@hypeitnow/opencode-claude-auth 1.6.0

package/dist/keychain.js

@@ -0,0 +1,365 @@
+import { execFileSync, execSync } from "node:child_process";
+import { chmodSync, readFileSync, writeFileSync } from "node:fs";
+import { homedir } from "node:os";
+import { join } from "node:path";
+import { log } from "./logger.js";
+const PRIMARY_SERVICE = "Claude Code-credentials";
+const RAW_KEY_SERVICE = "Claude Code";
+// Long-lived credentials synthesised from a raw `sk-ant-api03-...` API key in the
+// macOS Keychain have no embedded expiry or refresh token. We treat them as
+// valid for 1 year from first read, which matches the observed lifetime of
+// Anthropic-issued console API keys. The token is only rotated by the user
+// re-running `claude` (or manually editing the Keychain entry), so the next
+// keychain read will pick up the new value.
+const RAW_KEY_DEFAULT_TTL_MS = 365 * 24 * 60 * 60 * 1000;
+function parseRawApiKey(raw) {
+    const trimmed = raw.trim();
+    if (!trimmed)
+        return null;
+    if (!trimmed.startsWith("sk-ant-"))
+        return null;
+    return {
+        accessToken: trimmed,
+        refreshToken: "",
+        expiresAt: Date.now() + RAW_KEY_DEFAULT_TTL_MS,
+    };
+}
+function parseCredentials(raw) {
+    let parsed;
+    let parsedAsJson = true;
+    try {
+        parsed = JSON.parse(raw);
+    }
+    catch {
+        parsedAsJson = false;
+        parsed = null;
+    }
+    // Raw API keys in the `Claude Code` Keychain service are not wrapped in JSON.
+    // They are issued by the Anthropic console and are long-lived (no refresh
+    // token, no expiry). See `parseRawApiKey` for the exact format.
+    if (!parsedAsJson) {
+        const rawKey = parseRawApiKey(raw);
+        if (rawKey) {
+            log("credentials_parsed", {
+                format: "raw_api_key",
+                hasAccessToken: true,
+                hasRefreshToken: false,
+                hasExpiry: true,
+            });
+        }
+        else {
+            log("credentials_parsed", {
+                format: "unrecognised",
+                hasAccessToken: false,
+                hasRefreshToken: false,
+                hasExpiry: false,
+            });
+        }
+        return rawKey;
+    }
+    const data = parsed.claudeAiOauth ?? parsed;
+    const creds = data;
+    // Entries that only contain mcpOAuth are MCP server credentials, not user accounts
+    if (parsed.mcpOAuth && !creds.accessToken) {
+        return null;
+    }
+    if (typeof creds.accessToken !== "string" ||
+        typeof creds.refreshToken !== "string" ||
+        typeof creds.expiresAt !== "number") {
+        log("credentials_parsed", {
+            hasAccessToken: typeof creds.accessToken === "string",
+            hasRefreshToken: typeof creds.refreshToken === "string",
+            hasExpiry: typeof creds.expiresAt === "number",
+            isMcpOnly: false,
+        });
+        return null;
+    }
+    log("credentials_parsed", {
+        hasAccessToken: true,
+        hasRefreshToken: true,
+        hasExpiry: true,
+        isMcpOnly: false,
+    });
+    return {
+        accessToken: creds.accessToken,
+        refreshToken: creds.refreshToken,
+        expiresAt: creds.expiresAt,
+        subscriptionType: typeof creds.subscriptionType === "string"
+            ? creds.subscriptionType
+            : undefined,
+    };
+}
+function readKeychainService(serviceName) {
+    try {
+        const result = execSync(`security find-generic-password -s "${serviceName}" -w`, {
+            timeout: 2000,
+            encoding: "utf-8",
+        }).trim();
+        log("keychain_read", { service: serviceName, success: true });
+        return result;
+    }
+    catch (err) {
+        const error = err;
+        if (error.killed || error.code === "ETIMEDOUT") {
+            log("keychain_read_error", {
+                service: serviceName,
+                errorType: "timeout",
+            });
+            throw new Error("Keychain read timed out. This can happen on macOS Tahoe. Try restarting Keychain Access.", { cause: err });
+        }
+        if (error.status === 36) {
+            log("keychain_read_error", {
+                service: serviceName,
+                errorType: "locked",
+            });
+            throw new Error("macOS Keychain is locked. Please unlock it or run: security unlock-keychain ~/Library/Keychains/login.keychain-db", { cause: err });
+        }
+        if (error.status === 128) {
+            log("keychain_read_error", {
+                service: serviceName,
+                errorType: "denied",
+            });
+            throw new Error("Keychain access was denied. Please grant access when prompted by macOS.", { cause: err });
+        }
+        if (error.status === 44) {
+            log("keychain_read_error", {
+                service: serviceName,
+                errorType: "not_found",
+            });
+            return null; // item not found
+        }
+        log("keychain_read_error", {
+            service: serviceName,
+            errorType: `exit_${error.status ?? "unknown"}`,
+        });
+        throw new Error(`Failed to read Keychain entry "${serviceName}" (exit ${error.status ?? "unknown"}). Try re-authenticating with Claude Code.`, { cause: err });
+    }
+}
+function listClaudeKeychainServices() {
+    try {
+        const dump = execSync("security dump-keychain", {
+            timeout: 5000,
+            maxBuffer: 1024 * 1024 * 10, // 10 MB
+            encoding: "utf-8",
+        });
+        const services = [];
+        const seen = new Set();
+        // OAuth credentials live under `Claude Code-credentials` (with optional
+        // hex suffix for multi-account setups). Match exact and suffixed names
+        // only — uppercase hex or word suffixes are intentionally rejected.
+        const oauthRe = /"Claude Code-credentials(?:-[0-9a-f]+)?"/g;
+        let m = oauthRe.exec(dump);
+        while (m !== null) {
+            const svc = m[0].slice(1, -1);
+            if (!seen.has(svc)) {
+                seen.add(svc);
+                services.push(svc);
+            }
+            m = oauthRe.exec(dump);
+        }
+        // Raw API keys (e.g. `sk-ant-api03-...`) issued by `claude` live under
+        // the bare `Claude Code` service. Some claude CLI versions also stash
+        // additional metadata here, so we attempt to parse it on the read path.
+        if (!seen.has(RAW_KEY_SERVICE)) {
+            const rawKeyRe = new RegExp(`"${RAW_KEY_SERVICE}"`, "g");
+            if (rawKeyRe.test(dump)) {
+                seen.add(RAW_KEY_SERVICE);
+                services.push(RAW_KEY_SERVICE);
+            }
+        }
+        const ordered = [];
+        if (seen.has(PRIMARY_SERVICE))
+            ordered.push(PRIMARY_SERVICE);
+        for (const svc of services) {
+            if (svc !== PRIMARY_SERVICE)
+                ordered.push(svc);
+        }
+        log("keychain_list", { servicesFound: ordered });
+        return ordered;
+    }
+    catch (err) {
+        log("keychain_list", {
+            error: "Failed to list keychain services",
+            message: err instanceof Error ? err.message : String(err),
+        });
+        return [PRIMARY_SERVICE, RAW_KEY_SERVICE];
+    }
+}
+function readCredentialsFile() {
+    try {
+        const credPath = join(homedir(), ".claude", ".credentials.json");
+        const raw = readFileSync(credPath, "utf-8");
+        const creds = parseCredentials(raw);
+        log("credentials_file_read", { success: creds !== null });
+        return creds;
+    }
+    catch {
+        log("credentials_file_read", { success: false });
+        return null;
+    }
+}
+export function buildAccountLabels(credsList) {
+    const baseLabels = credsList.map((c) => {
+        if (c.subscriptionType) {
+            const tier = c.subscriptionType.charAt(0).toUpperCase() + c.subscriptionType.slice(1);
+            return `Claude ${tier}`;
+        }
+        return "Claude";
+    });
+    const counts = new Map();
+    for (const l of baseLabels)
+        counts.set(l, (counts.get(l) ?? 0) + 1);
+    const seen = new Map();
+    return baseLabels.map((base) => {
+        if ((counts.get(base) ?? 0) <= 1)
+            return base;
+        const n = (seen.get(base) ?? 0) + 1;
+        seen.set(base, n);
+        return `${base} ${n}`;
+    });
+}
+export function readAllClaudeAccounts() {
+    if (process.platform !== "darwin") {
+        const creds = readCredentialsFile();
+        if (!creds)
+            return [];
+        const [label] = buildAccountLabels([creds]);
+        return [{ label, source: "file", credentials: creds }];
+    }
+    const services = listClaudeKeychainServices();
+    const rawAccounts = [];
+    for (const svc of services) {
+        const raw = readKeychainService(svc);
+        if (!raw)
+            continue;
+        const creds = parseCredentials(raw);
+        if (!creds)
+            continue;
+        rawAccounts.push({ source: svc, credentials: creds });
+    }
+    if (rawAccounts.length === 0) {
+        const creds = readCredentialsFile();
+        if (creds)
+            rawAccounts.push({ source: "file", credentials: creds });
+    }
+    const labels = buildAccountLabels(rawAccounts.map((a) => a.credentials));
+    return rawAccounts.map((a, i) => ({
+        label: labels[i],
+        source: a.source,
+        credentials: a.credentials,
+    }));
+}
+export function updateCredentialBlob(existingJson, newCreds) {
+    let parsed;
+    try {
+        parsed = JSON.parse(existingJson);
+    }
+    catch {
+        return null;
+    }
+    const wrapper = parsed.claudeAiOauth;
+    const target = wrapper ?? parsed;
+    target.accessToken = newCreds.accessToken;
+    target.refreshToken = newCreds.refreshToken;
+    target.expiresAt = newCreds.expiresAt;
+    return JSON.stringify(parsed);
+}
+function getKeychainAccountName(serviceName) {
+    try {
+        const output = execFileSync("/usr/bin/security", ["find-generic-password", "-s", serviceName], { timeout: 2000, encoding: "utf-8", stdio: ["pipe", "pipe", "pipe"] });
+        const match = /"acct"<blob>="([^"]*)"/.exec(output);
+        if (match) {
+            log("keychain_account_name", {
+                service: serviceName,
+                account: match[1],
+            });
+            return match[1];
+        }
+        return null;
+    }
+    catch {
+        return null;
+    }
+}
+export function writeBackCredentials(source, creds) {
+    const newCreds = {
+        accessToken: creds.accessToken,
+        refreshToken: creds.refreshToken,
+        expiresAt: creds.expiresAt,
+    };
+    // The `Claude Code` Keychain service stores a raw `sk-ant-api03-...` API
+    // key, not a JSON OAuth blob. There is no refresh-token rotation to
+    // perform — the user has to regenerate the key out-of-band via `claude` or
+    // the Anthropic console — so writeback is intentionally a no-op for this
+    // source. A future `security add-generic-password` call would silently
+    // overwrite the user's real key with a JSON blob and break auth.
+    if (source === RAW_KEY_SERVICE) {
+        log("writeback_skipped", { source, reason: "raw_api_key" });
+        return false;
+    }
+    if (source === "file") {
+        try {
+            const credPath = join(homedir(), ".claude", ".credentials.json");
+            const raw = readFileSync(credPath, "utf-8");
+            const updated = updateCredentialBlob(raw, newCreds);
+            if (!updated)
+                return false;
+            writeFileSync(credPath, updated, { encoding: "utf-8", mode: 0o600 });
+            if (process.platform !== "win32") {
+                chmodSync(credPath, 0o600);
+            }
+            log("writeback_success", { source });
+            return true;
+        }
+        catch {
+            log("writeback_failed", { source });
+            return false;
+        }
+    }
+    if (process.platform === "darwin") {
+        try {
+            const raw = readKeychainService(source);
+            if (!raw)
+                return false;
+            const updated = updateCredentialBlob(raw, newCreds);
+            if (!updated)
+                return false;
+            // Discover the actual account name from the existing Keychain entry.
+            // Claude CLI uses the macOS username (e.g. "gmartin"), not the service name.
+            // Using the wrong account name creates a duplicate entry instead of updating.
+            const accountName = getKeychainAccountName(source) ?? source;
+            execFileSync("/usr/bin/security", [
+                "add-generic-password",
+                "-s",
+                source,
+                "-a",
+                accountName,
+                "-w",
+                updated,
+                "-U",
+            ], { timeout: 2000, stdio: "ignore" });
+            log("writeback_success", { source, accountName });
+            return true;
+        }
+        catch {
+            log("writeback_failed", { source });
+            return false;
+        }
+    }
+    return false;
+}
+export function refreshAccount(source) {
+    if (source === "file") {
+        return readCredentialsFile();
+    }
+    const raw = readKeychainService(source);
+    if (!raw)
+        return null;
+    return parseCredentials(raw);
+}
+/** @deprecated Use readAllClaudeAccounts() instead */
+export function readClaudeCredentials() {
+    const accounts = readAllClaudeAccounts();
+    return accounts.length > 0 ? accounts[0].credentials : null;
+}
+//# sourceMappingURL=keychain.js.map

package/dist/keychain.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"keychain.js","sourceRoot":"","sources":["../src/keychain.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAA;AAC3D,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AAChE,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AACjC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;AAChC,OAAO,EAAE,GAAG,EAAE,MAAM,aAAa,CAAA;AAejC,MAAM,eAAe,GAAG,yBAAyB,CAAA;AACjD,MAAM,eAAe,GAAG,aAAa,CAAA;AAErC,kFAAkF;AAClF,4EAA4E;AAC5E,2EAA2E;AAC3E,2EAA2E;AAC3E,4EAA4E;AAC5E,4CAA4C;AAC5C,MAAM,sBAAsB,GAAG,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAA;AAExD,SAAS,cAAc,CAAC,GAAW;IACjC,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,EAAE,CAAA;IAC1B,IAAI,CAAC,OAAO;QAAE,OAAO,IAAI,CAAA;IACzB,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAA;IAE/C,OAAO;QACL,WAAW,EAAE,OAAO;QACpB,YAAY,EAAE,EAAE;QAChB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,sBAAsB;KAC/C,CAAA;AACH,CAAC;AAED,SAAS,gBAAgB,CAAC,GAAW;IACnC,IAAI,MAAe,CAAA;IACnB,IAAI,YAAY,GAAG,IAAI,CAAA;IACvB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC1B,CAAC;IAAC,MAAM,CAAC;QACP,YAAY,GAAG,KAAK,CAAA;QACpB,MAAM,GAAG,IAAI,CAAA;IACf,CAAC;IAED,8EAA8E;IAC9E,0EAA0E;IAC1E,gEAAgE;IAChE,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,MAAM,GAAG,cAAc,CAAC,GAAG,CAAC,CAAA;QAClC,IAAI,MAAM,EAAE,CAAC;YACX,GAAG,CAAC,oBAAoB,EAAE;gBACxB,MAAM,EAAE,aAAa;gBACrB,cAAc,EAAE,IAAI;gBACpB,eAAe,EAAE,KAAK;gBACtB,SAAS,EAAE,IAAI;aAChB,CAAC,CAAA;QACJ,CAAC;aAAM,CAAC;YACN,GAAG,CAAC,oBAAoB,EAAE;gBACxB,MAAM,EAAE,cAAc;gBACtB,cAAc,EAAE,KAAK;gBACrB,eAAe,EAAE,KAAK;gBACtB,SAAS,EAAE,KAAK;aACjB,CAAC,CAAA;QACJ,CAAC;QACD,OAAO,MAAM,CAAA;IACf,CAAC;IAED,MAAM,IAAI,GAAI,MAAsC,CAAC,aAAa,IAAI,MAAM,CAAA;IAC5E,MAAM,KAAK,GAAG,IAMb,CAAA;IAED,mFAAmF;IACnF,IAAK,MAAiC,CAAC,QAAQ,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;QACtE,OAAO,IAAI,CAAA;IACb,CAAC;IAED,IACE,OAAO,KAAK,CAAC,WAAW,KAAK,QAAQ;QACrC,OAAO,KAAK,CAAC,YAAY,KAAK,QAAQ;QACtC,OAAO,KAAK,CAAC,SAAS,KAAK,QAAQ,EACnC,CAAC;QACD,GAAG,CAAC,oBAAoB,EAAE;YACxB,cAAc,EAAE,OAAO,KAAK,CAAC,WAAW,KAAK,QAAQ;YACrD,eAAe,EAAE,OAAO,KAAK,CAAC,YAAY,KAAK,QAAQ;YACvD,SAAS,EAAE,OAAO,KAAK,CAAC,SAAS,KAAK,QAAQ;YAC9C,SAAS,EAAE,KAAK;SACjB,CAAC,CAAA;QACF,OAAO,IAAI,CAAA;IACb,CAAC;IAED,GAAG,CAAC,oBAAoB,EAAE;QACxB,cAAc,EAAE,IAAI;QACpB,eAAe,EAAE,IAAI;QACrB,SAAS,EAAE,IAAI;QACf,SAAS,EAAE,KAAK;KACjB,CAAC,CAAA;IAEF,OAAO;QACL,WAAW,EAAE,KAAK,CAAC,WAAW;QAC9B,YAAY,EAAE,KAAK,CAAC,YAAY;QAChC,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,gBAAgB,EACd,OAAO,KAAK,CAAC,gBAAgB,KAAK,QAAQ;YACxC,CAAC,CAAC,KAAK,CAAC,gBAAgB;YACxB,CAAC,CAAC,SAAS;KAChB,CAAA;AACH,CAAC;AAED,SAAS,mBAAmB,CAAC,WAAmB;IAC9C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,QAAQ,CACrB,sCAAsC,WAAW,MAAM,EACvD;YACE,OAAO,EAAE,IAAI;YACb,QAAQ,EAAE,OAAO;SAClB,CACF,CAAC,IAAI,EAAE,CAAA;QACR,GAAG,CAAC,eAAe,EAAE,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAA;QAC7D,OAAO,MAAM,CAAA;IACf,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,MAAM,KAAK,GAAG,GAA2D,CAAA;QAEzE,IAAI,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;YAC/C,GAAG,CAAC,qBAAqB,EAAE;gBACzB,OAAO,EAAE,WAAW;gBACpB,SAAS,EAAE,SAAS;aACrB,CAAC,CAAA;YACF,MAAM,IAAI,KAAK,CACb,0FAA0F,EAC1F,EAAE,KAAK,EAAE,GAAG,EAAE,CACf,CAAA;QACH,CAAC;QACD,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YACxB,GAAG,CAAC,qBAAqB,EAAE;gBACzB,OAAO,EAAE,WAAW;gBACpB,SAAS,EAAE,QAAQ;aACpB,CAAC,CAAA;YACF,MAAM,IAAI,KAAK,CACb,mHAAmH,EACnH,EAAE,KAAK,EAAE,GAAG,EAAE,CACf,CAAA;QACH,CAAC;QACD,IAAI,KAAK,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YACzB,GAAG,CAAC,qBAAqB,EAAE;gBACzB,OAAO,EAAE,WAAW;gBACpB,SAAS,EAAE,QAAQ;aACpB,CAAC,CAAA;YACF,MAAM,IAAI,KAAK,CACb,yEAAyE,EACzE,EAAE,KAAK,EAAE,GAAG,EAAE,CACf,CAAA;QACH,CAAC;QACD,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YACxB,GAAG,CAAC,qBAAqB,EAAE;gBACzB,OAAO,EAAE,WAAW;gBACpB,SAAS,EAAE,WAAW;aACvB,CAAC,CAAA;YACF,OAAO,IAAI,CAAA,CAAC,iBAAiB;QAC/B,CAAC;QACD,GAAG,CAAC,qBAAqB,EAAE;YACzB,OAAO,EAAE,WAAW;YACpB,SAAS,EAAE,QAAQ,KAAK,CAAC,MAAM,IAAI,SAAS,EAAE;SAC/C,CAAC,CAAA;QACF,MAAM,IAAI,KAAK,CACb,kCAAkC,WAAW,WAAW,KAAK,CAAC,MAAM,IAAI,SAAS,4CAA4C,EAC7H,EAAE,KAAK,EAAE,GAAG,EAAE,CACf,CAAA;IACH,CAAC;AACH,CAAC;AAED,SAAS,0BAA0B;IACjC,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,QAAQ,CAAC,wBAAwB,EAAE;YAC9C,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,IAAI,GAAG,IAAI,GAAG,EAAE,EAAE,QAAQ;YACrC,QAAQ,EAAE,OAAO;SAClB,CAAC,CAAA;QAEF,MAAM,QAAQ,GAAa,EAAE,CAAA;QAC7B,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAA;QAE9B,wEAAwE;QACxE,uEAAuE;QACvE,oEAAoE;QACpE,MAAM,OAAO,GAAG,2CAA2C,CAAA;QAC3D,IAAI,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC1B,OAAO,CAAC,KAAK,IAAI,EAAE,CAAC;YAClB,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YAC7B,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBACnB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;gBACb,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YACpB,CAAC;YACD,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACxB,CAAC;QAED,uEAAuE;QACvE,sEAAsE;QACtE,wEAAwE;QACxE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC;YAC/B,MAAM,QAAQ,GAAG,IAAI,MAAM,CAAC,IAAI,eAAe,GAAG,EAAE,GAAG,CAAC,CAAA;YACxD,IAAI,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxB,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,CAAA;gBACzB,QAAQ,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;YAChC,CAAC;QACH,CAAC;QAED,MAAM,OAAO,GAAa,EAAE,CAAA;QAC5B,IAAI,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC;YAAE,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;QAC5D,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;YAC3B,IAAI,GAAG,KAAK,eAAe;gBAAE,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QAChD,CAAC;QACD,GAAG,CAAC,eAAe,EAAE,EAAE,aAAa,EAAE,OAAO,EAAE,CAAC,CAAA;QAChD,OAAO,OAAO,CAAA;IAChB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,GAAG,CAAC,eAAe,EAAE;YACnB,KAAK,EAAE,kCAAkC;YACzC,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;SAC1D,CAAC,CAAA;QACF,OAAO,CAAC,eAAe,EAAE,eAAe,CAAC,CAAA;IAC3C,CAAC;AACH,CAAC;AAED,SAAS,mBAAmB;IAC1B,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,mBAAmB,CAAC,CAAA;QAChE,MAAM,GAAG,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAA;QAC3C,MAAM,KAAK,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAA;QACnC,GAAG,CAAC,uBAAuB,EAAE,EAAE,OAAO,EAAE,KAAK,KAAK,IAAI,EAAE,CAAC,CAAA;QACzD,OAAO,KAAK,CAAA;IACd,CAAC;IAAC,MAAM,CAAC;QACP,GAAG,CAAC,uBAAuB,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAA;QAChD,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,SAA8B;IAC/D,MAAM,UAAU,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QACrC,IAAI,CAAC,CAAC,gBAAgB,EAAE,CAAC;YACvB,MAAM,IAAI,GACR,CAAC,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;YAC1E,OAAO,UAAU,IAAI,EAAE,CAAA;QACzB,CAAC;QACD,OAAO,QAAQ,CAAA;IACjB,CAAC,CAAC,CAAA;IAEF,MAAM,MAAM,GAAG,IAAI,GAAG,EAAkB,CAAA;IACxC,KAAK,MAAM,CAAC,IAAI,UAAU;QAAE,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAA;IAEnE,MAAM,IAAI,GAAG,IAAI,GAAG,EAAkB,CAAA;IACtC,OAAO,UAAU,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QAC7B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;YAAE,OAAO,IAAI,CAAA;QAC7C,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAA;QACnC,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAA;QACjB,OAAO,GAAG,IAAI,IAAI,CAAC,EAAE,CAAA;IACvB,CAAC,CAAC,CAAA;AACJ,CAAC;AAED,MAAM,UAAU,qBAAqB;IACnC,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAClC,MAAM,KAAK,GAAG,mBAAmB,EAAE,CAAA;QACnC,IAAI,CAAC,KAAK;YAAE,OAAO,EAAE,CAAA;QACrB,MAAM,CAAC,KAAK,CAAC,GAAG,kBAAkB,CAAC,CAAC,KAAK,CAAC,CAAC,CAAA;QAC3C,OAAO,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC,CAAA;IACxD,CAAC;IAED,MAAM,QAAQ,GAAG,0BAA0B,EAAE,CAAA;IAC7C,MAAM,WAAW,GACf,EAAE,CAAA;IAEJ,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;QAC3B,MAAM,GAAG,GAAG,mBAAmB,CAAC,GAAG,CAAC,CAAA;QACpC,IAAI,CAAC,GAAG;YAAE,SAAQ;QAClB,MAAM,KAAK,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAA;QACnC,IAAI,CAAC,KAAK;YAAE,SAAQ;QACpB,WAAW,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC,CAAA;IACvD,CAAC;IAED,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,MAAM,KAAK,GAAG,mBAAmB,EAAE,CAAA;QACnC,IAAI,KAAK;YAAE,WAAW,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC,CAAA;IACrE,CAAC;IAED,MAAM,MAAM,GAAG,kBAAkB,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAA;IACxE,OAAO,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QAChC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,CAAC,CAAC,MAAM;QAChB,WAAW,EAAE,CAAC,CAAC,WAAW;KAC3B,CAAC,CAAC,CAAA;AACL,CAAC;AAED,MAAM,UAAU,oBAAoB,CAClC,YAAoB,EACpB,QAA0E;IAE1E,IAAI,MAA+B,CAAA;IACnC,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAA;IACnC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAA;IACb,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,CAAC,aAAoD,CAAA;IAC3E,MAAM,MAAM,GAAG,OAAO,IAAI,MAAM,CAAA;IAEhC,MAAM,CAAC,WAAW,GAAG,QAAQ,CAAC,WAAW,CAAA;IACzC,MAAM,CAAC,YAAY,GAAG,QAAQ,CAAC,YAAY,CAAA;IAC3C,MAAM,CAAC,SAAS,GAAG,QAAQ,CAAC,SAAS,CAAA;IAErC,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;AAC/B,CAAC;AAED,SAAS,sBAAsB,CAAC,WAAmB;IACjD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,YAAY,CACzB,mBAAmB,EACnB,CAAC,uBAAuB,EAAE,IAAI,EAAE,WAAW,CAAC,EAC5C,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,CACtE,CAAA;QACD,MAAM,KAAK,GAAG,wBAAwB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QACnD,IAAI,KAAK,EAAE,CAAC;YACV,GAAG,CAAC,uBAAuB,EAAE;gBAC3B,OAAO,EAAE,WAAW;gBACpB,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;aAClB,CAAC,CAAA;YACF,OAAO,KAAK,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC;AAED,MAAM,UAAU,oBAAoB,CAClC,MAAc,EACd,KAAwB;IAExB,MAAM,QAAQ,GAAG;QACf,WAAW,EAAE,KAAK,CAAC,WAAW;QAC9B,YAAY,EAAE,KAAK,CAAC,YAAY;QAChC,SAAS,EAAE,KAAK,CAAC,SAAS;KAC3B,CAAA;IAED,yEAAyE;IACzE,oEAAoE;IACpE,2EAA2E;IAC3E,yEAAyE;IACzE,uEAAuE;IACvE,iEAAiE;IACjE,IAAI,MAAM,KAAK,eAAe,EAAE,CAAC;QAC/B,GAAG,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,CAAA;QAC3D,OAAO,KAAK,CAAA;IACd,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,mBAAmB,CAAC,CAAA;YAChE,MAAM,GAAG,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAA;YAC3C,MAAM,OAAO,GAAG,oBAAoB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;YACnD,IAAI,CAAC,OAAO;gBAAE,OAAO,KAAK,CAAA;YAC1B,aAAa,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAA;YACpE,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;gBACjC,SAAS,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAA;YAC5B,CAAC;YACD,GAAG,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;YACpC,OAAO,IAAI,CAAA;QACb,CAAC;QAAC,MAAM,CAAC;YACP,GAAG,CAAC,kBAAkB,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;YACnC,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IAED,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAClC,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAA;YACvC,IAAI,CAAC,GAAG;gBAAE,OAAO,KAAK,CAAA;YACtB,MAAM,OAAO,GAAG,oBAAoB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;YACnD,IAAI,CAAC,OAAO;gBAAE,OAAO,KAAK,CAAA;YAC1B,qEAAqE;YACrE,6EAA6E;YAC7E,8EAA8E;YAC9E,MAAM,WAAW,GAAG,sBAAsB,CAAC,MAAM,CAAC,IAAI,MAAM,CAAA;YAC5D,YAAY,CACV,mBAAmB,EACnB;gBACE,sBAAsB;gBACtB,IAAI;gBACJ,MAAM;gBACN,IAAI;gBACJ,WAAW;gBACX,IAAI;gBACJ,OAAO;gBACP,IAAI;aACL,EACD,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,QAAQ,EAAE,CACnC,CAAA;YACD,GAAG,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,CAAA;YACjD,OAAO,IAAI,CAAA;QACb,CAAC;QAAC,MAAM,CAAC;YACP,GAAG,CAAC,kBAAkB,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;YACnC,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,MAAc;IAC3C,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,mBAAmB,EAAE,CAAA;IAC9B,CAAC;IACD,MAAM,GAAG,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAA;IACvC,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAA;IACrB,OAAO,gBAAgB,CAAC,GAAG,CAAC,CAAA;AAC9B,CAAC;AAED,sDAAsD;AACtD,MAAM,UAAU,qBAAqB;IACnC,MAAM,QAAQ,GAAG,qBAAqB,EAAE,CAAA;IACxC,OAAO,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAA;AAC7D,CAAC"}

package/dist/logger.d.ts

@@ -0,0 +1,8 @@
+import type { Writable } from "node:stream";
+export declare function initLogger(options?: {
+    stream?: Writable;
+}): void;
+export declare function log(event: string, data?: Record<string, unknown>): void;
+export declare function closeLogger(): void;
+export declare function redact(data: Record<string, unknown>): Record<string, unknown>;
+//# sourceMappingURL=logger.d.ts.map

package/dist/logger.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.d.ts","sourceRoot":"","sources":["../src/logger.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAA;AAc3C,wBAAgB,UAAU,CAAC,OAAO,CAAC,EAAE;IAAE,MAAM,CAAC,EAAE,QAAQ,CAAA;CAAE,GAAG,IAAI,CAuBhE;AAED,wBAAgB,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAevE;AAED,wBAAgB,WAAW,IAAI,IAAI,CAIlC;AAqBD,wBAAgB,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAM7E"}

package/dist/logger.js

@@ -0,0 +1,74 @@
+import { appendFileSync, existsSync, mkdirSync, writeFileSync } from "node:fs";
+import { dirname, join } from "node:path";
+import { homedir } from "node:os";
+const JWT_PATTERN = /^eyJ[A-Za-z0-9_-]{10,}/;
+let mode = "disabled";
+let logFilePath = null;
+let logStream = null;
+function getDefaultLogPath() {
+    return join(homedir(), ".local", "share", "opencode", "claude-auth-debug.log");
+}
+export function initLogger(options) {
+    closeLogger();
+    if (options?.stream) {
+        mode = "stream";
+        logStream = options.stream;
+        return;
+    }
+    const envVal = process.env.CLAUDE_AUTH_DEBUG;
+    if (!envVal) {
+        mode = "disabled";
+        return;
+    }
+    mode = "file";
+    logFilePath = envVal === "1" ? getDefaultLogPath() : envVal;
+    const dir = dirname(logFilePath);
+    if (!existsSync(dir)) {
+        mkdirSync(dir, { recursive: true });
+    }
+    writeFileSync(logFilePath, "", "utf-8");
+}
+export function log(event, data) {
+    if (mode === "disabled")
+        return;
+    const entry = {
+        ts: new Date().toISOString(),
+        event,
+        ...redact(data ?? {}),
+    };
+    const line = JSON.stringify(entry) + "\n";
+    if (mode === "file" && logFilePath) {
+        appendFileSync(logFilePath, line, "utf-8");
+    }
+    else if (mode === "stream" && logStream) {
+        logStream.write(line);
+    }
+}
+export function closeLogger() {
+    mode = "disabled";
+    logFilePath = null;
+    logStream = null;
+}
+function redactValue(key, value) {
+    if (typeof value !== "string")
+        return value;
+    if (key === "refreshToken" || key === "x-api-key") {
+        return "REDACTED";
+    }
+    if (key === "accessToken") {
+        const prefix = value.slice(0, 8);
+        return `${prefix}...REDACTED`;
+    }
+    if (JWT_PATTERN.test(value)) {
+        return `${value.slice(0, 8)}...REDACTED`;
+    }
+    return value;
+}
+export function redact(data) {
+    const result = {};
+    for (const [key, value] of Object.entries(data)) {
+        result[key] = redactValue(key, value);
+    }
+    return result;
+}
+//# sourceMappingURL=logger.js.map

package/dist/logger.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.js","sourceRoot":"","sources":["../src/logger.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AAC9E,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;AACzC,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AAGjC,MAAM,WAAW,GAAG,wBAAwB,CAAA;AAI5C,IAAI,IAAI,GAAY,UAAU,CAAA;AAC9B,IAAI,WAAW,GAAkB,IAAI,CAAA;AACrC,IAAI,SAAS,GAAoB,IAAI,CAAA;AAErC,SAAS,iBAAiB;IACxB,OAAO,IAAI,CAAC,OAAO,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,UAAU,EAAE,uBAAuB,CAAC,CAAA;AAChF,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,OAA+B;IACxD,WAAW,EAAE,CAAA;IAEb,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;QACpB,IAAI,GAAG,QAAQ,CAAA;QACf,SAAS,GAAG,OAAO,CAAC,MAAM,CAAA;QAC1B,OAAM;IACR,CAAC;IAED,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAA;IAC5C,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,IAAI,GAAG,UAAU,CAAA;QACjB,OAAM;IACR,CAAC;IAED,IAAI,GAAG,MAAM,CAAA;IACb,WAAW,GAAG,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,iBAAiB,EAAE,CAAC,CAAC,CAAC,MAAM,CAAA;IAE3D,MAAM,GAAG,GAAG,OAAO,CAAC,WAAW,CAAC,CAAA;IAChC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACrB,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;IACrC,CAAC;IACD,aAAa,CAAC,WAAW,EAAE,EAAE,EAAE,OAAO,CAAC,CAAA;AACzC,CAAC;AAED,MAAM,UAAU,GAAG,CAAC,KAAa,EAAE,IAA8B;IAC/D,IAAI,IAAI,KAAK,UAAU;QAAE,OAAM;IAE/B,MAAM,KAAK,GAAG;QACZ,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC5B,KAAK;QACL,GAAG,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;KACtB,CAAA;IACD,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,IAAI,CAAA;IAEzC,IAAI,IAAI,KAAK,MAAM,IAAI,WAAW,EAAE,CAAC;QACnC,cAAc,CAAC,WAAW,EAAE,IAAI,EAAE,OAAO,CAAC,CAAA;IAC5C,CAAC;SAAM,IAAI,IAAI,KAAK,QAAQ,IAAI,SAAS,EAAE,CAAC;QAC1C,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACvB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,WAAW;IACzB,IAAI,GAAG,UAAU,CAAA;IACjB,WAAW,GAAG,IAAI,CAAA;IAClB,SAAS,GAAG,IAAI,CAAA;AAClB,CAAC;AAED,SAAS,WAAW,CAAC,GAAW,EAAE,KAAc;IAC9C,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAE3C,IAAI,GAAG,KAAK,cAAc,IAAI,GAAG,KAAK,WAAW,EAAE,CAAC;QAClD,OAAO,UAAU,CAAA;IACnB,CAAC;IAED,IAAI,GAAG,KAAK,aAAa,EAAE,CAAC;QAC1B,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;QAChC,OAAO,GAAG,MAAM,aAAa,CAAA;IAC/B,CAAC;IAED,IAAI,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QAC5B,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,aAAa,CAAA;IAC1C,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED,MAAM,UAAU,MAAM,CAAC,IAA6B;IAClD,MAAM,MAAM,GAA4B,EAAE,CAAA;IAC1C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QAChD,MAAM,CAAC,GAAG,CAAC,GAAG,WAAW,CAAC,GAAG,EAAE,KAAK,CAAC,CAAA;IACvC,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC"}

package/dist/model-config.d.ts

@@ -0,0 +1,22 @@
+export interface ModelOverride {
+    exclude?: string[];
+    add?: string[];
+    disableEffort?: boolean;
+}
+export interface ModelConfig {
+    ccVersion: string;
+    baseBetas: string[];
+    longContextBetas: string[];
+    modelOverrides: Record<string, ModelOverride>;
+}
+export declare const config: ModelConfig;
+/**
+ * Find the override entry matching a model ID.
+ * Keys are matched via includes() against the lowercased model ID.
+ *
+ * First-match-wins: if multiple keys match, only the first (by insertion
+ * order) is returned. List more specific keys before broader ones
+ * (e.g. "opus-4-6" before "opus") so they take priority.
+ */
+export declare function getModelOverride(modelId: string): ModelOverride | null;
+//# sourceMappingURL=model-config.d.ts.map

package/dist/model-config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"model-config.d.ts","sourceRoot":"","sources":["../src/model-config.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,aAAa;IAC5B,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;IAClB,GAAG,CAAC,EAAE,MAAM,EAAE,CAAA;IACd,aAAa,CAAC,EAAE,OAAO,CAAA;CACxB;AAED,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,EAAE,CAAA;IACnB,gBAAgB,EAAE,MAAM,EAAE,CAAA;IAC1B,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,CAAA;CAC9C;AAED,eAAO,MAAM,MAAM,EAAE,WA0BpB,CAAA;AAED;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,aAAa,GAAG,IAAI,CAMtE"}

package/dist/model-config.js

@@ -0,0 +1,44 @@
+export const config = {
+    ccVersion: "2.1.112",
+    baseBetas: [
+        "claude-code-20250219",
+        "oauth-2025-04-20",
+        "interleaved-thinking-2025-05-14",
+        "prompt-caching-scope-2026-01-05",
+        "context-management-2025-06-27",
+        "advisor-tool-2026-03-01",
+    ],
+    longContextBetas: [
+        "context-1m-2025-08-07",
+        "interleaved-thinking-2025-05-14",
+    ],
+    modelOverrides: {
+        haiku: {
+            exclude: ["interleaved-thinking-2025-05-14"],
+            disableEffort: true,
+        },
+        "4-6": {
+            add: ["effort-2025-11-24"],
+        },
+        "4-7": {
+            add: ["effort-2025-11-24"],
+        },
+    },
+};
+/**
+ * Find the override entry matching a model ID.
+ * Keys are matched via includes() against the lowercased model ID.
+ *
+ * First-match-wins: if multiple keys match, only the first (by insertion
+ * order) is returned. List more specific keys before broader ones
+ * (e.g. "opus-4-6" before "opus") so they take priority.
+ */
+export function getModelOverride(modelId) {
+    const lower = modelId.toLowerCase();
+    for (const [pattern, override] of Object.entries(config.modelOverrides)) {
+        if (lower.includes(pattern))
+            return override;
+    }
+    return null;
+}
+//# sourceMappingURL=model-config.js.map

package/dist/model-config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"model-config.js","sourceRoot":"","sources":["../src/model-config.ts"],"names":[],"mappings":"AAaA,MAAM,CAAC,MAAM,MAAM,GAAgB;IACjC,SAAS,EAAE,SAAS;IACpB,SAAS,EAAE;QACT,sBAAsB;QACtB,kBAAkB;QAClB,iCAAiC;QACjC,iCAAiC;QACjC,+BAA+B;QAC/B,yBAAyB;KAC1B;IACD,gBAAgB,EAAE;QAChB,uBAAuB;QACvB,iCAAiC;KAClC;IACD,cAAc,EAAE;QACd,KAAK,EAAE;YACL,OAAO,EAAE,CAAC,iCAAiC,CAAC;YAC5C,aAAa,EAAE,IAAI;SACpB;QACD,KAAK,EAAE;YACL,GAAG,EAAE,CAAC,mBAAmB,CAAC;SAC3B;QACD,KAAK,EAAE;YACL,GAAG,EAAE,CAAC,mBAAmB,CAAC;SAC3B;KACF;CACF,CAAA;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAAe;IAC9C,MAAM,KAAK,GAAG,OAAO,CAAC,WAAW,EAAE,CAAA;IACnC,KAAK,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,cAAc,CAAC,EAAE,CAAC;QACxE,IAAI,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC;YAAE,OAAO,QAAQ,CAAA;IAC9C,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC"}

package/dist/oauth.d.ts

@@ -0,0 +1,31 @@
+export declare const CLIENT_ID = "9d1c250a-e61b-44d9-88ed-5944d1962f5e";
+declare const AUTHORIZE_URLS: {
+    readonly console: "https://platform.claude.com/oauth/authorize";
+    readonly max: "https://claude.ai/oauth/authorize";
+};
+export type AuthorizeMode = keyof typeof AUTHORIZE_URLS;
+export type AuthResult = {
+    type: "success";
+    access: string;
+    refresh: string;
+    expires: number;
+} | {
+    type: "failed";
+};
+export declare function exchangeCode(callback: {
+    code: string;
+    state: string;
+}, verifier: string, redirectUri: string, expectedState?: string): Promise<AuthResult>;
+export declare function refreshTokens(refresh: string): Promise<AuthResult>;
+export declare function buildAuthorizationUrl(mode?: AuthorizeMode): Promise<{
+    url: string;
+    verifier: string;
+    state: string;
+    redirectUri: string;
+}>;
+export declare function parseCallback(input: string): {
+    code: string;
+    state: string;
+} | null;
+export {};
+//# sourceMappingURL=oauth.d.ts.map

package/dist/oauth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../src/oauth.ts"],"names":[],"mappings":"AAmBA,eAAO,MAAM,SAAS,yCAAyC,CAAA;AAC/D,QAAA,MAAM,cAAc;;;CAGV,CAAA;AAYV,MAAM,MAAM,aAAa,GAAG,MAAM,OAAO,cAAc,CAAA;AACvD,MAAM,MAAM,UAAU,GAClB;IACE,IAAI,EAAE,SAAS,CAAA;IACf,MAAM,EAAE,MAAM,CAAA;IACd,OAAO,EAAE,MAAM,CAAA;IACf,OAAO,EAAE,MAAM,CAAA;CAChB,GACD;IAAE,IAAI,EAAE,QAAQ,CAAA;CAAE,CAAA;AA2BtB,wBAAsB,YAAY,CAChC,QAAQ,EAAE;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,EACzC,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,MAAM,EACnB,aAAa,CAAC,EAAE,MAAM,GACrB,OAAO,CAAC,UAAU,CAAC,CA4CrB;AAED,wBAAsB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAqCxE;AAED,wBAAsB,qBAAqB,CACzC,IAAI,GAAE,aAAyB,GAC9B,OAAO,CAAC;IAAE,GAAG,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,WAAW,EAAE,MAAM,CAAA;CAAE,CAAC,CAkBhF;AAED,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAEnF"}