@simonyea/holysheep-cli 2.1.25 → 2.1.27

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@simonyea/holysheep-cli",
-  "version": "2.1.25",
+  "version": "2.1.27",
   "description": "Claude Code/Cursor/Cline API relay for China \u2014 \u00a51=$1, WeChat/Alipay payment, no credit card, no VPN. One command setup for all AI coding tools.",
   "scripts": {
     "test": "node tests/droid.test.js && node tests/workspace-store.test.js && node tests/runtime-stale-upgrade.test.js && node tests/hermes.test.js && node tests/preflight.test.js",

package/src/tools/claude-process-proxy.js

@@ -220,6 +220,63 @@ function deriveNodeProxyUrl(lease) {
   return upstream.toString().replace(/\/+$/, '')
 }
 
+// [HolySheep fork v2.1.27 / hs20] Direct HTTPS fallback.
+//
+// Background: the assigned node's forward-proxy at :3129 can be unreachable
+// (we've seen node3's proxy offline while node3's /v1/messages at :3101 is
+// up). When that happens, claude-agent-acp spawns get ECONNREFUSED on every
+// prompt and the user sees the generic "Internal error: API Error: 400".
+//
+// Fix: when the node-proxy forward fails with ECONNREFUSED (or the proxy
+// URL itself won't resolve), retry the same request directly against
+// `config.baseUrlAnthropic` (usually https://api.holysheep.ai). We still
+// send the bridge headers — the upstream CRS accepts them and reuses the
+// same lease. This gives users a usable claude path even while HolySheep
+// SRE fixes the assigned node.
+function forwardDirectHttps({ config, lease, clientReq, clientRes, trace }) {
+  const https = require('https')
+  const crsBase = config.baseUrlAnthropic || 'https://api.holysheep.ai'
+  const target = new URL(clientReq.url && clientReq.url.startsWith('http') ? clientReq.url : clientReq.url, crsBase)
+  return new Promise((resolve, reject) => {
+    // [HolySheep fork v2.1.27 / hs20] Sanitize headers before the direct
+    // upstream hit. claude-agent-acp usually runs in a clean env so these
+    // should never be present, but a future client library could set them
+    // (or a proxy earlier in the chain could tag the request) and leak the
+    // loopback origin / real client IP to api.holysheep.ai. The upstream
+    // doesn't need them — it authenticates off bridge headers + API key.
+    const sanitized = { ...clientReq.headers }
+    for (const k of Object.keys(sanitized)) {
+      if (/^x-forwarded-|^x-real-ip$|^forwarded$|^via$/i.test(k)) {
+        delete sanitized[k]
+      }
+    }
+    const headers = {
+      ...sanitized,
+      ...buildAuthHeaders(config, lease),
+      host: target.host,
+      connection: 'close',
+    }
+    const upReq = https.request({
+      hostname: target.hostname,
+      port: target.port || 443,
+      path: target.pathname + target.search,
+      method: clientReq.method,
+      headers,
+      timeout: RESPONSE_TIMEOUT_MS + 5000,
+    }, (upRes) => {
+      clientRes.writeHead(upRes.statusCode, upRes.headers)
+      upRes.pipe(clientRes)
+      upRes.on('end', resolve)
+      upRes.on('error', reject)
+    })
+    upReq.on('error', reject)
+    upReq.on('timeout', () => {
+      upReq.destroy(new Error('direct-https upstream timeout'))
+    })
+    clientReq.pipe(upReq)
+  })
+}
+
 function forwardViaNodeProxy({ nodeProxyUrl, targetUrl, clientReq, clientRes, extraHeaders = {}, trace = null }) {
   const upstream = new URL(nodeProxyUrl)
   return new Promise((resolve, reject) => {
@@ -617,6 +674,36 @@ function createProcessProxyServer({ sessionId, configPath = CONFIG_PATH, allowAn
         if (!isRetryableNodeLeaseError(err) && attempt > 0) break
       }
     }
+    // [HolySheep fork v2.1.27 / hs20] Direct HTTPS fallback.
+    // If EVERY node-proxy retry failed with a connection-level error
+    // (ECONNREFUSED, EHOSTUNREACH, ETIMEDOUT, or a generic "Proxy error"
+    // mentioning ECONNREFUSED in the body), fall back to a direct HTTPS
+    // POST against api.holysheep.ai. The relay on that side recognises
+    // bridge headers + cr_ keys and forwards to an account pool even when
+    // the per-device assigned node is dead. Keeps users productive while
+    // SRE re-balances nodes.
+    if (lastError && !clientRes.headersSent) {
+      const msg = String(lastError?.message || lastError?.body || '')
+      const isConnectionLevel = /ECONNREFUSED|EHOSTUNREACH|ETIMEDOUT|ENETUNREACH|connect/i.test(msg)
+      if (isConnectionLevel) {
+        try {
+          const config = readConfig(configPath)
+          const lease = getCachedLease(sessionId) || await fetchFreshLease(config, sessionId, {})
+          logProxyTiming('request.direct-fallback', {
+            sessionId,
+            originalError: msg.slice(0, 160),
+          })
+          await forwardDirectHttps({ config, lease, clientReq, clientRes, trace: null })
+          lastError = null
+        } catch (fallbackErr) {
+          lastError = fallbackErr
+          logProxyTiming('request.direct-fallback.fail', {
+            sessionId,
+            error: String(fallbackErr?.message || fallbackErr),
+          })
+        }
+      }
+    }
     if (lastError && !clientRes.headersSent) {
       const status = Number(lastError.statusCode || 502)
       const body = String(lastError.body || lastError.message || 'Proxy error')

package/src/tools/opencode.js

@@ -109,6 +109,28 @@ module.exports = {
     // 设置默认模型
     config.model = `anthropic/${primaryModel || 'claude-sonnet-4-6'}`
 
+    // [HolySheep fork v2.1.27 / hs20] Disable the giant OpenCode tools that
+    // blow the Anthropic request body past ~25 KB. When bodies exceed ~40 KB
+    // against the HolySheep relay, Anthropic returns a plan-limit error:
+    //   "Third-party apps now draw from your extra usage, not your plan limits"
+    // which OpenCode surfaces as a silent `stop_reason: end_turn` with
+    // zero tokens (class-C failure). Removing just the biggest schemas
+    // (todowrite ~8.8 KB, task ~4.4 KB, webfetch/skill smaller) brings
+    // bodies below the threshold while keeping bash/read/glob/grep/edit/write
+    // which are the core coding tools users actually need.
+    //
+    // Users who want these tools back can set HOLYSHEEP_OPENCODE_KEEP_ALL_TOOLS=1
+    // in their shell, or manually remove the entries from opencode.json.
+    if (!process.env.HOLYSHEEP_OPENCODE_KEEP_ALL_TOOLS) {
+      const tools = { ...(config.tools || {}) }
+      if (tools.todowrite === undefined) tools.todowrite = false
+      if (tools.todoread === undefined) tools.todoread = false
+      if (tools.task === undefined) tools.task = false
+      if (tools.skill === undefined) tools.skill = false
+      if (tools.webfetch === undefined) tools.webfetch = false
+      config.tools = tools
+    }
+
     writeConfig(config)
     return { file: getConfigFile(), hot: false }
   },

package/src/tools/pty-hermes-wrapper.py

@@ -0,0 +1,122 @@
+#!/usr/bin/env python3
+"""
+[HolySheep fork v2.1.25 / hs19] Hermes ACP PTY wrapper.
+
+Why: bun 1.3.9's subprocess.spawn with stdio:['pipe','pipe','pipe']
+passes sockets to the child. Python's asyncio.connect_write_pipe()
+silently drops the 2nd+ message written under bun's event loop routing.
+Reproduced: bun delivers id=1 response but not id=2+; node delivers both.
+
+Fix: allocate a PTY master/slave pair. Hand the SLAVE to hermes as its
+stdin+stdout, keep stderr on the wrapper's fd 2 so hs web log still
+captures Python tracebacks separately. Master side pumps bytes between
+our (bun-spawned) stdin/stdout and the PTY, so bun reads through kernel
+PTY buffer which hermes's asyncio transport drives correctly.
+
+Disable ECHO on slave so stdin bytes are not echoed back as stdout bytes
+(the old BSD `script -q /dev/null` wrapper had this bug).
+Disable ONLCR so '\\n' is not rewritten to '\\r\\n'.
+
+Usage: python3 pty-hermes-wrapper.py
+HERMES_BIN is auto-resolved from $PATH; override via $HOLYSHEEP_HERMES_BIN.
+"""
+import os, sys, pty, termios, select, signal
+
+
+def _resolve_hermes_bin() -> str:
+    override = os.environ.get('HOLYSHEEP_HERMES_BIN')
+    if override and os.access(override, os.X_OK):
+        return override
+    for d in os.environ.get('PATH', '').split(os.pathsep):
+        candidate = os.path.join(d, 'hermes')
+        if os.access(candidate, os.X_OK):
+            return candidate
+    sys.stderr.write('[pty-hermes-wrapper] hermes binary not found in $PATH\n')
+    sys.exit(127)
+
+
+def main() -> None:
+    hermes_bin = _resolve_hermes_bin()
+    master_fd, slave_fd = pty.openpty()
+    attrs = termios.tcgetattr(slave_fd)
+    attrs[3] &= ~termios.ECHO
+    attrs[1] &= ~termios.ONLCR
+    termios.tcsetattr(slave_fd, termios.TCSANOW, attrs)
+
+    pid = os.fork()
+    if pid == 0:
+        os.setsid()
+        os.dup2(slave_fd, 0)
+        os.dup2(slave_fd, 1)
+        os.close(master_fd)
+        os.close(slave_fd)
+        os.execvp(hermes_bin, [hermes_bin, 'acp'])
+        return
+
+    os.close(slave_fd)
+
+    def _forward(signum, _frame):
+        try:
+            os.kill(pid, signum)
+        except ProcessLookupError:
+            pass
+
+    signal.signal(signal.SIGTERM, _forward)
+    signal.signal(signal.SIGINT, _forward)
+
+    try:
+        while True:
+            try:
+                wpid, _ = os.waitpid(pid, os.WNOHANG)
+                if wpid != 0:
+                    break
+            except ChildProcessError:
+                break
+            try:
+                r, _, _ = select.select([master_fd, 0], [], [], 0.5)
+            except (InterruptedError, OSError):
+                continue
+            if master_fd in r:
+                try:
+                    data = os.read(master_fd, 65536)
+                except OSError:
+                    break
+                if not data:
+                    break
+                try:
+                    sys.stdout.buffer.write(data)
+                    sys.stdout.buffer.flush()
+                except (BrokenPipeError, OSError):
+                    try:
+                        os.kill(pid, signal.SIGTERM)
+                    except ProcessLookupError:
+                        pass
+                    break
+            if 0 in r:
+                try:
+                    data = os.read(0, 65536)
+                except OSError:
+                    break
+                if not data:
+                    try:
+                        os.kill(pid, signal.SIGTERM)
+                    except ProcessLookupError:
+                        pass
+                    break
+                try:
+                    os.write(master_fd, data)
+                except OSError:
+                    break
+    finally:
+        try:
+            os.close(master_fd)
+        except OSError:
+            pass
+        try:
+            os.waitpid(pid, 0)
+        except OSError:
+            pass
+
+
+if __name__ == '__main__':
+    main()

package/src/webui/aionui-runtime-fetcher.js

@@ -60,10 +60,10 @@ const VENDOR_DIR = path.join(__dirname, 'vendor', 'aionui')
 // new CLI release, the next `hs web` invocation on user machines will detect
 // the version drift and upgrade the cache in place.
 const DEFAULT_RUNTIME_URL =
-  'https://mail.holysheep.ai/app/cli/aionui-runtime-v1.9.18-holysheep-hs19.tar.gz'
+  'https://mail.holysheep.ai/app/cli/aionui-runtime-v1.9.18-holysheep-hs20.tar.gz'
 const DEFAULT_RUNTIME_SHA256 =
-  '9c41c88dfcf1a836d61a5322d748e02653953b087323b7a9766b8d1459170d13'
-const DEFAULT_RUNTIME_VERSION = '1.9.18-holysheep-hs19'
+  '99ddb768cacd223a13c77d716413032e913c8be2850e7dbccaf7ae52d0797e37'
+const DEFAULT_RUNTIME_VERSION = '1.9.18-holysheep-hs20'
 
 function isValidRuntimeDir(dir) {
   if (!dir) return false