clawmoney 0.15.57 → 0.15.59

package/dist/commands/relay-setup.js

@@ -11,6 +11,7 @@ import { setupCommand } from "./setup.js";
 import { API_PRICES, PLATFORM_FEE } from "../relay/pricing.js";
 import { hasClaudeFingerprint, bootstrapClaudeFingerprint, } from "../relay/upstream/claude-bootstrap.js";
 import { hasGeminiFingerprint, bootstrapGeminiFingerprint, } from "../relay/upstream/gemini-bootstrap.js";
+import { hasCodexFingerprint, bootstrapCodexFingerprint, } from "../relay/upstream/codex-bootstrap.js";
 // ── Per-cli_type model catalogs ──
 //
 // `RECOMMENDED_MODELS` is what gets registered when the user picks "all
@@ -222,11 +223,10 @@ export async function relaySetupCommand() {
             })));
         }
         if (selectedClis.includes("gemini") && !hasGeminiFingerprint()) {
-            // Shorter timeout on gemini — recent CLI versions are flaky
-            // under our subprocess-intercept approach. 25s is enough for
-            // a working capture; beyond that we fall through to the
-            // manual instruction path cleanly.
-            tasks.push(bootstrapGeminiFingerprint({ timeoutMs: 25_000 })
+            // Gemini's capture typically completes in 5-15s on a working
+            // network. 45s is generous headroom for token refresh
+            // round-trips through a slow HTTPS_PROXY.
+            tasks.push(bootstrapGeminiFingerprint({ timeoutMs: 45_000 })
                 .then((fp) => ({
                 cli: "gemini",
                 ok: true,
@@ -238,7 +238,24 @@ export async function relaySetupCommand() {
                 error: err.message,
             })));
         }
-        // Codex intentionally omitted — codex-api.ts has safe defaults.
+        if (selectedClis.includes("codex") && !hasCodexFingerprint()) {
+            // Codex fingerprint is technically optional (codex-api.ts
+            // falls back to safe DEFAULT_ORIGINATOR / DEFAULT_OPENAI_BETA
+            // when the file is missing), but the daemon logs a WARN on
+            // every start. Capturing once during setup silences the
+            // warning and gives per-machine accuracy for anti-ban.
+            tasks.push(bootstrapCodexFingerprint({ timeoutMs: 60_000 })
+                .then(() => ({
+                cli: "codex",
+                ok: true,
+                summary: "from chatgpt.com WS upgrade",
+            }))
+                .catch((err) => ({
+                cli: "codex",
+                ok: false,
+                error: err.message,
+            })));
+        }
         if (tasks.length === 0)
             return [];
         return Promise.all(tasks);
@@ -274,10 +291,9 @@ export async function relaySetupCommand() {
     // fingerprint file.
     const startLine = `${chalk.gray("◇")}  Configuring providers`;
     process.stdout.write(startLine);
-    const tickEvery = 500;
     const ticker = setInterval(() => {
         process.stdout.write(chalk.dim("."));
-    }, tickEvery);
+    }, 1200);
     const results = await runAllBootstraps();
     clearInterval(ticker);
     try {

package/dist/relay/upstream/claude-bootstrap.js

@@ -276,22 +276,17 @@ export async function bootstrapClaudeFingerprint(opts = {}) {
                 return;
             }
             const port = addr.port;
-            // Build child env: inherit parent's env but strip HTTPS_PROXY
-            // entries so claude doesn't try to tunnel its call to
-            // http://127.0.0.1:<port> through the upstream proxy. Set
-            // NO_PROXY=localhost as belt-and-braces.
+            // Inherit HTTPS_PROXY so claude can reach sso.anthropic.com
+            // for OAuth refresh if its cached token is near expiry —
+            // same reason gemini-bootstrap keeps it. NO_PROXY=127.0.0.1
+            // keeps claude's call to our local listener from tunneling
+            // through the proxy.
             const childEnv = {
                 ...process.env,
                 ANTHROPIC_BASE_URL: `http://127.0.0.1:${port}`,
                 NO_PROXY: "127.0.0.1,localhost",
                 no_proxy: "127.0.0.1,localhost",
             };
-            delete childEnv.HTTPS_PROXY;
-            delete childEnv.https_proxy;
-            delete childEnv.HTTP_PROXY;
-            delete childEnv.http_proxy;
-            delete childEnv.ALL_PROXY;
-            delete childEnv.all_proxy;
             // Launch `claude -p "hi"` — same command the manual capture
             // script documents. `-p` is non-interactive print mode; in
             // recent claude versions it skips the trust dialog for

package/dist/relay/upstream/codex-bootstrap.js

@@ -158,22 +158,23 @@ export async function bootstrapCodexFingerprint(opts = {}) {
                     resolve();
                 }
             }, 500);
-            // Codex wants the proxy-local endpoint; strip HTTPS_PROXY so
-            // it talks to 127.0.0.1 directly (going through a proxy to
-            // loopback tends to wedge).
+            // DO inherit HTTPS_PROXY — codex CLI may need it to refresh
+            // its OAuth token via chatgpt.com's auth endpoint. Same
+            // reasoning as claude/gemini (see gemini-bootstrap.ts).
+            // NO_PROXY=127.0.0.1 keeps the ws upgrade to our local
+            // capture proxy from being tunneled through HTTPS_PROXY.
             const childEnv = {
                 ...process.env,
                 OPENAI_BASE_URL: `http://127.0.0.1:${CAPTURE_PORT}/v1`,
                 NO_PROXY: "127.0.0.1,localhost",
                 no_proxy: "127.0.0.1,localhost",
             };
-            delete childEnv.HTTPS_PROXY;
-            delete childEnv.https_proxy;
-            delete childEnv.HTTP_PROXY;
-            delete childEnv.http_proxy;
-            delete childEnv.ALL_PROXY;
-            delete childEnv.all_proxy;
-            codexChild = spawn("codex", ["-p", "hi"], {
+            // Codex CLI uses `codex exec <prompt>` for non-interactive
+            // runs. `-p` is --profile (and `hi` is a profile name that
+            // doesn't exist → code 1 before any request goes out).
+            // --skip-git-repo-check avoids codex bailing if the cwd
+            // isn't inside a git repo.
+            codexChild = spawn("codex", ["exec", "--skip-git-repo-check", "say ok"], {
                 env: childEnv,
                 stdio: ["ignore", "pipe", "pipe"],
                 shell: process.platform === "win32",

package/dist/relay/upstream/gemini-bootstrap.js

@@ -152,20 +152,18 @@ export async function bootstrapGeminiFingerprint(opts = {}) {
                     }
                 }
             }, 500);
-            // Strip upstream proxy vars from the gemini subprocess so it
-            // talks to 127.0.0.1:8789 directly. Also set NO_PROXY.
+            // DO inherit HTTPS_PROXY — gemini CLI needs it to reach
+            // oauth2.googleapis.com for token refresh (see gemini-api.ts
+            // line 184). NO_PROXY=127.0.0.1 makes gemini bypass the proxy
+            // for our local capture listener, so HTTPS_PROXY + NO_PROXY
+            // together give gemini proxy access to Google AND direct
+            // access to our listener.
             const childEnv = {
                 ...process.env,
                 CODE_ASSIST_ENDPOINT: `http://127.0.0.1:${CAPTURE_PORT}`,
                 NO_PROXY: "127.0.0.1,localhost",
                 no_proxy: "127.0.0.1,localhost",
             };
-            delete childEnv.HTTPS_PROXY;
-            delete childEnv.https_proxy;
-            delete childEnv.HTTP_PROXY;
-            delete childEnv.http_proxy;
-            delete childEnv.ALL_PROXY;
-            delete childEnv.all_proxy;
             geminiChild = spawn("gemini", ["-p", "hi"], {
                 env: childEnv,
                 stdio: ["ignore", "pipe", "pipe"],

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "clawmoney",
-  "version": "0.15.57",
+  "version": "0.15.59",
   "description": "ClawMoney CLI -- Earn rewards with your AI agent",
   "type": "module",
   "bin": {