npm - @mewbleh/purrx - Versions diffs - 1.0.10 → 1.0.13 - Mend

@mewbleh/purrx 1.0.10 → 1.0.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/bin/purrx.js CHANGED Viewed

@@ -335,6 +335,15 @@ async function main() {
     case "status":
       cmdStatus();
       break;
+    case "version":
+    case "--version":
+    case "-v": {
+      const { createRequire } = await import("node:module");
+      const require = createRequire(import.meta.url);
+      const pkg = require("../package.json");
+      console.log(`purrx ${pkg.version}`);
+      break;
+    }
     case "help":
     case "--help":
     case "-h":

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@mewbleh/purrx",
-  "version": "1.0.10",
+  "version": "1.0.13",
   "description": "purrx, a lightweight AI coding agent for your terminal",
   "type": "module",
   "main": "src/index.js",

package/src/api/client.js CHANGED Viewed

@@ -1,29 +1,38 @@
 import { API_BASE, CHATGPT_BASE } from "../config.js";
-// Models that use the Responses API reasoning fields. gpt-5 family, o-series,
-// and any *-codex variant are reasoning models.
+// Models that take the Responses API reasoning fields (gpt-5 family, o-series,
+// and codex variants). The official Codex client always sends a reasoning block
+// for these and requests encrypted reasoning back since store is false.
 function isReasoningModel(model) {
   return /^(gpt-5|o\d|codex)/i.test(model) || /-codex\b/i.test(model);
 }
 // Builds the request URL and headers for the resolved auth mode.
+//
+// The ChatGPT-codex header set mirrors the official Codex CLI
+// (codex-rs default_client + BearerAuthProvider + build_session_headers):
+//   Authorization, ChatGPT-Account-ID, originator, User-Agent,
+//   OpenAI-Beta, session-id.
 /**
  * @param {import("../types.js").AuthInfo} authInfo
+ * @param {string} [sessionId]
  * @returns {{ url: string, headers: Record<string, string> }}
  */
-function buildRequest(authInfo) {
+function buildRequest(authInfo, sessionId) {
   if (authInfo.mode === "chatgpt") {
     /** @type {Record<string, string>} */
     const headers = {
       "Content-Type": "application/json",
       Authorization: `Bearer ${authInfo.accessToken}`,
-      // Codex backend identifies the client via originator + session headers.
+      "OpenAI-Beta": "responses=experimental",
       originator: "codex_cli_rs",
-      "User-Agent": "purrx",
+      "User-Agent": "codex_cli_rs/0.0.0 (purrx)",
     };
     if (authInfo.accountId) {
-      headers["chatgpt-account-id"] = authInfo.accountId;
+      // Casing matches the official client (BearerAuthProvider).
+      headers["ChatGPT-Account-ID"] = authInfo.accountId;
     }
+    if (sessionId) headers["session-id"] = sessionId;
     return { url: `${CHATGPT_BASE}/responses`, headers };
   }
   // API-key mode.
@@ -47,7 +56,7 @@ function buildRequest(authInfo) {
  * @param {import("../types.js").HistoryItem[]} req.input
  * @param {import("../types.js").ToolDefinition[]} [req.tools]
  * @param {string} [req.instructions]
- * @param {string} [req.sessionId] stable id used for prompt caching
+ * @param {string} [req.sessionId] stable id, sent as session-id + prompt_cache_key
  * @param {{ onText?: (delta: string) => void, onEvent?: (event: any) => void }} [handlers]
  * @returns {Promise<any>}
  */
@@ -55,33 +64,44 @@ export async function streamResponse(
   { authInfo, model, input, tools, instructions, sessionId },
   handlers = {}
 ) {
-  const { url, headers } = buildRequest(authInfo);
+  const { url, headers } = buildRequest(authInfo, sessionId);
+  // Request body matching the official Codex ResponsesApiRequest. These fields
+  // are always present in the real client; sending a stripped-down body is what
+  // triggers the backend's misleading "model is not supported" rejection.
   /** @type {Record<string, any>} */
   const payload = {
     model,
+    instructions: instructions || "",
     input,
-    stream: true,
-    // The Codex backend requires store:false; responses are not persisted.
+    tool_choice: "auto",
+    parallel_tool_calls: false,
     store: false,
-    // Stable cache key improves latency/cost across turns (matches Codex).
-    prompt_cache_key: sessionId || "purrx",
+    stream: true,
+    include: [],
   };
-  if (instructions) payload.instructions = instructions;
-  // Reasoning models (gpt-5*, o-series, *-codex) require a reasoning block and
-  // must request the encrypted reasoning content back since we don't persist
-  // responses (store:false). This mirrors the official Codex client and is the
-  // shape the ChatGPT/Codex backend expects.
   if (isReasoningModel(model)) {
     payload.reasoning = { effort: "medium", summary: "auto" };
     payload.include = ["reasoning.encrypted_content"];
   }
+  if (sessionId) payload.prompt_cache_key = sessionId;
   if (tools && tools.length) {
     payload.tools = tools;
-    payload.tool_choice = "auto";
-    payload.parallel_tool_calls = true;
+  }
+  // Debug: dump the exact outgoing request when PURRX_DEBUG is set. Auth tokens
+  // are redacted. This is the fastest way to diagnose backend rejections.
+  if (process.env.PURRX_DEBUG) {
+    const safeHeaders = { ...headers };
+    if (safeHeaders.Authorization) safeHeaders.Authorization = "Bearer <redacted>";
+    console.error(`\n[purrx] POST ${url}`);
+    console.error(`[purrx] headers: ${JSON.stringify(safeHeaders)}`);
+    console.error(
+      `[purrx] body: ${JSON.stringify({ ...payload, input: `<${input.length} items>` })}`
+    );
   }
   const resp = await fetch(url, {
@@ -92,6 +112,9 @@ export async function streamResponse(
   if (!resp.ok || !resp.body) {
     const text = await resp.text().catch(() => "");
+    if (process.env.PURRX_DEBUG) {
+      console.error(`[purrx] response ${resp.status}: ${text}`);
+    }
     throw new Error(`API request failed (${resp.status}): ${text}`);
   }

package/src/auth/tokens.js CHANGED Viewed

@@ -111,7 +111,7 @@ export async function refreshTokens(refreshToken) {
       client_id: OAUTH_CLIENT_ID,
       grant_type: "refresh_token",
       refresh_token: refreshToken,
-      scope: "openid profile email",
+      scope: "openid profile email offline_access",
     }),
   });
   if (!resp.ok) {
@@ -173,10 +173,22 @@ export function resolveAuthMode(auth) {
   }
   if (!auth) return null;
   if (auth.tokens?.access_token) {
+    // The chatgpt-account-id header is required by the codex backend. Prefer
+    // the stored account_id, but fall back to deriving it from the access or
+    // id token claims if it is missing (older logins may not have saved it).
+    let accountId = auth.tokens.account_id || null;
+    if (!accountId) {
+      accountId =
+        jwtAuthClaims(auth.tokens.access_token)["chatgpt_account_id"] ||
+        (auth.tokens.id_token
+          ? jwtAuthClaims(auth.tokens.id_token)["chatgpt_account_id"]
+          : null) ||
+        null;
+    }
     return {
       mode: "chatgpt",
       accessToken: auth.tokens.access_token,
-      accountId: auth.tokens.account_id || null,
+      accountId,
     };
   }
   if (auth.OPENAI_API_KEY) {