@askalf/dario 4.1.0 → 4.2.0

package/README.md

@@ -34,6 +34,8 @@ That's the whole setup. Every tool that honors those env vars now runs on your s
 
 **New in v4:** type `dario` (no args) in another terminal to open the interactive TUI — live request stream, per-model burn-rate, rate-limit utilization, and a config editor that writes to `~/.dario/config.json`. Migrating from v3? See [MIGRATION.md](MIGRATION.md).
 
+**New in v4.1 — overage-guard:** dario halts itself the moment a single response carries `representative-claim: overage` and returns 503 with a clean error body until you run `dario resume` or the cooldown clears. Subscribers should never see an overage hit during normal operation; one means something is wrong, and continuing to forward requests bleeds against per-token billing. Active protection by default; flip to warn-only with `--overage-behavior=warn` or off entirely with `--no-overage-guard`.
+
 ```
 ┌─ dario v4 ──────────────────────────[ q quit · Tab next · ? help ]──┐
 │  Status   Config   ▎Analytics▎   Hits   Accounts   Backends         │
@@ -154,6 +156,105 @@ Reclassification flips the request from `five_hour` (your subscription) to `over
 
 ---
 
+## What dario does when overage lands (v4.1)
+
+v4 made the billing bucket visible per-request in the TUI's Hits tab. v4.1 turns that visibility into active protection.
+
+The moment any upstream response carries `representative-claim: overage`, dario **halts the proxy**. Every subsequent `/v1/messages`, `/v1/complete`, `/v1/chat/completions` request returns `503` with an Anthropic-shaped error body the client surfaces verbatim:
+
+```json
+{
+  "type": "error",
+  "error": {
+    "type": "dario_overage_guard",
+    "message": "dario halted to prevent API-rate bleed. A request was classified as 'overage' (per-token billing) instead of your subscription pool. To resume: run `dario resume` in another terminal, or wait until <ISO ts> for the cooldown to auto-clear. Details: github.com/askalf/dario/issues/288"
+  }
+}
+```
+
+The state surfaces in four TUI tabs simultaneously — each answers a different question a user has when their bill suddenly starts moving:
+
+| Tab | Question it answers | What it renders |
+|---|---|---|
+| **Status** | What's happening RIGHT NOW? | `⚠ HALTED` banner with triggering request, cause, live countdown to auto-resume, manual-resume hint |
+| **Hits** | Which specific request triggered it? | Pinned banner across the top + red `!` marker + red row on the triggering request in the live buffer + 503-status row for any blocked-while-halted requests |
+| **Analytics** | How often is this happening across my traffic? | New "Overage" bar in the rate-limit cluster, alongside 5h/7d — red the moment count is non-zero |
+| **Config** | How do I tune this? | Four in-place-editable fields: `overageGuard.enabled`, `.behavior` (enum-validated halt/warn), `.cooldownMs`, `.notifyOs` |
+
+Status and Hits during an active halt:
+
+```
+┌─ dario v4.1 ────────────────────────[ q quit · Tab next · ? help ]──┐
+│  ▎Status▎  Config   Analytics   Hits   Accounts   Backends         │
+├─────────────────────────────────────────────────────────────────────┤
+│  Overage-guard                                                      │
+│  ⚠ HALTED   overage detected 12s ago                                │
+│    Request:        claude-opus-4-7  account=work                    │
+│    Cause:          representative-claim = overage                   │
+│    Auto-resume in  29m 48s                                          │
+│    Manual resume   press R here, or `dario resume` from any shell   │
+│                                                                     │
+│  Last refresh: just now. r refresh · R resume.                      │
+└─────────────────────────────────────────────────────────────────────┘
+```
+
+```
+┌─ dario v4.1 ────────────────────────[ q quit · Tab next · ? help ]──┐
+│  Status   Config   Analytics   ▎Hits▎   Accounts   Backends         │
+├─────────────────────────────────────────────────────────────────────┤
+│  Hits   248 buffered · live                                         │
+│                                                                     │
+│   ⚠ HALTED  overage detected at 15:54:28 on opus-4-7 acct=work      │
+│   → New /v1/messages return 503 until R here, or `dario resume`     │
+│                                                                     │
+│     time      model           in     out    lat     st              │
+│   ▎15:54:31  opus-4-7        2.1k   —     —      503                │
+│     15:54:29  haiku-4-5      120    24    0.3s   200                │
+│   ! 15:54:28  opus-4-7       1.4k   216   1.2s   200    ◀ red row   │
+│     15:54:25  sonnet-4-6     1.2k   480   0.8s   200                │
+│     15:54:20  opus-4-7       842    216   1.2s   200                │
+│   ──────────────────────────────────────────────────────────────    │
+│   Selected: 15:54:31  req_011Cb52VKMBsB6z6w28NvMn                   │
+│     Account:         work                                           │
+│     Model:           claude-opus-4-7                                │
+│     Billing bucket:  (halted before upstream — no claim)            │
+│     Status:          503  dario_overage_guard                       │
+└─────────────────────────────────────────────────────────────────────┘
+```
+
+Analytics — the burn-rate view, with the new Overage bar at the bottom of the rate-limit cluster (here showing one overage hit out of 248 — which is enough to halt by default):
+
+```
+┌─ dario v4.1 ────────────────────────[ q quit · Tab next · ? help ]──┐
+│  Status   Config   ▎Analytics▎   Hits   Accounts   Backends         │
+├─────────────────────────────────────────────────────────────────────┤
+│  Analytics — last 60 min                                            │
+│                                                                     │
+│   Requests:        248  (4.1/min)                                   │
+│   Tokens in:       142,830                                          │
+│   Tokens out:       38,200                                          │
+│   Subscription %:    99%                                            │
+│                                                                     │
+│  Rate-limit                                                         │
+│   5h       ████░░░░░░░░░░░░░░░░░░░░░░░░  18%                        │
+│   7d       ██░░░░░░░░░░░░░░░░░░░░░░░░░░   8%                        │
+│   Overage  █░░░░░░░░░░░░░░░░░░░░░░░░░░░   1 req of 248              │
+│            ⮤ red — the moment count is non-zero                     │
+│                                                                     │
+│  Billing                                                            │
+│   subscription           247 req                                    │
+│   extra_usage              1 req                                    │
+└─────────────────────────────────────────────────────────────────────┘
+```
+
+Why "halt at hit #1" is the right default: subscribers should never see a single overage response during normal operation. One means something is wrong — wire-shape drift, classifier change, account misconfig — and continuing to forward requests in the same shape bleeds real money for accounts with extra-usage enabled, or returns wall-of-rejections for accounts without it. The first hit is the signal; the second through hundredth are damage.
+
+**Resume paths** — `dario resume` from any shell, `R` on the TUI Status tab, or the cooldown timer (default 30 min). **Configuration** — `~/.dario/config.json` → `overageGuard`, or CLI flags (`--overage-behavior=warn` for visibility-only, `--no-overage-guard` to disable, `--overage-cooldown=<ms>` to tune). **OS notification** — best-effort native toast (osascript / notify-send / BurntToast) plus terminal BEL as the unconditional floor. See [#288](https://github.com/askalf/dario/issues/288).
+
+**Verified end-to-end live.** [`test/overage-guard-e2e-live.mjs`](./test/overage-guard-e2e-live.mjs) patches `globalThis.fetch` to mock the upstream, starts a real dario proxy in-process, and drives the five-stage halt cycle through real HTTP: subscription request flows → upstream returns overage → guard halts → next request returns 503 with the `dario_overage_guard` body → `POST /admin/resume` clears state → requests flow again. 20/20 assertions, 3 upstream calls intercepted (the halted request short-circuited at the request handler, never touched the upstream). Run with `node test/overage-guard-e2e-live.mjs`.
+
+---
+
 ## Does it actually work?
 
 Four LLMs reviewed the codebase cold, same prompt ([`reviews/PROMPT.md`](./reviews/PROMPT.md)), each signed a verdict:
@@ -235,9 +336,10 @@ The tool doesn't know. The backend doesn't know. Dario is the seam.
 - **Multi-account pool.** Drop 2+ Claude accounts in `~/.dario/accounts/` and pool mode auto-activates: every request routes to the account with the most headroom, multi-turn sessions pin to one account so the prompt cache survives, in-flight 429s fail over to a peer before your client sees an error. `dario accounts add work` / `dario accounts add personal`. → [`docs/multi-account-pool.md`](./docs/multi-account-pool.md)
 - **Behavioral stealth (`--stealth`).** Static wire fidelity covers *what* the request looks like; `--stealth` adds *when* it arrives — response-length-correlated think time and 1.2–4.2s session-start latency, the inter-arrival pattern real interactive sessions have and agent loops don't. → [`docs/wire-fidelity.md`](./docs/wire-fidelity.md)
 - **Runs any non-Claude-Code agent.** A 64-entry schema-verified `TOOL_MAP` pre-maps Cline, Roo, Kilo, Cursor, Windsurf, Continue, Copilot, OpenHands, OpenClaw, Hermes, [hands](https://github.com/askalf/hands) tool names to CC's native set. No flag, no validator errors. → [`docs/agent-compat.md`](./docs/agent-compat.md)
-- **Shim mode.** Take the proxy off the wire entirely — `dario shim -- claude --print "hi"` patches `globalThis.fetch` in-process. No HTTP hop, no port, no `BASE_URL`. → [`docs/shim.md`](./docs/shim.md)
+- **Shim mode** *(deprecated in v4.2; removal scheduled for v5.x)*. The original "no HTTP hop" path that patched `globalThis.fetch` inside a `dario shim -- <cmd>` child process. Empirically only matches 3 of the 8 wire-shape axes the billing classifier inspects (system blocks, agent identity, header order) and falls back to total passthrough when the client sends a 1-block system — which `claude -p` and Agent-SDK both do. Use **proxy mode** for any non-CC client; that's the only mode that rebuilds every request to CC's full canonical shape. Shim emits a deprecation banner on every invocation. See [CHANGELOG v4.2.0](./CHANGELOG.md) for the side-by-side fingerprint diff that drove this call.
 - **Recover output capability.** `dario proxy --system-prompt=partial` strips CC's tone/verbosity/no-comments constraints for 1.2–2.8× more output on open-ended work — empirically without flipping billing (the classifier doesn't read that slot). [Discussion #183](https://github.com/askalf/dario/discussions/183) has the per-prompt receipts. → [`docs/system-prompt.md`](./docs/system-prompt.md)
 - **Reachable from inside CC / any MCP client.** `dario subagent install` registers a CC sub-agent for in-session diagnostics; `dario mcp` exposes dario as a read-only MCP server. → [`docs/sub-agent.md`](./docs/sub-agent.md) · [`docs/mcp-server.md`](./docs/mcp-server.md)
+- **Active overage protection (v4.1).** Halts the proxy on any `representative-claim: overage` response and returns 503 to subsequent requests until you run `dario resume` or the cooldown clears. Visibility-only mode (`--overage-behavior=warn`) for operators who want the signal without disrupting traffic. Halt state visible in TUI Status/Hits/Analytics tabs, surfaced as named SSE events, and as a best-effort native desktop notification. [#288](https://github.com/askalf/dario/issues/288).
 
 ---
 
@@ -245,11 +347,11 @@ The tool doesn't know. The backend doesn't know. Dario is the seam.
 
 | Signal | Status |
 |---|---|
-| Source | **17,507** lines of TypeScript across **42** files — auditable in a weekend |
+| Source | **~18.5k** lines of TypeScript across **44** files — auditable in a weekend |
 | Dependencies | **0 runtime.** Verify: `npm ls --production` |
-| Provenance | Every release [SLSA-attested](https://www.npmjs.com/package/@askalf/dario) via GitHub Actions + Sigstore (v4.0.0 published 2026-05-16T11:46:01Z; Rekor logIndex `1553210791`) |
+| Provenance | Every release [SLSA-attested](https://www.npmjs.com/package/@askalf/dario) via GitHub Actions + Sigstore. v4.1.0 published 2026-05-16T15:13:24Z |
 | Scanning | [CodeQL](https://github.com/askalf/dario/actions/workflows/codeql.yml) on every push and weekly |
-| Tests | **2,080** assertions across 77 test files (71 in default `npm test` suite) — green on every release |
+| Tests | **80 test files**, **74 in default `npm test` suite** — green on every release |
 | Drift response | [`cc-drift-watch.yml`](./.github/workflows/cc-drift-watch.yml) hourly cron, [`cc-drift-auto-release.yml`](./.github/workflows/cc-drift-auto-release.yml) auto-publish on merge — median CC-release → dario-release under one hour |
 | Credentials | Never logged, redacted from errors, `0600` on disk in `0700` dirs; MCP server redacts at the tool boundary |
 | Network | Binds `127.0.0.1` by default; upstream only to configured backends over HTTPS; hardcoded SSRF allowlist |
@@ -273,7 +375,7 @@ cd $(npm root -g)/@askalf/dario && npm ls --production
 
 ## Commands
 
-`dario` (TUI) · `login` · `proxy` · `doctor` · `accounts {list,add,remove}` · `backend {list,add,remove}` · `shim` · `mcp` · `subagent {install,status,remove}` · `usage` · `config` · `upgrade` · `status` · `refresh` · `logout` · `help`
+`dario` (TUI) · `login` · `proxy` · `doctor` · `accounts {list,add,remove}` · `backend {list,add,remove}` · `shim` · `mcp` · `subagent {install,status,remove}` · `usage` · `config` · `upgrade` · `status` · `refresh` · `resume` · `logout` · `help`
 
 Full flag/env reference: [`docs/commands.md`](./docs/commands.md) · SDK examples + per-tool setup: [`docs/usage.md`](./docs/usage.md)
 
@@ -285,7 +387,10 @@ Full flag/env reference: [`docs/commands.md`](./docs/commands.md) · SDK example
 Mechanically, dario uses your existing Claude Code OAuth tokens — it authenticates you as you, with your subscription, through Anthropic's official endpoints. Whether any particular use complies with current terms is between you and Anthropic; consult their terms and your agreement. Independent, unofficial, third-party — see [DISCLAIMER.md](DISCLAIMER.md).
 
 **What does the v4 TUI actually do?**
-Open `dario` with no args. Six tabs: **Status** shows proxy health + OAuth expiry + config source; **Config** edits `~/.dario/config.json` in place (bool toggles inline, numbers/strings open a prompt, `s` saves); **Analytics** polls `/analytics` every 2s and renders per-model bars + rate-limit utilization + billing buckets; **Hits** subscribes to `/analytics/stream` SSE for the live request feed with per-record detail drilldown; **Accounts** lists the pool; **Backends** lists OpenAI-compat backends. Pure ANSI, zero new runtime deps. Migration from v3: [MIGRATION.md](MIGRATION.md).
+Open `dario` with no args. Six tabs: **Status** shows proxy health + OAuth expiry + config source + overage-guard state (v4.1: halt banner with countdown + `R` to resume); **Config** edits `~/.dario/config.json` in place (bool toggles inline, numbers/strings open a prompt, `s` saves); **Analytics** polls `/analytics` every 2s and renders per-model bars + rate-limit utilization + an Overage bar that's red the moment count is non-zero (v4.1); **Hits** subscribes to `/analytics/stream` SSE for the live request feed with per-record detail drilldown and a pinned halt banner when overage is detected (v4.1); **Accounts** lists the pool; **Backends** lists OpenAI-compat backends. Pure ANSI, zero new runtime deps. Migration from v3: [MIGRATION.md](MIGRATION.md).
+
+**What if a request lands in `overage` despite the wire-shape replay?**
+v4.1+ halts the proxy on the first overage response and returns 503 to subsequent requests until you investigate. See [What dario does when overage lands](#what-dario-does-when-overage-lands-v41). The TUI Status tab shows the triggering request + countdown to auto-resume; `dario resume` from any shell clears the halt immediately; `--overage-behavior=warn` switches to visibility-only mode if you'd rather see the signal than block traffic.
 
 **Do I need Claude Code installed?**
 Recommended, not required. With CC, `dario login` picks up credentials automatically and the live template extractor reads your binary on every startup. Without it, dario runs its own OAuth flow and falls back to the bundled (scrubbed) template snapshot.

package/dist/cli.js

@@ -216,8 +216,11 @@ async function resume() {
     catch (err) {
         const msg = err.message;
         // The proxy-not-running case is the common failure path; surface a
-        // friendly hint instead of a raw Node fetch error.
-        if (/ECONNREFUSED|fetch failed/i.test(msg)) {
+        // friendly hint instead of a raw fetch error. Match across runtimes:
+        //   - Node: 'ECONNREFUSED', 'fetch failed', 'ENOTFOUND', 'ETIMEDOUT'
+        //   - Bun:  'Unable to connect' (different fetch error wording)
+        //   - Both: 'connect EHOSTUNREACH', 'getaddrinfo' (DNS path)
+        if (/ECONNREFUSED|ENOTFOUND|ETIMEDOUT|EHOSTUNREACH|fetch failed|unable to connect|getaddrinfo/i.test(msg)) {
             console.error(`[dario] No proxy running on localhost:${port}. Start one with \`dario proxy\` (overage-guard state is per-process; there's nothing to resume on a stopped proxy).`);
             process.exit(1);
         }
@@ -1024,6 +1027,11 @@ async function help() {
     dario proxy [options]    Start the API proxy server
     dario status             Check authentication status
     dario refresh            Force token refresh
+    dario resume             Clear the overage-guard halt on a running proxy.
+                             v4.1.0+. Idempotent: returns "no-op" if the
+                             proxy isn't halted. Errors with a friendly hint
+                             if no proxy is running on localhost:3456.
+                             POSTs /admin/resume on the local proxy. (dario#288)
     dario logout             Remove saved credentials
     dario accounts list      List accounts in the multi-account pool
     dario accounts add NAME [--manual] [--from-keychain[=<target>]]
@@ -1045,8 +1053,13 @@ async function help() {
     dario backend add NAME --key=sk-... [--base-url=...]
                              Add an OpenAI-compat backend (OpenAI, OpenRouter, Groq, etc.)
     dario backend remove N   Remove an OpenAI-compat backend
-    dario shim -- CMD ARGS   Run CMD inside the dario shim (experimental,
-                             stealth fingerprint via in-process fetch patch)
+    dario shim -- CMD ARGS   [DEPRECATED — removal scheduled for v5.x]
+                             Run CMD with dario's fetch-patch in-process.
+                             Only replaces 3 of 8 billing-classifier axes
+                             (system blocks, agent identity, header order).
+                             Falls back to passthrough on 1-block system
+                             requests (\`claude -p\`, Agent SDK). Use proxy
+                             mode for non-CC clients. See CHANGELOG v4.2.0.
     dario subagent install   Register ~/.claude/agents/dario.md so Claude Code
                              can delegate dario diagnostics / template-refresh
                              operations to a named sub-agent (v3.26)
@@ -1281,6 +1294,37 @@ async function help() {
                              ceiling server-side, so too-high values
                              return a clean 400.
                              Env: DARIO_MAX_TOKENS. (dario#88)
+    --no-overage-guard       Disable the overage-guard (v4.1.0+). Default
+                             behavior halts the proxy on any response with
+                             representative-claim=overage and returns 503
+                             with an Anthropic-shaped error body until
+                             cooldown expires or \`dario resume\` clears
+                             the state. Subscribers should never see an
+                             overage hit during normal operation; one
+                             means something is wrong (wire drift,
+                             classifier change, account misconfig).
+                             Env: DARIO_OVERAGE_GUARD=off. (dario#288)
+    --overage-behavior=<halt|warn>
+                             Behavior when overage is detected (v4.1.0+):
+                               halt — return 503 to new /v1/messages
+                                      requests until resume / cooldown.
+                                      Default. Strongest protection.
+                               warn — emit events + OS notification only,
+                                      keep forwarding. Visibility mode for
+                                      operators who want the signal without
+                                      cutting off traffic.
+                             Env: DARIO_OVERAGE_BEHAVIOR.
+    --overage-cooldown=MS    Ms to wait before auto-clearing the halt
+                             state (v4.1.0+). Default: 1800000 (30 min).
+                             Manual \`dario resume\` clears immediately
+                             regardless of this value.
+                             Env: DARIO_OVERAGE_COOLDOWN.
+    --no-overage-notify      Suppress the native desktop notification on
+                             halt (v4.1.0+). Terminal BEL is the
+                             unconditional floor; TUI banner + SSE event
+                             still fire regardless. Use in headless / CI
+                             contexts where toast popups don't make sense.
+                             Env: DARIO_OVERAGE_NOTIFY=off.
     --port=PORT              Port to listen on (default: 3456)
     --host=ADDRESS           Address to bind to (default: 127.0.0.1)
                              Use 0.0.0.0 for LAN; see README for DARIO_API_KEY
@@ -1396,6 +1440,50 @@ async function shim() {
         console.error('         dario shim --priority=below-normal -- claude   (recommended on Windows when RDP\'d into the host)');
         process.exit(1);
     }
+    // v4.2.0+: shim mode is DEPRECATED — set for removal in v5.x.
+    //
+    // The empirical reason (verified by side-by-side fingerprint diff of
+    // shim's `_rewriteBody` against the proxy's `buildCCRequest` — see
+    // CHANGELOG v4.2.0 entry): shim mode only replaces 3 of the 8 axes
+    // Anthropic's billing classifier actually inspects (system blocks,
+    // agent identity, header order). It leaves the client's JSON key
+    // order, max_tokens value, metadata billing tag, and any non-CC
+    // fields (temperature, top_p, service_tier) unchanged on the wire.
+    // And on the most-common claude -p / Agent-SDK request shape (which
+    // sends a 1-block system, not the 3-block shape shim's shape-check
+    // hardcodes), shim silently falls back to total passthrough — sending
+    // the client's raw body to api.anthropic.com with zero replay.
+    //
+    // For interactive CC (`dario shim -- claude`), this is mostly a no-op
+    // because CC's own outbound already matches every axis dario would
+    // synthesize. But for any non-CC client (`dario shim -- aider`,
+    // `dario shim -- cline`, your own scripts), shim mode does not deliver
+    // the wire fidelity the README claims.
+    //
+    // We warn loudly here instead of silently breaking, and point users
+    // at proxy mode. Set DARIO_SHIM_NO_DEPRECATION_WARNING=1 to suppress
+    // the banner for scripts that need the exit-code semantics but have
+    // already migrated their understanding.
+    if (process.env['DARIO_SHIM_NO_DEPRECATION_WARNING'] !== '1') {
+        console.error('');
+        console.error('[dario] ⚠ DEPRECATION: `dario shim` is deprecated in v4.2 and scheduled for removal in v5.x.');
+        console.error('[dario]');
+        console.error('[dario] Shim mode only matches a subset of the wire-shape axes Anthropic\'s billing classifier');
+        console.error('[dario] inspects. Specifically, it does not normalize JSON key order, max_tokens, metadata');
+        console.error('[dario] billing-tag, or non-CC body fields. On `claude -p` / Agent-SDK style requests (1-block');
+        console.error('[dario] system), shim falls back to total passthrough — the client\'s raw body reaches the');
+        console.error('[dario] upstream unchanged.');
+        console.error('[dario]');
+        console.error('[dario] Use proxy mode instead, which rebuilds every request to CC\'s exact wire shape:');
+        console.error('[dario]');
+        console.error('[dario]   Terminal 1:  dario proxy');
+        console.error('[dario]   Terminal 2:  ANTHROPIC_BASE_URL=http://localhost:3456 \\');
+        console.error('[dario]                ANTHROPIC_API_KEY=dario \\');
+        console.error('[dario]                ' + childArgs.join(' '));
+        console.error('[dario]');
+        console.error('[dario] To suppress this banner: DARIO_SHIM_NO_DEPRECATION_WARNING=1');
+        console.error('');
+    }
     const { runShim } = await import('./shim/host.js');
     try {
         const result = await runShim({

package/dist/tui/tabs/config.js

@@ -217,15 +217,45 @@ function commitEdit(state) {
             if (!Number.isFinite(n)) {
                 return { ...state, editBuffer: null, statusMessage: `Not a number: "${state.editBuffer}"`, statusKind: 'error' };
             }
+            // Path-specific guards. cooldownMs must be non-negative — silently
+            // dropping a bad value on next config-file load is correct but lets
+            // the user save an invalid file. Surface immediately. (v4.1.1)
+            if (f.path === 'overageGuard.cooldownMs' && n < 0) {
+                return { ...state, editBuffer: null, statusMessage: `overageGuard.cooldownMs must be >= 0 (got ${n})`, statusKind: 'error' };
+            }
             parsed = n;
         }
     }
+    else if (f.type === 'string') {
+        // String enums: validate so we reject bad input at commit time rather
+        // than let the proxy's sanitize() silently drop it on next load. v4.1.1
+        // adds the overageGuard.behavior enum; future enums register here.
+        const enumValues = STRING_ENUMS[f.path];
+        if (enumValues && !enumValues.includes(state.editBuffer)) {
+            return {
+                ...state,
+                editBuffer: null,
+                statusMessage: `${f.label} must be one of: ${enumValues.join(', ')} (got "${state.editBuffer}")`,
+                statusKind: 'error',
+            };
+        }
+        parsed = state.editBuffer;
+    }
     else {
         parsed = state.editBuffer;
     }
     const next = setByPath(state.config, f.path, parsed);
     return { ...state, config: next, editBuffer: null, statusMessage: `Updated ${f.label}.`, statusKind: 'success' };
 }
+/**
+ * Allowed values for string-enum fields. Keyed by FIELDS path. Anything
+ * absent here is treated as free-text (no enum validation). v4.1.1+ —
+ * additive: registering a new entry forces enum validation on the next
+ * commit without touching the rest of the editor.
+ */
+const STRING_ENUMS = {
+    'overageGuard.behavior': ['halt', 'warn'],
+};
 function doSave(state) {
     try {
         saveConfig(undefined, { ...state.config, version: CONFIG_SCHEMA_VERSION });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@askalf/dario",
-  "version": "4.1.0",
+  "version": "4.2.0",
   "description": "Use your Claude Pro/Max subscription in any tool — Cursor, Cline, Aider, the Agent SDK, your scripts — at subscription pricing, not per-token API bills. One local Anthropic + OpenAI-compatible endpoint.",
   "type": "module",
   "bin": {