npm - @elvatis_com/openclaw-cli-bridge-elvatis - Versions diffs - 0.2.14 → 0.2.15 - Mend

@elvatis_com/openclaw-cli-bridge-elvatis 0.2.14 → 0.2.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/.ai/handoff/STATUS.md CHANGED Viewed

@@ -1,42 +1,49 @@
 # STATUS.md — openclaw-cli-bridge-elvatis
-_Last updated: 2026-03-07 by Akido (claude-sonnet-4-6)_
+_Last updated: 2026-03-08 by Akido (claude-sonnet-4-6)_
-## Current Version: 0.2.14 — STABLE
+## Current Version: 0.2.15 — STABLE
 ## What is done
 - ✅ Repo: `https://github.com/elvatis/openclaw-cli-bridge-elvatis`
-- ✅ npm: `@elvatis_com/openclaw-cli-bridge-elvatis@0.2.14`
-- ✅ ClawHub: `openclaw-cli-bridge-elvatis@0.2.14`
+- ✅ npm: `@elvatis_com/openclaw-cli-bridge-elvatis@0.2.15`
+- ✅ ClawHub: `openclaw-cli-bridge-elvatis@0.2.15`
 - ✅ Phase 1: `openai-codex` provider via `~/.codex/auth.json` (no re-login)
 - ✅ Phase 2: Local OpenAI-compatible proxy on `127.0.0.1:31337` (Gemini + Claude CLI)
 - ✅ Phase 3: 10 slash commands (`/cli-sonnet`, `/cli-opus`, `/cli-haiku`, `/cli-gemini`, `/cli-gemini-flash`, `/cli-gemini3`, `/cli-codex`, `/cli-codex-mini`, `/cli-back`, `/cli-test`)
 - ✅ Config patcher: auto-adds vllm provider to `openclaw.json` on first startup
 - ✅ Prompt delivery via stdin (no E2BIG, no Gemini agentic mode)
-- ✅ `registerService` stop() hook: closes proxy server on plugin teardown (fixes EADDRINUSE on hot-reload)
-- ✅ `openclaw.extensions` added to `package.json` (required for `openclaw plugins install`)
+- ✅ `registerService` stop() hook: closes proxy server on plugin teardown
+- ✅ `requireAuth: false` on all commands — webchat + WhatsApp authorized via gateway `commands.allowFrom`
+- ✅ `vllm/` prefix stripping in `routeToCliRunner` — accepts both `vllm/cli-claude/...` and bare `cli-claude/...`
+- ✅ End-to-end tested (2026-03-08): claude-sonnet-4-6 ✅ claude-haiku-4-5 ✅ gemini-2.5-flash ✅ gemini-2.5-pro ✅ codex ✅
+## Known Operational Notes
+- **Claude CLI auth expires** — token lifetime ~90 days. When `/cli-test` returns 401, run `claude auth login` on the server to refresh.
+- Config patcher writes `openclaw.json` directly → triggers one gateway restart on first install (expected, one-time only)
+- ClawHub publish ignores `.clawhubignore` — use rsync workaround (see CONVENTIONS.md)
 ## Bugs Fixed
+### v0.2.14 — vllm/ prefix not stripped in model router
+`routeToCliRunner` received full provider path `vllm/cli-claude/...` from OpenClaw
+but only checked for `cli-claude/...` — caused "Unknown CLI bridge model" on all requests.
+Fixed by stripping the `vllm/` prefix before routing.
+### v0.2.13 — requireAuth blocking webchat commands
+All `/cli-*` commands had `requireAuth: true`. Plugin-level auth checks `isAuthorizedSender`
+via a different resolution path than `commands.allowFrom` config — webchat senders were
+never authorized. Fixed by setting `requireAuth: false`; gateway-level `commands.allowFrom`
+is the correct security layer.
 ### v0.2.9 — Critical: Gateway SIGKILL via fuser
 `fuser -k 31337/tcp` was sending SIGKILL to the gateway process itself during
-in-process hot-reloads. The gateway holds port 31337 (via the proxy it spawned),
-so `fuser` found it and killed it — explaining `status=9/KILL` in systemd journal.
-Fixed by replacing `fuser -k` with a safe health probe (`GET /v1/models`): if the
-existing proxy responds, reuse it silently. If EADDRINUSE but no response, wait 1s
-and retry once. No process killing involved.
+in-process hot-reloads. Fixed by replacing `fuser -k` with a safe health probe.
-### v0.2.7–v0.2.8 — EADDRINUSE on hot-reload (partially fixed, superseded by v0.2.9)
-Added `closeAllConnections()` + `registerService` stop() hook. Port still leaked
-during systemd restarts due to race condition. v0.2.9 health-probe approach is the
-definitive fix.
+### v0.2.7–v0.2.8 — EADDRINUSE on hot-reload
+Added `closeAllConnections()` + `registerService` stop() hook.
 ### v0.2.6 — Port leak on gateway hot-reload
-HTTP proxy server had no cleanup handler. Fixed with `registerService` stop() callback.
-## Open Risks
-- `openai-codex/gpt-5.4` returns 401 missing scope `model.request` — external (OpenAI account scope), not plugin code
-- Config patcher writes `openclaw.json` directly → triggers one gateway restart on first install (expected, one-time only)
-- ClawHub publish ignores `.clawhubignore` — use rsync workaround (see CONVENTIONS.md)
+HTTP proxy server had no cleanup handler.

package/README.md CHANGED Viewed

@@ -2,7 +2,7 @@
 > OpenClaw plugin that bridges locally installed AI CLIs (Codex, Gemini, Claude Code) as model providers — with slash commands for instant model switching, restore, and health testing.
-**Current version:** `0.2.14`
+**Current version:** `0.2.15`
 ---
@@ -234,8 +234,20 @@ npm test            # vitest run (5 unit tests for formatPrompt)
 ## Changelog
+### v0.2.15
+- **docs:** Rewrite changelog (entries for v0.2.12–v0.2.14 were corrupted by repeated sed version bumps); all providers verified working (Claude, Gemini, Codex)
+- **docs:** Update STATUS.md with end-to-end test results
 ### v0.2.14
-- **docs:** Fix changelog (v0.2.10 entry was lost by sed, v0.2.11 description was wrong); enforce single-commit publish discipline
+- **fix:** Strip `vllm/` prefix in `routeToCliRunner` — OpenClaw sends full provider path (`vllm/cli-claude/...`) but proxy router expected bare `cli-claude/...`; caused "Unknown CLI bridge model" on all requests
+- **test:** Add 4 routing tests covering both prefixed and non-prefixed model paths (9 tests total)
+### v0.2.13
+- **fix:** Set `requireAuth: false` on all `/cli-*` commands — webchat senders were always blocked because plugin-level auth uses a different resolution path than `commands.allowFrom` config; gateway-level allowlist is the correct security layer
+- **fix:** Hardcoded `version: "0.2.5"` in plugin object (`index.ts`) — now tracks `package.json`
+### v0.2.12
+- **docs:** Fix changelog continuity — v0.2.10 entry was lost, v0.2.11 description was wrong; all entries now accurate
 ### v0.2.11
 - **docs:** Fix README `Current version` header (was stuck at 0.2.9 after 0.2.10 bump)

package/SKILL.md CHANGED Viewed

@@ -53,4 +53,4 @@ Each command runs `openclaw models set <model>` atomically and replies with a co
 See `README.md` for full configuration reference and architecture diagram.
-**Version:** 0.2.14
+**Version:** 0.2.15

package/index.ts CHANGED Viewed

@@ -277,7 +277,7 @@ function proxyTestRequest(
 const plugin = {
   id: "openclaw-cli-bridge-elvatis",
   name: "OpenClaw CLI Bridge",
-  version: "0.2.14",
+  version: "0.2.15",
   description:
     "Phase 1: openai-codex auth bridge. " +
     "Phase 2: HTTP proxy for gemini/claude CLIs. " +

package/openclaw.plugin.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "id": "openclaw-cli-bridge-elvatis",
   "name": "OpenClaw CLI Bridge",
-  "version": "0.2.14",
+  "version": "0.2.15",
   "description": "Phase 1: openai-codex auth bridge. Phase 2: local HTTP proxy routing model calls through gemini/claude CLIs (vllm provider).",
   "providers": [
     "openai-codex"

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@elvatis_com/openclaw-cli-bridge-elvatis",
-  "version": "0.2.14",
+  "version": "0.2.15",
   "description": "Bridges gemini, claude, and codex CLI tools as OpenClaw model providers. Reads existing CLI auth without re-login.",
   "type": "module",
   "openclaw": {