npm - @pixelbyte-software/pixcode - Versions diffs - 1.31.12 → 1.32.0 - Mend

@pixelbyte-software/pixcode 1.31.12 → 1.32.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (54) hide show

package/server/services/external-access.js CHANGED Viewed

@@ -1,240 +1,171 @@
-import { spawn } from 'node:child_process';
-import { createRequire } from 'node:module';
-const requireCjs = createRequire(import.meta.url);
-// nat-upnp is CommonJS and callback-based. We wrap it in promises and keep
-// one shared client per process. The client is lazily created so importing
-// this module does not try to bind SSDP sockets at boot.
-let upnpClient = null;
-const getUpnpClient = () => {
-  if (!upnpClient) {
-    const nat = requireCjs('nat-upnp');
-    upnpClient = nat.createClient();
-  }
-  return upnpClient;
-};
-let upnpState = {
-  mapped: false,
-  port: null,
-  externalIp: null,
-  externalUrl: null,
-  error: null,
-};
-// A UPnP mapping request can hang forever if the router never answers SSDP.
-// Cap every call so the HTTP endpoint doesn't dangle — we surface a clean
-// failure and the user can try tunnel mode instead.
-const withTimeout = (promise, ms, label) =>
-  Promise.race([
-    promise,
-    new Promise((_, reject) => setTimeout(() => reject(new Error(`${label} timed out after ${ms}ms`)), ms)),
-  ]);
-const promisifyUpnp = (method, arg) =>
-  new Promise((resolve, reject) => {
-    const client = getUpnpClient();
-    const cb = (err, result) => (err ? reject(err) : resolve(result));
-    if (arg === undefined) {
-      client[method](cb);
-    } else {
-      client[method](arg, cb);
-    }
-  });
-export const enableUpnp = async ({ port }) => {
-  upnpState = { ...upnpState, error: null };
-  try {
-    await withTimeout(
-      promisifyUpnp('portMapping', {
-        public: port,
-        private: port,
-        // ttl:0 is documented as "never expire" — routers honor it differently,
-        // but it's the least surprising default. We leave renewal to the user
-        // clicking "enable" again if the router drops the lease.
-        ttl: 0,
-        description: 'Pixcode',
-        protocol: 'tcp',
-      }),
-      8000,
-      'UPnP portMapping',
-    );
-    const externalIp = await withTimeout(promisifyUpnp('externalIp'), 5000, 'UPnP externalIp');
-    upnpState = {
-      mapped: true,
-      port,
-      externalIp,
-      externalUrl: externalIp ? `http://${externalIp}:${port}` : null,
-      error: null,
-    };
-    return upnpState;
-  } catch (err) {
-    upnpState = {
-      mapped: false,
-      port,
-      externalIp: null,
-      externalUrl: null,
-      error: err?.message || String(err),
-    };
-    throw err;
-  }
-};
-export const disableUpnp = async ({ port }) => {
-  try {
-    await withTimeout(promisifyUpnp('portUnmapping', { public: port, protocol: 'tcp' }), 5000, 'UPnP portUnmapping');
-  } catch (err) {
-    upnpState = { ...upnpState, error: err?.message || String(err) };
-    throw err;
-  }
-  upnpState = { mapped: false, port: null, externalIp: null, externalUrl: null, error: null };
-  return upnpState;
-};
-export const getUpnpState = () => upnpState;
-// ============================================================================
-// Tunnel: detect cloudflared / ngrok and spawn; extract the public URL from
-// stdout. We keep a single live tunnel per process — starting a new one
-// stops the previous one to avoid dangling child processes.
-// ============================================================================
-let tunnelProc = null;
-let tunnelState = {
-  running: false,
-  binary: null, // 'cloudflared' | 'ngrok'
-  url: null,
-  error: null,
-  log: [],
-};
-const appendLog = (line) => {
-  // Tunnels can be noisy. Cap the tail we retain so a long-running tunnel
-  // doesn't grow the log into an OOM risk.
-  tunnelState.log.push(line);
-  if (tunnelState.log.length > 200) tunnelState.log.shift();
-};
-const detectBinary = async () => {
-  const candidates = ['cloudflared', 'ngrok'];
-  for (const name of candidates) {
-    try {
-      // `which` isn't guaranteed on Windows; we probe with `--version` instead
-      // so the same code path works on Unix and Windows Command Prompt.
-      await new Promise((resolve, reject) => {
-        const child = spawn(name, ['--version'], { stdio: 'ignore' });
-        child.on('error', reject);
-        child.on('exit', (code) => (code === 0 ? resolve() : reject(new Error(`exit ${code}`))));
-      });
-      return name;
-    } catch {
-      // try next
-    }
-  }
-  return null;
-};
-const cloudflareUrlRegex = /https?:\/\/[a-z0-9.-]+trycloudflare\.com/i;
-const ngrokUrlRegex = /https?:\/\/[a-z0-9.-]+\.ngrok(-free)?\.(app|io)/i;
-const buildTunnelArgs = (binary, port) => {
-  if (binary === 'cloudflared') return ['tunnel', '--url', `http://localhost:${port}`];
-  if (binary === 'ngrok') return ['http', String(port), '--log', 'stdout', '--log-format', 'logfmt'];
-  throw new Error(`Unsupported tunnel binary: ${binary}`);
-};
-const extractUrl = (binary, text) => {
-  if (binary === 'cloudflared') return text.match(cloudflareUrlRegex)?.[0] ?? null;
-  if (binary === 'ngrok') return text.match(ngrokUrlRegex)?.[0] ?? null;
-  return null;
-};
-export const startTunnel = async ({ port }) => {
-  if (tunnelProc) {
-    // Already running — tell the caller to stop it first rather than silently
-    // replacing, which would orphan the old child and lie about state.
-    throw new Error('Tunnel already running; stop it first');
-  }
-  const binary = await detectBinary();
-  if (!binary) {
-    tunnelState = { running: false, binary: null, url: null, error: 'No tunnel binary found', log: [] };
-    const err = new Error('No tunnel binary found (tried cloudflared, ngrok)');
-    err.code = 'ENOENT_TUNNEL';
-    throw err;
-  }
-  const args = buildTunnelArgs(binary, port);
-  const child = spawn(binary, args, { stdio: ['ignore', 'pipe', 'pipe'] });
-  tunnelProc = child;
-  tunnelState = { running: true, binary, url: null, error: null, log: [] };
-  const handleChunk = (chunk) => {
-    const text = chunk.toString();
-    text.split(/\r?\n/).filter(Boolean).forEach(appendLog);
-    if (!tunnelState.url) {
-      const url = extractUrl(binary, text);
-      if (url) tunnelState.url = url;
-    }
-  };
-  child.stdout.on('data', handleChunk);
-  child.stderr.on('data', handleChunk);
-  child.on('exit', (code) => {
-    tunnelProc = null;
-    tunnelState = {
-      running: false,
-      binary,
-      url: null,
-      error: code === 0 ? null : `Tunnel exited with code ${code}`,
-      log: tunnelState.log,
-    };
-  });
-  // Wait up to 15s for the public URL to appear in the log. We don't block
-  // indefinitely — if the binary is hanging on login/auth, the UI should see
-  // a clear failure instead of a spinner that never resolves.
-  const start = Date.now();
-  while (Date.now() - start < 15000) {
-    if (tunnelState.url) return tunnelState;
-    if (!tunnelProc) break; // process died early
-    // eslint-disable-next-line no-await-in-loop
-    await new Promise((r) => setTimeout(r, 250));
-  }
-  if (!tunnelState.url) {
-    // If we never captured a URL, kill the child so we don't leak it.
-    try { child.kill(); } catch { /* ignore */ }
-    tunnelProc = null;
-    tunnelState = { ...tunnelState, running: false, error: 'Tunnel did not report a public URL' };
-    throw new Error(tunnelState.error);
-  }
-  return tunnelState;
-};
-export const stopTunnel = async () => {
-  if (!tunnelProc) {
-    tunnelState = { running: false, binary: null, url: null, error: null, log: [] };
-    return tunnelState;
-  }
-  try {
-    tunnelProc.kill();
-  } catch {
-    // already dead
-  }
-  tunnelProc = null;
-  tunnelState = { running: false, binary: null, url: null, error: null, log: [] };
-  return tunnelState;
-};
-export const getTunnelState = () => tunnelState;
-// Explicit cleanup so the server process can shut down without leaking the
-// child tunnel process.
-process.on('exit', () => {
-  if (tunnelProc) {
-    try { tunnelProc.kill(); } catch { /* ignore */ }
-  }
-});
+import { spawn } from 'node:child_process';
+/**
+ * External-access service.
+ *
+ * Previously exposed a UPnP auto-port-forward path via `nat-upnp`, but that
+ * package pulled in the deprecated `request` / `har-validator` / `uuid@3`
+ * chain (noise at every install). Cloudflared and ngrok cover the same
+ * "publish my laptop to the internet" use case with a better security
+ * posture (no permanent port in the router firewall), so we kept the
+ * tunnel flow and dropped UPnP entirely. If UPnP becomes a user-demanded
+ * feature again we can bring it back via a maintained package like
+ * `@achingbrain/nat-port-mapper`.
+ */
+// Keep the UPnP getter + no-op togglers so callers still compile, but they
+// always report "unavailable". This is transitional — the routes layer no
+// longer surfaces them either, so nothing in the live codebase hits these.
+const UPNP_UNAVAILABLE = Object.freeze({
+  mapped: false,
+  port: null,
+  externalIp: null,
+  externalUrl: null,
+  error: 'UPnP auto-port-forward was removed in v1.32. Use cloudflared or ngrok tunnels instead.',
+});
+export const getUpnpState = () => UPNP_UNAVAILABLE;
+// ============================================================================
+// Tunnel: detect cloudflared / ngrok and spawn; extract the public URL from
+// stdout. We keep a single live tunnel per process — starting a new one
+// stops the previous one to avoid dangling child processes.
+// ============================================================================
+let tunnelProc = null;
+let tunnelState = {
+  running: false,
+  binary: null, // 'cloudflared' | 'ngrok'
+  url: null,
+  error: null,
+  log: [],
+};
+const appendLog = (line) => {
+  // Tunnels can be noisy. Cap the tail we retain so a long-running tunnel
+  // doesn't grow the log into an OOM risk.
+  tunnelState.log.push(line);
+  if (tunnelState.log.length > 200) tunnelState.log.shift();
+};
+const detectBinary = async () => {
+  const candidates = ['cloudflared', 'ngrok'];
+  for (const name of candidates) {
+    try {
+      // `which` isn't guaranteed on Windows; we probe with `--version` instead
+      // so the same code path works on Unix and Windows Command Prompt.
+      await new Promise((resolve, reject) => {
+        const child = spawn(name, ['--version'], { stdio: 'ignore' });
+        child.on('error', reject);
+        child.on('exit', (code) => (code === 0 ? resolve() : reject(new Error(`exit ${code}`))));
+      });
+      return name;
+    } catch {
+      // try next
+    }
+  }
+  return null;
+};
+const cloudflareUrlRegex = /https?:\/\/[a-z0-9.-]+trycloudflare\.com/i;
+const ngrokUrlRegex = /https?:\/\/[a-z0-9.-]+\.ngrok(-free)?\.(app|io)/i;
+const buildTunnelArgs = (binary, port) => {
+  if (binary === 'cloudflared') return ['tunnel', '--url', `http://localhost:${port}`];
+  if (binary === 'ngrok') return ['http', String(port), '--log', 'stdout', '--log-format', 'logfmt'];
+  throw new Error(`Unsupported tunnel binary: ${binary}`);
+};
+const extractUrl = (binary, text) => {
+  if (binary === 'cloudflared') return text.match(cloudflareUrlRegex)?.[0] ?? null;
+  if (binary === 'ngrok') return text.match(ngrokUrlRegex)?.[0] ?? null;
+  return null;
+};
+export const startTunnel = async ({ port }) => {
+  if (tunnelProc) {
+    // Already running — tell the caller to stop it first rather than silently
+    // replacing, which would orphan the old child and lie about state.
+    throw new Error('Tunnel already running; stop it first');
+  }
+  const binary = await detectBinary();
+  if (!binary) {
+    tunnelState = { running: false, binary: null, url: null, error: 'No tunnel binary found', log: [] };
+    const err = new Error('No tunnel binary found (tried cloudflared, ngrok)');
+    err.code = 'ENOENT_TUNNEL';
+    throw err;
+  }
+  const args = buildTunnelArgs(binary, port);
+  const child = spawn(binary, args, { stdio: ['ignore', 'pipe', 'pipe'] });
+  tunnelProc = child;
+  tunnelState = { running: true, binary, url: null, error: null, log: [] };
+  const handleChunk = (chunk) => {
+    const text = chunk.toString();
+    text.split(/\r?\n/).filter(Boolean).forEach(appendLog);
+    if (!tunnelState.url) {
+      const url = extractUrl(binary, text);
+      if (url) tunnelState.url = url;
+    }
+  };
+  child.stdout.on('data', handleChunk);
+  child.stderr.on('data', handleChunk);
+  child.on('exit', (code) => {
+    tunnelProc = null;
+    tunnelState = {
+      running: false,
+      binary,
+      url: null,
+      error: code === 0 ? null : `Tunnel exited with code ${code}`,
+      log: tunnelState.log,
+    };
+  });
+  // Wait up to 15s for the public URL to appear in the log. We don't block
+  // indefinitely — if the binary is hanging on login/auth, the UI should see
+  // a clear failure instead of a spinner that never resolves.
+  const start = Date.now();
+  while (Date.now() - start < 15000) {
+    if (tunnelState.url) return tunnelState;
+    if (!tunnelProc) break; // process died early
+    // eslint-disable-next-line no-await-in-loop
+    await new Promise((r) => setTimeout(r, 250));
+  }
+  if (!tunnelState.url) {
+    // If we never captured a URL, kill the child so we don't leak it.
+    try { child.kill(); } catch { /* ignore */ }
+    tunnelProc = null;
+    tunnelState = { ...tunnelState, running: false, error: 'Tunnel did not report a public URL' };
+    throw new Error(tunnelState.error);
+  }
+  return tunnelState;
+};
+export const stopTunnel = async () => {
+  if (!tunnelProc) {
+    tunnelState = { running: false, binary: null, url: null, error: null, log: [] };
+    return tunnelState;
+  }
+  try {
+    tunnelProc.kill();
+  } catch {
+    // already dead
+  }
+  tunnelProc = null;
+  tunnelState = { running: false, binary: null, url: null, error: null, log: [] };
+  return tunnelState;
+};
+export const getTunnelState = () => tunnelState;
+// Explicit cleanup so the server process can shut down without leaking the
+// child tunnel process.
+process.on('exit', () => {
+  if (tunnelProc) {
+    try { tunnelProc.kill(); } catch { /* ignore */ }
+  }
+});

package/server/services/install-jobs.js CHANGED Viewed

@@ -62,6 +62,7 @@ const PACKAGE_BINARIES = {
     '@openai/codex': 'codex',
     '@google/gemini-cli': 'gemini',
     '@qwen-code/qwen-code': 'qwen',
+    'opencode-ai': 'opencode',
 };
 /**
@@ -129,6 +130,7 @@ export function resolveProviderExecutables(env = process.env) {
         { name: 'codex', envKey: 'CODEX_CLI_PATH' },
         { name: 'gemini', envKey: 'GEMINI_CLI_PATH' },
         { name: 'qwen', envKey: 'QWEN_CLI_PATH' },
+        { name: 'opencode', envKey: 'OPENCODE_CLI_PATH' },
         { name: 'cursor-agent', envKey: 'CURSOR_CLI_PATH' },
     ];
     for (const { name, envKey } of providers) {

package/server/services/provider-credentials.js CHANGED Viewed

@@ -24,10 +24,14 @@ const CONFIG_FILE = path.join(os.homedir(), '.pixcode', 'provider-credentials.js
  * inject into the spawn env. Cursor is OAuth-only; it has no api-key entry.
  */
 export const PROVIDER_ENV_VARS = Object.freeze({
-    claude: { apiKeyEnv: 'ANTHROPIC_API_KEY', baseUrlEnv: 'ANTHROPIC_BASE_URL' },
-    codex:  { apiKeyEnv: 'OPENAI_API_KEY',    baseUrlEnv: 'OPENAI_BASE_URL' },
-    gemini: { apiKeyEnv: 'GEMINI_API_KEY',    baseUrlEnv: null },
-    qwen:   { apiKeyEnv: 'OPENAI_API_KEY',    baseUrlEnv: 'OPENAI_BASE_URL' },
+    claude:   { apiKeyEnv: 'ANTHROPIC_API_KEY', baseUrlEnv: 'ANTHROPIC_BASE_URL' },
+    codex:    { apiKeyEnv: 'OPENAI_API_KEY',    baseUrlEnv: 'OPENAI_BASE_URL' },
+    gemini:   { apiKeyEnv: 'GEMINI_API_KEY',    baseUrlEnv: null },
+    qwen:     { apiKeyEnv: 'OPENAI_API_KEY',    baseUrlEnv: 'OPENAI_BASE_URL' },
+    // OpenCode is multi-provider. Set ANTHROPIC_API_KEY by default since
+    // Claude is OpenCode Zen's recommended backend; users wanting OpenAI
+    // or OpenRouter can override via the opencode.json `provider` block.
+    opencode: { apiKeyEnv: 'ANTHROPIC_API_KEY', baseUrlEnv: 'ANTHROPIC_BASE_URL' },
 });
 async function readStore() {

package/server/services/telegram/bot.js CHANGED Viewed

@@ -1,14 +1,13 @@
 import { EventEmitter } from 'node:events';
-import { createRequire } from 'node:module';
 import { telegramConfigDb, telegramLinksDb } from '../../database/db.js';
 import { t } from './translations.js';
-// node-telegram-bot-api is a CommonJS module. Using createRequire keeps the
-// default-export interop clean across ESM/CJS boundaries.
-const requireCjs = createRequire(import.meta.url);
-const TelegramBot = requireCjs('node-telegram-bot-api');
+// Swapped in v1.32: previously `node-telegram-bot-api` which carried the
+// deprecated `request`/`har-validator`/`uuid@3` chain. TelegramHttpBot is
+// a ~100-line fetch-based replacement with the same public surface
+// (getMe / sendMessage / on / stopPolling). See telegram-http-client.js.
+import { TelegramHttpBot } from './telegram-http-client.js';
 // Pairing code TTL. Ten minutes gives a user enough time to switch apps and
 // type the code without leaving a long-lived code sitting around if they
@@ -188,7 +187,7 @@ export const startBot = async ({ token, persist = true } = {}) => {
   // 409 conflicts on every long-poll.
   if (bot) await stopBot();
-  const instance = new TelegramBot(token, { polling: true });
+  const instance = new TelegramHttpBot(token, { polling: true });
   // Validate the token first — if getMe fails we never want to persist a
   // broken token or leave the poller running.
   let me;

package/server/services/telegram/telegram-http-client.js ADDED Viewed

@@ -0,0 +1,130 @@
+import { EventEmitter } from 'node:events';
+/**
+ * Minimal Telegram Bot API client.
+ *
+ * Replaces `node-telegram-bot-api` which pulled in the deprecated
+ * `request` / `har-validator` / `uuid@3` chain (~30 transitive packages,
+ * npm install warnings on every fresh box). The Bot API itself is just
+ * HTTP, and we only use two endpoints (getUpdates polling + sendMessage),
+ * so 100 lines of fetch is all that's needed. Exposes the same surface
+ * the bot.js consumer relied on: `getMe()`, `sendMessage()`, `on('message'|'polling_error')`,
+ * `stopPolling()`.
+ *
+ * No third-party deps — uses Node 22's built-in `fetch`.
+ */
+const API_BASE = 'https://api.telegram.org/bot';
+class TelegramApiError extends Error {
+  constructor(method, body, httpStatus) {
+    const description = body?.description || `HTTP ${httpStatus}`;
+    super(`Telegram ${method} failed: ${description}`);
+    this.name = 'TelegramApiError';
+    this.method = method;
+    this.httpStatus = httpStatus;
+    // Mirror the shape node-telegram-bot-api exposed so upstream error
+    // handling (401/409 checks in bot.js) keeps working unchanged.
+    this.response = { statusCode: httpStatus, body };
+    this.code = body?.error_code || httpStatus;
+  }
+}
+/**
+ * Call a Bot API method by name. Returns the `result` field on success,
+ * throws a TelegramApiError otherwise.
+ */
+async function callApi(token, method, params, { signal } = {}) {
+  const url = `${API_BASE}${token}/${method}`;
+  const res = await fetch(url, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify(params || {}),
+    signal,
+  });
+  let body;
+  try { body = await res.json(); } catch { body = null; }
+  if (!res.ok || !body?.ok) {
+    throw new TelegramApiError(method, body, res.status);
+  }
+  return body.result;
+}
+export class TelegramHttpBot extends EventEmitter {
+  constructor(token, { polling = true, pollTimeoutSec = 30 } = {}) {
+    super();
+    if (!token) throw new Error('TelegramHttpBot: token is required');
+    this._token = token;
+    this._pollTimeoutSec = pollTimeoutSec;
+    this._offset = 0;
+    this._polling = false;
+    this._abortController = null;
+    if (polling) this._startPolling();
+  }
+  // ---------- Public API (mirrors node-telegram-bot-api surface) ----------
+  async getMe() {
+    return callApi(this._token, 'getMe', {});
+  }
+  async sendMessage(chatId, text, extra = {}) {
+    return callApi(this._token, 'sendMessage', {
+      chat_id: chatId,
+      text,
+      ...extra,
+    });
+  }
+  async stopPolling(_opts = {}) {
+    this._polling = false;
+    try { this._abortController?.abort(); } catch { /* ignore */ }
+    this._abortController = null;
+  }
+  // ---------- Polling loop ----------
+  async _startPolling() {
+    this._polling = true;
+    // Kick off a non-awaited loop. Each iteration long-polls getUpdates for
+    // up to pollTimeoutSec, then loops immediately. We deliberately serialize
+    // (no concurrent long-polls) because Telegram rejects that with 409.
+    (async () => {
+      while (this._polling) {
+        this._abortController = new AbortController();
+        try {
+          const updates = await callApi(
+            this._token,
+            'getUpdates',
+            {
+              offset: this._offset,
+              timeout: this._pollTimeoutSec,
+              allowed_updates: ['message'],
+            },
+            { signal: this._abortController.signal },
+          );
+          for (const update of updates) {
+            if (typeof update.update_id === 'number') {
+              this._offset = Math.max(this._offset, update.update_id + 1);
+            }
+            if (update.message) {
+              try { this.emit('message', update.message); } catch (err) {
+                // Don't let a listener exception break the poll loop.
+                this.emit('polling_error', err);
+              }
+            }
+          }
+        } catch (err) {
+          // AbortError is the expected path when stopPolling() is called.
+          if (err?.name === 'AbortError' || !this._polling) break;
+          this.emit('polling_error', err);
+          // Back off before retrying — rapid retries on 401/409 would
+          // otherwise spin at 100% CPU. Upstream consumer's polling_error
+          // handler may also call stopBot() on 401/409 which flips _polling
+          // off and breaks the loop on the next tick.
+          await new Promise((r) => setTimeout(r, 2000));
+        }
+      }
+    })();
+  }
+}

package/server/shared/types.ts CHANGED Viewed

@@ -9,7 +9,7 @@ export type AnyRecord = Record<string, any>;
 // ---------------------------------------------------------------------------------------------
-export type LLMProvider = 'claude' | 'codex' | 'gemini' | 'cursor' | 'qwen';
+export type LLMProvider = 'claude' | 'codex' | 'gemini' | 'cursor' | 'qwen' | 'opencode';
 // ---------------------------------------------------------------------------------------------

package/shared/modelConstants.js CHANGED Viewed

@@ -94,6 +94,28 @@ export const QWEN_MODELS = {
   DEFAULT: "qwen3-coder-plus",
 };
+/**
+ * OpenCode Models
+ *
+ * OpenCode is multi-provider, so the picker is really "which upstream
+ * model does opencode talk to?". The defaults here point at OpenCode Zen
+ * (their curated routing tier) plus a few direct picks the docs call
+ * out as well-supported. Advanced users override via opencode.json's
+ * `provider` / `model` block, which bypasses this list.
+ */
+export const OPENCODE_MODELS = {
+  OPTIONS: [
+    { value: "opencode/zen-best", label: "OpenCode Zen (Best)" },
+    { value: "opencode/zen-fast", label: "OpenCode Zen (Fast)" },
+    { value: "anthropic/claude-sonnet-4-6", label: "Claude Sonnet 4.6 (Anthropic)" },
+    { value: "anthropic/claude-opus-4-6", label: "Claude Opus 4.6 (Anthropic)" },
+    { value: "openai/gpt-5.4", label: "GPT-5.4 (OpenAI)" },
+    { value: "google/gemini-3-pro-preview", label: "Gemini 3 Pro (Google)" },
+  ],
+  DEFAULT: "opencode/zen-best",
+};
 /**
  * Gemini Models
  */