@openhoo/hoopilot 0.3.1 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -9,140 +9,206 @@ This project uses GitHub Copilot's service endpoints and is not an official GitH
9
9
 
10
10
  ## Install
11
11
 
12
- ### npm (recommended when the registry is reachable)
12
+ ### npm
13
13
 
14
- ```sh
14
+ ```powershell
15
15
  npx @openhoo/hoopilot
16
16
  ```
17
17
 
18
18
  Or install it globally:
19
19
 
20
- ```sh
20
+ ```powershell
21
21
  npm install -g @openhoo/hoopilot
22
- # or
23
22
  bun add -g @openhoo/hoopilot
24
23
  ```
25
24
 
26
- ### Standalone binary (no npm, no runtime required)
25
+ ### Standalone Binary
27
26
 
28
- When the npm registry is unreachable but GitHub is, install a prebuilt,
29
- self-contained binary straight from the latest GitHub release. No Node.js or Bun
30
- is needed to run it.
27
+ When the npm registry is unreachable but GitHub is reachable, install a prebuilt self-contained binary from the latest GitHub release. No Node.js or Bun runtime is needed to run it.
31
28
 
32
- Linux / macOS:
29
+ Linux / macOS from PowerShell:
33
30
 
34
- ```sh
31
+ ```powershell
35
32
  curl -fsSL https://raw.githubusercontent.com/openhoo/hoopilot/main/scripts/install.sh | sh
36
33
  ```
37
34
 
38
- Windows (PowerShell):
35
+ Windows PowerShell:
39
36
 
40
37
  ```powershell
41
38
  irm https://raw.githubusercontent.com/openhoo/hoopilot/main/scripts/install.ps1 | iex
42
39
  ```
43
40
 
44
- The installer detects your OS, CPU architecture (x64/arm64), and libc (glibc or
45
- musl), downloads the matching binary, verifies its SHA-256 checksum, and installs
46
- it to `~/.local/bin` (Linux/macOS) or `%LOCALAPPDATA%\Programs\hoopilot`
47
- (Windows). Override the location with `HOOPILOT_INSTALL_DIR`, or pin a version:
41
+ The installer detects your OS, CPU architecture, and libc, downloads the matching binary, verifies its SHA-256 checksum, and installs it to `~/.local/bin` on Linux/macOS or `%LOCALAPPDATA%\Programs\hoopilot` on Windows. Override the location with `HOOPILOT_INSTALL_DIR`, or pin a version:
48
42
 
49
- ```sh
50
- curl -fsSL .../install.sh | sh -s -- --version 0.2.5 --dir ~/bin
43
+ ```powershell
44
+ curl -fsSL https://raw.githubusercontent.com/openhoo/hoopilot/main/scripts/install.sh | sh -s -- --version 0.3.0 --dir ~/bin
51
45
  ```
52
46
 
53
47
  ```powershell
54
- & ([scriptblock]::Create((irm .../install.ps1))) -Version 0.2.5
48
+ & ([scriptblock]::Create((irm https://raw.githubusercontent.com/openhoo/hoopilot/main/scripts/install.ps1))) -Version 0.3.0
55
49
  ```
56
50
 
57
- Prebuilt binaries are available for Linux (x64/arm64, glibc and musl), macOS
58
- (Intel/Apple Silicon), and Windows (x64/arm64).
59
-
60
51
  ## Update
61
52
 
62
- Standalone binaries update themselves in place from the latest GitHub release
63
- (checksum-verified):
53
+ Standalone binaries update themselves in place from the latest GitHub release:
64
54
 
65
- ```sh
55
+ ```powershell
66
56
  hoopilot update
67
57
  ```
68
58
 
69
- npm installs report when a newer version is available and print the right command
70
- (`npm install -g @openhoo/hoopilot@latest`). Either way, Hoopilot checks GitHub at
71
- most once a day in the background and prints a one-line notice to stderr when an
72
- update exists. Disable the check with `--no-update-check`, or by setting
73
- `HOOPILOT_NO_UPDATE_CHECK` / `NO_UPDATE_NOTIFIER`; it is also skipped in CI and
74
- when output is not a terminal.
59
+ npm installs report when a newer version is available and print the right command. Hoopilot checks GitHub at most once a day in the background. Disable the check with `--no-update-check`, `HOOPILOT_NO_UPDATE_CHECK`, or `NO_UPDATE_NOTIFIER`.
75
60
 
76
61
  ## Run
77
62
 
78
- ```sh
63
+ First sign in with GitHub Copilot OAuth in your browser:
64
+
65
+ ```powershell
66
+ npx @openhoo/hoopilot login
67
+ ```
68
+
69
+ The login command prints a one-time code, opens `https://github.com/login/device` best-effort, verifies that the returned OAuth token can reach the Copilot API, and stores it in Hoopilot's auth file.
70
+
71
+ Then start the proxy:
72
+
73
+ ```powershell
79
74
  npx @openhoo/hoopilot
80
75
  ```
81
76
 
82
- By default Hoopilot listens on `127.0.0.1:4141`, uses `COPILOT_API_TOKEN` when provided, otherwise reads a GitHub CLI OAuth token from `COPILOT_GITHUB_TOKEN` or `gh auth token`, and uses that token with Copilot.
77
+ By default Hoopilot listens on `127.0.0.1:4141` and reads the stored OAuth credential from:
78
+
79
+ - Linux/macOS: `$HOME/.config/hoopilot/auth.json`
80
+ - Windows: `$env:APPDATA\hoopilot\auth.json`
81
+
82
+ Override the path with `HOOPILOT_AUTH_FILE` or `--auth-file`.
83
83
 
84
84
  For a local API key:
85
85
 
86
- ```sh
87
- HOOPILOT_API_KEY=local-key npx @openhoo/hoopilot --port 4141
86
+ ```powershell
87
+ $env:HOOPILOT_API_KEY = "local-key"
88
+ npx @openhoo/hoopilot --port 4141
88
89
  ```
89
90
 
90
91
  Point OpenAI-compatible clients at:
91
92
 
92
- ```sh
93
- OPENAI_BASE_URL=http://127.0.0.1:4141/v1
94
- OPENAI_API_KEY=local-key
93
+ ```powershell
94
+ $env:OPENAI_BASE_URL = "http://127.0.0.1:4141/v1"
95
+ $env:OPENAI_API_KEY = "local-key"
95
96
  ```
96
97
 
97
98
  Use with Codex CLI after Hoopilot is running:
98
99
 
99
- ```sh
100
- OPENAI_API_KEY=local-key codex -m claude-sonnet-4.6 -c 'openai_base_url="http://127.0.0.1:4141/v1"'
100
+ ```powershell
101
+ $env:OPENAI_API_KEY = "local-key"
102
+ codex -m gpt-5.5 -c 'openai_base_url="http://127.0.0.1:4141/v1"'
103
+ ```
104
+
105
+ One-line PowerShell form:
106
+
107
+ ```powershell
108
+ $env:OPENAI_API_KEY = "local-key"; codex -m gpt-5.5 -c 'openai_base_url="http://127.0.0.1:4141/v1"'
101
109
  ```
102
110
 
111
+ Or use the bundled `codexx` convenience command after Hoopilot is already running:
112
+
103
113
  ```powershell
104
- $env:OPENAI_API_KEY="local-key"; codex -m claude-sonnet-4.6 -c 'openai_base_url="http://127.0.0.1:4141/v1"'
114
+ $env:HOOPILOT_API_KEY = "local-key"
115
+ codexx -m gpt-5.5
105
116
  ```
106
117
 
118
+ Without a global install, run it through npm:
119
+
120
+ ```powershell
121
+ $env:HOOPILOT_API_KEY = "local-key"
122
+ npx --package @openhoo/hoopilot codexx -m gpt-5.5
123
+ ```
124
+
125
+ `codexx` does not start Hoopilot and does not change your shell environment. It only
126
+ runs `codex` with `openai_base_url` pointed at `http://127.0.0.1:4141/v1`, maps
127
+ `HOOPILOT_API_KEY` to `OPENAI_API_KEY` for that child process, passes
128
+ `--disable network_proxy` to Codex, and removes standard proxy variables from the
129
+ spawned Codex process so Codex talks directly to the local server. Override the local
130
+ URL with `CODEXX_BASE_URL`, the local key with `CODEXX_API_KEY`, or the Codex
131
+ executable with `CODEXX_CODEX_BIN`.
132
+
107
133
  If no `HOOPILOT_API_KEY` is configured, Hoopilot accepts local requests without client authentication. Binding to a non-loopback host requires `HOOPILOT_API_KEY` unless `--allow-unauthenticated` is set.
108
134
 
135
+ ## Logging
136
+
137
+ Hoopilot uses Pino for structured logs. Server startup, request completion, upstream Copilot failures, model-list fallback, auth failures, and update-check diagnostics are logged with stable event names and request IDs. Logs never include request bodies, prompt text, completions, stream chunks, OAuth tokens, API keys, authorization headers, cookies, or auth-file contents.
138
+
139
+ Console logs default to pretty output at `info` level:
140
+
141
+ ```powershell
142
+ npx @openhoo/hoopilot --log-level info --log-format pretty
143
+ ```
144
+
145
+ For machine-readable newline-delimited JSON:
146
+
147
+ ```powershell
148
+ npx @openhoo/hoopilot --log-level info --log-format json
149
+ ```
150
+
151
+ Equivalent environment variables:
152
+
153
+ - `HOOPILOT_LOG_LEVEL`: `trace`, `debug`, `info`, `warn`, `error`, `fatal`, or `silent`. Default: `info`.
154
+ - `HOOPILOT_LOG_FORMAT`: `json` or `pretty`. Default: `pretty`.
155
+
156
+ Incoming `x-request-id` headers are preserved on responses. If a request has no ID, Hoopilot generates one and returns it as `x-request-id`.
157
+
109
158
  ## Authentication
110
159
 
111
- Preferred options:
160
+ Hoopilot supports one credential flow: GitHub Copilot OAuth browser login.
112
161
 
113
- ```sh
114
- gh auth login
162
+ ```powershell
163
+ npx @openhoo/hoopilot login
115
164
  npx @openhoo/hoopilot
116
165
  ```
117
166
 
118
- or:
167
+ Direct bearer tokens, GitHub CLI token fallback, classic GitHub PATs, and fine-grained GitHub PATs are not supported.
119
168
 
120
- ```sh
121
- COPILOT_GITHUB_TOKEN=$(gh auth token) npx @openhoo/hoopilot
122
- ```
169
+ Supported authentication-related settings:
123
170
 
124
- Personal access tokens are not supported by GitHub Copilot's token exchange or chat endpoints. Hoopilot rejects classic and fine-grained PAT prefixes. Use `gh auth token` for the GitHub CLI OAuth path, or pass a short-lived Copilot bearer token with `COPILOT_API_TOKEN`.
171
+ - `HOOPILOT_AUTH_FILE`: OAuth credential store path.
172
+ - `HOOPILOT_GITHUB_CLIENT_ID`: GitHub OAuth app client ID override.
173
+ - `HOOPILOT_GITHUB_DOMAIN`: GitHub domain override. Default: `github.com`.
174
+ - `COPILOT_API_BASE_URL`: upstream Copilot API base URL override. Default: `https://api.githubcopilot.com`.
125
175
 
126
- Supported credential environment variables:
176
+ ## Codex Auth Errors
127
177
 
128
- - `COPILOT_GITHUB_TOKEN` or `GITHUB_COPILOT_GITHUB_TOKEN`: GitHub CLI OAuth token for an account with Copilot access. Personal access tokens are rejected.
129
- - `COPILOT_API_TOKEN`, `GITHUB_COPILOT_API_TOKEN`, or `GITHUB_COPILOT_TOKEN`: short-lived Copilot API bearer token.
130
- - `COPILOT_API_BASE_URL`: upstream Copilot API base URL override.
131
- - `COPILOT_TOKEN_EXCHANGE_URL`: GitHub token exchange endpoint override.
178
+ Hoopilot does not return raw `403` responses to Codex for authentication or Copilot-entitlement failures. Local Hoopilot API-key problems return `401 invalid_api_key`; OAuth credential and upstream Copilot auth failures return `401 copilot_auth_error`.
132
179
 
133
- Auth modes:
180
+ In PowerShell, verify the browser login and local proxy before retrying Codex:
134
181
 
135
- ```sh
136
- npx @openhoo/hoopilot --auth-mode auto
137
- npx @openhoo/hoopilot --auth-mode copilot-token
182
+ ```powershell
183
+ npx @openhoo/hoopilot login
184
+ $env:HOOPILOT_API_KEY = "local-key"
185
+ npx @openhoo/hoopilot --port 4141
138
186
  ```
139
187
 
140
- `auto` uses a direct Copilot token when one is configured, otherwise it uses GitHub's Copilot token exchange endpoint and falls back to the GitHub CLI OAuth token when the exchange endpoint is unavailable.
188
+ Then, in another PowerShell session:
189
+
190
+ ```powershell
191
+ $env:OPENAI_API_KEY = "local-key"
192
+ Invoke-RestMethod -Headers @{ Authorization = "Bearer $env:OPENAI_API_KEY" } `
193
+ http://127.0.0.1:4141/v1/models
194
+ codex -m gpt-5.5 -c 'openai_base_url="http://127.0.0.1:4141/v1"'
195
+ ```
196
+
197
+ If that returns `401 copilot_auth_error`, rerun `npx @openhoo/hoopilot login` and confirm the GitHub account has active Copilot access.
141
198
 
142
199
  ## CLI
143
200
 
144
- ```sh
201
+ ```powershell
145
202
  hoopilot [serve] [options]
203
+ hoopilot login [options]
204
+ ```
205
+
206
+ Commands:
207
+
208
+ ```txt
209
+ serve Start the proxy server (default)
210
+ login Sign in through GitHub OAuth in a browser and verify Copilot access
211
+ update, upgrade Update hoopilot to the latest release
146
212
  ```
147
213
 
148
214
  Options:
@@ -151,12 +217,11 @@ Options:
151
217
  -p, --port <port> Port to listen on. Default: 4141
152
218
  --host <host> Host to listen on. Default: 127.0.0.1
153
219
  --api-key <key> Require clients to send Authorization: Bearer <key>
154
- --auth-mode <mode> auto, copilot-token
155
- --github-token <token> GitHub CLI OAuth token for a Copilot account. PATs are rejected.
156
- --github-token-command <cmd> Command used to read a GitHub token. Default: gh auth token
157
- --copilot-token <token> Short-lived Copilot API bearer token
220
+ --auth-file <path> OAuth credential store path
158
221
  --copilot-api-base-url <url> Copilot API base URL override
159
- --no-gh Do not try gh auth token
222
+ --log-level <level> trace, debug, info, warn, error, fatal, or silent
223
+ --log-format <format> json or pretty. Default: pretty
224
+ --no-update-check Do not check GitHub for a newer release
160
225
  --allow-unauthenticated Allow non-loopback bind without --api-key
161
226
  ```
162
227
 
@@ -172,14 +237,14 @@ Options:
172
237
 
173
238
  ## Development
174
239
 
175
- ```sh
240
+ ```powershell
176
241
  bun install
177
242
  bun run check
178
243
  ```
179
244
 
180
245
  Useful scripts:
181
246
 
182
- ```sh
247
+ ```powershell
183
248
  bun run test
184
249
  bun run test:coverage
185
250
  bun run typecheck
@@ -189,7 +254,7 @@ bun run biome:fix
189
254
 
190
255
  ## Release
191
256
 
192
- Commits merged to `main` are evaluated by hooversion after CI passes. When a release is produced, the release workflow creates the release commit, tag, and GitHub release automatically, publishes the package through npm trusted publishing, then cross-compiles standalone binaries for every supported platform (`scripts/build-binaries.sh`) and attaches them plus a `SHA256SUMS` manifest to the GitHub release. Build all binaries locally with `bun run build:binaries`.
257
+ Commits merged to `main` are evaluated by hooversion after CI passes. When a release is produced, the release workflow creates the release commit, tag, and GitHub release automatically, publishes the package through npm trusted publishing, then cross-compiles standalone binaries for every supported platform (`scripts/build-binaries.sh`) and attaches them plus a `SHA256SUMS` manifest to the GitHub release. Build all binaries locally with `bun run build:binaries`.
193
258
 
194
259
  Configure npm trusted publishing for `@openhoo/hoopilot` on npmjs.com before relying on automatic publication. The workflow uses GitHub Actions OIDC with `npm publish --access public --provenance`.
195
260