@simonyea/holysheep-cli 2.1.26 → 2.1.27

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@simonyea/holysheep-cli",
-  "version": "2.1.26",
+  "version": "2.1.27",
   "description": "Claude Code/Cursor/Cline API relay for China \u2014 \u00a51=$1, WeChat/Alipay payment, no credit card, no VPN. One command setup for all AI coding tools.",
   "scripts": {
     "test": "node tests/droid.test.js && node tests/workspace-store.test.js && node tests/runtime-stale-upgrade.test.js && node tests/hermes.test.js && node tests/preflight.test.js",

package/src/tools/claude-process-proxy.js

@@ -220,6 +220,63 @@ function deriveNodeProxyUrl(lease) {
   return upstream.toString().replace(/\/+$/, '')
 }
 
+// [HolySheep fork v2.1.27 / hs20] Direct HTTPS fallback.
+//
+// Background: the assigned node's forward-proxy at :3129 can be unreachable
+// (we've seen node3's proxy offline while node3's /v1/messages at :3101 is
+// up). When that happens, claude-agent-acp spawns get ECONNREFUSED on every
+// prompt and the user sees the generic "Internal error: API Error: 400".
+//
+// Fix: when the node-proxy forward fails with ECONNREFUSED (or the proxy
+// URL itself won't resolve), retry the same request directly against
+// `config.baseUrlAnthropic` (usually https://api.holysheep.ai). We still
+// send the bridge headers — the upstream CRS accepts them and reuses the
+// same lease. This gives users a usable claude path even while HolySheep
+// SRE fixes the assigned node.
+function forwardDirectHttps({ config, lease, clientReq, clientRes, trace }) {
+  const https = require('https')
+  const crsBase = config.baseUrlAnthropic || 'https://api.holysheep.ai'
+  const target = new URL(clientReq.url && clientReq.url.startsWith('http') ? clientReq.url : clientReq.url, crsBase)
+  return new Promise((resolve, reject) => {
+    // [HolySheep fork v2.1.27 / hs20] Sanitize headers before the direct
+    // upstream hit. claude-agent-acp usually runs in a clean env so these
+    // should never be present, but a future client library could set them
+    // (or a proxy earlier in the chain could tag the request) and leak the
+    // loopback origin / real client IP to api.holysheep.ai. The upstream
+    // doesn't need them — it authenticates off bridge headers + API key.
+    const sanitized = { ...clientReq.headers }
+    for (const k of Object.keys(sanitized)) {
+      if (/^x-forwarded-|^x-real-ip$|^forwarded$|^via$/i.test(k)) {
+        delete sanitized[k]
+      }
+    }
+    const headers = {
+      ...sanitized,
+      ...buildAuthHeaders(config, lease),
+      host: target.host,
+      connection: 'close',
+    }
+    const upReq = https.request({
+      hostname: target.hostname,
+      port: target.port || 443,
+      path: target.pathname + target.search,
+      method: clientReq.method,
+      headers,
+      timeout: RESPONSE_TIMEOUT_MS + 5000,
+    }, (upRes) => {
+      clientRes.writeHead(upRes.statusCode, upRes.headers)
+      upRes.pipe(clientRes)
+      upRes.on('end', resolve)
+      upRes.on('error', reject)
+    })
+    upReq.on('error', reject)
+    upReq.on('timeout', () => {
+      upReq.destroy(new Error('direct-https upstream timeout'))
+    })
+    clientReq.pipe(upReq)
+  })
+}
+
 function forwardViaNodeProxy({ nodeProxyUrl, targetUrl, clientReq, clientRes, extraHeaders = {}, trace = null }) {
   const upstream = new URL(nodeProxyUrl)
   return new Promise((resolve, reject) => {
@@ -617,6 +674,36 @@ function createProcessProxyServer({ sessionId, configPath = CONFIG_PATH, allowAn
         if (!isRetryableNodeLeaseError(err) && attempt > 0) break
       }
     }
+    // [HolySheep fork v2.1.27 / hs20] Direct HTTPS fallback.
+    // If EVERY node-proxy retry failed with a connection-level error
+    // (ECONNREFUSED, EHOSTUNREACH, ETIMEDOUT, or a generic "Proxy error"
+    // mentioning ECONNREFUSED in the body), fall back to a direct HTTPS
+    // POST against api.holysheep.ai. The relay on that side recognises
+    // bridge headers + cr_ keys and forwards to an account pool even when
+    // the per-device assigned node is dead. Keeps users productive while
+    // SRE re-balances nodes.
+    if (lastError && !clientRes.headersSent) {
+      const msg = String(lastError?.message || lastError?.body || '')
+      const isConnectionLevel = /ECONNREFUSED|EHOSTUNREACH|ETIMEDOUT|ENETUNREACH|connect/i.test(msg)
+      if (isConnectionLevel) {
+        try {
+          const config = readConfig(configPath)
+          const lease = getCachedLease(sessionId) || await fetchFreshLease(config, sessionId, {})
+          logProxyTiming('request.direct-fallback', {
+            sessionId,
+            originalError: msg.slice(0, 160),
+          })
+          await forwardDirectHttps({ config, lease, clientReq, clientRes, trace: null })
+          lastError = null
+        } catch (fallbackErr) {
+          lastError = fallbackErr
+          logProxyTiming('request.direct-fallback.fail', {
+            sessionId,
+            error: String(fallbackErr?.message || fallbackErr),
+          })
+        }
+      }
+    }
     if (lastError && !clientRes.headersSent) {
       const status = Number(lastError.statusCode || 502)
       const body = String(lastError.body || lastError.message || 'Proxy error')

package/src/tools/opencode.js

@@ -109,6 +109,28 @@ module.exports = {
     // 设置默认模型
     config.model = `anthropic/${primaryModel || 'claude-sonnet-4-6'}`
 
+    // [HolySheep fork v2.1.27 / hs20] Disable the giant OpenCode tools that
+    // blow the Anthropic request body past ~25 KB. When bodies exceed ~40 KB
+    // against the HolySheep relay, Anthropic returns a plan-limit error:
+    //   "Third-party apps now draw from your extra usage, not your plan limits"
+    // which OpenCode surfaces as a silent `stop_reason: end_turn` with
+    // zero tokens (class-C failure). Removing just the biggest schemas
+    // (todowrite ~8.8 KB, task ~4.4 KB, webfetch/skill smaller) brings
+    // bodies below the threshold while keeping bash/read/glob/grep/edit/write
+    // which are the core coding tools users actually need.
+    //
+    // Users who want these tools back can set HOLYSHEEP_OPENCODE_KEEP_ALL_TOOLS=1
+    // in their shell, or manually remove the entries from opencode.json.
+    if (!process.env.HOLYSHEEP_OPENCODE_KEEP_ALL_TOOLS) {
+      const tools = { ...(config.tools || {}) }
+      if (tools.todowrite === undefined) tools.todowrite = false
+      if (tools.todoread === undefined) tools.todoread = false
+      if (tools.task === undefined) tools.task = false
+      if (tools.skill === undefined) tools.skill = false
+      if (tools.webfetch === undefined) tools.webfetch = false
+      config.tools = tools
+    }
+
     writeConfig(config)
     return { file: getConfigFile(), hot: false }
   },

package/src/webui/aionui-runtime-fetcher.js

@@ -60,10 +60,10 @@ const VENDOR_DIR = path.join(__dirname, 'vendor', 'aionui')
 // new CLI release, the next `hs web` invocation on user machines will detect
 // the version drift and upgrade the cache in place.
 const DEFAULT_RUNTIME_URL =
-  'https://mail.holysheep.ai/app/cli/aionui-runtime-v1.9.18-holysheep-hs19.tar.gz'
+  'https://mail.holysheep.ai/app/cli/aionui-runtime-v1.9.18-holysheep-hs20.tar.gz'
 const DEFAULT_RUNTIME_SHA256 =
-  '9c41c88dfcf1a836d61a5322d748e02653953b087323b7a9766b8d1459170d13'
-const DEFAULT_RUNTIME_VERSION = '1.9.18-holysheep-hs19'
+  '99ddb768cacd223a13c77d716413032e913c8be2850e7dbccaf7ae52d0797e37'
+const DEFAULT_RUNTIME_VERSION = '1.9.18-holysheep-hs20'
 
 function isValidRuntimeDir(dir) {
   if (!dir) return false