V0.1.6 hardening#1
Merged
Merged
Conversation
Shared Claude/Codex provider type with Display, FromStr, Serialize, Deserialize. Used by both CLI and daemon for provider selection.
- Share Arc<SessionManager> with health monitor (was duplicate instance) - Add 5-min timeout on send() subprocess (prevents indefinite lock hold) - Static LazyLock for ANSI regex in capture_pane (was recompiled per call) - Telegram bot retry with panic catching (DNS race on fresh VPS) - Telegram send retry (3 attempts for transient execution errors) - Provider-aware spawn/send with Codex device-auth and --skip-git-repo-check - Retry loop for tmux sessions (survive OAuth/auth failures) - find_claude_bin() checks both npm and curl install paths - git init in workspace for Codex compatibility - --add-dir for shared context access in Codex sessions
SSH -o options use first-match-wins (not last). The tunnel's ControlMaster=no/ControlPath=none overrides were silently ignored because ssh_base_args set them first. Now filters ControlMaster/ ControlPath/ControlPersist from base args before adding overrides. Also disables ControlMaster for interactive attach to prevent stale socket PTY allocation failures.
- Enable mouse capture for scroll support (3 lines/tick) - Refactor 3 identical spawn helpers into shared spawn_with_display_and_args (~150 LOC removed) - Add /provider slash command to TUI - Add parse tests for slash commands - Provider-neutral text in help and welcome screen
- Add `cloudcode provider [claude|codex]` CLI command - Fix Codex-only provisioning (was hard-requiring Claude config) - Switch Claude install from curl (403 Cloudflare) to npm - Fix Codex config format (flat key, not table) - Set default model to gpt-5.4-medium with disk-full-read-access - Update Hetzner server types (remove deprecated cx22 series) - Default to cx23, add ccx/cpx new types with current pricing - Provider-neutral text in all user-facing strings - Device-auth hints for Codex OAuth on VPS
- SPEC.md: comprehensive technical specification of current implementation - TODOS.md: tracked deferred work (file detection for /reply, Telegram auth) - Implementation specs for Codex integration and VPS session enhancements
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.