@elvatis_com/openclaw-cli-bridge-elvatis 0.2.8 → 0.2.10

package/.ai/handoff/DASHBOARD.md

@@ -6,15 +6,15 @@ _Last updated: 2026-03-07_
 
 | Component | Version | Build | Tests | Status |
 |-----------|---------|-------|-------|--------|
-| openclaw-cli-bridge-elvatis | 0.2.7 | ✅ | 5/5 ✅ | ✅ Stable |
+| openclaw-cli-bridge-elvatis | 0.2.9 | ✅ | 5/5 ✅ | ✅ Stable |
 
 ## 🚀 Release State
 
 | Platform | Version | Status |
 |----------|---------|--------|
-| GitHub | v0.2.7 | ✅ Tagged + Release |
-| npm | 0.2.7 | ✅ Published |
-| ClawHub | 0.2.7 | ✅ Published |
+| GitHub | v0.2.9 | ✅ Tagged + Release |
+| npm | 0.2.9 | ✅ Published |
+| ClawHub | 0.2.9 | ✅ Published |
 
 ## 📋 Open Tasks
 
@@ -28,7 +28,8 @@ _Last updated: 2026-03-07_
 
 | Task | Title | Version |
 |------|-------|---------|
-| T-006 | Fix port leak: registerService stop() hook for proxy server | 0.2.6 |
+| T-007 | Critical: remove fuser -k, replace with safe health probe | 0.2.9 |
+| T-006 | Fix port leak: registerService stop() hook + closeAllConnections | 0.2.7 |
 | T-005 | Add openclaw.extensions to package.json | 0.2.6 |
 | T-004 | /cli-codex + /cli-codex-mini slash commands | 0.2.5 |
 | T-003 | /cli-back restore + /cli-test health check | 0.2.3 |

package/.ai/handoff/LOG.md

@@ -1,5 +1,29 @@
 # LOG.md — openclaw-cli-bridge-elvatis
 
+## 2026-03-08 — Session 3 (Akido / claude-sonnet-4-6)
+
+**Critical bug: Gateway SIGKILL via fuser (fixed in v0.2.9)**
+
+Root cause: `fuser -k 31337/tcp` (added in v0.2.8) sent SIGKILL to the gateway
+process itself during in-process hot-reloads. In hybrid reload mode, the same gateway
+process reloads the plugin. At that point, the gateway holds port 31337 (via the proxy
+it spawned earlier). `fuser -k` found the current gateway process as the port owner and
+killed it with SIGKILL — visible in systemd journal as `code=killed, status=9/KILL` with
+a 1.9G memory peak.
+
+Fix: replaced `fuser -k` with a safe health probe. Before binding, `GET /v1/models` is
+sent to the existing proxy. If it responds with 200, the proxy is reused silently
+(`[cli-bridge] proxy already running on :31337 — reusing`). If EADDRINUSE but no
+response (genuinely stale process), wait 1s and retry once. No process killing.
+
+**Release pipeline:**
+- v0.2.9 committed, tagged, pushed to GitHub
+- GitHub release: https://github.com/elvatis/openclaw-cli-bridge-elvatis/releases/tag/v0.2.9
+- npm: `@elvatis_com/openclaw-cli-bridge-elvatis@0.2.9`
+- ClawHub: `openclaw-cli-bridge-elvatis@0.2.9`
+
+---
+
 ## 2026-03-07 — Session 2 (Akido / claude-sonnet-4-6)
 
 **Bug: Port leak on gateway hot-reload (fixed in v0.2.6)**

package/.ai/handoff/NEXT_ACTIONS.md

@@ -33,7 +33,8 @@ _Last updated: 2026-03-07_
 
 | Task | Title | Date |
 |------|-------|------|
-| T-006 | Fix port leak: registerService stop() hook | 2026-03-07 |
+| T-007 | Critical: remove fuser -k, safe proxy reuse via health probe | 2026-03-08 |
+| T-006 | Fix port leak: registerService stop() hook + closeAllConnections | 2026-03-07 |
 | T-005 | Add openclaw.extensions to package.json | 2026-03-07 |
 | T-004 | /cli-codex + /cli-codex-mini | 2026-03-07 |
 | T-003 | /cli-back + /cli-test | 2026-03-07 |

package/.ai/handoff/STATUS.md

@@ -2,13 +2,13 @@
 
 _Last updated: 2026-03-07 by Akido (claude-sonnet-4-6)_
 
-## Current Version: 0.2.7 — STABLE
+## Current Version: 0.2.9 — STABLE
 
 ## What is done
 
 - ✅ Repo: `https://github.com/elvatis/openclaw-cli-bridge-elvatis`
-- ✅ npm: `@elvatis_com/openclaw-cli-bridge-elvatis@0.2.6`
-- ✅ ClawHub: `openclaw-cli-bridge-elvatis@0.2.6`
+- ✅ npm: `@elvatis_com/openclaw-cli-bridge-elvatis@0.2.9`
+- ✅ ClawHub: `openclaw-cli-bridge-elvatis@0.2.9`
 - ✅ Phase 1: `openai-codex` provider via `~/.codex/auth.json` (no re-login)
 - ✅ Phase 2: Local OpenAI-compatible proxy on `127.0.0.1:31337` (Gemini + Claude CLI)
 - ✅ Phase 3: 10 slash commands (`/cli-sonnet`, `/cli-opus`, `/cli-haiku`, `/cli-gemini`, `/cli-gemini-flash`, `/cli-gemini3`, `/cli-codex`, `/cli-codex-mini`, `/cli-back`, `/cli-test`)
@@ -17,11 +17,23 @@ _Last updated: 2026-03-07 by Akido (claude-sonnet-4-6)_
 - ✅ `registerService` stop() hook: closes proxy server on plugin teardown (fixes EADDRINUSE on hot-reload)
 - ✅ `openclaw.extensions` added to `package.json` (required for `openclaw plugins install`)
 
-## Bug Fixed (v0.2.6)
+## Bugs Fixed
 
-**Port leak on gateway hot-reload** — HTTP proxy server on port 31337 had no cleanup
-handler. On hot-reloads the old server kept the port bound, causing EADDRINUSE.
-Fixed with `registerService` stop() callback.
+### v0.2.9 — Critical: Gateway SIGKILL via fuser
+`fuser -k 31337/tcp` was sending SIGKILL to the gateway process itself during
+in-process hot-reloads. The gateway holds port 31337 (via the proxy it spawned),
+so `fuser` found it and killed it — explaining `status=9/KILL` in systemd journal.
+Fixed by replacing `fuser -k` with a safe health probe (`GET /v1/models`): if the
+existing proxy responds, reuse it silently. If EADDRINUSE but no response, wait 1s
+and retry once. No process killing involved.
+
+### v0.2.7–v0.2.8 — EADDRINUSE on hot-reload (partially fixed, superseded by v0.2.9)
+Added `closeAllConnections()` + `registerService` stop() hook. Port still leaked
+during systemd restarts due to race condition. v0.2.9 health-probe approach is the
+definitive fix.
+
+### v0.2.6 — Port leak on gateway hot-reload
+HTTP proxy server had no cleanup handler. Fixed with `registerService` stop() callback.
 
 ## Open Risks
 

package/README.md

@@ -2,7 +2,7 @@
 
 > OpenClaw plugin that bridges locally installed AI CLIs (Codex, Gemini, Claude Code) as model providers — with slash commands for instant model switching, restore, and health testing.
 
-**Current version:** `0.2.7`
+**Current version:** `0.2.9`
 
 ---
 
@@ -234,6 +234,24 @@ npm test            # vitest run (5 unit tests for formatPrompt)
 
 ## Changelog
 
+### v0.2.10
+- **docs:** Fix version labels in SKILL.md and README changelog (were stuck at 0.2.2/0.2.5)
+
+### v0.2.9
+- **fix:** Critical — replace `fuser -k 31337/tcp` with safe health probe (`GET /v1/models`)
+- Prevents gateway SIGKILL on in-process hot-reloads (systemd `status=9/KILL` was caused by `fuser` finding gateway itself holding the port)
+- If proxy responds → reuse it; if EADDRINUSE but no response → wait 1s, retry once
+
+### v0.2.8
+- **fix:** EADDRINUSE on every gateway restart — `closeAllConnections()` + `registerService` stop() hook (partially; superseded by v0.2.9 health-probe approach)
+
+### v0.2.7
+- **fix:** Port leak on gateway hot-reload — added `registerService` stop() callback to close proxy server on plugin teardown
+
+### v0.2.6
+- **fix:** `openclaw.extensions` added to `package.json` (required for `openclaw plugins install`)
+- Config patcher: auto-adds vllm provider to `openclaw.json` on first startup
+
 ### v0.2.5
 - **feat:** `/cli-codex` → `openai-codex/gpt-5.3-codex`
 - **feat:** `/cli-codex-mini` → `openai-codex/gpt-5.1-codex-mini`

package/SKILL.md

@@ -38,6 +38,10 @@ Six instant model-switch commands (authorized senders only):
 | `/cli-gemini` | `vllm/cli-gemini/gemini-2.5-pro` |
 | `/cli-gemini-flash` | `vllm/cli-gemini/gemini-2.5-flash` |
 | `/cli-gemini3` | `vllm/cli-gemini/gemini-3-pro` |
+| `/cli-codex` | `openai-codex/gpt-5.3-codex` |
+| `/cli-codex-mini` | `openai-codex/gpt-5.1-codex-mini` |
+| `/cli-back` | Restore previous model |
+| `/cli-test [model]` | Health check (no model switch) |
 
 Each command runs `openclaw models set <model>` atomically and replies with a confirmation.
 
@@ -49,4 +53,4 @@ Each command runs `openclaw models set <model>` atomically and replies with a co
 
 See `README.md` for full configuration reference and architecture diagram.
 
-**Version:** 0.2.2
+**Version:** 0.2.10

package/index.ts

@@ -354,24 +354,32 @@ const plugin = {
     let proxyServer: import("node:http").Server | null = null;
 
     if (enableProxy) {
-      // Before binding, evict any stale process holding our port.
-      // Port 31337 is exclusively ours — it's safe to kill whatever is on it.
-      // This handles the systemd restart race: new process starts before the old
-      // one's socket is fully released.
-      const evictPort = async (): Promise<void> => {
-        try {
-          const { execSync } = await import("node:child_process");
-          // fuser -k sends SIGKILL to whatever holds the TCP port
-          execSync(`fuser -k ${port}/tcp 2>/dev/null || true`, { stdio: "ignore" });
-          // Give the OS ~200ms to release the socket
-          await new Promise((r) => setTimeout(r, 200));
-          api.logger.info(`[cli-bridge] evicted stale listener on port ${port}`);
-        } catch {
-          // fuser not available or port was already free — ignore
-        }
+      // Probe whether a healthy proxy is already listening on our port.
+      // This handles hot-reloads where the previous plugin instance's server.close()
+      // may not have completed yet — rather than killing anything (dangerous: fuser -k
+      // can kill the gateway process itself during in-process hot-reloads), we just
+      // check if the existing server still responds and reuse it if so.
+      const probeExisting = (): Promise<boolean> => {
+        return new Promise((resolve) => {
+          const req = http.request(
+            { hostname: "127.0.0.1", port, path: "/v1/models", method: "GET",
+              headers: { Authorization: `Bearer ${apiKey}` } },
+            (res) => { res.resume(); resolve(res.statusCode === 200); }
+          );
+          req.setTimeout(800, () => { req.destroy(); resolve(false); });
+          req.on("error", () => resolve(false));
+          req.end();
+        });
       };
 
       const startProxy = async (): Promise<void> => {
+        // If a healthy proxy is already up, reuse it — no need to rebind.
+        const alive = await probeExisting();
+        if (alive) {
+          api.logger.info(`[cli-bridge] proxy already running on :${port} — reusing`);
+          return;
+        }
+
         try {
           const server = await startProxyServer({
             port,
@@ -393,25 +401,28 @@ const plugin = {
         } catch (err: unknown) {
           const msg = (err as Error).message ?? String(err);
           if (msg.includes("EADDRINUSE")) {
-            // fuser didn't work (e.g. not installed) — one last retry after 800ms
-            api.logger.warn(`[cli-bridge] port ${port} still busy after evict, retrying in 800ms…`);
-            await new Promise((r) => setTimeout(r, 800));
-            const server = await startProxyServer({
-              port,
-              apiKey,
-              timeoutMs,
-              log: (msg) => api.logger.info(msg),
-              warn: (msg) => api.logger.warn(msg),
-            });
-            proxyServer = server;
-            api.logger.info(`[cli-bridge] proxy ready on :${port} (retry)`);
+            // Port is busy but probe didn't respond — wait for the OS to release it
+            api.logger.warn(`[cli-bridge] port ${port} busy, waiting 1s for OS release…`);
+            await new Promise((r) => setTimeout(r, 1000));
+            // One final attempt
+            try {
+              const server = await startProxyServer({
+                port, apiKey, timeoutMs,
+                log: (msg) => api.logger.info(msg),
+                warn: (msg) => api.logger.warn(msg),
+              });
+              proxyServer = server;
+              api.logger.info(`[cli-bridge] proxy ready on :${port} (retry)`);
+            } catch (e2: unknown) {
+              api.logger.warn(`[cli-bridge] proxy unavailable after retry: ${(e2 as Error).message}`);
+            }
           } else {
             api.logger.warn(`[cli-bridge] proxy failed to start on port ${port}: ${msg}`);
           }
         }
       };
 
-      evictPort().then(startProxy).catch(() => {});
+      startProxy().catch(() => {});
     }
 
     // ── Cleanup: close proxy server on plugin stop (hot-reload / gateway restart) ──

package/openclaw.plugin.json

@@ -1,7 +1,7 @@
 {
   "id": "openclaw-cli-bridge-elvatis",
   "name": "OpenClaw CLI Bridge",
-  "version": "0.2.8",
+  "version": "0.2.10",
   "description": "Phase 1: openai-codex auth bridge. Phase 2: local HTTP proxy routing model calls through gemini/claude CLIs (vllm provider).",
   "providers": [
     "openai-codex"
@@ -36,4 +36,4 @@
       }
     }
   }
-}
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@elvatis_com/openclaw-cli-bridge-elvatis",
-  "version": "0.2.8",
+  "version": "0.2.10",
   "description": "Bridges gemini, claude, and codex CLI tools as OpenClaw model providers. Reads existing CLI auth without re-login.",
   "type": "module",
   "openclaw": {
@@ -19,4 +19,4 @@
     "typescript": "^5.9.3",
     "vitest": "^4.0.18"
   }
-}
+}

package/tsconfig.check.json

@@ -0,0 +1,7 @@
+{
+  "extends": "./tsconfig.json",
+  "compilerOptions": {
+    "noEmit": true
+  },
+  "include": ["index.ts", "src/**/*.ts", "test/**/*.ts"]
+}