@vacbo/opencode-anthropic-fix 0.1.4 → 0.1.6

package/src/index.ts

@@ -518,12 +518,40 @@ export async function AnthropicAuthPlugin({
 
                 let response: Response;
                 const fetchInput = requestInput as string | URL | Request;
-                try {
-                  response = await fetchWithTransport(fetchInput, {
+                const buildTransportRequestInit = (
+                  headers: Headers,
+                  requestBody: RequestInit["body"],
+                  forceFreshConnection: boolean,
+                ): RequestInit => {
+                  const requestHeadersForTransport = new Headers(headers);
+                  if (forceFreshConnection) {
+                    requestHeadersForTransport.set("connection", "close");
+                    requestHeadersForTransport.set("x-proxy-disable-keepalive", "true");
+                  } else {
+                    requestHeadersForTransport.delete("connection");
+                    requestHeadersForTransport.delete("x-proxy-disable-keepalive");
+                  }
+
+                  return {
                     ...requestInit,
-                    body,
-                    headers: requestHeaders,
-                  });
+                    body: requestBody,
+                    headers: requestHeadersForTransport,
+                    ...(forceFreshConnection ? { keepalive: false } : {}),
+                  };
+                };
+
+                try {
+                  response = await fetchWithRetry(
+                    async ({ forceFreshConnection }) =>
+                      fetchWithTransport(
+                        fetchInput,
+                        buildTransportRequestInit(requestHeaders, body, forceFreshConnection),
+                      ),
+                    {
+                      maxRetries: 2,
+                      shouldRetryResponse: () => false,
+                    },
+                  );
                 } catch (err) {
                   const fetchError = err instanceof Error ? err : new Error(String(err));
                   if (accountManager && account) {
@@ -582,7 +610,7 @@ export async function AnthropicAuthPlugin({
 
                     let retryCount = 0;
                     const retried = await fetchWithRetry(
-                      async () => {
+                      async ({ forceFreshConnection }) => {
                         if (retryCount === 0) {
                           retryCount += 1;
                           return response;
@@ -596,11 +624,10 @@ export async function AnthropicAuthPlugin({
                           requestContext.preparedBody === undefined
                             ? undefined
                             : cloneBodyForRetry(requestContext.preparedBody);
-                        return fetchWithTransport(retryUrl, {
-                          ...requestInit,
-                          body: retryBody,
-                          headers: headersForRetry,
-                        });
+                        return fetchWithTransport(
+                          retryUrl,
+                          buildTransportRequestInit(headersForRetry, retryBody, forceFreshConnection),
+                        );
                       },
                       { maxRetries: 2 },
                     );

package/src/refresh-lock.test.ts

@@ -102,15 +102,23 @@ describe("refresh-lock", () => {
     const first = await acquireRefreshLock("acc-4");
     expect(first.acquired).toBe(true);
     const firstLockPath = first.lockPath!;
+    const originalLockInode = first.lockInode;
+    expect(originalLockInode).not.toBeNull();
 
-    // Replace lock file with a new inode that reuses owner text.
-    await fs.unlink(firstLockPath);
+    // Keep the same owner text but pass a deliberately mismatched inode. This
+    // tests the safety check directly without relying on filesystem-specific
+    // inode allocation behavior, which can aggressively recycle inode numbers
+    // on Linux CI runners.
     await fs.writeFile(firstLockPath, JSON.stringify({ owner: first.owner, createdAt: Date.now() }), {
       encoding: "utf-8",
       mode: 0o600,
     });
 
-    await releaseRefreshLock(first);
+    await releaseRefreshLock({
+      lockPath: firstLockPath,
+      owner: first.owner,
+      lockInode: originalLockInode! + 1n,
+    });
 
     await expect(fs.stat(firstLockPath)).resolves.toBeTruthy();
 

package/src/refresh-lock.ts

@@ -20,7 +20,7 @@ export interface RefreshLockResult {
   acquired: boolean;
   lockPath: string | null;
   owner: string | null;
-  lockInode: number | null;
+  lockInode: bigint | null;
 }
 
 export interface AcquireLockOptions {
@@ -51,7 +51,7 @@ export async function acquireRefreshLock(
       const handle = await fs.open(lockPath, "wx", 0o600);
       try {
         await handle.writeFile(JSON.stringify({ pid: process.pid, createdAt: Date.now(), owner }), "utf-8");
-        const stat = await handle.stat();
+        const stat = await handle.stat({ bigint: true });
         return { acquired: true, lockPath, owner, lockInode: stat.ino };
       } finally {
         await handle.close();
@@ -63,8 +63,8 @@ export async function acquireRefreshLock(
       }
 
       try {
-        const stat = await fs.stat(lockPath);
-        if (Date.now() - stat.mtimeMs > staleMs) {
+        const stat = await fs.stat(lockPath, { bigint: true });
+        if (Date.now() - Number(stat.mtimeMs) > staleMs) {
           await fs.unlink(lockPath);
           continue;
         }
@@ -86,7 +86,7 @@ export type ReleaseLockInput =
   | {
       lockPath: string | null;
       owner?: string | null;
-      lockInode?: number | null;
+      lockInode?: bigint | null;
     }
   | string
   | null;
@@ -97,7 +97,7 @@ export type ReleaseLockInput =
 export async function releaseRefreshLock(lock: ReleaseLockInput): Promise<void> {
   const lockPath = typeof lock === "string" || lock === null ? lock : lock.lockPath;
   const owner = typeof lock === "object" && lock ? lock.owner || null : null;
-  const lockInode = typeof lock === "object" && lock ? lock.lockInode || null : null;
+  const lockInode = typeof lock === "object" && lock ? (lock.lockInode ?? null) : null;
 
   if (!lockPath) return;
 
@@ -112,7 +112,7 @@ export async function releaseRefreshLock(lock: ReleaseLockInput): Promise<void>
       }
 
       if (lockInode) {
-        const stat = await fs.stat(lockPath);
+        const stat = await fs.stat(lockPath, { bigint: true });
         if (stat.ino !== lockInode) {
           return;
         }

package/src/request/body.history.test.ts

@@ -126,21 +126,9 @@ describe("transformRequestBody - body cloning for retries", () => {
       tools: [{ name: "read_file", description: "Read a file" }],
     });
 
-    // The cch billing hash mixes Date.now() into its input (src/headers/billing.ts)
-    // to mimic CC's per-request attestation. Freeze the clock so the two calls
-    // produce byte-identical output and this test stays about clone-safety, not
-    // about an accidental millisecond collision. Without this, the idempotency
-    // assertion flakes whenever the two calls cross a millisecond boundary under
-    // load (husky pre-push, CI workers, etc.).
-    vi.useFakeTimers();
-    vi.setSystemTime(new Date("2026-01-01T00:00:00.000Z"));
-    try {
-      const result1 = transformRequestBody(originalBody, mockSignature, mockRuntime);
-      const result2 = transformRequestBody(originalBody, mockSignature, mockRuntime);
-      expect(result1).toBe(result2);
-    } finally {
-      vi.useRealTimers();
-    }
+    const result1 = transformRequestBody(originalBody, mockSignature, mockRuntime);
+    const result2 = transformRequestBody(originalBody, mockSignature, mockRuntime);
+    expect(result1).toBe(result2);
 
     const parsedOriginal = JSON.parse(originalBody);
     expect(parsedOriginal.tools[0].name).toBe("read_file");
@@ -156,22 +144,12 @@ describe("transformRequestBody - body cloning for retries", () => {
       messages: [{ role: "user", content: "test" }],
     });
 
-    // Same Date.now()-in-cch flake as the clone-safety test above. Freeze the
-    // clock so two transformRequestBody calls on the same body produce
-    // byte-identical output. See src/headers/billing.ts:59 for why the hash
-    // is time-mixed, and the clone-safety test above for the full rationale.
-    vi.useFakeTimers();
-    vi.setSystemTime(new Date("2026-01-01T00:00:00.000Z"));
-    try {
-      const result1 = transformRequestBody(body, mockSignature, mockRuntime);
-      expect(result1).toBeDefined();
-
-      const result2 = transformRequestBody(body, mockSignature, mockRuntime);
-      expect(result2).toBeDefined();
-      expect(result1).toBe(result2);
-    } finally {
-      vi.useRealTimers();
-    }
+    const result1 = transformRequestBody(body, mockSignature, mockRuntime);
+    expect(result1).toBeDefined();
+
+    const result2 = transformRequestBody(body, mockSignature, mockRuntime);
+    expect(result2).toBeDefined();
+    expect(result1).toBe(result2);
   });
 });
 

package/src/request/body.ts

@@ -3,6 +3,7 @@
 // ---------------------------------------------------------------------------
 
 import { CLAUDE_CODE_IDENTITY_STRING, KNOWN_IDENTITY_STRINGS } from "../constants.js";
+import { replaceNativeStyleCch } from "../headers/cch.js";
 import { buildSystemPromptBlocks } from "../system-prompt/builder.js";
 import { normalizeSystemTextBlocks } from "../system-prompt/normalize.js";
 import { normalizeThinkingBlock } from "../thinking.js";
@@ -319,7 +320,7 @@ export function transformRequestBody(
         return msg;
       });
     }
-    return JSON.stringify(parsed);
+    return replaceNativeStyleCch(JSON.stringify(parsed));
   } catch (err) {
     if (err instanceof SyntaxError) {
       debugLog?.("body parse failed:", err.message);

package/src/request/retry.test.ts

@@ -149,4 +149,31 @@ describe("fetchWithRetry", () => {
     expect(doFetch).toHaveBeenCalledTimes(2);
     expect(elapsedMs).toBeGreaterThanOrEqual(2900);
   });
+
+  it("retries thrown retryable network errors and marks the next attempt as fresh-connection", async () => {
+    const forceFreshConnectionByAttempt: boolean[] = [];
+    const doFetch = vi.fn(async ({ forceFreshConnection = false }: { forceFreshConnection?: boolean } = {}) => {
+      forceFreshConnectionByAttempt.push(forceFreshConnection);
+      if (forceFreshConnectionByAttempt.length === 1) {
+        throw Object.assign(new Error("Connection reset by server"), { code: "ECONNRESET" });
+      }
+
+      return makeResponse(200);
+    });
+
+    const response = await fetchWithRetry(doFetch, FAST_RETRY_CONFIG);
+
+    expect(response.status).toBe(200);
+    expect(doFetch).toHaveBeenCalledTimes(2);
+    expect(forceFreshConnectionByAttempt).toEqual([false, true]);
+  });
+
+  it("does not retry user abort errors", async () => {
+    const doFetch = vi.fn(async () => {
+      throw new DOMException("The operation was aborted", "AbortError");
+    });
+
+    await expect(fetchWithRetry(doFetch, FAST_RETRY_CONFIG)).rejects.toThrow(/aborted/i);
+    expect(doFetch).toHaveBeenCalledTimes(1);
+  });
 });

package/src/request/retry.ts

@@ -1,4 +1,9 @@
-import { parseRetryAfterHeader, parseRetryAfterMsHeader, parseShouldRetryHeader } from "../backoff.js";
+import {
+  isRetriableNetworkError,
+  parseRetryAfterHeader,
+  parseRetryAfterMsHeader,
+  parseShouldRetryHeader,
+} from "../backoff.js";
 
 export interface RetryConfig {
   maxRetries: number;
@@ -7,6 +12,16 @@ export interface RetryConfig {
   jitterFraction: number;
 }
 
+export interface RetryAttemptContext {
+  attempt: number;
+  forceFreshConnection: boolean;
+}
+
+export interface RetryOptions extends Partial<RetryConfig> {
+  shouldRetryError?: (error: unknown) => boolean;
+  shouldRetryResponse?: (response: Response) => boolean;
+}
+
 const DEFAULT_RETRY_CONFIG: RetryConfig = {
   maxRetries: 2,
   initialDelayMs: 500,
@@ -31,22 +46,41 @@ export function shouldRetryStatus(status: number, shouldRetryHeader: boolean | n
 }
 
 export async function fetchWithRetry(
-  doFetch: () => Promise<Response>,
-  config: Partial<RetryConfig> = {},
+  doFetch: (context: RetryAttemptContext) => Promise<Response>,
+  options: RetryOptions = {},
 ): Promise<Response> {
-  const resolvedConfig: RetryConfig = { ...DEFAULT_RETRY_CONFIG, ...config };
+  const resolvedConfig: RetryConfig = { ...DEFAULT_RETRY_CONFIG, ...options };
+  const shouldRetryError = options.shouldRetryError ?? isRetriableNetworkError;
+  const shouldRetryResponse =
+    options.shouldRetryResponse ??
+    ((response: Response) => {
+      const shouldRetryHeader = parseShouldRetryHeader(response);
+      return shouldRetryStatus(response.status, shouldRetryHeader);
+    });
+
+  let forceFreshConnection = false;
 
   for (let attempt = 0; ; attempt++) {
-    const response = await doFetch();
+    let response: Response;
+
+    try {
+      response = await doFetch({ attempt, forceFreshConnection });
+    } catch (error) {
+      if (!shouldRetryError(error) || attempt >= resolvedConfig.maxRetries) {
+        throw error;
+      }
+
+      const delayMs = calculateRetryDelay(attempt, resolvedConfig);
+      await waitFor(delayMs);
+      forceFreshConnection = true;
+      continue;
+    }
 
     if (response.ok) {
       return response;
     }
 
-    const shouldRetryHeader = parseShouldRetryHeader(response);
-    const shouldRetry = shouldRetryStatus(response.status, shouldRetryHeader);
-
-    if (!shouldRetry || attempt >= resolvedConfig.maxRetries) {
+    if (!shouldRetryResponse(response) || attempt >= resolvedConfig.maxRetries) {
       return response;
     }
 
@@ -56,5 +90,6 @@ export async function fetchWithRetry(
       calculateRetryDelay(attempt, resolvedConfig);
 
     await waitFor(delayMs);
+    forceFreshConnection = false;
   }
 }

package/src/system-prompt/builder.ts

@@ -29,7 +29,8 @@
 // - CC tool naming conventions can evolve independently from this file. Current
 //   plugin-specific tool prefix notes live in body/request docs, not here.
 //
-// See src/headers/billing.ts for billing-specific gaps and attestation notes.
+// See src/headers/billing.ts for version-suffix derivation and src/headers/cch.ts
+// for placeholder replacement and native-style cch computation.
 // ===========================================================================
 
 import {