chainlesschain 0.162.78 → 0.162.79

package/src/lib/runnable-provider.js

@@ -0,0 +1,97 @@
+/**
+ * Runnability guards for LLM model/provider selection.
+ *
+ * The task-based auto model-selector (lib/task-model-selector.js) switches the
+ * model by detected task type — e.g. a "quick" message on the `anthropic`
+ * provider becomes `claude-haiku`. That is WRONG when the target provider has
+ * no usable API key: it silently routes you onto a model you can't call and you
+ * get a 401. These helpers make selection "runnable-first": never switch onto a
+ * provider that has no usable (present) key, and let callers detect that the
+ * configured provider itself is not runnable.
+ *
+ * "Usable key" = a keyless local provider (ollama), OR the active session's
+ * configured key, OR the provider's standard env var (`<PROVIDER>_API_KEY`).
+ * Empty/whitespace keys never count (a missing or cleared key is not usable).
+ */
+import { BUILT_IN_PROVIDERS } from "./llm-providers.js";
+
+function nonEmpty(v) {
+  return typeof v === "string" && v.trim().length > 0;
+}
+
+/**
+ * Can we actually call `provider` right now?
+ *
+ * @param {string} provider
+ * @param {object} [opts]
+ * @param {string} [opts.apiKey]   the session's configured key — only counts
+ *                                 when `isActive` (it belongs to the ACTIVE
+ *                                 provider, not an arbitrary one).
+ * @param {boolean} [opts.isActive=true]
+ * @param {object} [opts.env=process.env]
+ * @returns {boolean}
+ */
+export function hasUsableKey(
+  provider,
+  { apiKey, isActive = true, env = process.env } = {},
+) {
+  const def = BUILT_IN_PROVIDERS[provider];
+  if (!def) return false;
+  if (!def.apiKeyEnv) return true; // keyless local provider (e.g. ollama)
+  if (isActive && nonEmpty(apiKey)) return true;
+  return nonEmpty(env[def.apiKeyEnv]);
+}
+
+/**
+ * Gate the task-based auto model-switch on runnability. Returns the recommended
+ * model ONLY when the (active) provider is runnable; otherwise returns null so
+ * the caller keeps the user's configured model instead of switching onto
+ * something it can't call.
+ *
+ * @param {object} args
+ * @param {string} args.provider
+ * @param {string} [args.currentModel]
+ * @param {string|null} [args.recommended]   from selectModelForTask()
+ * @param {string} [args.apiKey]
+ * @param {object} [args.env=process.env]
+ * @returns {string|null} a model to switch to, or null to keep the current one
+ */
+export function runnableTaskModel({
+  provider,
+  currentModel,
+  recommended,
+  apiKey,
+  env = process.env,
+} = {}) {
+  if (!recommended || recommended === currentModel) return null;
+  return hasUsableKey(provider, { apiKey, isActive: true, env })
+    ? recommended
+    : null;
+}
+
+/**
+ * Find a provider we can actually run, "runnable-first": keep `provider` when
+ * it has a usable key; otherwise fall back to the first built-in provider whose
+ * env key is set; otherwise the keyless local provider (ollama). Returns
+ * `{ provider, runnable, fellBackFrom?, keyless? }`. Pure given `env`.
+ */
+export function pickRunnableProvider({
+  provider,
+  apiKey,
+  env = process.env,
+} = {}) {
+  if (provider && hasUsableKey(provider, { apiKey, isActive: true, env })) {
+    return { provider, runnable: true };
+  }
+  for (const [name, def] of Object.entries(BUILT_IN_PROVIDERS)) {
+    if (def.apiKeyEnv && nonEmpty(env[def.apiKeyEnv])) {
+      return { provider: name, runnable: true, fellBackFrom: provider || null };
+    }
+  }
+  return {
+    provider: "ollama",
+    runnable: true,
+    keyless: true,
+    fellBackFrom: provider || null,
+  };
+}

package/src/repl/agent-repl.js

@@ -52,6 +52,7 @@ import {
   detectTaskType,
   selectModelForTask,
 } from "../lib/task-model-selector.js";
+import { runnableTaskModel, hasUsableKey } from "../lib/runnable-provider.js";
 import { CLIPermanentMemory } from "../lib/permanent-memory.js";
 import { CLIAutonomousAgent, GoalStatus } from "../lib/autonomous-agent.js";
 import {
@@ -743,7 +744,9 @@ export async function startAgentRepl(options = {}) {
         _bundleResolved.approvalPolicy.default,
       );
       // Mirror it so Shift+Tab cycling starts from the real tier.
-      const applied = parsePermissionTier(_bundleResolved.approvalPolicy.default);
+      const applied = parsePermissionTier(
+        _bundleResolved.approvalPolicy.default,
+      );
       if (applied) _sessionTier = applied;
     } catch (_err) {
       // Non-critical — invalid policy value is silently ignored
@@ -1307,7 +1310,7 @@ export async function startAgentRepl(options = {}) {
         `  ${chalk.cyan("/theme")}      Color theme (/theme <auto|dark|light|mono>; mono = no color)`,
       );
       logger.log(
-        `  ${chalk.cyan("/config")}     Effective config (provider/model, keys masked)`,
+        `  ${chalk.cyan("/config")}     Show config; ${chalk.cyan("/config <key>")} read, ${chalk.cyan("/config <key>=<val>")} set`,
       );
       logger.log(
         `  ${chalk.cyan("/doctor")}     Session health check (provider/key/IDE/MCP/hooks)`,
@@ -2695,18 +2698,43 @@ export async function startAgentRepl(options = {}) {
 
     // `/config` — effective configuration (secret-safe): the LLM provider/model
     // in effect, whether keys are set, web-search backend, config path.
-    if (trimmed === "/config" || trimmed === "/config ") {
+    // `/config <key>` reads a value; `/config <key>=<value>` (Claude-Code
+    // parity) or `/config <key> <value>` persists one. Secrets stay masked.
+    if (trimmed === "/config" || trimmed.startsWith("/config ")) {
       try {
-        const { loadConfig } = await import("../lib/config-manager.js");
+        const cm = await import("../lib/config-manager.js");
         const { getConfigPath } = await import("../lib/paths.js");
-        const { renderConfigSummary } = await import("./config-summary.js");
-        logger.log(
-          renderConfigSummary(loadConfig(), {
-            path: getConfigPath(),
-            activeProvider: provider,
-            activeModel: _curModel || model,
-          }),
-        );
+        const {
+          renderConfigSummary,
+          parseConfigCommand,
+          renderConfigGet,
+          renderConfigSet,
+        } = await import("./config-summary.js");
+        const cmd = parseConfigCommand(trimmed.slice("/config".length));
+        if (cmd.action === "error") {
+          logger.error(chalk.red(`/config: ${cmd.message}`));
+        } else if (cmd.action === "get") {
+          logger.log(renderConfigGet(cmd.key, cm.getConfigValue(cmd.key)));
+        } else if (cmd.action === "set") {
+          cm.setConfigValue(cmd.key, cmd.value);
+          logger.log(
+            chalk.green("✓ ") +
+              renderConfigSet(cmd.key, cm.getConfigValue(cmd.key)),
+          );
+          logger.log(
+            chalk.gray(
+              "  (persisted; provider/model changes apply to new sessions)",
+            ),
+          );
+        } else {
+          logger.log(
+            renderConfigSummary(cm.loadConfig(), {
+              path: getConfigPath(),
+              activeProvider: provider,
+              activeModel: _curModel || model,
+            }),
+          );
+        }
       } catch (err) {
         logger.error(chalk.red(`/config failed: ${err.message}`));
       }
@@ -3080,16 +3108,35 @@ export async function startAgentRepl(options = {}) {
       // Slot-filling failure is non-critical
     }
 
-    // Auto-select best model based on task type
+    // Auto-select best model based on task type — but ONLY onto a runnable
+    // provider. The selector maps e.g. "fast" → claude-haiku on anthropic; if
+    // there's no usable key for the provider, never switch there (you'd just
+    // get a 401). Runnable-first: keep the configured (working) model instead.
     let activeModel = model;
     const taskDetection = detectTaskType(promptText);
     if (taskDetection.confidence > 0.3) {
       const recommended = selectModelForTask(provider, taskDetection.taskType);
-      if (recommended && recommended !== activeModel) {
-        activeModel = recommended;
+      const switchTo = runnableTaskModel({
+        provider,
+        currentModel: activeModel,
+        recommended,
+        apiKey,
+      });
+      if (switchTo) {
+        activeModel = switchTo;
         logger.info(
           chalk.gray(`[auto] ${taskDetection.name} → ${activeModel}`),
         );
+      } else if (
+        recommended &&
+        recommended !== activeModel &&
+        !hasUsableKey(provider, { apiKey })
+      ) {
+        logger.info(
+          chalk.gray(
+            `[auto] ${taskDetection.name}: keeping ${activeModel} — no usable key for "${provider}" (skipping ${recommended})`,
+          ),
+        );
       }
     }
 
@@ -3122,7 +3169,8 @@ export async function startAgentRepl(options = {}) {
         ? {
             onToken: (t) => {
               // Separate the answer from the dimmed reasoning above it (once).
-              if (!_liveStreamed && _liveThinkStarted) process.stdout.write("\n");
+              if (!_liveStreamed && _liveThinkStarted)
+                process.stdout.write("\n");
               _liveStreamed = true;
               process.stdout.write(t);
             },
@@ -3143,6 +3191,16 @@ export async function startAgentRepl(options = {}) {
         thinking: reasoning,
       } = await agentLoop(messages, {
         ...liveOpts,
+        // Visible auto-retry feedback (Claude-Code 2.1.181): when the model's
+        // streaming call hits a transient connection drop and retries, tell the
+        // user instead of leaving them staring at a silent pause. To stderr so
+        // it never corrupts the streamed answer on stdout.
+        onStreamRetry: (attempt) =>
+          process.stderr.write(
+            chalk.dim(
+              `  ⟳ connection dropped — retrying (attempt ${attempt})…\n`,
+            ),
+          ),
         signal: _turnAbort.signal,
         provider,
         model: activeModel,
@@ -3242,7 +3300,8 @@ export async function startAgentRepl(options = {}) {
         } else {
           // Phase G #2 — route through StreamRouter so REPL / WS / future
           // streaming providers share one StreamEvent protocol.
-          const { streamAgentResponse } = await import("../lib/agent-stream.js");
+          const { streamAgentResponse } =
+            await import("../lib/agent-stream.js");
           process.stdout.write("\n");
           const noStream = options.noStream === true;
           const streamResult = await streamAgentResponse(effectiveResponse, {

package/src/repl/config-summary.js

@@ -17,6 +17,72 @@ export function maskSecret(v) {
   return s.length <= 4 ? "set (hidden)" : `set (…${s.slice(-4)})`;
 }
 
+/**
+ * A config key whose value must never be echoed in plaintext in the
+ * (shoulder-surfable) interactive REPL — apiKey / secret / token / password.
+ * Matched on the last dotted segment (e.g. `llm.apiKey`, `webSearch.apiKey`).
+ */
+const SECRET_KEY_RE = /(api[_-]?key|secret|token|password|passwd)$/i;
+export function isSecretConfigKey(key) {
+  if (!key) return false;
+  const last = String(key).split(".").pop();
+  return SECRET_KEY_RE.test(last);
+}
+
+/**
+ * Parse the argument string after `/config` into an action.
+ * Mirrors Claude Code's `/config key=value` syntax, and also accepts the
+ * `/config key value` form. Returns one of:
+ *   { action: "show" }                       // `/config`
+ *   { action: "get", key }                   // `/config llm.model`
+ *   { action: "set", key, value }            // `/config llm.model=opus` | `/config llm.model opus`
+ *   { action: "error", message }
+ * `value` is the raw string; the caller coerces (true/false/null/number) via
+ * config-manager's setConfigValue.
+ *
+ * @param {string} argStr  everything after the literal `/config`
+ */
+export function parseConfigCommand(argStr) {
+  const s = (argStr || "").trim();
+  if (s === "") return { action: "show" };
+
+  const eq = s.indexOf("=");
+  if (eq !== -1) {
+    const key = s.slice(0, eq).trim();
+    const value = s.slice(eq + 1).trim();
+    if (!key) return { action: "error", message: "missing key before '='" };
+    return { action: "set", key, value };
+  }
+
+  // `key value` — split on the first run of whitespace.
+  const m = s.match(/^(\S+)\s+([\s\S]+)$/);
+  if (m) return { action: "set", key: m[1], value: m[2].trim() };
+
+  // Bare token → read that key.
+  return { action: "get", key: s };
+}
+
+/** Render a single config value for `/config <key>`, masking secrets. */
+export function renderConfigGet(key, value) {
+  if (value === undefined) return `${key} = (unset)`;
+  if (isSecretConfigKey(key)) return `${key} = ${maskSecret(value)}`;
+  const shown =
+    value !== null && typeof value === "object"
+      ? JSON.stringify(value)
+      : String(value);
+  return `${key} = ${shown}`;
+}
+
+/** Render the confirmation line after `/config <key>=<value>`. */
+export function renderConfigSet(key, storedValue) {
+  if (isSecretConfigKey(key)) return `set ${key} = ${maskSecret(storedValue)}`;
+  const shown =
+    storedValue !== null && typeof storedValue === "object"
+      ? JSON.stringify(storedValue)
+      : String(storedValue);
+  return `set ${key} = ${shown}`;
+}
+
 /**
  * @param {object|null} config  loaded config.json
  * @param {object} [opts]  { path, activeProvider, activeModel }

package/src/runtime/agent-core.js

@@ -1207,6 +1207,37 @@ export async function executeTool(name, args, context = {}) {
   return toolResult;
 }
 
+/**
+ * Write a file then verify the on-disk byte count matches the intended
+ * content. Network drives and cloud-synced folders (OneDrive / Dropbox /
+ * Google Drive) can silently truncate a write or leave a 0-byte file; without
+ * this check the agent reports `success` on a corrupted write and moves on.
+ * Parity with Claude-Code 2.1.181 ("Fixed Write/Edit producing 0-byte or
+ * truncated files on network drives and cloud-synced folders").
+ *
+ * Returns `{ size }` (actual on-disk bytes) on success, or `{ error }`
+ * describing the truncation so the caller surfaces it as a tool error instead
+ * of a false success. `fsImpl` is injectable for unit tests.
+ */
+export function writeFileVerified(filePath, content, fsImpl = fs) {
+  const expected = Buffer.byteLength(content, "utf8");
+  fsImpl.writeFileSync(filePath, content, "utf8");
+  let actual;
+  try {
+    actual = fsImpl.statSync(filePath).size;
+  } catch (err) {
+    return {
+      error: `Write verification failed: cannot stat ${filePath} after writing (${err.message}). The file may be on an unreliable network or cloud-synced drive.`,
+    };
+  }
+  if (actual !== expected) {
+    return {
+      error: `Write truncated: expected ${expected} bytes but only ${actual} reached disk for ${filePath}. A network drive or cloud-sync folder (OneDrive/Dropbox/Google Drive) may have interrupted the write — retry, or write to a local path.`,
+    };
+  }
+  return { size: actual };
+}
+
 /**
  * Inner tool execution — no hooks, no plan-mode checks.
  */
@@ -1297,11 +1328,12 @@ async function executeToolInner(
       if (!fs.existsSync(dir)) {
         fs.mkdirSync(dir, { recursive: true });
       }
-      fs.writeFileSync(filePath, args.content, "utf8");
+      const wrote = writeFileVerified(filePath, args.content);
+      if (wrote.error) return attachDescriptor({ error: wrote.error });
       return attachDescriptor({
         success: true,
         path: filePath,
-        size: args.content.length,
+        size: wrote.size,
       });
     }
 
@@ -1315,8 +1347,13 @@ async function executeToolInner(
         return attachDescriptor({ error: "old_string not found in file" });
       }
       const newContent = content.replace(args.old_string, args.new_string);
-      fs.writeFileSync(filePath, newContent, "utf8");
-      return attachDescriptor({ success: true, path: filePath });
+      const wrote = writeFileVerified(filePath, newContent);
+      if (wrote.error) return attachDescriptor({ error: wrote.error });
+      return attachDescriptor({
+        success: true,
+        path: filePath,
+        size: wrote.size,
+      });
     }
 
     case "edit_file_hashed": {
@@ -1358,10 +1395,12 @@ async function executeToolInner(
           ...(snippet && { current_snippet: snippet }),
         });
       }
-      fs.writeFileSync(filePath, result.content, "utf8");
+      const wrote = writeFileVerified(filePath, result.content);
+      if (wrote.error) return attachDescriptor({ error: wrote.error });
       return attachDescriptor({
         success: true,
         path: filePath,
+        size: wrote.size,
         lineNumber: result.lineNumber,
         previousContent: result.previousContent,
       });
@@ -2566,11 +2605,15 @@ export async function chatWithTools(rawMessages, options) {
     // same {message, usage} shape is returned, so the agent loop is unchanged.
     // Without onToken we keep the cheaper single-shot non-streaming request.
     if (typeof options.onToken === "function") {
-      return await _chatOllamaStreaming(
-        apiUrl,
-        { model, messages: ollamaMessages, tools },
-        options.onToken,
-        signal,
+      return await _retryStreamingChat(
+        () =>
+          _chatOllamaStreaming(
+            apiUrl,
+            { model, messages: ollamaMessages, tools },
+            options.onToken,
+            signal,
+          ),
+        { signal, onRetry: options.onStreamRetry },
       );
     }
     const response = await fetch(apiUrl, {
@@ -2585,7 +2628,7 @@ export async function chatWithTools(rawMessages, options) {
       }),
     });
     if (!response.ok) {
-      throw new Error(`Ollama error: ${response.status}`);
+      throw new Error(formatProviderHttpError("ollama", response.status));
     }
     const data = await response.json();
     if (data.prompt_eval_count || data.eval_count) {
@@ -2652,13 +2695,17 @@ export async function chatWithTools(rawMessages, options) {
     // and forward text deltas live, assembling tool_use blocks back into the
     // same {message, usage} shape the non-streaming path returns.
     if (typeof options.onToken === "function") {
-      return await _chatAnthropicStreaming(
-        `${url}/messages`,
-        { ...body, stream: true },
-        { "x-api-key": key, "anthropic-version": "2023-06-01" },
-        options.onToken,
-        signal,
-        options.onThinking,
+      return await _retryStreamingChat(
+        () =>
+          _chatAnthropicStreaming(
+            `${url}/messages`,
+            { ...body, stream: true },
+            { "x-api-key": key, "anthropic-version": "2023-06-01" },
+            options.onToken,
+            signal,
+            options.onThinking,
+          ),
+        { signal, onRetry: options.onStreamRetry },
       );
     }
 
@@ -2674,7 +2721,7 @@ export async function chatWithTools(rawMessages, options) {
     });
 
     if (!response.ok) {
-      throw new Error(`Anthropic error: ${response.status}`);
+      throw new Error(formatProviderHttpError("anthropic", response.status));
     }
 
     const data = await response.json();
@@ -2736,19 +2783,23 @@ export async function chatWithTools(rawMessages, options) {
   // stream the SSE response, forward content deltas live, and reassemble the
   // delta-fragmented tool_calls into the standard {message, usage} shape.
   if (typeof options.onToken === "function") {
-    return await _chatOpenAIStreaming(
-      `${url}/chat/completions`,
-      {
-        model: model || defaultModels[provider] || "gpt-4o-mini",
-        messages,
-        tools,
-        stream: true,
-        stream_options: { include_usage: true },
-      },
-      key,
-      options.onToken,
-      signal,
-      provider,
+    return await _retryStreamingChat(
+      () =>
+        _chatOpenAIStreaming(
+          `${url}/chat/completions`,
+          {
+            model: model || defaultModels[provider] || "gpt-4o-mini",
+            messages,
+            tools,
+            stream: true,
+            stream_options: { include_usage: true },
+          },
+          key,
+          options.onToken,
+          signal,
+          provider,
+        ),
+      { signal, onRetry: options.onStreamRetry },
     );
   }
 
@@ -2767,7 +2818,7 @@ export async function chatWithTools(rawMessages, options) {
   });
 
   if (!response.ok) {
-    throw new Error(`${provider} API error: ${response.status}`);
+    throw new Error(formatProviderHttpError(provider, response.status));
   }
 
   const data = await response.json();
@@ -2880,6 +2931,108 @@ export function _streamErrorDisposition(err, signal, partialText) {
   return "rethrow";
 }
 
+/**
+ * Format a provider HTTP error with an actionable hint. 401/403 almost always
+ * means a missing/invalid API key for the ACTIVE provider — and because the
+ * provider is resolved from config, a surprise "anthropic 401" usually means
+ * the effective provider differs from what the user configured. Name the
+ * provider and point at the fix instead of dumping a bare status code. Pure +
+ * exported for tests.
+ */
+export function formatProviderHttpError(provider, status) {
+  const base = `${provider} API error: HTTP ${status}`;
+  if (status === 401 || status === 403) {
+    return (
+      `${base} — authentication failed: the API key for provider "${provider}" ` +
+      `is missing or invalid. Check "cc config get llm.provider" and ` +
+      `"cc config get llm.apiKey" (or run Configure LLM). A surprise "${provider}" ` +
+      `here usually means the effective provider differs from the one you configured.`
+    );
+  }
+  if (status === 429) return `${base} — rate limited; please retry shortly.`;
+  return base;
+}
+
+/**
+ * Is this error from a streaming chat request a transient API CONNECTION drop
+ * that is safe to retry? True only for genuine network failures (reset /
+ * timeout / DNS / refused / socket hangup / undici "terminated" / "fetch
+ * failed"). False for user aborts and for HTTP/status errors (a 4xx/auth/5xx is
+ * the server's verdict carried in the message, not a dropped pipe — retrying a
+ * connection that never dropped won't help and could double-bill).
+ *
+ * Safe to act on at the dispatch seam because any error that propagates OUT of
+ * `_chat*Streaming` is either an abort or a drop with ZERO output already
+ * streamed (partial-output drops are preserved internally and never throw) — so
+ * a retry can never duplicate visible text. Pure + exported for tests.
+ */
+export function _isRetryableStreamError(err, signal) {
+  if (isAbortError(err)) return false;
+  if (signal && signal.aborted) return false;
+  if (!err) return false;
+  const code = String(err.code || err.cause?.code || "").toUpperCase();
+  if (
+    [
+      "ECONNRESET",
+      "ETIMEDOUT",
+      "ECONNREFUSED",
+      "EAI_AGAIN",
+      "EPIPE",
+      "ENETUNREACH",
+      "ENOTFOUND",
+      "UND_ERR_SOCKET",
+    ].includes(code)
+  ) {
+    return true;
+  }
+  const msg = String(err.message || err).toLowerCase();
+  return /econnreset|etimedout|econnrefused|eai_again|socket hang ?up|terminated|fetch failed|network error|timed?\s*out|premature close/.test(
+    msg,
+  );
+}
+
+/** Bounded auto-retry for streaming connection drops (Claude-Code 2.1.181). */
+const STREAM_RETRY_MAX = 2;
+const STREAM_RETRY_BASE_MS = 400;
+
+/**
+ * Run a streaming chat attempt with bounded auto-retry on transient API
+ * connection drops (Claude-Code 2.1.181: "auto-retry for API connection drops
+ * during thinking"). Only connection-level failures are retried (see
+ * `_isRetryableStreamError`); user aborts and HTTP/status errors surface
+ * immediately. Backoff is exponential and abort-aware. Transparent to the
+ * caller: on success returns the attempt's result; on exhaustion rethrows the
+ * last error — strictly better than today (one drop → instant error).
+ *
+ * @param {() => Promise<any>} streamFn  invokes one `_chat*Streaming` attempt
+ * @param {object} opts  { signal?, retries?, baseDelayMs?, onRetry?, sleep? }
+ */
+export async function _retryStreamingChat(streamFn, opts = {}) {
+  const retries = opts.retries ?? STREAM_RETRY_MAX;
+  const base = opts.baseDelayMs ?? STREAM_RETRY_BASE_MS;
+  const signal = opts.signal;
+  const sleep = opts.sleep || ((ms) => new Promise((r) => setTimeout(r, ms)));
+  let attempt = 0;
+  for (;;) {
+    try {
+      return await streamFn();
+    } catch (err) {
+      if (attempt >= retries || !_isRetryableStreamError(err, signal))
+        throw err;
+      attempt++;
+      if (typeof opts.onRetry === "function") {
+        try {
+          opts.onRetry(attempt, err);
+        } catch {
+          /* the retry notice is best-effort; never let it mask the retry */
+        }
+      }
+      await sleep(base * Math.pow(2, attempt - 1));
+      if (signal && signal.aborted) throw err; // user bailed during backoff
+    }
+  }
+}
+
 /**
  * Finalize a partial stream into the standard {message, usage} shape after a
  * mid-stream connection drop: marks the message truncated and drops any
@@ -2902,7 +3055,7 @@ async function _chatOllamaStreaming(apiUrl, body, onToken, signal) {
     body: JSON.stringify({ ...body, stream: true }),
   });
   if (!response.ok) {
-    throw new Error(`Ollama error: ${response.status}`);
+    throw new Error(formatProviderHttpError("ollama", response.status));
   }
   const state = _ollamaInitState();
   const reader = response.body.getReader();
@@ -3064,7 +3217,7 @@ async function _chatAnthropicStreaming(
     body: JSON.stringify(body),
   });
   if (!response.ok) {
-    throw new Error(`Anthropic error: ${response.status}`);
+    throw new Error(formatProviderHttpError("anthropic", response.status));
   }
   const state = _anthropicInitState();
   const reader = response.body.getReader();
@@ -3184,7 +3337,7 @@ async function _chatOpenAIStreaming(
     body: JSON.stringify(body),
   });
   if (!response.ok) {
-    throw new Error(`${provider} API error: ${response.status}`);
+    throw new Error(formatProviderHttpError(provider, response.status));
   }
   const state = _openaiInitState();
   const reader = response.body.getReader();