@askalf/dario 3.31.2 → 3.31.4

package/README.md

@@ -1,6 +1,6 @@
 <p align="center">
   <h1 align="center">dario</h1>
-  <p align="center"><strong>A local LLM router. One endpoint, every provider.</strong><br>Runs on your machine. Unifies OpenAI, Groq, OpenRouter, Ollama, vLLM, LiteLLM, any OpenAI-compat URL, and your Claude Max / Pro subscription (via OAuth) behind one endpoint at <code>http://localhost:3456</code>. Speaks both the Anthropic Messages API and the OpenAI Chat Completions API, so your tools stop caring which vendor is upstream. Drops in under the <a href="https://www.npmjs.com/package/@anthropic-ai/claude-agent-sdk">Claude Agent SDK</a> as an API-key-compatible backend.</p>
+  <p align="center"><strong>A local LLM router. One endpoint, every provider.</strong><br>Runs on your machine. Unifies OpenAI, Groq, OpenRouter, Ollama, vLLM, LiteLLM, any OpenAI-compat URL, and your Claude Max subscription (via OAuth) behind one endpoint at <code>http://localhost:3456</code>. Speaks both the Anthropic Messages API and the OpenAI Chat Completions API, so your tools stop caring which vendor is upstream. Drops in under the <a href="https://www.npmjs.com/package/@anthropic-ai/claude-agent-sdk">Claude Agent SDK</a> as an API-key-compatible backend.</p>
 </p>
 
 <p align="center"><em>Zero runtime dependencies. <a href="https://www.npmjs.com/package/@askalf/dario">SLSA-attested</a> on every release. Nothing phones home. Independent, unofficial, third-party — see <a href="DISCLAIMER.md">DISCLAIMER.md</a>.</em></p>
@@ -21,7 +21,7 @@
 # 1. Install
 npm install -g @askalf/dario
 
-# 2. Log in to your Claude Max / Pro subscription
+# 2. Log in to your Claude Max subscription
 dario login                      # or `dario login --manual` for SSH / headless setups
 
 # 3. Start the local Claude API proxy
@@ -32,7 +32,7 @@ export ANTHROPIC_BASE_URL=http://localhost:3456
 export ANTHROPIC_API_KEY=dario
 ```
 
-Done. Every tool that honors those env vars — Claude Code, Cursor, Aider, Cline, Roo Code, Continue.dev, Zed, Windsurf, OpenHands, OpenClaw, Hermes, the [Claude Agent SDK](https://www.npmjs.com/package/@anthropic-ai/claude-agent-sdk), your own scripts — now routes through your **Claude Max / Pro subscription** instead of per-token API pricing, because dario sends the same request shape Claude Code itself sends, which is the shape the subscription-billing path recognizes.
+Done. Every tool that honors those env vars — Claude Code, Cursor, Aider, Cline, Roo Code, Continue.dev, Zed, Windsurf, OpenHands, OpenClaw, Hermes, the [Claude Agent SDK](https://www.npmjs.com/package/@anthropic-ai/claude-agent-sdk), your own scripts — now routes through your **Claude Max subscription** instead of per-token API pricing, because dario sends the same request shape Claude Code itself sends, which is the shape the subscription-billing path recognizes.
 
 For OpenAI / Groq / OpenRouter / Ollama / LiteLLM / vLLM, add one backend line and reuse the same proxy:
 
@@ -99,7 +99,7 @@ Beyond routing, the Claude backend is a **full Claude Code wire-level template**
 - **Developers using multiple LLMs across multiple tools** tired of juggling base URLs, keys, and per-tool provider configs.
 - **Teams running local or hosted OpenAI-compat servers** (LiteLLM, vLLM, Ollama, Groq, OpenRouter, self-hosted) who want one stable local endpoint every tool can reuse.
 - **Anyone building AI coding tools** who wants provider independence without writing an OpenAI ↔ Anthropic translator themselves.
-- **Claude Max / Pro subscribers** who want their subscription usable from every tool on their machine, not just Claude Code.
+- **Claude Max subscribers** who want their subscription usable from every tool on their machine, not just Claude Code.
 - **[Claude Agent SDK](https://www.npmjs.com/package/@anthropic-ai/claude-agent-sdk) users** who want OAuth-subscription routing under the SDK. Point `baseURL: 'http://localhost:3456'` and dario translates API-key calls into your Claude Max auth — agent code stays identical.
 - **Power users on multi-agent workloads** who want multi-account pooling, session stickiness, and in-flight 429 failover on their own machine, against their own subscriptions.
 - **Operators who care about wire-level fidelity** — the v3.22 – v3.28 tightening means proxy mode's divergence from CC is observable (via `dario doctor`) and tunable (flags + env vars for each axis).
@@ -150,7 +150,7 @@ Force a backend with a **provider prefix** on the model field (`openai:gpt-4o`,
 
 ### 2. Claude subscription backend
 
-OAuth-backed Claude Max / Pro, billed against your plan instead of the API. Activated by `dario login` (or `dario login --manual` for SSH / container setups without a browser, v3.20).
+OAuth-backed Claude Max, billed against your plan instead of the API. Activated by `dario login` (or `dario login --manual` for SSH / container setups without a browser, v3.20). Other plan tiers work if and only if Anthropic gives them Claude Code access — see the FAQ.
 
 **What it does.** Every outbound Claude request is rebuilt to match a request Claude Code itself would make — system prompt, tool definitions, identity headers, billing tag, beta flags, **header insertion order, static header values, `anthropic-beta` flag set, and top-level request-body key order** — using a live-extracted template from your actually-installed CC binary that self-heals on every upstream CC release. Because the wire shape matches CC, the upstream subscription-billing path is the one the request follows — instead of API overage.
 
@@ -208,7 +208,7 @@ Each request picks the account with the highest headroom:
 headroom = 1 - max(util_5h, util_7d)
 ```
 
-The response's `anthropic-ratelimit-unified-*` headers are parsed back into the pool so the next selection sees fresh utilization. An account that returns a 429 is marked `rejected` and routed around until its window resets. When every account is exhausted, requests queue for up to 60 seconds waiting for headroom to reappear. Plans can mix freely — Max and Pro accounts sit in the same pool; dario doesn't care about tier, only headroom.
+The response's `anthropic-ratelimit-unified-*` headers are parsed back into the pool so the next selection sees fresh utilization. An account that returns a 429 is marked `rejected` and routed around until its window resets. When every account is exhausted, requests queue for up to 60 seconds waiting for headroom to reappear. Plan tiers mix freely in the same pool — dario doesn't care about tier, only headroom.
 
 ### Session stickiness
 
@@ -466,7 +466,7 @@ Some tools use env vars (above works as-is); others want settings-UI entries:
    - Add `claude-haiku-4-5` (cheap)
 4. Select one of the new models in the chat input's model picker.
 
-Cursor now routes those model names through dario → your Claude Max / Pro subscription. `gpt-*` and `o*` model names still route through Cursor's default OpenAI path — dario doesn't interfere with non-Claude traffic unless you point Cursor's base URL at it exclusively.
+Cursor now routes those model names through dario → your Claude Max subscription. `gpt-*` and `o*` model names still route through Cursor's default OpenAI path — dario doesn't interfere with non-Claude traffic unless you point Cursor's base URL at it exclusively.
 
 #### Continue.dev
 
@@ -590,7 +590,7 @@ Fix: run dario with `--preserve-tools`. That skips the CC tool remap entirely, p
 dario proxy --preserve-tools
 ```
 
-The cost: requests no longer look like CC on the wire, so the subscription-billing wire shape is gone. On a Max/Pro plan, that means the request may be counted against your API usage rather than your subscription quota. [Hybrid tool mode](#hybrid-tool-mode) below is the compromise that keeps both.
+The cost: requests no longer look like CC on the wire, so the subscription-billing wire shape is gone. On a subscription plan, that means the request may be counted against your API usage rather than your subscription quota. [Hybrid tool mode](#hybrid-tool-mode) below is the compromise that keeps both.
 
 The OpenAI-compat backend is unaffected — it forwards tool definitions byte-for-byte and doesn't need this flag.
 
@@ -737,10 +737,13 @@ Four independent senior-engineer-style reviews from frontier LLMs, same prompt,
 Mechanically: dario's Claude backend uses your existing Claude Code credentials with the same OAuth tokens CC uses. It authenticates you as you, with your subscription, through Anthropic's official API endpoints. Whether any particular use complies with Anthropic's current terms of service is between you and Anthropic — consult their terms and your own subscription agreement. This project is an independent, unofficial, third-party tool and does not provide legal advice. See [DISCLAIMER.md](DISCLAIMER.md).
 
 **What subscription plans work on the Claude backend?**
-Claude Max and Claude Pro. Any plan that lets you use Claude Code.
+Any plan whose account currently has Claude Code access — Max has it unconditionally; Pro has it as of this writing but that's an upstream decision that has moved once already (see next entry). If `claude /login` on your account works and `claude -p "hi"` returns a response on subscription billing, dario's Claude backend will work too. If Anthropic removes Claude Code from your plan tier, dario's Claude backend stops working on that account — there is nothing dario can do at the client side to change that. Swap to a plan with Claude Code access, or use an OpenAI-compat backend instead.
+
+**Is it true Anthropic removed Claude Code from Pro plans?**
+On 2026-04-21 Anthropic temporarily removed Claude Code from new Pro signups, per [wheresyoured.at](https://www.wheresyoured.at/news-anthropic-removes-pro-cc/). Existing Pro users reportedly kept access; Anthropic's Head of Growth characterized it as "a small test of 2% of new prosumer signups," and the change was reversed at an unknown time. If you are a Pro user and dario's Claude backend stops billing against your subscription without warning, this is the class of thing to check — run `claude -p "hi"` directly and see whether Anthropic itself routes you to subscription billing. If they don't, dario can't either. The practical mitigation on dario's side is [multi-account pool mode](#multi-account-pool-mode) — having a backup account on a plan Anthropic hasn't moved the goalposts on, so a single plan-tier change doesn't take all your traffic down at once.
 
 **Does it work with Team / Enterprise?**
-Should work if your plan includes Claude Code access. Not widely tested yet — open an issue with results.
+Yes — tested and confirmed working as long as your plan includes Claude Code access.
 
 **Do I need Claude Code installed?**
 Recommended for the Claude backend, not strictly required. With CC installed, `dario login` picks up your credentials automatically, and the live template extractor reads your CC binary on every startup so the template stays current. Without CC, dario runs its own OAuth flow and falls back to the bundled template snapshot (scrubbed of host context at bake time as of v3.21). Drift detection warns you if your installed CC doesn't match the captured template, so upgrade windows don't silently ship stale templates.
@@ -797,7 +800,7 @@ Claude subscriptions have rolling 5-hour and 7-day usage windows. Check utilizat
 | `seven_day` | You've exhausted (or come close to exhausting) the 5-hour window for this rolling cycle, so Anthropic is charging this request against the 7-day bucket. **Still subscription billing. Still your plan.** Not API pricing, not overage. |
 | `overage` | Both subscription windows are effectively exhausted. *This* is where per-token Extra Usage charges kick in — if you've enabled Extra Usage on the account. If not, you get 429'd instead. |
 
-Seeing `seven_day` is a healthy state. Your Max/Pro plan is doing exactly what it's supposed to do: letting you keep working past short bursts of heavy use by absorbing them into the larger 7-day bucket. When your 5-hour window rolls forward enough, the claim on new requests will go back to `five_hour` on its own. If the 7-day bucket is painful, add more Claude subscriptions to the pool — each account has its own independent 5h/7d windows, and pool mode routes each request to the account with the most headroom.
+Seeing `seven_day` is a healthy state. Your Max plan is doing exactly what it's supposed to do: letting you keep working past short bursts of heavy use by absorbing them into the larger 7-day bucket. When your 5-hour window rolls forward enough, the claim on new requests will go back to `five_hour` on its own. If the 7-day bucket is painful, add more Claude subscriptions to the pool — each account has its own independent 5h/7d windows, and pool mode routes each request to the account with the most headroom.
 
 Standalone writeup: [Discussion #32 — why you see `representative-claim: seven_day` and why it's not a downgrade](https://github.com/askalf/dario/discussions/32).
 

package/dist/cc-oauth-detect.d.ts

@@ -28,7 +28,7 @@
  * "MANUAL_REDIRECT_URL" on platform.claude.com is only used when dario's
  * local HTTP server can't bind a port; dario never hits that path.)
  *
- * Results are cached per-binary-hash at ~/.dario/cc-oauth-cache-v4.json so
+ * Results are cached per-binary-hash at ~/.dario/cc-oauth-cache-v6.json so
  * startup only re-scans when the user upgrades Claude Code. The cache suffix
  * is bumped each time scope handling or the fallback config changes, so
  * upgrading dario picks up the new values without a manual cache clear.
@@ -46,6 +46,23 @@ export interface DetectedOAuthConfig {
     ccPath?: string;
     ccHash?: string;
 }
+/**
+ * Normalize the authorize URL to match what CC uses at runtime.
+ *
+ * The CC binary ships `CLAUDE_AI_AUTHORIZE_URL: "https://claude.com/cai/oauth/authorize"`
+ * as a literal string, but at runtime CC's `/login` opens
+ * `https://claude.ai/oauth/authorize` directly (empirically verified against
+ * CC v2.1.116 by tetsuco in dario#71). Historically the claude.com edge
+ * 307-redirected to claude.ai and the browser followed; recent Anthropic-side
+ * changes made the post-redirect validation start returning "Invalid request
+ * format", while direct requests to claude.ai continue to work. This normalizer
+ * rewrites the legacy URL wherever it appears (binary extraction, manual
+ * override, cached config) so dario matches CC's runtime behaviour.
+ *
+ * Intentionally narrow: only the exact legacy URL is rewritten. Any other
+ * operator-supplied URL (e.g. a staging endpoint via override) passes through.
+ */
+export declare function normalizeAuthorizeUrl(url: string): string;
 export declare const FALLBACK_FOR_DRIFT_CHECK: Readonly<DetectedOAuthConfig>;
 /**
  * Scan binary bytes for the PROD OAuth config block.

package/dist/cc-oauth-detect.js

@@ -28,7 +28,7 @@
  * "MANUAL_REDIRECT_URL" on platform.claude.com is only used when dario's
  * local HTTP server can't bind a port; dario never hits that path.)
  *
- * Results are cached per-binary-hash at ~/.dario/cc-oauth-cache-v4.json so
+ * Results are cached per-binary-hash at ~/.dario/cc-oauth-cache-v6.json so
  * startup only re-scans when the user upgrades Claude Code. The cache suffix
  * is bumped each time scope handling or the fallback config changes, so
  * upgrading dario picks up the new values without a manual cache clear.
@@ -42,36 +42,75 @@ import { existsSync } from 'node:fs';
 import { homedir, platform } from 'node:os';
 import { join, dirname } from 'node:path';
 import { createHash } from 'node:crypto';
+/**
+ * Normalize the authorize URL to match what CC uses at runtime.
+ *
+ * The CC binary ships `CLAUDE_AI_AUTHORIZE_URL: "https://claude.com/cai/oauth/authorize"`
+ * as a literal string, but at runtime CC's `/login` opens
+ * `https://claude.ai/oauth/authorize` directly (empirically verified against
+ * CC v2.1.116 by tetsuco in dario#71). Historically the claude.com edge
+ * 307-redirected to claude.ai and the browser followed; recent Anthropic-side
+ * changes made the post-redirect validation start returning "Invalid request
+ * format", while direct requests to claude.ai continue to work. This normalizer
+ * rewrites the legacy URL wherever it appears (binary extraction, manual
+ * override, cached config) so dario matches CC's runtime behaviour.
+ *
+ * Intentionally narrow: only the exact legacy URL is rewritten. Any other
+ * operator-supplied URL (e.g. a staging endpoint via override) passes through.
+ */
+export function normalizeAuthorizeUrl(url) {
+    if (url === 'https://claude.com/cai/oauth/authorize') {
+        return 'https://claude.ai/oauth/authorize';
+    }
+    return url;
+}
 // Last-resort fallback if CC binary can't be found or scanned.
 // These values are the CC v2.1.104 PROD OAuth config, extracted from
-// the `nh$` object in the shipped binary.
+// the `nh$` object in the shipped binary. authorizeUrl is normalized —
+// see normalizeAuthorizeUrl() above for why this matters (dario#71).
 const FALLBACK = {
     clientId: '9d1c250a-e61b-44d9-88ed-5944d1962f5e',
-    authorizeUrl: 'https://claude.com/cai/oauth/authorize',
+    authorizeUrl: 'https://claude.ai/oauth/authorize',
     tokenUrl: 'https://platform.claude.com/v1/oauth/token',
-    // Scopes match CC v2.1.107+ interactive login: the 5-scope user-only set.
-    // Between CC v2.1.104 and v2.1.107, Anthropic's authorize endpoint flipped
-    // its policy on `org:create_api_key` for this client_id — the shorter list
-    // is now the only accepted one, and the 6-scope form returns "Invalid
-    // request format". CC's own binary dropped `org:create_api_key` from the
-    // `n36` union to match. Dario #42 (tetsuco, 2026-04-17) surfaced this as
-    // a fresh-login failure on macOS against CC v2.1.107.
+    // Scopes match CC v2.1.116+ interactive login: the 6-scope set including
+    // `org:create_api_key` as the FIRST scope. We previously shipped only 5
+    // scopes based on dario#42's v2.1.107 observation — Anthropic had flipped
+    // to rejecting the 6-scope form and CC's own binary dropped
+    // `org:create_api_key` from its `n36` union. Between v2.1.107 and v2.1.116
+    // Anthropic flipped BACK: v2.1.116's `/login` opens the authorize URL with
+    // all 6 scopes (dario#71, tetsuco, 2026-04-23 — authorize URL diff across
+    // all three scope-variant tests confirmed CC's 6-scope list is the only
+    // one accepted by the current `claude.ai/oauth/authorize` endpoint for
+    // this client_id).
     //
-    // History: dario 3.2.7–3.4.3 once dropped this scope by mistake (misread
-    // of the "Console-only" name); 3.4.4 added it back after users hit auth
-    // failures with the dev client_id accepting it but prod rejecting. That
-    // situation has now inverted — prod rejects the longer list.
-    scopes: 'user:profile user:inference user:sessions:claude_code user:mcp_servers user:file_upload',
+    // Scope-list history on this client_id:
+    // - dario 3.2.7–3.4.3: 5 scopes (misread "Console-only" name), dropped
+    //   `org:create_api_key` wrongly. Users hit auth failures.
+    // - dario 3.4.4: 6 scopes restored after prod started rejecting 5.
+    // - dario 3.19.5: 5 scopes again, after prod rotated to rejecting 6 on
+    //   CC v2.1.107.
+    // - dario 3.31.4 (this): 6 scopes again, after prod rotated back on
+    //   CC v2.1.116.
+    //
+    // The scope list can't be extracted from the binary reliably (see
+    // extractFromBinary's comment). If Anthropic flips again the fix is one
+    // line here plus a cache-version bump.
+    scopes: 'org:create_api_key user:profile user:inference user:sessions:claude_code user:mcp_servers user:file_upload',
     source: 'fallback',
 };
 // Re-export of FALLBACK for scripts/check-cc-authorize-probe.mjs. The probe
 // needs the exact values the runtime uses — hardcoding them in the script
 // would drift out of sync silently.
 export const FALLBACK_FOR_DRIFT_CHECK = FALLBACK;
-// -v4 suffix invalidates v3.x caches populated with the 6-scope list that
-// Anthropic now rejects (dario #42). On upgrade, users regenerate the cache
-// with the new FALLBACK scopes automatically — no manual clear required.
-const CACHE_PATH = join(homedir(), '.dario', 'cc-oauth-cache-v4.json');
+// -v6 suffix invalidates -v5 caches populated with the 5-scope FALLBACK.
+// Those caches stored scopes from the FALLBACK copy at extract time, so
+// bumping FALLBACK.scopes without bumping the cache version would leave
+// upgraded users still hitting "Invalid request format" until they
+// manually deleted the cache file. On upgrade to v3.31.4 the cache
+// regenerates automatically with the 6-scope set (dario#71). Previous
+// bumps: -v3 → -v4 in v3.19.4 for 6→5 rotation (dario#42); -v4 → -v5 in
+// v3.31.3 for the authorize URL normalization.
+const CACHE_PATH = join(homedir(), '.dario', 'cc-oauth-cache-v6.json');
 const DEFAULT_OVERRIDE_PATH = join(homedir(), '.dario', 'oauth-config.override.json');
 function candidatePaths() {
     const home = homedir();
@@ -162,9 +201,16 @@ function applyManualOverride(config, override) {
         return config;
     warnOnNonHttpsOverride('authorizeUrl', override.authorizeUrl);
     warnOnNonHttpsOverride('tokenUrl', override.tokenUrl);
+    // Normalize any override-supplied authorizeUrl too — users who pasted the
+    // legacy claude.com URL into ~/.dario/oauth-config.override.json pre-#71
+    // shouldn't be silently broken after upgrade.
+    const normalizedOverride = { ...override };
+    if (normalizedOverride.authorizeUrl) {
+        normalizedOverride.authorizeUrl = normalizeAuthorizeUrl(normalizedOverride.authorizeUrl);
+    }
     return {
         ...config,
-        ...override,
+        ...normalizedOverride,
         source: 'override',
     };
 }
@@ -222,7 +268,7 @@ export function scanBinaryForOAuthConfig(buf) {
     let authorizeUrl = FALLBACK.authorizeUrl;
     const authMatch = /CLAUDE_AI_AUTHORIZE_URL\s*:\s*"([^"]+)"/.exec(prodBlock);
     if (authMatch && authMatch[1])
-        authorizeUrl = authMatch[1];
+        authorizeUrl = normalizeAuthorizeUrl(authMatch[1]);
     let tokenUrl = FALLBACK.tokenUrl;
     const tokenMatch = /TOKEN_URL\s*:\s*"(https:\/\/[^"]*\/oauth\/token[^"]*)"/.exec(prodBlock);
     if (tokenMatch && tokenMatch[1])

package/dist/live-fingerprint.d.ts

@@ -281,7 +281,7 @@ export declare function _resetInstalledVersionProbeForTest(): void;
  */
 export declare const SUPPORTED_CC_RANGE: {
     readonly min: "1.0.0";
-    readonly maxTested: "2.1.117";
+    readonly maxTested: "2.1.118";
 };
 /**
  * Compare two dotted-numeric version strings. Returns negative if `a<b`,

package/dist/live-fingerprint.js

@@ -730,7 +730,7 @@ export function _resetInstalledVersionProbeForTest() {
  */
 export const SUPPORTED_CC_RANGE = {
     min: '1.0.0',
-    maxTested: '2.1.117',
+    maxTested: '2.1.118',
 };
 /**
  * Compare two dotted-numeric version strings. Returns negative if `a<b`,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@askalf/dario",
-  "version": "3.31.2",
+  "version": "3.31.4",
   "description": "A local LLM router. One endpoint, every provider — Claude subscriptions, OpenAI, OpenRouter, Groq, local LiteLLM, any OpenAI-compat endpoint — your tools don't need to change.",
   "type": "module",
   "bin": {