claude-scionos 3.0.1 → 3.0.3

package/.claude/settings.local.json

@@ -0,0 +1,9 @@
+{
+  "permissions": {
+    "allow": [
+      "Bash(node -p:*)",
+      "Bash(git add:*)",
+      "Bash(git commit:*)"
+    ]
+  }
+}

package/CHANGELOG.md

@@ -5,6 +5,26 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [3.0.3] - 2026-02-18
+
+### Changed
+- **Model**: Renamed `GLM-4.7` to `Kimi K2.5` (`kimi-k2.5`) in the model selection menu.
+
+### Fixed
+- **Token Validation**: Added a 10-second `AbortController` timeout on `validateToken()` to prevent the prompt from hanging on unresponsive network.
+- **Proxy Memory**: Added a 100 MB cap on incoming request buffers; oversized requests now return HTTP 413 instead of causing a memory overflow.
+- **CI/CD Compatibility**: `console.clear()` is now skipped when the `CI` environment variable is set or `--no-clear` is passed, preventing broken output in pipelines.
+
+## [3.0.2] - 2026-01-11
+
+### Added
+- **Robust Proxy**: Integrated `undici` library for advanced HTTP agent control in the local proxy.
+- **SSL Bypass**: Added support for internal/self-signed certificates (`rejectUnauthorized: false`) when using the proxy.
+
+### Fixed
+- **Proxy Connectivity**: Fixed `fetch failed` and protocol errors by cleaning conflicting headers (`Host`, `Content-Length`) before upstream forwarding.
+- **Code Quality**: Removed unused variables and dead code for cleaner execution.
+
 ## [3.0.1] - 2026-01-11
 
 ### Added

package/index.js

@@ -24,7 +24,7 @@ const BASE_URL = "https://routerlab.ch";
  * Displays the application banner
  */
 function showBanner() {
-    console.clear();
+    if (!process.env.CI && !process.argv.includes('--no-clear')) console.clear();
     const p = chalk.hex('#3b82f6'); // Primary (Scio)
     const s = chalk.hex('#a855f7'); // Secondary (Nos)
     const c = chalk.hex('#D97757'); // Claude Orange
@@ -47,13 +47,17 @@ function showBanner() {
  */
 async function validateToken(apiKey) {
     try {
+        const controller = new AbortController();
+        const timeoutId = setTimeout(() => controller.abort(), 10000);
         const response = await fetch(`${BASE_URL}/v1/models`, {
             method: 'GET',
             headers: {
                 'x-api-key': apiKey,
                 'anthropic-version': '2023-06-01'
-            }
+            },
+            signal: controller.signal
         });
+        clearTimeout(timeoutId);
 
         if (response.ok) {
             return { valid: true };
@@ -91,14 +95,25 @@ function startProxyServer(targetModel, validToken) {
             // Claude Code uses /v1/messages
             if (req.method === 'POST' && req.url.includes('/messages')) {
                 const chunks = [];
-                req.on('data', chunk => chunks.push(chunk));
+                const MAX_SIZE = 100 * 1024 * 1024; // 100MB
+                let totalSize = 0;
+                req.on('data', chunk => {
+                    totalSize += chunk.length;
+                    if (totalSize > MAX_SIZE) {
+                        res.writeHead(413);
+                        res.end(JSON.stringify({ error: { message: 'Request too large' } }));
+                        req.destroy();
+                        return;
+                    }
+                    chunks.push(chunk);
+                });
                 req.on('end', async () => {
                     try {
                         const bodyBuffer = Buffer.concat(chunks);
                         let bodyJson;
                         try {
                             bodyJson = JSON.parse(bodyBuffer.toString());
-                        } catch (e) {
+                        } catch {
                             // If not JSON, forward as is
                             bodyJson = null;
                         }
@@ -115,14 +130,26 @@ function startProxyServer(targetModel, validToken) {
                         }
 
                         // Prepare upstream request
+                        // 1. Create an agent that ignores SSL errors (CRITICAL for internal/testing environments)
+                        const { Agent } = await import('undici'); 
+                        const dispatcher = new Agent({
+                            connect: {
+                                rejectUnauthorized: false // WARNING: Ignores SSL certificate errors
+                            }
+                        });
+
+                        // 2. Remove problematic headers that fetch handles automatically
+                        const upstreamHeaders = { ...req.headers };
+                        delete upstreamHeaders['host'];           // Let fetch set the correct Host based on URL
+                        delete upstreamHeaders['content-length']; // Let fetch calculate length based on body
+                        upstreamHeaders['x-api-key'] = validToken;
+
+                        // 3. Execute request with the permissive dispatcher
                         const upstreamRes = await fetch(`${BASE_URL}${req.url}`, {
                             method: 'POST',
-                            headers: {
-                                ...req.headers,
-                                'host': new URL(BASE_URL).host,
-                                'x-api-key': validToken // Ensure we use the validated token
-                            },
-                            body: bodyJson ? JSON.stringify(bodyJson) : bodyBuffer
+                            headers: upstreamHeaders,
+                            body: bodyJson ? JSON.stringify(bodyJson) : bodyBuffer,
+                            dispatcher: dispatcher // <--- Apply the custom agent here
                         });
 
                         // Pipe response back
@@ -150,13 +177,20 @@ function startProxyServer(targetModel, validToken) {
                 
                 // Simple Redirect implementation for non-body requests
                 try {
+                    // 1. Create agent (SSL bypass)
+                    const { Agent } = await import('undici');
+                    const dispatcher = new Agent({ connect: { rejectUnauthorized: false } });
+
+                    // 2. Clean headers
+                    const upstreamHeaders = { ...req.headers };
+                    delete upstreamHeaders['host'];
+                    delete upstreamHeaders['content-length'];
+                    upstreamHeaders['x-api-key'] = validToken;
+
                      const upstreamRes = await fetch(`${BASE_URL}${req.url}`, {
                         method: req.method,
-                        headers: {
-                            ...req.headers,
-                            'host': new URL(BASE_URL).host,
-                            'x-api-key': validToken
-                        }
+                        headers: upstreamHeaders,
+                        dispatcher: dispatcher
                     });
                      res.writeHead(upstreamRes.status, upstreamRes.headers);
                      if (upstreamRes.body) {
@@ -166,7 +200,7 @@ function startProxyServer(targetModel, validToken) {
                         }
                      }
                      res.end();
-                } catch (e) {
+                } catch {
                     res.writeHead(502);
                     res.end();
                 }
@@ -231,7 +265,6 @@ if (!claudeStatus.installed) {
 }
 
 // Check Git Bash on Windows
-let gitBashPath = null;
 if (process.platform === 'win32') {
     const gitBashStatus = checkGitBashOnWindows();
     if (!gitBashStatus.available) {
@@ -239,7 +272,6 @@ if (process.platform === 'win32') {
         console.log(chalk.cyan('Please install Git for Windows: https://git-scm.com/downloads/win'));
         process.exit(1);
     }
-    gitBashPath = gitBashStatus.path;
 }
 
 // 3. Token Loop
@@ -276,9 +308,9 @@ const modelChoice = await select({
             description: 'Standard behavior. Claude decides which model to use.'
         },
         {
-            name: 'Force GLM-4.7 (Map all models to GLM-4.7)',
-            value: 'glm-4.7',
-            description: 'Intercepts traffic and routes everything to GLM-4.7'
+            name: 'Kimi K2.5',
+            value: 'kimi-k2.5',
+            description: 'Force all requests to Kimi K2.5'
         },
         {
             name: 'Force MiniMax-M2.1 (Map all models to MiniMax)',

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "claude-scionos",
-    "version": "3.0.1",
+    "version": "3.0.3",
     "description": "Ephemeral and secure runner for Claude Code CLI in ScioNos environment",
     "type": "module",
     "main": "index.js",
@@ -38,6 +38,7 @@
         "@inquirer/prompts": "^8.1.0",
         "chalk": "^5.6.2",
         "cross-spawn": "^7.0.6",
+        "undici": "^7.18.2",
         "update-notifier": "^7.3.1",
         "which": "^6.0.0"
     },

package/src/detectors/claude-only.js

@@ -58,7 +58,7 @@ function isClaudeCodeInstalled() {
         cliPath = foundPath;
         details.push(`✓ Found in PATH: ${foundPath}`);
       }
-    } catch (e) {
+    } catch {
       // Ignore error if not found in PATH
     }
   }