You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
feat(v0.6.2): Hierarchical Swarm, reliability layer, 20 cookies providers, Devin, UX fixes
NEW FEATURES
Reliability & Security
Circuit Breaker: per-provider CLOSED/OPEN/HALF_OPEN state machine that auto-skips
failing upstreams and probes with HALF_OPEN to auto-recover (open-sse/services/circuitBreaker.js)
Health Monitor: in-memory sliding window per provider + SSE feed + live dashboard
(open-sse/services/healthMonitor.js, /api/health/stream, dashboard Health page)
Per-Key Model Access Control (ACL): allowedModels allow-list on each API key; requests
using a scoped key are rejected (403) up-front if the model isn't in the list
(schema allowedModels column, apiKeysRepo, keys API, chat.js ACL check)
"Cookies Provider" section on the Providers page (above OAuth) — uncomments + repositions
the previously dead Web Cookie section; renders all 20 cookie providers with a cookie
textarea input and Test All button
Model search box + "Test All (N)" button on every provider's Available Models section;
Test All is scoped to visible (search-filtered) models and runs concurrently
Provider card dot labels/colors now include a "Cookie" category (purple)
Validation + Test probes for all 17 new web-cookie providers (validate/route.js,
testUtils.js) — cookie parsing, WAF detection, anti-bot-aware messaging
CHANGES & FIXES
fix(cline): Cline 401 "Cannot read properties of undefined (reading 'toString')" —
refreshUrl was only in the oauth block and not injected to the flattened config by
buildTransport(), so PROVIDERS.cline.refreshUrl was undefined and crashed proxyAwareFetch.
Added tokenUrl + refreshUrl to cline registry transport to match clinepass.
fix(proxyFetch): harden proxyAwareFetch against undefined/null url with a clear error
message instead of the cryptic toString() crash
fix(clinepass): resolve 401 on ClinePass models — workos: prefix was wrongly applied to
API keys; improved isApiKey detection in clineAuth.js (JWT vs long opaque key vs prefix)
fix(ui): duplicate dropdown chevron in the Select component — native browser arrow was
not hidden; added appearance-none + vendor prefixes (fixes "API Type" double-arrow)
fix(devin): executor now resolves agent mode via PROVIDER_MODELS instead of the flattened
PROVIDERS.devin.models (which doesn't carry models after buildTransport)
fix(copilot-web): optional ws dynamic import marked webpackIgnore to avoid bundler
"Module not found" warning (native WebSocket fallback retained)
META
README: removed the 9router-era Video Guides section; added feature rows + detail
sections for Swarm, Health Monitor, Circuit Breaker, Per-Key ACL, Cookies Providers,
Devin, and Model Test All
bump version 0.6.1 → 0.6.2 (package.json, cli/package.json); dashboard version badge
reads dynamically from package.json