@rynfar/meridian 1.40.0 → 1.41.1

package/dist/{cli-m9pfb7h9.js → cli-e289rj3k.js}

@@ -1,7 +1,9 @@
 // src/proxy/tokenRefresh.ts
 import { execFile as execFileCb } from "child_process";
-import { existsSync, readFileSync, writeFileSync } from "fs";
+import { existsSync, readFileSync, writeFileSync, mkdirSync } from "fs";
 import { homedir, platform, userInfo } from "os";
+import { join, dirname, resolve } from "path";
+import { createHash } from "crypto";
 import { promisify } from "util";
 
 // src/logger.ts
@@ -72,6 +74,20 @@ var OAUTH_TOKEN_URL = "https://platform.claude.com/v1/oauth/token";
 var OAUTH_CLIENT_ID = "9d1c250a-e61b-44d9-88ed-5944d1962f5e";
 var KEYCHAIN_SERVICE = "Claude Code-credentials";
 var CREDENTIALS_FILE = `${homedir()}/.claude/.credentials.json`;
+var DEFAULT_CLAUDE_DIR = `${homedir()}/.claude`;
+function configDirToKeychainService(claudeConfigDir) {
+  const abs = resolve(claudeConfigDir);
+  if (abs === resolve(DEFAULT_CLAUDE_DIR))
+    return KEYCHAIN_SERVICE;
+  const hash = createHash("sha256").update(abs).digest("hex").slice(0, 8);
+  return `${KEYCHAIN_SERVICE}-${hash}`;
+}
+function configDirToCredentialsFile(claudeConfigDir) {
+  return join(resolve(claudeConfigDir), ".credentials.json");
+}
+function serializeCredentials(credentials) {
+  return JSON.stringify(credentials);
+}
 function parseKeychainValue(raw) {
   const trimmed = raw.trim();
   try {
@@ -83,57 +99,74 @@ function parseKeychainValue(raw) {
   } catch {}
   return null;
 }
-var keychainWasHex = false;
-var macosStore = {
-  async read() {
-    try {
-      const { stdout } = await execFile("/usr/bin/security", ["find-generic-password", "-s", KEYCHAIN_SERVICE, "-a", userInfo().username, "-w"], { timeout: 5000 });
-      const parsed = parseKeychainValue(stdout);
-      if (!parsed)
-        throw new Error("Could not parse keychain value as JSON or hex-encoded JSON");
-      keychainWasHex = parsed.wasHex;
-      return parsed.credentials;
-    } catch (err) {
-      claudeLog("token_refresh.keychain_read_failed", { error: String(err) });
-      return null;
-    }
-  },
-  async write(credentials) {
-    const json = JSON.stringify(credentials, null, 2);
-    const value = keychainWasHex ? Buffer.from(json).toString("hex") : json;
-    try {
-      await execFile("/usr/bin/security", ["add-generic-password", "-U", "-s", KEYCHAIN_SERVICE, "-a", userInfo().username, "-w", value], { timeout: 5000 });
-      return true;
-    } catch (err) {
-      claudeLog("token_refresh.keychain_write_failed", { error: String(err) });
-      return false;
+var keychainWasHexByService = new Map;
+function buildMacosStore(serviceName) {
+  return {
+    async read() {
+      try {
+        const { stdout } = await execFile("/usr/bin/security", ["find-generic-password", "-s", serviceName, "-a", userInfo().username, "-w"], { timeout: 5000 });
+        const parsed = parseKeychainValue(stdout);
+        if (!parsed)
+          throw new Error("Could not parse keychain value as JSON or hex-encoded JSON");
+        keychainWasHexByService.set(serviceName, parsed.wasHex);
+        return parsed.credentials;
+      } catch (err) {
+        claudeLog("token_refresh.keychain_read_failed", { service: serviceName, error: String(err) });
+        return null;
+      }
+    },
+    async write(credentials) {
+      const json = serializeCredentials(credentials);
+      const wasHex = keychainWasHexByService.get(serviceName) ?? false;
+      const value = wasHex ? Buffer.from(json).toString("hex") : json;
+      try {
+        await execFile("/usr/bin/security", ["add-generic-password", "-U", "-s", serviceName, "-a", userInfo().username, "-w", value], { timeout: 5000 });
+        return true;
+      } catch (err) {
+        claudeLog("token_refresh.keychain_write_failed", { service: serviceName, error: String(err) });
+        return false;
+      }
     }
-  }
-};
-var fileStore = {
-  async read() {
-    try {
-      if (!existsSync(CREDENTIALS_FILE))
+  };
+}
+var macosStore = buildMacosStore(KEYCHAIN_SERVICE);
+function buildFileStore(filePath) {
+  return {
+    async read() {
+      try {
+        if (!existsSync(filePath))
+          return null;
+        return JSON.parse(readFileSync(filePath, "utf-8"));
+      } catch (err) {
+        claudeLog("token_refresh.file_read_failed", { path: filePath, error: String(err) });
         return null;
-      return JSON.parse(readFileSync(CREDENTIALS_FILE, "utf-8"));
-    } catch (err) {
-      claudeLog("token_refresh.file_read_failed", { error: String(err) });
-      return null;
+      }
+    },
+    async write(credentials) {
+      try {
+        mkdirSync(dirname(filePath), { recursive: true });
+        writeFileSync(filePath, serializeCredentials(credentials), "utf-8");
+        return true;
+      } catch (err) {
+        claudeLog("token_refresh.file_write_failed", { path: filePath, error: String(err) });
+        return false;
+      }
     }
-  },
-  async write(credentials) {
-    try {
-      writeFileSync(CREDENTIALS_FILE, JSON.stringify(credentials, null, 2), "utf-8");
-      return true;
-    } catch (err) {
-      claudeLog("token_refresh.file_write_failed", { error: String(err) });
-      return false;
+  };
+}
+var fileStore = buildFileStore(CREDENTIALS_FILE);
+function createPlatformCredentialStore(opts) {
+  if (opts?.claudeConfigDir) {
+    if (platform() === "darwin") {
+      return buildMacosStore(configDirToKeychainService(opts.claudeConfigDir));
     }
+    return buildFileStore(configDirToCredentialsFile(opts.claudeConfigDir));
   }
-};
-function createPlatformCredentialStore() {
   return platform() === "darwin" ? macosStore : fileStore;
 }
+function credentialsFilePathForProfile(claudeConfigDir) {
+  return claudeConfigDir ? configDirToCredentialsFile(claudeConfigDir) : CREDENTIALS_FILE;
+}
 var inflightRefresh = null;
 async function refreshOAuthToken(store) {
   if (inflightRefresh)
@@ -200,4 +233,4 @@ function resetInflightRefresh() {
   inflightRefresh = null;
 }
 
-export { withClaudeLogContext, claudeLog, createPlatformCredentialStore, refreshOAuthToken, resetInflightRefresh };
+export { withClaudeLogContext, claudeLog, configDirToKeychainService, configDirToCredentialsFile, serializeCredentials, createPlatformCredentialStore, credentialsFilePathForProfile, refreshOAuthToken, resetInflightRefresh };

package/dist/cli.js

@@ -1,13 +1,13 @@
 #!/usr/bin/env node
 import {
   startProxyServer
-} from "./cli-3azh7s3k.js";
+} from "./cli-51a9sav0.js";
 import"./cli-vdp9s10c.js";
 import"./cli-sry5aqdj.js";
 import"./cli-4rqtm83g.js";
 import"./cli-340h1chz.js";
 import"./cli-rtab0qa6.js";
-import"./cli-m9pfb7h9.js";
+import"./cli-e289rj3k.js";
 import {
   __require
 } from "./cli-p9swy5t3.js";
@@ -89,7 +89,7 @@ Restart OpenCode for the plugin to take effect.`);
   process.exit(0);
 }
 if (args[0] === "refresh-token") {
-  const { refreshOAuthToken } = await import("./tokenRefresh-y7d1qvb3.js");
+  const { refreshOAuthToken } = await import("./tokenRefresh-psq94r54.js");
   const success = await refreshOAuthToken();
   if (success) {
     console.log("Token refreshed successfully");

package/dist/{profilePage-77z05e0r.js → profilePage-k0faye28.js}

@@ -9,6 +9,19 @@ import"./cli-p9swy5t3.js";
 
 // src/telemetry/profilePage.ts
 init_profileBar();
+
+// src/telemetry/profileUsage.ts
+var WINDOW_LABELS = {
+  five_hour: "5h",
+  seven_day: "7d",
+  seven_day_opus: "7d Opus",
+  seven_day_sonnet: "7d Sonnet",
+  seven_day_oauth_apps: "7d Apps",
+  seven_day_cowork: "7d Cowork",
+  seven_day_omelette: "7d Omelette"
+};
+
+// src/telemetry/profilePage.ts
 var profilePageHtml = `<!DOCTYPE html>
 <html lang="en">
 <head>
@@ -92,6 +105,48 @@ var profilePageHtml = `<!DOCTYPE html>
   }
   .copy-btn:hover { border-color: var(--accent); color: var(--accent); }
   .copy-btn.copied { color: var(--green); border-color: var(--green); }
+
+  /* OAuth usage panel — one block per profile, mirrors pylon's quota strip. */
+  .usage-section { margin-top: 16px; padding-top: 14px; border-top: 1px solid var(--border); }
+  .usage-section-title {
+    font-size: 11px; color: var(--muted); text-transform: uppercase; letter-spacing: 0.5px;
+    margin-bottom: 10px; display: flex; align-items: center; gap: 8px;
+  }
+  .usage-as-of { font-size: 10px; color: var(--muted); text-transform: none; letter-spacing: 0; opacity: 0.7; }
+  .usage-grid {
+    display: grid; grid-template-columns: repeat(auto-fit, minmax(140px, 1fr));
+    gap: 8px;
+  }
+  .usage-card {
+    background: var(--bg); border: 1px solid var(--border); border-radius: 6px;
+    padding: 8px 10px; min-width: 0;
+  }
+  .usage-row {
+    display: flex; justify-content: space-between; align-items: baseline;
+    font-size: 11px; gap: 8px; margin-bottom: 6px;
+  }
+  .usage-label { color: var(--muted); font-weight: 500; white-space: nowrap; }
+  .usage-pct { font-family: 'SF Mono', SFMono-Regular, Consolas, monospace; font-weight: 600; font-size: 12px; }
+  .usage-bar {
+    height: 4px; background: rgba(127,127,127,0.18); border-radius: 2px; overflow: hidden;
+    margin-bottom: 4px;
+  }
+  .usage-fill { height: 100%; transition: width 0.4s ease; background: var(--green); }
+  .usage-card.status-warn .usage-fill,
+  .usage-card.status-warn .usage-pct { color: var(--yellow); }
+  .usage-card.status-warn .usage-fill { background: var(--yellow); }
+  .usage-card.status-high .usage-fill,
+  .usage-card.status-high .usage-pct { color: var(--red); }
+  .usage-card.status-high .usage-fill { background: var(--red); }
+  .usage-reset { font-size: 10px; color: var(--muted); white-space: nowrap; }
+  .usage-extra {
+    margin-top: 8px; padding: 8px 10px; background: var(--bg); border: 1px solid var(--border);
+    border-radius: 6px; font-size: 11px;
+  }
+  .usage-extra-row { display: flex; justify-content: space-between; gap: 8px; }
+  .usage-empty {
+    font-size: 11px; color: var(--muted); padding: 6px 0; font-style: italic;
+  }
 ` + profileBarCss + `
 </style>
 </head>
@@ -145,11 +200,73 @@ var profilePageHtml = `<!DOCTYPE html>
 </div>
 
 <script>
+// Inlined from src/telemetry/profileUsage.ts. The TS source is unit-tested
+// (see profile-usage.test.ts) and the labels object is interpolated here so
+// the browser script and TS module share their data.
+var WINDOW_LABELS = ${JSON.stringify(WINDOW_LABELS)};
+
+function labelForWindow(type) {
+  if (WINDOW_LABELS[type]) return WINDOW_LABELS[type];
+  return String(type || '').split('_').map(function (p) {
+    return p.length > 0 ? p[0].toUpperCase() + p.slice(1) : p;
+  }).join(' ');
+}
+
+function classifyUtilization(u) {
+  if (u == null || !isFinite(u)) return 'ok';
+  if (u >= 0.85) return 'high';
+  if (u >= 0.6) return 'warn';
+  return 'ok';
+}
+
+function formatResetCountdown(resetsAt) {
+  if (resetsAt == null || !isFinite(resetsAt)) return '';
+  var ms = resetsAt - Date.now();
+  if (ms <= 0) return 'resetting…';
+  var minutes = Math.floor(ms / 60000);
+  if (minutes < 60) return 'in ' + Math.max(1, minutes) + 'm';
+  var hours = Math.floor(minutes / 60);
+  var remMin = minutes % 60;
+  if (hours < 24) return remMin > 0 ? 'in ' + hours + 'h ' + remMin + 'm' : 'in ' + hours + 'h';
+  var days = Math.floor(hours / 24);
+  var remHr = hours % 24;
+  return remHr > 0 ? 'in ' + days + 'd ' + remHr + 'h' : 'in ' + days + 'd';
+}
+
+function formatExtraUsage(eu) {
+  if (!eu || !eu.isEnabled) return null;
+  var monthlyLimit = isFinite(eu.monthlyLimit) ? eu.monthlyLimit : 0;
+  if (monthlyLimit <= 0) return null;
+  var used = isFinite(eu.usedCredits) ? eu.usedCredits : 0;
+  var utilization = (eu.utilization != null && isFinite(eu.utilization))
+    ? Math.max(0, Math.min(1, eu.utilization))
+    : (monthlyLimit > 0 ? Math.max(0, Math.min(1, used / monthlyLimit)) : 0);
+  var currency = eu.currency || '';
+  return {
+    used: (currency + used.toFixed(2)).trim(),
+    limit: (currency + monthlyLimit.toFixed(2)).trim(),
+    utilizationPct: Math.round(utilization * 100),
+    status: classifyUtilization(utilization),
+  };
+}
+
+// Cache the last seen quota response so the /profiles/list refresh can
+// keep showing usage even if a single /v1/usage/quota/all call fails.
+var lastQuota = null;
+
 async function refresh() {
   try {
-    const res = await fetch('/profiles/list');
-    const data = await res.json();
-    render(data);
+    var [profilesRes, quotaRes] = await Promise.all([
+      fetch('/profiles/list'),
+      fetch('/v1/usage/quota/all').catch(function () { return null; }),
+    ]);
+    var profiles = await profilesRes.json();
+    var quota = null;
+    if (quotaRes && quotaRes.ok) {
+      try { quota = await quotaRes.json(); } catch (_) { quota = null; }
+    }
+    if (quota) lastQuota = quota;
+    render(profiles, lastQuota);
   } catch {
     document.getElementById('content').innerHTML = '<div class="empty-state"><h2>Could not load profiles</h2><p>Is Meridian running?</p></div>';
   }
@@ -157,9 +274,82 @@ async function refresh() {
 
 function esc(s) { var d = document.createElement('div'); d.textContent = s; return d.innerHTML; }
 
-function render(data) {
+function renderUsageSection(profileQuota) {
+  // No quota data for this profile yet (cold start or fetch failed) — hide
+  // entirely so we don't render an empty box.
+  if (!profileQuota) return '';
+  // API-key profiles cannot use OAuth usage — silently omit.
+  if (profileQuota.error === 'not_oauth') return '';
+
+  var windows = (profileQuota.windows || []).filter(function (w) {
+    return typeof w.utilization === 'number';
+  });
+  var extra = formatExtraUsage(profileQuota.extraUsage);
+
+  if (windows.length === 0 && !extra) {
+    if (profileQuota.error === 'no_token') {
+      return '<div class="usage-section">'
+        + '<div class="usage-section-title">Usage</div>'
+        + '<div class="usage-empty">Run <code style="background:var(--bg);padding:1px 5px;border-radius:3px">claude login</code> to see usage.</div>'
+        + '</div>';
+    }
+    return ''; // nothing fetched yet
+  }
+
+  var asOf = profileQuota.fetchedAt
+    ? '<span class="usage-as-of">updated ' + timeAgo(profileQuota.fetchedAt) + '</span>'
+    : '';
+
+  var cards = windows.map(function (w) {
+    var pct = Math.max(0, Math.min(1, w.utilization));
+    var pctRound = Math.round(pct * 100);
+    var status = classifyUtilization(pct);
+    var label = labelForWindow(w.type);
+    var reset = formatResetCountdown(w.resetsAt);
+    var tip = label + ' — ' + pctRound + '%' + (reset ? ' (resets ' + reset + ')' : '');
+    return '<div class="usage-card status-' + esc(status) + '" title="' + esc(tip) + '">'
+      + '<div class="usage-row">'
+      +   '<span class="usage-label">' + esc(label) + '</span>'
+      +   '<span class="usage-pct">' + pctRound + '%</span>'
+      + '</div>'
+      + '<div class="usage-bar"><div class="usage-fill" style="width:' + (pct * 100).toFixed(1) + '%"></div></div>'
+      + (reset ? '<div class="usage-reset">' + esc(reset) + '</div>' : '')
+    + '</div>';
+  }).join('');
+
+  var extraBlock = '';
+  if (extra) {
+    extraBlock = '<div class="usage-extra status-' + esc(extra.status) + '">'
+      +   '<div class="usage-extra-row">'
+      +     '<span class="usage-label">Extra usage</span>'
+      +     '<span class="usage-pct">' + extra.utilizationPct + '%</span>'
+      +   '</div>'
+      +   '<div class="usage-bar"><div class="usage-fill" style="width:' + extra.utilizationPct + '%"></div></div>'
+      +   '<div class="usage-extra-row" style="margin-top:4px">'
+      +     '<span class="usage-reset">' + esc(extra.used) + ' / ' + esc(extra.limit) + '</span>'
+      +   '</div>'
+      + '</div>';
+  }
+
+  return '<div class="usage-section">'
+    + '<div class="usage-section-title">Usage' + asOf + '</div>'
+    + (cards ? '<div class="usage-grid">' + cards + '</div>' : '')
+    + extraBlock
+    + '</div>';
+}
+
+function render(data, quotaData) {
   const profiles = data.profiles || [];
   const active = data.activeProfile;
+  // Build quick lookup: profileId -> per-profile quota entry from
+  // /v1/usage/quota/all. Endpoint may be unavailable (older Meridian)
+  // or have errored — in that case quotaById is empty and the per-card
+  // renderer simply hides its usage section.
+  const quotaProfiles = (quotaData && Array.isArray(quotaData.profiles)) ? quotaData.profiles : [];
+  const quotaById = {};
+  for (var qi = 0; qi < quotaProfiles.length; qi++) {
+    quotaById[quotaProfiles[qi].id] = quotaProfiles[qi];
+  }
 
   if (profiles.length === 0) {
     document.getElementById('content').innerHTML = '<div class="empty-state">'
@@ -218,6 +408,8 @@ function render(data) {
     html += '</button>';
     html += '</div>';
 
+    html += renderUsageSection(quotaById[p.id]);
+
     if (!isActive) {
       html += '<button class="switch-btn" onclick="switchProfile(&quot;'+esc(p.id)+'&quot;)">Switch to ' + esc(p.id) + '</button>';
     } else {

package/dist/proxy/adapters/droid.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"droid.d.ts","sourceRoot":"","sources":["../../../src/proxy/adapters/droid.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAGH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA;AAwC9C,eAAO,MAAM,YAAY,EAAE,YA8E1B,CAAA;AAED,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAA;AACrD,OAAO,EAAE,eAAe,EAAE,CAAA"}
+{"version":3,"file":"droid.d.ts","sourceRoot":"","sources":["../../../src/proxy/adapters/droid.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAGH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA;AAwC9C,eAAO,MAAM,YAAY,EAAE,YAmF1B,CAAA;AAED,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAA;AACrD,OAAO,EAAE,eAAe,EAAE,CAAA"}

package/dist/proxy/agentDefs.d.ts

@@ -50,4 +50,6 @@ export declare function mapModelTier(model?: string): "sonnet" | "opus" | "opus[
  * @param mcpToolNames - Optional list of MCP tool names to make available to agents
  */
 export declare function buildAgentDefinitions(taskDescription: string, mcpToolNames?: string[]): Record<string, AgentDefinition>;
+export declare function parseAgentNamesFromSchema(taskTool: unknown): string[];
+export declare function buildAgentDefinitionsFromTool(taskTool: unknown, mcpToolNames?: string[]): Record<string, AgentDefinition>;
 //# sourceMappingURL=agentDefs.d.ts.map

package/dist/proxy/agentDefs.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"agentDefs.d.ts","sourceRoot":"","sources":["../../src/proxy/agentDefs.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,4DAA4D;AAC5D,eAAO,MAAM,mBAAmB,YAAY,CAAA;AAc5C,sCAAsC;AACtC,MAAM,WAAW,eAAe;IAC9B,WAAW,EAAE,MAAM,CAAA;IACnB,MAAM,EAAE,MAAM,CAAA;IACd,KAAK,CAAC,EAAE,QAAQ,GAAG,MAAM,GAAG,OAAO,GAAG,SAAS,CAAA;IAC/C,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;IAChB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAA;CAC3B;AAED;;;;;;;GAOG;AACH,wBAAgB,sBAAsB,CAAC,eAAe,EAAE,MAAM,GAAG,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAcnF;AAED;;;;;;GAMG;AACH,wBAAgB,YAAY,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,GAAG,OAAO,GAAG,SAAS,CAOjG;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,qBAAqB,CACnC,eAAe,EAAE,MAAM,EACvB,YAAY,CAAC,EAAE,MAAM,EAAE,GACtB,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAsBjC"}
+{"version":3,"file":"agentDefs.d.ts","sourceRoot":"","sources":["../../src/proxy/agentDefs.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,4DAA4D;AAC5D,eAAO,MAAM,mBAAmB,YAAY,CAAA;AAc5C,sCAAsC;AACtC,MAAM,WAAW,eAAe;IAC9B,WAAW,EAAE,MAAM,CAAA;IACnB,MAAM,EAAE,MAAM,CAAA;IACd,KAAK,CAAC,EAAE,QAAQ,GAAG,MAAM,GAAG,OAAO,GAAG,SAAS,CAAA;IAC/C,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;IAChB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAA;CAC3B;AAED;;;;;;;GAOG;AACH,wBAAgB,sBAAsB,CAAC,eAAe,EAAE,MAAM,GAAG,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAcnF;AAED;;;;;;GAMG;AACH,wBAAgB,YAAY,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,GAAG,OAAO,GAAG,SAAS,CAOjG;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,qBAAqB,CACnC,eAAe,EAAE,MAAM,EACvB,YAAY,CAAC,EAAE,MAAM,EAAE,GACtB,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAsBjC;AA4ED,wBAAgB,yBAAyB,CAAC,QAAQ,EAAE,OAAO,GAAG,MAAM,EAAE,CAIrE;AAED,wBAAgB,6BAA6B,CAC3C,QAAQ,EAAE,OAAO,EACjB,YAAY,CAAC,EAAE,MAAM,EAAE,GACtB,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAuBjC"}

package/dist/proxy/errors.d.ts

@@ -38,4 +38,46 @@ export declare function isRateLimitError(errMsg: string): boolean;
  * sonnet[1m] or opus[1m]. The fix is to fall back to the base model.
  */
 export declare function isExtraUsageRequiredError(errMsg: string): boolean;
+/**
+ * Structured SDK-termination metadata extracted from raw error text.
+ * Used by diagnosticLog to surface why the SDK subprocess ended (max_turns,
+ * exit, abort) plus the captured stderr tail — info that classifyError
+ * collapses into a generic api_error.
+ */
+export interface SdkTermination {
+    reason: "max_turns" | "process_exit" | "aborted" | "unknown";
+    /** Turn count when reason=max_turns and parseable. */
+    turns?: number;
+    /** Exit code when reason=process_exit and parseable. */
+    exitCode?: number;
+    /** Captured "Subprocess stderr: …" tail (truncated). */
+    stderrTail?: string;
+    /** Truncated raw error message — set only when reason="unknown" so the log
+     *  line stays self-contained for unrecognized SDK errors (e.g. so we can
+     *  add a new pattern next time). */
+    rawTail?: string;
+}
+/**
+ * Parse the raw error message thrown by the Claude Agent SDK into structured
+ * termination metadata. Pure function — no I/O.
+ *
+ * Returns reason="unknown" when the message doesn't match any recognized
+ * pattern; callers can still log it with whatever surrounding context they have.
+ */
+export declare function extractSdkTermination(errMsg: string): SdkTermination;
+/**
+ * Render an SdkTermination plus request context as a single greppable log line.
+ * Matches the key=value style used by token-health diagnostic messages so all
+ * /telemetry/logs entries are uniform.
+ *
+ * Session IDs are truncated to 8 chars to keep lines short — full IDs are
+ * already on the parent telemetry record.
+ */
+export declare function formatSdkTermination(t: SdkTermination, ctx: {
+    model?: string;
+    requestSource?: string;
+    isResume?: boolean;
+    hasDeferredTools?: boolean;
+    sdkSessionId?: string;
+}): string;
 //# sourceMappingURL=errors.d.ts.map

package/dist/proxy/errors.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/proxy/errors.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,MAAM,CAAA;IACd,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,EAAE,MAAM,CAAA;CAChB;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,eAAe,CA+G7D;AAED;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAG3D;AAED;;;;GAIG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAO3D;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAGxD;AAED;;;;GAIG;AACH,wBAAgB,yBAAyB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAGjE"}
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/proxy/errors.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,MAAM,CAAA;IACd,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,EAAE,MAAM,CAAA;CAChB;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,eAAe,CA+G7D;AAED;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAG3D;AAED;;;;GAIG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAO3D;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAGxD;AAED;;;;GAIG;AACH,wBAAgB,yBAAyB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAGjE;AAED;;;;;GAKG;AACH,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,WAAW,GAAG,cAAc,GAAG,SAAS,GAAG,SAAS,CAAA;IAC5D,sDAAsD;IACtD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,wDAAwD;IACxD,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,wDAAwD;IACxD,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB;;wCAEoC;IACpC,OAAO,CAAC,EAAE,MAAM,CAAA;CACjB;AAuBD;;;;;;GAMG;AACH,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,MAAM,GAAG,cAAc,CAuCpE;AAED;;;;;;;GAOG;AACH,wBAAgB,oBAAoB,CAClC,CAAC,EAAE,cAAc,EACjB,GAAG,EAAE;IACH,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB,GACA,MAAM,CAYR"}

package/dist/proxy/models.d.ts

@@ -82,6 +82,31 @@ export declare function getClaudeAuthStatusAsync(profileId?: string, envOverride
  * The promise is cleared in `finally` to allow retry on failure while
  * cachedClaudePath prevents re-resolution on success.
  */
+/**
+ * Resolver step contract — each tries one source, returns a path on success
+ * or null on miss. Failures (thrown errors) are caught by the caller and
+ * treated as misses so unresolved sources never block subsequent steps.
+ */
+type ResolverDeps = {
+    existsSync: (p: string) => boolean;
+    statSync: (p: string) => {
+        size: number;
+    };
+    exec: (cmd: string) => Promise<{
+        stdout: string;
+    }>;
+    resolvePackage: (specifier: string) => string;
+    envGet: (name: string) => string | undefined;
+    platform: NodeJS.Platform;
+    arch: string;
+    isBun: boolean;
+};
+/**
+ * Pure resolver — runs each step and returns the first hit, or null when
+ * all steps miss. Exported for unit tests; production callers use
+ * resolveClaudeExecutableAsync, which adds caching on top.
+ */
+export declare function resolveClaudeExecutable(deps?: ResolverDeps): Promise<string | null>;
 export declare function resolveClaudeExecutableAsync(): Promise<string>;
 /** Reset cached path — for testing only */
 export declare function resetCachedClaudePath(): void;
@@ -96,4 +121,5 @@ export declare function expireAuthStatusCache(): void;
  * This happens when the client disconnects mid-stream.
  */
 export declare function isClosedControllerError(error: unknown): boolean;
+export {};
 //# sourceMappingURL=models.d.ts.map

package/dist/proxy/models.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"models.d.ts","sourceRoot":"","sources":["../../src/proxy/models.ts"],"names":[],"mappings":"AAAA;;GAEG;AAUH,MAAM,MAAM,WAAW,GAAG,QAAQ,GAAG,YAAY,GAAG,MAAM,GAAG,UAAU,GAAG,OAAO,CAAA;AAEjF;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,oBAAoB,oBAAoB,CAAA;AACrD,eAAO,MAAM,sBAAsB,sBAAsB,CAAA;AACzD,eAAO,MAAM,qBAAqB,qBAAqB,CAAA;AAEvD;;;;GAIG;AACH,wBAAgB,uBAAuB,IAAI,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAMhE;AACD,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AA0BD,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,MAAM,EAAE,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,GAAG,WAAW,CA8B7H;AAWD;;;;;;GAMG;AACH,wBAAgB,gCAAgC,IAAI,IAAI,CAEvD;AAED;;;;GAIG;AACH,wBAAgB,iCAAiC,IAAI,OAAO,CAG3D;AAED,0EAA0E;AAC1E,wBAAgB,+BAA+B,IAAI,IAAI,CAEtD;AAED;;;GAGG;AACH,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,WAAW,GAAG,WAAW,CAIpE;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,WAAW,GAAG,OAAO,CAE9D;AAaD;gFACgF;AAChF,wBAAgB,gBAAgB,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG;IAAE,aAAa,EAAE,MAAM,CAAC;IAAC,aAAa,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,OAAO,CAAA;CAAE,CAOzH;AAWD;;;;GAIG;AACH,wBAAsB,wBAAwB,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC,CAuD1I;AAOD;;;;;;;;;;GAUG;AACH,wBAAsB,4BAA4B,IAAI,OAAO,CAAC,MAAM,CAAC,CAyDpE;AAED,2CAA2C;AAC3C,wBAAgB,qBAAqB,IAAI,IAAI,CAG5C;AAED,kDAAkD;AAClD,wBAAgB,2BAA2B,IAAI,IAAI,CAOlD;AAED;;6DAE6D;AAC7D,wBAAgB,qBAAqB,IAAI,IAAI,CAO5C;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAG/D"}
+{"version":3,"file":"models.d.ts","sourceRoot":"","sources":["../../src/proxy/models.ts"],"names":[],"mappings":"AAAA;;GAEG;AAoBH,MAAM,MAAM,WAAW,GAAG,QAAQ,GAAG,YAAY,GAAG,MAAM,GAAG,UAAU,GAAG,OAAO,CAAA;AAEjF;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,oBAAoB,oBAAoB,CAAA;AACrD,eAAO,MAAM,sBAAsB,sBAAsB,CAAA;AACzD,eAAO,MAAM,qBAAqB,qBAAqB,CAAA;AAEvD;;;;GAIG;AACH,wBAAgB,uBAAuB,IAAI,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAMhE;AACD,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AA0BD,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,MAAM,EAAE,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,GAAG,WAAW,CA8B7H;AAWD;;;;;;GAMG;AACH,wBAAgB,gCAAgC,IAAI,IAAI,CAEvD;AAED;;;;GAIG;AACH,wBAAgB,iCAAiC,IAAI,OAAO,CAG3D;AAED,0EAA0E;AAC1E,wBAAgB,+BAA+B,IAAI,IAAI,CAEtD;AAED;;;GAGG;AACH,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,WAAW,GAAG,WAAW,CAIpE;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,WAAW,GAAG,OAAO,CAE9D;AAaD;gFACgF;AAChF,wBAAgB,gBAAgB,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG;IAAE,aAAa,EAAE,MAAM,CAAC;IAAC,aAAa,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,OAAO,CAAA;CAAE,CAOzH;AAWD;;;;GAIG;AACH,wBAAsB,wBAAwB,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC,CAuD1I;AAOD;;;;;;;;;;GAUG;AACH;;;;GAIG;AACH,KAAK,YAAY,GAAG;IAClB,UAAU,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK,OAAO,CAAA;IAClC,QAAQ,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,CAAA;IACzC,IAAI,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;IAClD,cAAc,EAAE,CAAC,SAAS,EAAE,MAAM,KAAK,MAAM,CAAA;IAC7C,MAAM,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,GAAG,SAAS,CAAA;IAC5C,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAA;IACzB,IAAI,EAAE,MAAM,CAAA;IACZ,KAAK,EAAE,OAAO,CAAA;CACf,CAAA;AA4HD;;;;GAIG;AACH,wBAAsB,uBAAuB,CAAC,IAAI,GAAE,YAA2B,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAQvG;AAED,wBAAsB,4BAA4B,IAAI,OAAO,CAAC,MAAM,CAAC,CAqBpE;AAED,2CAA2C;AAC3C,wBAAgB,qBAAqB,IAAI,IAAI,CAG5C;AAED,kDAAkD;AAClD,wBAAgB,2BAA2B,IAAI,IAAI,CAOlD;AAED;;6DAE6D;AAC7D,wBAAgB,qBAAqB,IAAI,IAAI,CAO5C;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAG/D"}

package/dist/proxy/oauthUsage.d.ts

@@ -0,0 +1,67 @@
+/**
+ * Continuous OAuth usage fetching from Anthropic's private OAuth endpoint.
+ *
+ * Anthropic exposes `GET https://api.anthropic.com/api/oauth/usage` for OAuth
+ * (Claude Max) subscribers. Unlike the SDK's `rate_limit_event` (which only
+ * populates `utilization` near `allowed_warning` / `rejected`), this endpoint
+ * always returns continuous percentage values for every active rate-limit
+ * window — exactly what claude.ai's own UI uses.
+ *
+ * Headers required:
+ *   Authorization: Bearer <oauth-access-token>
+ *   anthropic-beta: oauth-2025-04-20
+ *
+ * We reuse `tokenRefresh.ts`'s cross-platform credential store (macOS Keychain
+ * or `~/.claude/.credentials.json`) to read the access token, and trigger a
+ * background refresh on 401.
+ *
+ * Per-profile caching: each profile has its own 30s TTL cache so multi-account
+ * setups can be queried independently without cross-contamination. Concurrent
+ * callers for the same profile share a single in-flight request.
+ */
+import { type CredentialStore } from "./tokenRefresh";
+export interface OAuthUsageWindow {
+    type: string;
+    utilization: number | null;
+    resetsAt: number | null;
+}
+export interface OAuthExtraUsageInfo {
+    isEnabled: boolean;
+    monthlyLimit: number;
+    usedCredits: number;
+    utilization: number | null;
+    currency: string;
+}
+export interface OAuthUsageSnapshot {
+    windows: OAuthUsageWindow[];
+    extraUsage: OAuthExtraUsageInfo | null;
+    fetchedAt: number;
+}
+/**
+ * Fetch latest OAuth usage for a specific profile (or the default OAuth
+ * account if none specified). Returns null if no OAuth token is available
+ * or the upstream call fails (after one refresh attempt).
+ *
+ * Per-profile in-process cache (30s TTL by default) prevents hammering
+ * Anthropic's endpoint when many clients poll concurrently. Concurrent
+ * callers for the same profile share a single in-flight request.
+ *
+ * @param ttlMs           Override the cache TTL (default 30s).
+ * @param force           Bypass the cache and fetch fresh.
+ * @param store           Override the credential store (for testing).
+ * @param profileId       Logical profile identifier used as the cache key.
+ *                        Pass null/undefined for the default OAuth account.
+ * @param claudeConfigDir When provided, reads credentials from this dir's
+ *                        keychain entry (macOS) or `.credentials.json`
+ *                        (Linux) instead of the platform default.
+ */
+export declare function fetchOAuthUsage(opts?: {
+    ttlMs?: number;
+    force?: boolean;
+    store?: CredentialStore;
+    profileId?: string | null;
+    claudeConfigDir?: string;
+}): Promise<OAuthUsageSnapshot | null>;
+/** Test-only / shutdown helper — clears all cached snapshots and pending fetches. */
+export declare function resetOAuthUsageCache(): void;
+//# sourceMappingURL=oauthUsage.d.ts.map

package/dist/proxy/oauthUsage.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauthUsage.d.ts","sourceRoot":"","sources":["../../src/proxy/oauthUsage.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAGH,OAAO,EAAoD,KAAK,eAAe,EAAE,MAAM,gBAAgB,CAAA;AAgCvG,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,MAAM,CAAA;IACZ,WAAW,EAAE,MAAM,GAAG,IAAI,CAAA;IAC1B,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;CACxB;AAED,MAAM,WAAW,mBAAmB;IAClC,SAAS,EAAE,OAAO,CAAA;IAClB,YAAY,EAAE,MAAM,CAAA;IACpB,WAAW,EAAE,MAAM,CAAA;IACnB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAA;IAC1B,QAAQ,EAAE,MAAM,CAAA;CACjB;AAED,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,gBAAgB,EAAE,CAAA;IAC3B,UAAU,EAAE,mBAAmB,GAAG,IAAI,CAAA;IACtC,SAAS,EAAE,MAAM,CAAA;CAClB;AA0ED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAsB,eAAe,CAAC,IAAI,CAAC,EAAE;IAC3C,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,KAAK,CAAC,EAAE,OAAO,CAAA;IACf,KAAK,CAAC,EAAE,eAAe,CAAA;IACvB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACzB,eAAe,CAAC,EAAE,MAAM,CAAA;CACzB,GAAG,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAgDrC;AAED,qFAAqF;AACrF,wBAAgB,oBAAoB,IAAI,IAAI,CAG3C"}