README.md: access matrix overstated isolation, omitted /file put, outbox, and webhook file_write/http_forward actions. Now accurate. (#3) - docs/reference/integration-testing.md: bot ID was reused as DM chat ID. Clarified that DM target is the user's chat ID. (#1) - docs/reference/specification.md: header said v0.35.1 but body said "Untether v0.35.0 specifies:". Synced to v0.35.1. (#17) - tests/test_claude_control.py: cleanup fixture only ran post-yield. Now runs pre- and post-yield. (#18) Skipped (false positives or out of scope): - #2 (version bump suggestion): user decision, not auto-applicable. - #7 (restart-only keys hot-reloaded): false positive — update_from is selective and only touches hot fields. - #12 (cron snapshot): false positive — remove_cron replaces the list, doesn't mutate in place. Deferred to follow-up issues: - #10 (Content-Type override on http_forward raw bodies) - #15 (duplicate cron ID/webhook path validation) Test additions: - test_trigger_cron.py: regression test for daily cron firing on consecutive days (covers #11) - test_describe_cron.py: 6 regression tests for #13/#14 fallback paths - test_config_command.py: split per-engine reasoning level test + regression test for codex/rs:max rejection (covers #20) - test_claude_control.py: clarified pre/post-yield cleanup (covers #18) Verified: 2172 tests pass (was 2164, +8 new), 81.51% coverage, ruff format/lint clean, build successful. Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Merged
11 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
FileNotFoundErrorcrash when~/.claude/.credentials.jsondoesn't exist (macOS stores credentials in Keychain, not on disk)_read_access_token()— tries plain-text file first, thensecurity find-generic-password -s "Claude Code-credentials" -won darwin_maybe_append_usage_footer()except clause to catchFileNotFoundErrorandhttpx.HTTPStatusError— messages always delivered to Telegram even when usage data unavailableContext
On macOS, Claude Code stores OAuth credentials in the macOS Keychain and actively deletes the plain-text
.credentials.jsonfile (anthropics/claude-code#1414). Untether's usage footer was reading only the file, crashing the post-run handler before message delivery.Test plan
🤖 Generated with Claude Code