@openhoo/hoopilot 0.3.1 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -9,140 +9,184 @@ This project uses GitHub Copilot's service endpoints and is not an official GitH
9
9
 
10
10
  ## Install
11
11
 
12
- ### npm (recommended when the registry is reachable)
12
+ ### npm
13
13
 
14
- ```sh
14
+ ```powershell
15
15
  npx @openhoo/hoopilot
16
16
  ```
17
17
 
18
18
  Or install it globally:
19
19
 
20
- ```sh
20
+ ```powershell
21
21
  npm install -g @openhoo/hoopilot
22
- # or
23
22
  bun add -g @openhoo/hoopilot
24
23
  ```
25
24
 
26
- ### Standalone binary (no npm, no runtime required)
25
+ ### Standalone Binary
27
26
 
28
- When the npm registry is unreachable but GitHub is, install a prebuilt,
29
- self-contained binary straight from the latest GitHub release. No Node.js or Bun
30
- is needed to run it.
27
+ When the npm registry is unreachable but GitHub is reachable, install a prebuilt self-contained binary from the latest GitHub release. No Node.js or Bun runtime is needed to run it.
31
28
 
32
- Linux / macOS:
29
+ Linux / macOS from PowerShell:
33
30
 
34
- ```sh
31
+ ```powershell
35
32
  curl -fsSL https://raw.githubusercontent.com/openhoo/hoopilot/main/scripts/install.sh | sh
36
33
  ```
37
34
 
38
- Windows (PowerShell):
35
+ Windows PowerShell:
39
36
 
40
37
  ```powershell
41
38
  irm https://raw.githubusercontent.com/openhoo/hoopilot/main/scripts/install.ps1 | iex
42
39
  ```
43
40
 
44
- The installer detects your OS, CPU architecture (x64/arm64), and libc (glibc or
45
- musl), downloads the matching binary, verifies its SHA-256 checksum, and installs
46
- it to `~/.local/bin` (Linux/macOS) or `%LOCALAPPDATA%\Programs\hoopilot`
47
- (Windows). Override the location with `HOOPILOT_INSTALL_DIR`, or pin a version:
41
+ The installer detects your OS, CPU architecture, and libc, downloads the matching binary, verifies its SHA-256 checksum, and installs it to `~/.local/bin` on Linux/macOS or `%LOCALAPPDATA%\Programs\hoopilot` on Windows. Override the location with `HOOPILOT_INSTALL_DIR`, or pin a version:
48
42
 
49
- ```sh
50
- curl -fsSL .../install.sh | sh -s -- --version 0.2.5 --dir ~/bin
43
+ ```powershell
44
+ curl -fsSL https://raw.githubusercontent.com/openhoo/hoopilot/main/scripts/install.sh | sh -s -- --version 0.3.0 --dir ~/bin
51
45
  ```
52
46
 
53
47
  ```powershell
54
- & ([scriptblock]::Create((irm .../install.ps1))) -Version 0.2.5
48
+ & ([scriptblock]::Create((irm https://raw.githubusercontent.com/openhoo/hoopilot/main/scripts/install.ps1))) -Version 0.3.0
55
49
  ```
56
50
 
57
- Prebuilt binaries are available for Linux (x64/arm64, glibc and musl), macOS
58
- (Intel/Apple Silicon), and Windows (x64/arm64).
59
-
60
51
  ## Update
61
52
 
62
- Standalone binaries update themselves in place from the latest GitHub release
63
- (checksum-verified):
53
+ Standalone binaries update themselves in place from the latest GitHub release:
64
54
 
65
- ```sh
55
+ ```powershell
66
56
  hoopilot update
67
57
  ```
68
58
 
69
- npm installs report when a newer version is available and print the right command
70
- (`npm install -g @openhoo/hoopilot@latest`). Either way, Hoopilot checks GitHub at
71
- most once a day in the background and prints a one-line notice to stderr when an
72
- update exists. Disable the check with `--no-update-check`, or by setting
73
- `HOOPILOT_NO_UPDATE_CHECK` / `NO_UPDATE_NOTIFIER`; it is also skipped in CI and
74
- when output is not a terminal.
59
+ npm installs report when a newer version is available and print the right command. Hoopilot checks GitHub at most once a day in the background. Disable the check with `--no-update-check`, `HOOPILOT_NO_UPDATE_CHECK`, or `NO_UPDATE_NOTIFIER`.
75
60
 
76
61
  ## Run
77
62
 
78
- ```sh
63
+ First sign in with GitHub Copilot OAuth in your browser:
64
+
65
+ ```powershell
66
+ npx @openhoo/hoopilot login
67
+ ```
68
+
69
+ The login command prints a one-time code, opens `https://github.com/login/device` best-effort, verifies that the returned OAuth token can reach the Copilot API, and stores it in Hoopilot's auth file.
70
+
71
+ Then start the proxy:
72
+
73
+ ```powershell
79
74
  npx @openhoo/hoopilot
80
75
  ```
81
76
 
82
- By default Hoopilot listens on `127.0.0.1:4141`, uses `COPILOT_API_TOKEN` when provided, otherwise reads a GitHub CLI OAuth token from `COPILOT_GITHUB_TOKEN` or `gh auth token`, and uses that token with Copilot.
77
+ By default Hoopilot listens on `127.0.0.1:4141` and reads the stored OAuth credential from:
78
+
79
+ - Linux/macOS: `$HOME/.config/hoopilot/auth.json`
80
+ - Windows: `$env:APPDATA\hoopilot\auth.json`
81
+
82
+ Override the path with `HOOPILOT_AUTH_FILE` or `--auth-file`.
83
83
 
84
84
  For a local API key:
85
85
 
86
- ```sh
87
- HOOPILOT_API_KEY=local-key npx @openhoo/hoopilot --port 4141
86
+ ```powershell
87
+ $env:HOOPILOT_API_KEY = "local-key"
88
+ npx @openhoo/hoopilot --port 4141
88
89
  ```
89
90
 
90
91
  Point OpenAI-compatible clients at:
91
92
 
92
- ```sh
93
- OPENAI_BASE_URL=http://127.0.0.1:4141/v1
94
- OPENAI_API_KEY=local-key
93
+ ```powershell
94
+ $env:OPENAI_BASE_URL = "http://127.0.0.1:4141/v1"
95
+ $env:OPENAI_API_KEY = "local-key"
95
96
  ```
96
97
 
97
98
  Use with Codex CLI after Hoopilot is running:
98
99
 
99
- ```sh
100
- OPENAI_API_KEY=local-key codex -m claude-sonnet-4.6 -c 'openai_base_url="http://127.0.0.1:4141/v1"'
100
+ ```powershell
101
+ $env:OPENAI_API_KEY = "local-key"
102
+ codex -m gpt-5.5 -c 'openai_base_url="http://127.0.0.1:4141/v1"'
101
103
  ```
102
104
 
105
+ One-line PowerShell form:
106
+
103
107
  ```powershell
104
- $env:OPENAI_API_KEY="local-key"; codex -m claude-sonnet-4.6 -c 'openai_base_url="http://127.0.0.1:4141/v1"'
108
+ $env:OPENAI_API_KEY = "local-key"; codex -m gpt-5.5 -c 'openai_base_url="http://127.0.0.1:4141/v1"'
105
109
  ```
106
110
 
107
111
  If no `HOOPILOT_API_KEY` is configured, Hoopilot accepts local requests without client authentication. Binding to a non-loopback host requires `HOOPILOT_API_KEY` unless `--allow-unauthenticated` is set.
108
112
 
113
+ ## Logging
114
+
115
+ Hoopilot uses Pino for structured logs. Server startup, request completion, upstream Copilot failures, model-list fallback, auth failures, and update-check diagnostics are logged with stable event names and request IDs. Logs never include request bodies, prompt text, completions, stream chunks, OAuth tokens, API keys, authorization headers, cookies, or auth-file contents.
116
+
117
+ Console logs default to pretty output at `info` level:
118
+
119
+ ```powershell
120
+ npx @openhoo/hoopilot --log-level info --log-format pretty
121
+ ```
122
+
123
+ For machine-readable newline-delimited JSON:
124
+
125
+ ```powershell
126
+ npx @openhoo/hoopilot --log-level info --log-format json
127
+ ```
128
+
129
+ Equivalent environment variables:
130
+
131
+ - `HOOPILOT_LOG_LEVEL`: `trace`, `debug`, `info`, `warn`, `error`, `fatal`, or `silent`. Default: `info`.
132
+ - `HOOPILOT_LOG_FORMAT`: `json` or `pretty`. Default: `pretty`.
133
+
134
+ Incoming `x-request-id` headers are preserved on responses. If a request has no ID, Hoopilot generates one and returns it as `x-request-id`.
135
+
109
136
  ## Authentication
110
137
 
111
- Preferred options:
138
+ Hoopilot supports one credential flow: GitHub Copilot OAuth browser login.
112
139
 
113
- ```sh
114
- gh auth login
140
+ ```powershell
141
+ npx @openhoo/hoopilot login
115
142
  npx @openhoo/hoopilot
116
143
  ```
117
144
 
118
- or:
145
+ Direct bearer tokens, GitHub CLI token fallback, classic GitHub PATs, and fine-grained GitHub PATs are not supported.
119
146
 
120
- ```sh
121
- COPILOT_GITHUB_TOKEN=$(gh auth token) npx @openhoo/hoopilot
122
- ```
147
+ Supported authentication-related settings:
123
148
 
124
- Personal access tokens are not supported by GitHub Copilot's token exchange or chat endpoints. Hoopilot rejects classic and fine-grained PAT prefixes. Use `gh auth token` for the GitHub CLI OAuth path, or pass a short-lived Copilot bearer token with `COPILOT_API_TOKEN`.
149
+ - `HOOPILOT_AUTH_FILE`: OAuth credential store path.
150
+ - `HOOPILOT_GITHUB_CLIENT_ID`: GitHub OAuth app client ID override.
151
+ - `HOOPILOT_GITHUB_DOMAIN`: GitHub domain override. Default: `github.com`.
152
+ - `COPILOT_API_BASE_URL`: upstream Copilot API base URL override. Default: `https://api.githubcopilot.com`.
125
153
 
126
- Supported credential environment variables:
154
+ ## Codex Auth Errors
127
155
 
128
- - `COPILOT_GITHUB_TOKEN` or `GITHUB_COPILOT_GITHUB_TOKEN`: GitHub CLI OAuth token for an account with Copilot access. Personal access tokens are rejected.
129
- - `COPILOT_API_TOKEN`, `GITHUB_COPILOT_API_TOKEN`, or `GITHUB_COPILOT_TOKEN`: short-lived Copilot API bearer token.
130
- - `COPILOT_API_BASE_URL`: upstream Copilot API base URL override.
131
- - `COPILOT_TOKEN_EXCHANGE_URL`: GitHub token exchange endpoint override.
156
+ Hoopilot does not return raw `403` responses to Codex for authentication or Copilot-entitlement failures. Local Hoopilot API-key problems return `401 invalid_api_key`; OAuth credential and upstream Copilot auth failures return `401 copilot_auth_error`.
132
157
 
133
- Auth modes:
158
+ In PowerShell, verify the browser login and local proxy before retrying Codex:
134
159
 
135
- ```sh
136
- npx @openhoo/hoopilot --auth-mode auto
137
- npx @openhoo/hoopilot --auth-mode copilot-token
160
+ ```powershell
161
+ npx @openhoo/hoopilot login
162
+ $env:HOOPILOT_API_KEY = "local-key"
163
+ npx @openhoo/hoopilot --port 4141
138
164
  ```
139
165
 
140
- `auto` uses a direct Copilot token when one is configured, otherwise it uses GitHub's Copilot token exchange endpoint and falls back to the GitHub CLI OAuth token when the exchange endpoint is unavailable.
166
+ Then, in another PowerShell session:
167
+
168
+ ```powershell
169
+ $env:OPENAI_API_KEY = "local-key"
170
+ Invoke-RestMethod -Headers @{ Authorization = "Bearer $env:OPENAI_API_KEY" } `
171
+ http://127.0.0.1:4141/v1/models
172
+ codex -m gpt-5.5 -c 'openai_base_url="http://127.0.0.1:4141/v1"'
173
+ ```
174
+
175
+ If that returns `401 copilot_auth_error`, rerun `npx @openhoo/hoopilot login` and confirm the GitHub account has active Copilot access.
141
176
 
142
177
  ## CLI
143
178
 
144
- ```sh
179
+ ```powershell
145
180
  hoopilot [serve] [options]
181
+ hoopilot login [options]
182
+ ```
183
+
184
+ Commands:
185
+
186
+ ```txt
187
+ serve Start the proxy server (default)
188
+ login Sign in through GitHub OAuth in a browser and verify Copilot access
189
+ update, upgrade Update hoopilot to the latest release
146
190
  ```
147
191
 
148
192
  Options:
@@ -151,12 +195,11 @@ Options:
151
195
  -p, --port <port> Port to listen on. Default: 4141
152
196
  --host <host> Host to listen on. Default: 127.0.0.1
153
197
  --api-key <key> Require clients to send Authorization: Bearer <key>
154
- --auth-mode <mode> auto, copilot-token
155
- --github-token <token> GitHub CLI OAuth token for a Copilot account. PATs are rejected.
156
- --github-token-command <cmd> Command used to read a GitHub token. Default: gh auth token
157
- --copilot-token <token> Short-lived Copilot API bearer token
198
+ --auth-file <path> OAuth credential store path
158
199
  --copilot-api-base-url <url> Copilot API base URL override
159
- --no-gh Do not try gh auth token
200
+ --log-level <level> trace, debug, info, warn, error, fatal, or silent
201
+ --log-format <format> json or pretty. Default: pretty
202
+ --no-update-check Do not check GitHub for a newer release
160
203
  --allow-unauthenticated Allow non-loopback bind without --api-key
161
204
  ```
162
205
 
@@ -172,14 +215,14 @@ Options:
172
215
 
173
216
  ## Development
174
217
 
175
- ```sh
218
+ ```powershell
176
219
  bun install
177
220
  bun run check
178
221
  ```
179
222
 
180
223
  Useful scripts:
181
224
 
182
- ```sh
225
+ ```powershell
183
226
  bun run test
184
227
  bun run test:coverage
185
228
  bun run typecheck
@@ -189,7 +232,7 @@ bun run biome:fix
189
232
 
190
233
  ## Release
191
234
 
192
- Commits merged to `main` are evaluated by hooversion after CI passes. When a release is produced, the release workflow creates the release commit, tag, and GitHub release automatically, publishes the package through npm trusted publishing, then cross-compiles standalone binaries for every supported platform (`scripts/build-binaries.sh`) and attaches them plus a `SHA256SUMS` manifest to the GitHub release. Build all binaries locally with `bun run build:binaries`.
235
+ Commits merged to `main` are evaluated by hooversion after CI passes. When a release is produced, the release workflow creates the release commit, tag, and GitHub release automatically, publishes the package through npm trusted publishing, then cross-compiles standalone binaries for every supported platform (`scripts/build-binaries.sh`) and attaches them plus a `SHA256SUMS` manifest to the GitHub release. Build all binaries locally with `bun run build:binaries`.
193
236
 
194
237
  Configure npm trusted publishing for `@openhoo/hoopilot` on npmjs.com before relying on automatic publication. The workflow uses GitHub Actions OIDC with `npm publish --access public --provenance`.
195
238