@kaitranntt/ccs 7.37.0-dev.2 → 7.37.0

package/dist/cliproxy/executor/index.js

@@ -1,669 +0,0 @@
-"use strict";
-/**
- * CLIProxy Executor - Main Orchestrator
- *
- * Coordinates the full execution flow:
- * 1. Configuration resolution and validation
- * 2. Binary management and remote proxy checks
- * 3. Authentication and account management
- * 4. Proxy lifecycle (spawn/detect/join)
- * 5. Environment setup and proxy chains
- * 6. Claude CLI execution with cleanup handlers
- */
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.findAvailablePort = exports.isPortAvailable = exports.execClaudeWithCLIProxy = void 0;
-const child_process_1 = require("child_process");
-const fs = __importStar(require("fs"));
-const os = __importStar(require("os"));
-const progress_indicator_1 = require("../../utils/progress-indicator");
-const ui_1 = require("../../utils/ui");
-const shell_executor_1 = require("../../utils/shell-executor");
-const binary_manager_1 = require("../binary-manager");
-const config_generator_1 = require("../config-generator");
-const remote_proxy_client_1 = require("../remote-proxy-client");
-const auth_handler_1 = require("../auth-handler");
-const types_1 = require("../types");
-const platform_detector_1 = require("../platform-detector");
-const model_config_1 = require("../model-config");
-const proxy_config_resolver_1 = require("../proxy-config-resolver");
-const model_catalog_1 = require("../model-catalog");
-const codex_reasoning_proxy_1 = require("../codex-reasoning-proxy");
-const tool_sanitization_proxy_1 = require("../tool-sanitization-proxy");
-const account_manager_1 = require("../account-manager");
-const websearch_manager_1 = require("../../utils/websearch-manager");
-const unified_config_loader_1 = require("../../config/unified-config-loader");
-const https_tunnel_proxy_1 = require("../https-tunnel-proxy");
-// Import modular components
-const lifecycle_manager_1 = require("./lifecycle-manager");
-const env_resolver_1 = require("./env-resolver");
-const retry_handler_1 = require("./retry-handler");
-const session_bridge_1 = require("./session-bridge");
-const websearch_manager_2 = require("../../utils/websearch-manager");
-/** Default executor configuration */
-const DEFAULT_CONFIG = {
-    port: config_generator_1.CLIPROXY_DEFAULT_PORT,
-    timeout: 5000,
-    verbose: false,
-    pollInterval: 100,
-};
-/**
- * Execute Claude CLI with CLIProxy (main entry point)
- *
- * @param claudeCli Path to Claude CLI executable
- * @param provider CLIProxy provider (gemini, codex, agy, qwen)
- * @param args Arguments to pass to Claude CLI
- * @param config Optional executor configuration
- */
-async function execClaudeWithCLIProxy(claudeCli, provider, args, config = {}) {
-    // Filter out undefined values to prevent overwriting defaults
-    const filteredConfig = Object.fromEntries(Object.entries(config).filter(([, v]) => v !== undefined));
-    const cfg = { ...DEFAULT_CONFIG, ...filteredConfig };
-    const verbose = cfg.verbose || args.includes('--verbose') || args.includes('-v');
-    // Validate Claude CLI exists before proceeding
-    if (!fs.existsSync(claudeCli)) {
-        console.error((0, ui_1.fail)(`Claude CLI not found at: ${claudeCli}`));
-        console.error('    Run "ccs doctor --fix" to reinstall or check your PATH');
-        process.exit(1);
-    }
-    const log = (msg) => {
-        if (verbose) {
-            console.error(`[cliproxy] ${msg}`);
-        }
-    };
-    // 0. Resolve proxy configuration (CLI > ENV > config.yaml > defaults)
-    const unifiedConfig = (0, unified_config_loader_1.loadOrCreateUnifiedConfig)();
-    // 0a. Runtime backend/provider validation
-    const backend = unifiedConfig.cliproxy?.backend ?? platform_detector_1.DEFAULT_BACKEND;
-    if (backend === 'original' && types_1.PLUS_ONLY_PROVIDERS.includes(provider)) {
-        console.error('');
-        console.error((0, ui_1.fail)(`${provider} requires CLIProxyAPIPlus backend`));
-        console.error('');
-        console.error('To use this provider, either:');
-        console.error('  1. Set `cliproxy.backend: plus` in ~/.ccs/config.yaml');
-        console.error('  2. Use --backend=plus flag: ccs ' + provider + ' --backend=plus');
-        console.error('');
-        throw new Error(`Provider ${provider} requires Plus backend`);
-    }
-    const cliproxyServerConfig = unifiedConfig.cliproxy_server;
-    const { config: proxyConfig, remainingArgs: argsWithoutProxy } = (0, proxy_config_resolver_1.resolveProxyConfig)(args, {
-        remote: cliproxyServerConfig?.remote
-            ? {
-                enabled: cliproxyServerConfig.remote.enabled,
-                host: cliproxyServerConfig.remote.host,
-                port: cliproxyServerConfig.remote.port,
-                protocol: cliproxyServerConfig.remote.protocol,
-                auth_token: cliproxyServerConfig.remote.auth_token,
-                timeout: cliproxyServerConfig.remote.timeout,
-            }
-            : undefined,
-        local: cliproxyServerConfig?.local
-            ? {
-                port: cliproxyServerConfig.local.port,
-                auto_start: cliproxyServerConfig.local.auto_start,
-            }
-            : undefined,
-    });
-    // Port resolution and validation
-    if (cfg.port && cfg.port !== config_generator_1.CLIPROXY_DEFAULT_PORT) {
-        if (proxyConfig.port !== config_generator_1.CLIPROXY_DEFAULT_PORT) {
-            cfg.port = proxyConfig.port;
-        }
-    }
-    else if (proxyConfig.port !== config_generator_1.CLIPROXY_DEFAULT_PORT) {
-        cfg.port = proxyConfig.port;
-    }
-    cfg.port = (0, config_generator_1.validatePort)(cfg.port);
-    log(`Proxy mode: ${proxyConfig.mode}`);
-    if (proxyConfig.mode === 'remote') {
-        log(`Remote host: ${proxyConfig.host}:${proxyConfig.port} (${proxyConfig.protocol})`);
-    }
-    // Setup WebSearch hooks
-    (0, websearch_manager_1.ensureMcpWebSearch)();
-    (0, websearch_manager_1.installWebSearchHook)();
-    (0, websearch_manager_1.displayWebSearchStatus)();
-    const providerConfig = (0, config_generator_1.getProviderConfig)(provider);
-    log(`Provider: ${providerConfig.displayName}`);
-    // Check remote proxy if configured
-    let useRemoteProxy = false;
-    if (proxyConfig.mode === 'remote' && proxyConfig.host) {
-        const status = await (0, remote_proxy_client_1.checkRemoteProxy)({
-            host: proxyConfig.host,
-            port: proxyConfig.port,
-            protocol: proxyConfig.protocol,
-            authToken: proxyConfig.authToken,
-            timeout: proxyConfig.timeout ?? 2000,
-            allowSelfSigned: proxyConfig.allowSelfSigned ?? false,
-        });
-        if (status.reachable) {
-            useRemoteProxy = true;
-            console.log((0, ui_1.ok)(`Connected to remote proxy at ${proxyConfig.host}:${proxyConfig.port} (${status.latencyMs}ms)`));
-        }
-        else {
-            console.error((0, ui_1.warn)(`Remote proxy unreachable: ${status.error}`));
-            if (proxyConfig.remoteOnly) {
-                throw new Error('Remote proxy unreachable and --remote-only specified');
-            }
-            if (proxyConfig.fallbackEnabled) {
-                if (proxyConfig.autoStartLocal) {
-                    console.log((0, ui_1.info)('Falling back to local proxy...'));
-                }
-                else {
-                    if (process.stdin.isTTY) {
-                        const readline = await Promise.resolve().then(() => __importStar(require('readline')));
-                        const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
-                        const answer = await new Promise((resolve) => {
-                            rl.question('Start local proxy instead? [Y/n] ', resolve);
-                        });
-                        rl.close();
-                        if (answer.toLowerCase() === 'n') {
-                            throw new Error('Remote proxy unreachable and user declined fallback');
-                        }
-                    }
-                    console.log((0, ui_1.info)('Starting local proxy...'));
-                }
-            }
-            else {
-                throw new Error('Remote proxy unreachable and fallback disabled');
-            }
-        }
-    }
-    // Variables for local proxy mode
-    let binaryPath;
-    let sessionId;
-    // 1. Ensure binary exists (downloads if needed) - SKIP for remote mode
-    if (!useRemoteProxy) {
-        const spinner = new progress_indicator_1.ProgressIndicator('Preparing CLIProxy');
-        spinner.start();
-        try {
-            binaryPath = await (0, binary_manager_1.ensureCLIProxyBinary)(verbose);
-            spinner.succeed('CLIProxy binary ready');
-        }
-        catch (error) {
-            spinner.fail('Failed to prepare CLIProxy');
-            const err = error;
-            if ((0, retry_handler_1.isNetworkError)(err)) {
-                (0, retry_handler_1.handleNetworkError)(err);
-            }
-            throw error;
-        }
-    }
-    // 2. Handle special flags (simplified flag parsing - full implementation continues below)
-    const forceAuth = argsWithoutProxy.includes('--auth');
-    const pasteCallback = argsWithoutProxy.includes('--paste-callback');
-    const portForward = argsWithoutProxy.includes('--port-forward');
-    const forceHeadless = argsWithoutProxy.includes('--headless');
-    if (pasteCallback && portForward) {
-        console.error((0, ui_1.fail)('Cannot use --paste-callback with --port-forward'));
-        console.error('    --paste-callback: Manually paste OAuth redirect URL');
-        console.error('    --port-forward: Use SSH port forwarding for callback');
-        process.exit(1);
-    }
-    const forceLogout = argsWithoutProxy.includes('--logout');
-    const forceConfig = argsWithoutProxy.includes('--config');
-    const addAccount = argsWithoutProxy.includes('--add');
-    const showAccounts = argsWithoutProxy.includes('--accounts');
-    const forceImport = argsWithoutProxy.includes('--import');
-    const incognitoFlag = argsWithoutProxy.includes('--incognito');
-    const noIncognitoFlag = argsWithoutProxy.includes('--no-incognito');
-    const kiroNoIncognitoConfig = provider === 'kiro' ? (unifiedConfig.cliproxy?.kiro_no_incognito ?? true) : false;
-    const noIncognito = incognitoFlag ? false : noIncognitoFlag || kiroNoIncognitoConfig;
-    // Parse --use flag
-    let useAccount;
-    const useIdx = argsWithoutProxy.indexOf('--use');
-    if (useIdx !== -1 &&
-        argsWithoutProxy[useIdx + 1] &&
-        !argsWithoutProxy[useIdx + 1].startsWith('-')) {
-        useAccount = argsWithoutProxy[useIdx + 1];
-    }
-    // Parse --nickname flag
-    let setNickname;
-    const nicknameIdx = argsWithoutProxy.indexOf('--nickname');
-    if (nicknameIdx !== -1 &&
-        argsWithoutProxy[nicknameIdx + 1] &&
-        !argsWithoutProxy[nicknameIdx + 1].startsWith('-')) {
-        setNickname = argsWithoutProxy[nicknameIdx + 1];
-    }
-    // Parse --thinking flag
-    let thinkingOverride;
-    const thinkingEqArg = argsWithoutProxy.find((arg) => arg.startsWith('--thinking='));
-    if (thinkingEqArg) {
-        const val = thinkingEqArg.substring('--thinking='.length);
-        if (!val || val.trim() === '') {
-            console.error((0, ui_1.fail)('--thinking requires a value'));
-            console.error('    Examples: --thinking=low, --thinking=8192, --thinking=off');
-            console.error('    Levels: minimal, low, medium, high, xhigh, auto');
-            process.exit(1);
-        }
-        const numVal = parseInt(val, 10);
-        thinkingOverride = !isNaN(numVal) ? numVal : val;
-        const allThinkingFlags = argsWithoutProxy.filter((arg) => arg === '--thinking' || arg.startsWith('--thinking='));
-        if (allThinkingFlags.length > 1) {
-            console.warn(`[!] Multiple --thinking flags detected. Using first occurrence: ${thinkingEqArg}`);
-        }
-    }
-    else {
-        const thinkingIdx = argsWithoutProxy.indexOf('--thinking');
-        if (thinkingIdx !== -1) {
-            const nextArg = argsWithoutProxy[thinkingIdx + 1];
-            if (!nextArg || nextArg.startsWith('-')) {
-                console.error((0, ui_1.fail)('--thinking requires a value'));
-                console.error('    Examples: --thinking low, --thinking 8192, --thinking off');
-                console.error('    Levels: minimal, low, medium, high, xhigh, auto');
-                process.exit(1);
-            }
-            const numVal = parseInt(nextArg, 10);
-            thinkingOverride = !isNaN(numVal) ? numVal : nextArg;
-            const allThinkingFlags = argsWithoutProxy.filter((arg) => arg === '--thinking' || arg.startsWith('--thinking='));
-            if (allThinkingFlags.length > 1) {
-                console.warn(`[!] Multiple --thinking flags detected. Using first occurrence: --thinking ${nextArg}`);
-            }
-        }
-    }
-    // Handle --accounts
-    if (showAccounts) {
-        const accounts = (0, account_manager_1.getProviderAccounts)(provider);
-        if (accounts.length === 0) {
-            console.log((0, ui_1.info)(`No accounts registered for ${providerConfig.displayName}`));
-            console.log(`    Run "ccs ${provider} --auth" to add an account`);
-        }
-        else {
-            console.log(`\n${providerConfig.displayName} Accounts:\n`);
-            for (const acct of accounts) {
-                const defaultMark = acct.isDefault ? ' (default)' : '';
-                const nickname = acct.nickname ? `[${acct.nickname}]` : '';
-                console.log(`  ${nickname.padEnd(12)} ${acct.email || acct.id}${defaultMark}`);
-            }
-            console.log(`\n  Use "ccs ${provider} --use <nickname>" to switch accounts`);
-        }
-        process.exit(0);
-    }
-    // Handle --use
-    if (useAccount) {
-        const account = (0, account_manager_1.findAccountByQuery)(provider, useAccount);
-        if (!account) {
-            console.error((0, ui_1.fail)(`Account not found: "${useAccount}"`));
-            const accounts = (0, account_manager_1.getProviderAccounts)(provider);
-            if (accounts.length > 0) {
-                console.error(`    Available accounts:`);
-                for (const acct of accounts) {
-                    console.error(`      - ${acct.nickname || acct.id} (${acct.email || 'no email'})`);
-                }
-            }
-            process.exit(1);
-        }
-        (0, account_manager_1.setDefaultAccount)(provider, account.id);
-        (0, account_manager_1.touchAccount)(provider, account.id);
-        console.log((0, ui_1.ok)(`Switched to account: ${account.nickname || account.email || account.id}`));
-    }
-    // Handle --nickname (rename account)
-    if (setNickname && !addAccount) {
-        const defaultAccount = (0, account_manager_1.getDefaultAccount)(provider);
-        if (!defaultAccount) {
-            console.error((0, ui_1.fail)(`No account found for ${providerConfig.displayName}`));
-            console.error(`    Run "ccs ${provider} --auth" to add an account first`);
-            process.exit(1);
-        }
-        try {
-            const success = (0, account_manager_1.renameAccount)(provider, defaultAccount.id, setNickname);
-            if (success) {
-                console.log((0, ui_1.ok)(`Renamed account to: ${setNickname}`));
-            }
-            else {
-                console.error((0, ui_1.fail)('Failed to rename account'));
-                process.exit(1);
-            }
-        }
-        catch (err) {
-            console.error((0, ui_1.fail)(err instanceof Error ? err.message : 'Failed to rename account'));
-            process.exit(1);
-        }
-        process.exit(0);
-    }
-    // Handle --config
-    if (forceConfig && (0, model_catalog_1.supportsModelConfig)(provider)) {
-        await (0, model_config_1.configureProviderModel)(provider, true, cfg.customSettingsPath);
-        process.exit(0);
-    }
-    // Handle --logout
-    if (forceLogout) {
-        const { clearAuth } = await Promise.resolve().then(() => __importStar(require('../auth-handler')));
-        if (clearAuth(provider)) {
-            console.log((0, ui_1.ok)(`Logged out from ${providerConfig.displayName}`));
-        }
-        else {
-            console.log((0, ui_1.info)(`No authentication found for ${providerConfig.displayName}`));
-        }
-        process.exit(0);
-    }
-    // Handle --import (Kiro only)
-    if (forceImport) {
-        if (provider !== 'kiro') {
-            console.error((0, ui_1.fail)('--import is only available for Kiro'));
-            console.error(`    Run "ccs ${provider} --auth" to authenticate`);
-            process.exit(1);
-        }
-        if (forceAuth) {
-            console.error((0, ui_1.fail)('Cannot use --import with --auth'));
-            console.error('    --import: Import existing token from Kiro IDE');
-            console.error('    --auth: Trigger new OAuth flow in browser');
-            process.exit(1);
-        }
-        if (forceLogout) {
-            console.error((0, ui_1.fail)('Cannot use --import with --logout'));
-            process.exit(1);
-        }
-        const { triggerOAuth } = await Promise.resolve().then(() => __importStar(require('../auth-handler')));
-        const authSuccess = await triggerOAuth(provider, {
-            verbose,
-            import: true,
-            ...(setNickname ? { nickname: setNickname } : {}),
-        });
-        if (!authSuccess) {
-            console.error((0, ui_1.fail)('Failed to import Kiro token from IDE'));
-            console.error('    Make sure you are logged into Kiro IDE first');
-            process.exit(1);
-        }
-        process.exit(0);
-    }
-    // 3. Ensure OAuth completed (if provider requires it)
-    const remoteAuthToken = proxyConfig.authToken?.trim();
-    const skipLocalAuth = useRemoteProxy && !!remoteAuthToken;
-    if (skipLocalAuth) {
-        log(`Using remote proxy authentication (skipping local OAuth)`);
-    }
-    if (providerConfig.requiresOAuth && !skipLocalAuth) {
-        log(`Checking authentication for ${provider}`);
-        if (forceAuth || !(0, auth_handler_1.isAuthenticated)(provider)) {
-            const { triggerOAuth } = await Promise.resolve().then(() => __importStar(require('../auth-handler')));
-            const authSuccess = await triggerOAuth(provider, {
-                verbose,
-                add: addAccount,
-                ...(forceHeadless ? { headless: true } : {}),
-                ...(setNickname ? { nickname: setNickname } : {}),
-                ...(noIncognito ? { noIncognito: true } : {}),
-                ...(pasteCallback ? { pasteCallback: true } : {}),
-                ...(portForward ? { portForward: true } : {}),
-            });
-            if (!authSuccess) {
-                throw new Error(`Authentication required for ${providerConfig.displayName}`);
-            }
-            if (forceAuth) {
-                process.exit(0);
-            }
-        }
-        else {
-            log(`${provider} already authenticated`);
-        }
-        // 3a. Proactive token refresh
-        await (0, retry_handler_1.handleTokenExpiration)(provider, verbose);
-        // 3a-1. Update lastUsedAt
-        const usedAccount = (0, account_manager_1.getDefaultAccount)(provider);
-        if (usedAccount) {
-            (0, account_manager_1.touchAccount)(provider, usedAccount.id);
-        }
-    }
-    // 3b. Preflight quota check (Antigravity only)
-    if (!skipLocalAuth) {
-        await (0, retry_handler_1.handleQuotaCheck)(provider);
-    }
-    // 4. First-run model configuration
-    if ((0, model_catalog_1.supportsModelConfig)(provider) && !skipLocalAuth) {
-        await (0, model_config_1.configureProviderModel)(provider, false, cfg.customSettingsPath);
-    }
-    // 5. Check for broken models
-    const currentModel = (0, model_config_1.getCurrentModel)(provider, cfg.customSettingsPath);
-    if (currentModel && (0, model_catalog_1.isModelBroken)(provider, currentModel)) {
-        const modelEntry = (0, model_catalog_1.findModel)(provider, currentModel);
-        const issueUrl = (0, model_catalog_1.getModelIssueUrl)(provider, currentModel);
-        console.error('');
-        console.error((0, ui_1.warn)(`${modelEntry?.name || currentModel} has known issues with Claude Code`));
-        console.error('    Tool calls will fail. Use "gemini-3-pro-preview" instead.');
-        if (issueUrl) {
-            console.error(`    Tracking: ${issueUrl}`);
-        }
-        if (skipLocalAuth) {
-            console.error('    Note: Model may be overridden by remote proxy configuration.');
-        }
-        else {
-            console.error(`    Run "ccs ${provider} --config" to change model.`);
-        }
-        console.error('');
-    }
-    // 6. Ensure user settings file exists
-    (0, config_generator_1.ensureProviderSettings)(provider);
-    // Local proxy mode: generate config, spawn/join proxy, track session
-    let proxy = null;
-    let configPath;
-    if (!useRemoteProxy) {
-        log(`Generating config for ${provider}`);
-        configPath = (0, config_generator_1.generateConfig)(provider, cfg.port);
-        log(`Config written: ${configPath}`);
-        // 6a. Check or join existing proxy
-        const { sessionId: existingSessionId, shouldSpawn } = await (0, session_bridge_1.checkOrJoinProxy)(cfg.port, cfg.timeout, verbose);
-        sessionId = existingSessionId;
-        // 6b. Spawn new proxy if needed
-        if (shouldSpawn && binaryPath) {
-            proxy = (0, lifecycle_manager_1.spawnProxy)(binaryPath, configPath, verbose);
-            // 7. Wait for proxy readiness
-            await (0, lifecycle_manager_1.waitForProxyReadyWithSpinner)(cfg.port, cfg.timeout, cfg.pollInterval, backend, configPath);
-            // Register session
-            if (proxy.pid) {
-                sessionId = (0, session_bridge_1.registerProxySession)(cfg.port, proxy.pid, backend, verbose);
-            }
-        }
-    }
-    // 8. Setup HTTPS tunnel if needed
-    let httpsTunnel = null;
-    let tunnelPort = null;
-    if (useRemoteProxy && proxyConfig.protocol === 'https' && proxyConfig.host) {
-        try {
-            httpsTunnel = new https_tunnel_proxy_1.HttpsTunnelProxy({
-                remoteHost: proxyConfig.host,
-                remotePort: proxyConfig.port,
-                authToken: proxyConfig.authToken,
-                verbose,
-                allowSelfSigned: proxyConfig.allowSelfSigned ?? false,
-            });
-            tunnelPort = await httpsTunnel.start();
-            log(`HTTPS tunnel started on port ${tunnelPort} → https://${proxyConfig.host}:${proxyConfig.port}`);
-        }
-        catch (error) {
-            const err = error;
-            console.error((0, ui_1.warn)(`Failed to start HTTPS tunnel: ${err.message}`));
-            throw new Error(`HTTPS tunnel startup failed: ${err.message}`);
-        }
-    }
-    // 9. Setup tool sanitization proxy
-    let toolSanitizationProxy = null;
-    let toolSanitizationPort = null;
-    // Build initial env vars to get ANTHROPIC_BASE_URL
-    const initialEnvVars = (0, env_resolver_1.buildClaudeEnvironment)({
-        provider,
-        useRemoteProxy,
-        remoteConfig: proxyConfig.host
-            ? {
-                host: proxyConfig.host,
-                port: proxyConfig.port,
-                protocol: proxyConfig.protocol,
-                authToken: proxyConfig.authToken,
-            }
-            : undefined,
-        httpsTunnel: httpsTunnel ?? undefined,
-        tunnelPort: tunnelPort ?? undefined,
-        localPort: cfg.port,
-        customSettingsPath: cfg.customSettingsPath,
-        thinkingOverride,
-        verbose,
-    });
-    if (initialEnvVars.ANTHROPIC_BASE_URL) {
-        try {
-            toolSanitizationProxy = new tool_sanitization_proxy_1.ToolSanitizationProxy({
-                upstreamBaseUrl: initialEnvVars.ANTHROPIC_BASE_URL,
-                verbose,
-                warnOnSanitize: true,
-            });
-            toolSanitizationPort = await toolSanitizationProxy.start();
-            log(`Tool sanitization proxy active on port ${toolSanitizationPort}`);
-        }
-        catch (error) {
-            const err = error;
-            toolSanitizationProxy = null;
-            toolSanitizationPort = null;
-            if (verbose) {
-                console.error((0, ui_1.warn)(`Tool sanitization proxy disabled: ${err.message}`));
-            }
-        }
-    }
-    const postSanitizationBaseUrl = toolSanitizationPort
-        ? `http://127.0.0.1:${toolSanitizationPort}`
-        : initialEnvVars.ANTHROPIC_BASE_URL;
-    // 10. Setup Codex reasoning proxy (Codex only)
-    let codexReasoningProxy = null;
-    let codexReasoningPort = null;
-    if (provider === 'codex') {
-        if (!postSanitizationBaseUrl) {
-            log('ANTHROPIC_BASE_URL not set for Codex, reasoning proxy disabled');
-        }
-        else {
-            try {
-                const traceEnabled = process.env.CCS_CODEX_REASONING_TRACE === '1' ||
-                    process.env.CCS_CODEX_REASONING_TRACE === 'true';
-                const stripPathPrefix = useRemoteProxy ? '/api/provider/codex' : undefined;
-                codexReasoningProxy = new codex_reasoning_proxy_1.CodexReasoningProxy({
-                    upstreamBaseUrl: postSanitizationBaseUrl,
-                    verbose,
-                    defaultEffort: 'medium',
-                    traceFilePath: traceEnabled ? `${os.homedir()}/.ccs/codex-reasoning-proxy.log` : '',
-                    modelMap: {
-                        defaultModel: initialEnvVars.ANTHROPIC_MODEL,
-                        opusModel: initialEnvVars.ANTHROPIC_DEFAULT_OPUS_MODEL,
-                        sonnetModel: initialEnvVars.ANTHROPIC_DEFAULT_SONNET_MODEL,
-                        haikuModel: initialEnvVars.ANTHROPIC_DEFAULT_HAIKU_MODEL,
-                    },
-                    stripPathPrefix,
-                });
-                codexReasoningPort = await codexReasoningProxy.start();
-                log(`Codex reasoning proxy active: http://127.0.0.1:${codexReasoningPort}/api/provider/codex`);
-            }
-            catch (error) {
-                const err = error;
-                codexReasoningProxy = null;
-                codexReasoningPort = null;
-                if (verbose) {
-                    console.error((0, ui_1.warn)(`Codex reasoning proxy disabled: ${err.message}`));
-                }
-            }
-        }
-    }
-    // 11. Build final environment with all proxy chains
-    const env = (0, env_resolver_1.buildClaudeEnvironment)({
-        provider,
-        useRemoteProxy,
-        remoteConfig: proxyConfig.host
-            ? {
-                host: proxyConfig.host,
-                port: proxyConfig.port,
-                protocol: proxyConfig.protocol,
-                authToken: proxyConfig.authToken,
-            }
-            : undefined,
-        httpsTunnel: httpsTunnel ?? undefined,
-        tunnelPort: tunnelPort ?? undefined,
-        codexReasoningProxy: codexReasoningProxy ?? undefined,
-        codexReasoningPort: codexReasoningPort ?? undefined,
-        toolSanitizationProxy: toolSanitizationProxy ?? undefined,
-        toolSanitizationPort: toolSanitizationPort ?? undefined,
-        localPort: cfg.port,
-        customSettingsPath: cfg.customSettingsPath,
-        thinkingOverride,
-        verbose,
-    });
-    const webSearchEnv = (0, websearch_manager_2.getWebSearchHookEnv)();
-    (0, env_resolver_1.logEnvironment)(env, webSearchEnv, verbose);
-    // 12. Filter CCS-specific flags before passing to Claude CLI
-    const ccsFlags = [
-        '--auth',
-        '--paste-callback',
-        '--port-forward',
-        '--headless',
-        '--logout',
-        '--config',
-        '--add',
-        '--accounts',
-        '--use',
-        '--nickname',
-        '--thinking',
-        '--incognito',
-        '--no-incognito',
-        '--import',
-        '--settings',
-        ...proxy_config_resolver_1.PROXY_CLI_FLAGS,
-    ];
-    const claudeArgs = argsWithoutProxy.filter((arg, idx) => {
-        if (ccsFlags.includes(arg))
-            return false;
-        if (arg.startsWith('--thinking='))
-            return false;
-        if (argsWithoutProxy[idx - 1] === '--use' ||
-            argsWithoutProxy[idx - 1] === '--nickname' ||
-            argsWithoutProxy[idx - 1] === '--thinking')
-            return false;
-        return true;
-    });
-    const isWindows = process.platform === 'win32';
-    const needsShell = isWindows && /\.(cmd|bat|ps1)$/i.test(claudeCli);
-    const settingsPath = cfg.customSettingsPath
-        ? cfg.customSettingsPath.replace(/^~/, os.homedir())
-        : (0, config_generator_1.getProviderSettingsPath)(provider);
-    let claude;
-    if (needsShell) {
-        const cmdString = [claudeCli, '--settings', settingsPath, ...claudeArgs]
-            .map(shell_executor_1.escapeShellArg)
-            .join(' ');
-        claude = (0, child_process_1.spawn)(cmdString, {
-            stdio: 'inherit',
-            windowsHide: true,
-            shell: true,
-            env,
-        });
-    }
-    else {
-        claude = (0, child_process_1.spawn)(claudeCli, ['--settings', settingsPath, ...claudeArgs], {
-            stdio: 'inherit',
-            windowsHide: true,
-            env,
-        });
-    }
-    // 13. Setup cleanup handlers
-    (0, session_bridge_1.setupCleanupHandlers)(claude, sessionId, cfg.port, codexReasoningProxy, toolSanitizationProxy, httpsTunnel, verbose);
-}
-exports.execClaudeWithCLIProxy = execClaudeWithCLIProxy;
-// Re-export utility functions for backwards compatibility
-var lifecycle_manager_2 = require("./lifecycle-manager");
-Object.defineProperty(exports, "isPortAvailable", { enumerable: true, get: function () { return lifecycle_manager_2.isPortAvailable; } });
-Object.defineProperty(exports, "findAvailablePort", { enumerable: true, get: function () { return lifecycle_manager_2.findAvailablePort; } });
-exports.default = execClaudeWithCLIProxy;
-//# sourceMappingURL=index.js.map