@askalf/dario 4.8.18 → 4.8.20

package/README.md

@@ -12,7 +12,7 @@
   <a href="https://x.com/ask_alf"><img src="https://img.shields.io/badge/follow-@ask_alf-1da1f2?style=flat-square" alt="Follow on X"></a>
 </p>
 
-<p align="center"><em>Zero runtime dependencies · <a href="https://www.npmjs.com/package/@askalf/dario">SLSA-attested</a> every release · nothing phones home · ~18.5k lines you can read in a weekend · independent, unofficial, third-party (<a href="DISCLAIMER.md">DISCLAIMER.md</a>)</em></p>
+<p align="center"><em>Zero runtime dependencies · <a href="https://www.npmjs.com/package/@askalf/dario">SLSA-attested</a> every release · nothing phones home · ~18.8k lines you can read in a weekend · independent, unofficial, third-party (<a href="DISCLAIMER.md">DISCLAIMER.md</a>)</em></p>
 
 ---
 
@@ -67,7 +67,7 @@ Type `dario` with no args (in another terminal) to open a full-screen control pa
 │  Tokens out:      38,200               Subscription %:  98%         │
 │                                                                     │
 │  Per-model:                                                         │
-│   opus-4-7      ████████████████████░  72%  (178 req)               │
+│   opus-4-8      ████████████████████░  72%  (178 req)               │
 │   sonnet-4-6    █████░░░░░░░░░░░░░░░░  22%  ( 54 req)               │
 │   haiku-4-5     █░░░░░░░░░░░░░░░░░░░░   6%  ( 15 req)               │
 │                                                                     │
@@ -123,9 +123,11 @@ Two layers, separated:
 1. **Tiered pricing is fine.** Anthropic can charge differently for first-party use vs. third-party use. Every SaaS does this.
 2. **Hiding the tier from the customer is not.** When the public docs say "1M context available on Sonnet/Opus" but the auth layer rejects every attempt to access it on the OAuth path most subscribers use — when the billing classifier silently flips your request to overage without saying which signal triggered it — that's information asymmetry weaponized into product design.
 
-OpenAI does this cleanly: ChatGPT Plus is a chat product, the API is a separate metered product, you choose. Anthropic uses one URL and a hidden classifier. **dario's job is to make the classifier visible.**
+Both vendors sell the same two products: a flat-rate subscription and a metered API. OpenAI keeps them physically separate — ChatGPT Plus is chat-only with no API surface; the API is a different product with its own key; you pick one. Anthropic separates them too, but its **subscription** is reached through the *same API-shaped interface* Claude Code uses, and which bucket a request bills to — subscription vs. metered overage — is decided by an **undocumented classifier** reading signals in the request, not by you choosing a product.
 
-We don't bypass auth. We don't fake who you are. We replay the exact wire shape Claude Code emits — captured live from your installed binary — so the classifier sees what it expects. That's a transparency tool, not a circumvention tool. Your subscription is doing what your subscription does; you're authenticating as you.
+dario makes that classifier's inputs explicit. Your identity and auth are real and untouched: it uses your own subscription credentials, impersonates no user, breaks no login. What it changes is the **client** fingerprint — it rebuilds each request into the exact wire shape Claude Code emits (captured live from your installed binary) so the classifier routes it to the subscription pool no matter which tool actually sent it.
+
+Be clear-eyed about what that is. It's a transparency tool in one real sense — it documents and exposes a classifier Anthropic keeps hidden. It's also, plainly, routing through your subscription traffic that Anthropic's gate is built to meter. Both are true. dario is unofficial and unaffiliated ([DISCLAIMER.md](./DISCLAIMER.md)) — decide with both in view.
 
 ---
 
@@ -195,7 +197,7 @@ So the moment any upstream response carries `representative-claim: overage`, dar
 ├─────────────────────────────────────────────────────────────────────┤
 │  Overage-guard                                                      │
 │  ⚠ HALTED   overage detected 12s ago                                │
-│    Request:        claude-opus-4-7  account=work                    │
+│    Request:        claude-opus-4-8  account=work                    │
 │    Cause:          representative-claim = overage                   │
 │    Auto-resume in  29m 48s                                          │
 │    Manual resume   press R here, or `dario resume` from any shell   │
@@ -222,7 +224,7 @@ Tune via `~/.dario/config.json` → `overageGuard`, or CLI flags: `--overage-beh
 
 | Signal | Status |
 |---|---|
-| Source | **~18.5k** lines of TypeScript across **44** files — auditable in a weekend |
+| Source | **~18.8k** lines of TypeScript across **44** files — auditable in a weekend |
 | Dependencies | **0 runtime.** Verify: `npm ls --production` |
 | Provenance | Every release [SLSA-attested](https://www.npmjs.com/package/@askalf/dario) via GitHub Actions + Sigstore |
 | Scanning | [CodeQL](https://github.com/askalf/dario/actions/workflows/codeql.yml) on every push and weekly |
@@ -240,11 +242,13 @@ cd $(npm root -g)/@askalf/dario && npm ls --production
 
 ---
 
-## Project status — maintenance mode
+## Project status — stable surface, automated defense
+
+dario's surface is feature-complete and stable: the proxy, the TUI, the multi-account pool, the overage guard, the 2026-06-15 cliff protection. What *isn't* stable is the thing it defends against. Anthropic ships wire-shape and classifier changes with no subscriber changelog, on no schedule — so the part of dario that runs unattended is the part that keeps your subscription routing the day they do, and it runs every day.
 
-As of **2026-05-19**, dario is in maintenance mode. New feature work has stopped; what runs unattended is the part that keeps your subscription routing intact — the [three drift watchers](#how-it-works-and-how-it-stays-working), the PR-time compat gate, the auto-release pipeline (with an idempotency gate that backfills any registry that lagged), the daily NPM_TOKEN health monitor, and the billing-classifier canary. Residual manual cases — OAuth credential rotation, runner re-registration, ghcr backfill — are in the [recovery runbook](./docs/recovery.md).
+That defense is live: [three drift watchers](#how-it-works-and-how-it-stays-working) (npm-release hourly, remote-config every 30 min, classifier-rule daily), a PR-time compat gate that runs the full suite against a live proxy before any wire-shape change merges, a liveness alarm if a watcher goes quiet, a daily NPM_TOKEN health check, and an auto-release pipeline that median-ships a fix under an hour after a CC release. When Anthropic moves, the watchers catch it within a release cycle, the bot opens the PR, the maintainer reviews and merges — the receipt log above is that machinery doing its job. Residual manual cases — OAuth rotation, runner re-registration, ghcr backfill — live in the [recovery runbook](./docs/recovery.md).
 
-The proxy, TUI, multi-account pool, overage guard, and 2026-06-15 cliff protection are all stable surface. If Anthropic ships something new, the watchers + compat suite catch it within a release cycle and the maintainer reviews the bot-PR. Feature velocity moved to the [askalf platform](https://askalf.org) — a self-hosted AI workforce that uses dario as its LLM substrate.
+New *product* work happens on the [askalf platform](https://askalf.org), a self-hosted AI workforce built on dario. dario itself doesn't need new features — it has one job, and keeping the truth about a moving target current is a job that never stops.
 
 ---
 

package/dist/cc-template.d.ts

@@ -272,11 +272,16 @@ export declare const VALID_EFFORT_VALUES: ReadonlyArray<EffortValue>;
  *   - mid-May 2026:            effort = 'high'    (dario#87 pinned to match)
  *   - May 17 2026, CC 2.1.143: effort = 'xhigh'   (verified by capture-full-body.mjs)
  *
- *   undefined → 'xhigh' (current CC wire default)
+ *   undefined → 'max' (highest *universally*-supported level. CC's own wire
+ *               default is 'xhigh', but that's Opus-only — Sonnet/Haiku-class
+ *               400 on 'xhigh' ("supported: high|low|max|medium"). 'max' is
+ *               accepted by all and still routes to the subscription pool
+ *               (verified: representative-claim=five_hour on Opus + Sonnet).
+ *               Set --effort=xhigh / DARIO_EFFORT=xhigh for Opus's extra tier.)
  *   'low' / 'medium' / 'high' / 'xhigh' / 'max' → pin to that value
  *   'ultracode' → 'xhigh' (CC's ultracode mode; xhigh on the wire)
  *   'client' → extract from `clientBody.output_config.effort` (normalized
- *              for the wire); fall back to 'xhigh' if absent/non-string
+ *              for the wire); fall back to 'max' if absent/non-string
  *
  * Exported for tests.
  */

package/dist/cc-template.js

@@ -910,23 +910,28 @@ function normalizeEffortForWire(effort) {
  *   - mid-May 2026:            effort = 'high'    (dario#87 pinned to match)
  *   - May 17 2026, CC 2.1.143: effort = 'xhigh'   (verified by capture-full-body.mjs)
  *
- *   undefined → 'xhigh' (current CC wire default)
+ *   undefined → 'max' (highest *universally*-supported level. CC's own wire
+ *               default is 'xhigh', but that's Opus-only — Sonnet/Haiku-class
+ *               400 on 'xhigh' ("supported: high|low|max|medium"). 'max' is
+ *               accepted by all and still routes to the subscription pool
+ *               (verified: representative-claim=five_hour on Opus + Sonnet).
+ *               Set --effort=xhigh / DARIO_EFFORT=xhigh for Opus's extra tier.)
  *   'low' / 'medium' / 'high' / 'xhigh' / 'max' → pin to that value
  *   'ultracode' → 'xhigh' (CC's ultracode mode; xhigh on the wire)
  *   'client' → extract from `clientBody.output_config.effort` (normalized
- *              for the wire); fall back to 'xhigh' if absent/non-string
+ *              for the wire); fall back to 'max' if absent/non-string
  *
  * Exported for tests.
  */
 export function resolveEffort(flag, clientBody) {
     if (flag === undefined)
-        return 'xhigh';
+        return 'max';
     if (flag === 'client') {
         const clientOC = clientBody.output_config;
         const clientEffort = clientOC?.effort;
         if (typeof clientEffort === 'string' && clientEffort.length > 0)
             return normalizeEffortForWire(clientEffort);
-        return 'xhigh';
+        return 'max';
     }
     return normalizeEffortForWire(flag);
 }

package/dist/live-fingerprint.d.ts

@@ -282,7 +282,7 @@ export declare function _resetInstalledVersionProbeForTest(): void;
  */
 export declare const SUPPORTED_CC_RANGE: {
     readonly min: "1.0.0";
-    readonly maxTested: "2.1.157";
+    readonly maxTested: "2.1.158";
 };
 /**
  * Compare two dotted-numeric version strings. Returns negative if `a<b`,

package/dist/live-fingerprint.js

@@ -786,7 +786,7 @@ export function _resetInstalledVersionProbeForTest() {
  */
 export const SUPPORTED_CC_RANGE = {
     min: '1.0.0',
-    maxTested: '2.1.157',
+    maxTested: '2.1.158',
 };
 /**
  * Compare two dotted-numeric version strings. Returns negative if `a<b`,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@askalf/dario",
-  "version": "4.8.18",
+  "version": "4.8.20",
   "description": "Use your Claude Pro/Max subscription in any tool — Cursor, Cline, Aider, the Agent SDK, your scripts — at subscription pricing, not per-token API bills. One local Anthropic + OpenAI-compatible endpoint.",
   "type": "module",
   "bin": {