claude-overnight 1.19.1 → 1.23.1

package/dist/_version.d.ts

@@ -1 +1 @@
-export declare const VERSION = "1.19.1";
+export declare const VERSION = "1.23.1";

package/dist/_version.js

@@ -1,2 +1,2 @@
 // Auto-generated by build — do not edit manually.
-export const VERSION = "1.19.1";
+export const VERSION = "1.23.1";

package/dist/providers.d.ts

@@ -58,6 +58,7 @@ export declare const PROXY_DEFAULT_URL = "http://127.0.0.1:8765";
 export declare function isCursorProxyProvider(p: ProviderConfig): boolean;
 /**
  * Health check: GET /health on the proxy. Returns true if proxy is reachable.
+ * Passes the stored API key so the /health endpoint doesn't return 401.
  */
 export declare function healthCheckCursorProxy(baseUrl?: string): Promise<boolean>;
 /**
@@ -68,22 +69,21 @@ export declare function fetchCursorModels(baseUrl?: string): Promise<string[]>;
 /**
  * Auto-start the cursor-api-proxy as a detached background process.
  *
- * When the proxy is started, we also configure it to use system Node.js
- * for spawning the cursor-agent subprocess. The agent's bundled Node.js
- * segfaults with --list-models on macOS (exit 139), so we resolve the
- * system `node` binary and the agent's index.js, patch the proxy's env.js
- * to respect CURSOR_AGENT_NODE/SCRIPT on Unix, and pass those env vars.
+ * Passes CURSOR_AGENT_NODE/SCRIPT so the fork uses system Node.js for the
+ * agent subprocess (avoids segfaults with --list-models on macOS).
  *
  * Handles:
  *  - Proxy already running and verified → returns true immediately
- *  - Something on the port but not our proxy → warns, skips spawn
- *  - Port in use by nothing responsive → returns true (something bound it)
- *  - Proxy not running → spawns `npx cursor-api-proxy` detached, waits for health
- *  - Spawn fails (not installed) → returns false, caller falls back to manual instructions
+ *  - Something on the port but not our proxy → warns, kills, restarts
+ *  - Proxy not running → spawns detached, waits for health
+ *  - Spawn fails → returns false, caller falls back to manual instructions
+ *
+ * When `forceRestart` is true and a stale process is on the port, it will be
+ * killed and the proxy restarted.
  *
  * Returns true when the proxy is reachable at PROXY_DEFAULT_URL.
  */
-export declare function ensureCursorProxyRunning(baseUrl?: string): Promise<boolean>;
+export declare function ensureCursorProxyRunning(baseUrl?: string, forceRestart?: boolean): Promise<boolean>;
 /**
  * Full install + configure flow for cursor-api-proxy.
  * Walks through CLI install, API key config, and proxy start.

package/dist/providers.js

@@ -1,4 +1,4 @@
-import { readFileSync, writeFileSync, mkdirSync, existsSync, chmodSync, realpathSync, readdirSync } from "fs";
+import { readFileSync, writeFileSync, mkdirSync, existsSync, chmodSync, realpathSync } from "fs";
 import { homedir } from "os";
 import { join, dirname } from "path";
 import { execSync, spawn } from "child_process";
@@ -262,13 +262,28 @@ export const PROXY_DEFAULT_URL = "http://127.0.0.1:8765";
 export function isCursorProxyProvider(p) {
     return p.cursorProxy === true || p.baseURL === PROXY_DEFAULT_URL;
 }
+/** Resolve the cursor-api-proxy API key from env or providers.json. */
+function resolveCursorProxyKey() {
+    if (process.env.CURSOR_BRIDGE_API_KEY?.trim())
+        return process.env.CURSOR_BRIDGE_API_KEY.trim();
+    const saved = loadProviders().find(p => p.cursorProxy);
+    if (saved?.cursorApiKey?.trim())
+        return saved.cursorApiKey.trim();
+    return null;
+}
+/** Build fetch options with the cursor proxy auth header if a key is available. */
+function cursorProxyFetchOpts() {
+    const key = resolveCursorProxyKey();
+    return key ? { headers: { Authorization: `Bearer ${key}` } } : {};
+}
 /**
  * Health check: GET /health on the proxy. Returns true if proxy is reachable.
+ * Passes the stored API key so the /health endpoint doesn't return 401.
  */
 export async function healthCheckCursorProxy(baseUrl = PROXY_DEFAULT_URL) {
     const url = `${baseUrl.replace(/\/$/, "")}/health`;
     try {
-        const res = await fetch(url, { method: "GET", signal: AbortSignal.timeout(3_000) });
+        const res = await fetch(url, { method: "GET", signal: AbortSignal.timeout(3_000), ...cursorProxyFetchOpts() });
         return res.ok;
     }
     catch {
@@ -282,7 +297,7 @@ export async function healthCheckCursorProxy(baseUrl = PROXY_DEFAULT_URL) {
 export async function fetchCursorModels(baseUrl = PROXY_DEFAULT_URL) {
     const url = `${baseUrl.replace(/\/$/, "")}/v1/models`;
     try {
-        const res = await fetch(url, { method: "GET", signal: AbortSignal.timeout(5_000) });
+        const res = await fetch(url, { method: "GET", signal: AbortSignal.timeout(5_000), ...cursorProxyFetchOpts() });
         if (!res.ok)
             return [];
         const json = await res.json();
@@ -336,16 +351,26 @@ async function fetchLiveCursorModels() {
 }
 /**
  * Verify something is actually cursor-api-proxy (not just any HTTP service on the port).
- * Calls /v1/models and checks the response shape. Returns true if it looks like the proxy.
+ * Tries /health first (proxy identity), then falls back to /v1/models shape check.
+ * Returns true if it looks like the proxy.
  */
 async function verifyCursorProxy(baseUrl = PROXY_DEFAULT_URL) {
-    const url = `${baseUrl.replace(/\/$/, "")}/v1/models`;
+    const url = baseUrl.replace(/\/$/, "");
+    const opts = cursorProxyFetchOpts();
+    // /health is the most reliable proxy identity check — works even when
+    // /v1/models fails due to agent subprocess crash (macOS segfault).
     try {
-        const res = await fetch(url, { method: "GET", signal: AbortSignal.timeout(3_000) });
+        const res = await fetch(`${url}/health`, { method: "GET", signal: AbortSignal.timeout(3_000), ...opts });
+        if (res.ok)
+            return true;
+    }
+    catch { }
+    // Fallback: check /v1/models response shape
+    try {
+        const res = await fetch(`${url}/v1/models`, { method: "GET", signal: AbortSignal.timeout(3_000), ...opts });
         if (!res.ok)
             return false;
         const json = await res.json();
-        // cursor-api-proxy returns { data: [{ id: "...", ... }] }
         return Array.isArray(json?.data);
     }
     catch {
@@ -353,143 +378,65 @@ async function verifyCursorProxy(baseUrl = PROXY_DEFAULT_URL) {
     }
 }
 /**
- * Check whether something is already listening on the proxy port.
- * Returns true if any process bound the port (another instance, Cursor CLI, etc.).
- */
-async function isPortInUse(port, host = "127.0.0.1") {
-    try {
-        const res = await fetch(`http://${host}:${port}/health`, {
-            method: "GET",
-            signal: AbortSignal.timeout(2_000),
-        });
-        return res.ok || res.status >= 400; // any response means something is listening
-    }
-    catch {
-        return false;
-    }
-}
-/**
- * Find the system `node` binary path. Uses `which` to bypass any bundled node.
+ * Kill whatever process is bound to the given port. Uses `lsof` on macOS /
+ * `fuser` on Linux. Returns the PID that was killed, or null if nothing found
+ * or permission denied.
  */
-function resolveSystemNode() {
+function killProcessOnPort(port, host = "127.0.0.1") {
     try {
-        return execSync("which node 2>/dev/null", {
-            timeout: 3_000, encoding: "utf-8", shell: "bash",
-        }).trim() || null;
+        // macOS / BSD: lsof -ti :PORT gives just the PID
+        const pid = execSync(`lsof -ti :${port} 2>/dev/null`, {
+            timeout: 5_000, encoding: "utf-8",
+        }).trim().split("\n")[0];
+        if (!pid || !/^\d+$/.test(pid))
+            return null;
+        execSync(`kill -9 ${pid} 2>/dev/null`, { timeout: 5_000 });
+        return parseInt(pid, 10);
     }
     catch {
         return null;
     }
 }
 /**
- * Find the cursor-agent's index.js. Mirrors the logic in fetchLiveCursorModels:
- * resolves the `agent` symlink to find the version directory containing index.js.
+ * Check whether something is already listening on the proxy port.
+ * Returns true if any process bound the port (another instance, Cursor CLI, etc.).
  */
-function resolveAgentIndexJs() {
+async function isPortInUse(port, host = "127.0.0.1") {
     try {
-        const agentPath = execSync("command -v agent 2>/dev/null || command -v cursor-agent 2>/dev/null", {
-            timeout: 3_000, encoding: "utf-8", shell: "bash",
-        }).trim();
-        if (!agentPath)
-            return null;
-        const dir = dirname(realpathSync(agentPath));
-        const indexPath = `${dir}/index.js`;
-        return existsSync(indexPath) ? indexPath : null;
+        const res = await fetch(`http://${host}:${port}/health`, {
+            method: "GET",
+            signal: AbortSignal.timeout(2_000),
+        });
+        return res.ok || res.status >= 400; // any response means something is listening
     }
     catch {
-        return null;
-    }
-}
-/**
- * Patch the proxy's env.js to use CURSOR_AGENT_NODE + CURSOR_AGENT_SCRIPT on Unix.
- *
- * The proxy already reads these env vars (lines 152-153 of env.js) but only uses
- * them on Windows in resolveAgentCommand(). We inject a Unix code path before the
- * final `return { command: cmd, args, env }` so that when these vars are set,
- * the proxy spawns system node with the agent script instead of the bundled node
- * (which segfaults with --list-models on macOS).
- *
- * Safe to call repeatedly — the patch is idempotent.
- */
-function patchProxyEnvJs(proxyDir) {
-    const envJs = join(proxyDir, "dist", "lib", "env.js");
-    if (!existsSync(envJs))
         return false;
-    const src = readFileSync(envJs, "utf-8");
-    // Check if already patched
-    if (src.includes("/* claude-overnight patch */"))
-        return true;
-    const patch = `\n/* claude-overnight patch: use CURSOR_AGENT_NODE+SCRIPT on unix */\n` +
-        `if (platform !== "win32" && loaded.agentNode && loaded.agentScript) {\n` +
-        `  return { command: loaded.agentNode, args: [loaded.agentScript, ...args], env: { ...env, CURSOR_INVOKED_AS: "agent" }, agentScriptPath: loaded.agentScript };\n` +
-        `}`;
-    // Insert before the final return in resolveAgentCommand
-    const target = "    return { command: cmd, args, env };\n}";
-    if (!src.includes(target)) {
-        // Try minified variant
-        const target2 = "return{command:cmd,args,env}}";
-        if (!src.includes(target2))
-            return false;
-        writeFileSync(envJs, src.replace(target2, patch + "\n" + target2), "utf-8");
-    }
-    else {
-        writeFileSync(envJs, src.replace(target, patch + "\n" + target), "utf-8");
-    }
-    return true;
-}
-/**
- * Find the cursor-api-proxy package directory (npx cache or global install).
- */
-function findProxyPackageDir() {
-    try {
-        // Try npx cache first
-        const npmCacheRoot = join(homedir(), ".npm", "_npx");
-        if (existsSync(npmCacheRoot)) {
-            const dirs = readdirSync(npmCacheRoot);
-            for (const d of dirs) {
-                const candidate = join(npmCacheRoot, d, "node_modules", "cursor-api-proxy");
-                if (existsSync(join(candidate, "dist", "lib", "env.js")))
-                    return candidate;
-            }
-        }
     }
-    catch { }
-    // Try global install
-    try {
-        const globalDir = execSync("npm root -g 2>/dev/null", {
-            timeout: 5_000, encoding: "utf-8", shell: "bash",
-        }).trim();
-        if (globalDir && existsSync(join(globalDir, "cursor-api-proxy", "dist", "lib", "env.js"))) {
-            return join(globalDir, "cursor-api-proxy");
-        }
-    }
-    catch { }
-    return null;
 }
 /**
  * Auto-start the cursor-api-proxy as a detached background process.
  *
- * When the proxy is started, we also configure it to use system Node.js
- * for spawning the cursor-agent subprocess. The agent's bundled Node.js
- * segfaults with --list-models on macOS (exit 139), so we resolve the
- * system `node` binary and the agent's index.js, patch the proxy's env.js
- * to respect CURSOR_AGENT_NODE/SCRIPT on Unix, and pass those env vars.
+ * Passes CURSOR_AGENT_NODE/SCRIPT so the fork uses system Node.js for the
+ * agent subprocess (avoids segfaults with --list-models on macOS).
  *
  * Handles:
  *  - Proxy already running and verified → returns true immediately
- *  - Something on the port but not our proxy → warns, skips spawn
- *  - Port in use by nothing responsive → returns true (something bound it)
- *  - Proxy not running → spawns `npx cursor-api-proxy` detached, waits for health
- *  - Spawn fails (not installed) → returns false, caller falls back to manual instructions
+ *  - Something on the port but not our proxy → warns, kills, restarts
+ *  - Proxy not running → spawns detached, waits for health
+ *  - Spawn fails → returns false, caller falls back to manual instructions
+ *
+ * When `forceRestart` is true and a stale process is on the port, it will be
+ * killed and the proxy restarted.
  *
  * Returns true when the proxy is reachable at PROXY_DEFAULT_URL.
  */
-export async function ensureCursorProxyRunning(baseUrl = PROXY_DEFAULT_URL) {
+export async function ensureCursorProxyRunning(baseUrl = PROXY_DEFAULT_URL, forceRestart = false) {
     const url = new URL(baseUrl);
     const port = parseInt(url.port, 10) || 80;
     // Already healthy?
-    if (await healthCheckCursorProxy(baseUrl))
+    if (await healthCheckCursorProxy(baseUrl)) {
         return true;
+    }
     // Something bound the port — verify it's actually the cursor proxy
     if (await isPortInUse(port, url.hostname)) {
         const isProxy = await verifyCursorProxy(baseUrl);
@@ -497,38 +444,53 @@ export async function ensureCursorProxyRunning(baseUrl = PROXY_DEFAULT_URL) {
             console.log(chalk.dim(`  Proxy verified at port ${port}`));
             return true;
         }
-        console.log(chalk.yellow(`  ⚠ Something is on port ${port} but it's not cursor-api-proxy`));
-        console.log(chalk.dim(`  Skip auto-start. If this is unexpected, stop the service or pick a different port.`));
-        return false;
+        // Stale process on the port — kill it if forceRestart, or try automatically
+        if (!forceRestart) {
+            console.log(chalk.yellow(`  ⚠ Something is on port ${port} but it's not cursor-api-proxy — killing stale process…`));
+        }
+        const killedPid = killProcessOnPort(port, url.hostname);
+        if (killedPid) {
+            console.log(chalk.green(`  ✓ Killed stale process PID ${killedPid} on port ${port}`));
+            await new Promise(r => setTimeout(r, 500));
+            return startProxyProcess(baseUrl, url, port);
+        }
+        // Couldn't kill (permission denied, already gone) — try starting anyway
+        console.log(chalk.yellow(`  ⚠ Couldn't kill process on port ${port} — attempting to start proxy anyway…`));
+        return startProxyProcess(baseUrl, url, port);
     }
     // Port is free — auto-start the proxy
+    return startProxyProcess(baseUrl, url, port);
+}
+/** Spawn the proxy process and wait for it to become healthy. */
+async function startProxyProcess(baseUrl, url, port) {
     console.log(chalk.yellow(`\n  Proxy not running at ${baseUrl} — starting it for you…`));
-    // Resolve system node and agent index.js so the proxy doesn't use the
-    // agent's bundled node (segfaults with --list-models on macOS).
-    const sysNode = resolveSystemNode();
-    const agentJs = resolveAgentIndexJs();
-    let patchedProxy = false;
-    if (sysNode && agentJs) {
-        const proxyDir = findProxyPackageDir();
-        if (proxyDir) {
-            patchedProxy = patchProxyEnvJs(proxyDir);
-            if (patchedProxy) {
-                console.log(chalk.dim(`  Using system node for agent subprocess: ${sysNode}`));
-            }
-            else {
-                console.log(chalk.yellow(`  ⚠ Couldn't patch proxy env.js — /v1/models may fail`));
-            }
+    // Resolve system node and agent index.js so the proxy uses system Node.js
+    // for the agent subprocess (avoids segfaults with --list-models on macOS).
+    let sysNode = null;
+    let agentJs = null;
+    try {
+        sysNode = execSync("which node 2>/dev/null", { timeout: 3_000, encoding: "utf-8", shell: "bash" }).trim() || null;
+        const agentPath = execSync("command -v agent 2>/dev/null || command -v cursor-agent 2>/dev/null", {
+            timeout: 3_000, encoding: "utf-8", shell: "bash",
+        }).trim();
+        if (agentPath) {
+            const agentDir = dirname(realpathSync(agentPath));
+            const indexPath = `${agentDir}/index.js`;
+            if (existsSync(indexPath))
+                agentJs = indexPath;
         }
     }
+    catch { }
     const proxyEnv = {
         ...Object.fromEntries(Object.entries(process.env).filter(([, v]) => v !== undefined)),
         CURSOR_BRIDGE_API_KEY: process.env.CURSOR_BRIDGE_API_KEY
             || loadProviders().find(p => p.cursorProxy)?.cursorApiKey
             || "unused",
     };
-    if (patchedProxy && sysNode && agentJs) {
+    if (sysNode && agentJs) {
         proxyEnv.CURSOR_AGENT_NODE = sysNode;
         proxyEnv.CURSOR_AGENT_SCRIPT = agentJs;
+        console.log(chalk.dim(`  Using system node for agent subprocess: ${sysNode}`));
     }
     try {
         const child = spawn("npx", ["cursor-api-proxy"], {
@@ -746,11 +708,11 @@ export async function setupCursorProxy() {
     console.log(chalk.white(`    ${chalk.bold("npx cursor-api-proxy")}`));
     for (;;) {
         const choice = await selectKey(`  Proxy started?`, [
-            { key: "r", desc: "etry" },
+            { key: "r", desc: "etry (re-attempt auto-start + kill stale)" },
             { key: "c", desc: "ancel" },
         ]);
         if (choice === "r") {
-            if (await healthCheckCursorProxy()) {
+            if (await ensureCursorProxyRunning(PROXY_DEFAULT_URL, true)) {
                 console.log(chalk.green("\n  ✓ Proxy is running and healthy"));
                 return true;
             }
@@ -802,36 +764,38 @@ async function pickCursorModel() {
     clearInterval(spinner);
     process.stdout.write("\x1B[2K\r");
     if (!healthy) {
-        // Try to auto-start the proxy before bugging the user
+        // Try to auto-start the proxy (auto-kills stale processes)
         const autoStarted = await ensureCursorProxyRunning();
         if (autoStarted) {
             // Proxy is up now — proceed to model list
         }
         else {
             console.log(chalk.yellow("  Proxy is not running at " + PROXY_DEFAULT_URL));
-            const choice = await selectKey(`  How to proceed?`, [
-                { key: "i", desc: "nstall + configure (CLI, API key, server)" },
-                { key: "r", desc: "etry (I started it manually)" },
-                { key: "c", desc: "ancel" },
-            ]);
-            if (choice === "s") {
-                const ok = await setupCursorProxy();
-                if (!ok)
+            for (;;) {
+                const choice = await selectKey(`  How to proceed?`, [
+                    { key: "r", desc: "etry (re-attempt auto-start + kill stale)" },
+                    { key: "i", desc: "nstall + configure (CLI, API key, server)" },
+                    { key: "c", desc: "ancel" },
+                ]);
+                if (choice === "r") {
+                    if (await ensureCursorProxyRunning(PROXY_DEFAULT_URL, true)) {
+                        console.log(chalk.green("  ✓ Proxy started"));
+                        break;
+                    }
+                    console.log(chalk.yellow(`  Still not reachable at ${PROXY_DEFAULT_URL}`));
+                }
+                else if (choice === "i") {
+                    const ok = await setupCursorProxy();
+                    if (!ok)
+                        return null;
+                    if (await healthCheckCursorProxy())
+                        break;
                     return null;
-            }
-            else if (choice === "r") {
-                // User manually started it — one more health check
-                if (await healthCheckCursorProxy()) {
-                    console.log(chalk.green("  ✓ Proxy detected"));
                 }
                 else {
-                    console.log(chalk.yellow("  Still not reachable — try the install flow or cancel."));
                     return null;
                 }
             }
-            else {
-                return null;
-            }
         }
     }
     const { top, more } = await buildCursorPicker();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "claude-overnight",
-  "version": "1.19.1",
+  "version": "1.23.1",
   "description": "Background lane for your Claude Max plan. Parallel Claude Agent SDK sessions in git worktrees with a usage cap that reserves headroom for your interactive Claude Code. Crash-safe resume. Provider-agnostic model catalog with capability-based planning.",
   "type": "module",
   "bin": {
@@ -15,6 +15,7 @@
   },
   "dependencies": {
     "@anthropic-ai/claude-agent-sdk": "^0.2.92",
+    "@claude-overnight/cursor-api-proxy": "file:../cursor-api-proxy",
     "chalk": "^5.4.1",
     "jsonwebtoken": "^9.0.2"
   },

package/plugins/claude-overnight/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "claude-overnight",
-  "version": "1.19.1",
+  "version": "1.23.1",
   "description": "Claude Code skill for understanding, installing, and inspecting claude-overnight runs  -- parallel Claude agents in git worktrees with thinking waves, multi-wave steering, and crash-safe resume. Supports Cursor API Proxy, Qwen, OpenRouter.",
   "author": {
     "name": "Francesco Fornace"