copillm 0.2.2 → 0.2.4

package/dist/server/routes/debug.js

@@ -0,0 +1,65 @@
+import { getGithubUserSummary, GithubUserFetchError } from "../debugInfo.js";
+import { safeSendJson } from "../requestLifecycle.js";
+const DAEMON_STARTED_AT_ISO = new Date().toISOString();
+export async function handleDebug(res, input) {
+    const bearerTtlSeconds = input.tokenManager.expiresInSeconds();
+    const uptimeSeconds = Math.max(0, Math.floor((Date.now() - Date.parse(DAEMON_STARTED_AT_ISO)) / 1_000));
+    let user = null;
+    let userError = null;
+    if (input.githubToken) {
+        try {
+            const summary = await getGithubUserSummary(input.githubToken);
+            user = {
+                login: summary.login,
+                id: summary.id,
+                type: summary.type
+            };
+        }
+        catch (error) {
+            if (error instanceof GithubUserFetchError) {
+                userError = `github_user_lookup_failed_${error.status}`;
+            }
+            else {
+                userError = error instanceof Error ? error.message : "unknown_error";
+            }
+        }
+    }
+    else {
+        userError = "github_token_unavailable_in_proxy";
+    }
+    safeSendJson(res, 200, {
+        server: {
+            port: input.port,
+            pid: process.pid,
+            node_version: process.version,
+            started_at_iso: DAEMON_STARTED_AT_ISO,
+            uptime_seconds: uptimeSeconds,
+            account_type: input.config.accountType,
+            selected_models: input.config.selectedModels,
+            require_caller_secret: input.config.requireCallerSecret,
+            log_level: input.logger.level,
+            log_file: process.env.COPILLM_LOG_FILE ?? null
+        },
+        auth: {
+            bearer_ttl_seconds: bearerTtlSeconds,
+            bearer_present: input.tokenManager.current !== null,
+            bearer_expires_at_unix: input.tokenManager.current?.expiresAtUnix ?? null
+        },
+        user,
+        user_error: userError,
+        routes: [
+            "GET /livez",
+            "GET /healthz",
+            "GET /models",
+            "GET /v1/models",
+            "GET /codex/v1/models",
+            "GET /anthropic/v1/models",
+            "POST /codex/v1/responses",
+            "POST /v1/chat/completions",
+            "POST /v1/messages",
+            "POST /anthropic/v1/messages",
+            "GET /_debug"
+        ],
+        debug_enabled: true
+    });
+}

package/dist/server/routes/health.js

@@ -0,0 +1,32 @@
+import { healthFailure } from "../errors.js";
+import { safeSendJson } from "../requestLifecycle.js";
+const HEALTH_REFRESH_THRESHOLD_SECONDS = 60;
+export function handleLivez(res) {
+    safeSendJson(res, 200, { status: "ok", uptime_seconds: Math.floor(process.uptime()) });
+}
+export async function handleHealthz(res, tokenManager) {
+    const ttl = tokenManager.expiresInSeconds();
+    if (ttl !== null && ttl > HEALTH_REFRESH_THRESHOLD_SECONDS) {
+        safeSendJson(res, 200, {
+            status: "ok",
+            token_state: "fresh",
+            refresh_threshold_seconds: HEALTH_REFRESH_THRESHOLD_SECONDS,
+            bearer_ttl_seconds: ttl
+        });
+        return;
+    }
+    try {
+        await tokenManager.ensureToken({ refreshThresholdSeconds: HEALTH_REFRESH_THRESHOLD_SECONDS });
+        const refreshedTtl = tokenManager.expiresInSeconds() ?? 0;
+        safeSendJson(res, 200, {
+            status: "ok",
+            token_state: "refreshed",
+            refresh_threshold_seconds: HEALTH_REFRESH_THRESHOLD_SECONDS,
+            bearer_ttl_seconds: refreshedTtl
+        });
+    }
+    catch (error) {
+        const failed = healthFailure(error);
+        safeSendJson(res, failed.httpStatus, failed.payload);
+    }
+}

package/dist/server/routes/models.js

@@ -0,0 +1,41 @@
+import { CopilotTokenManagerError } from "../../auth/copilotToken.js";
+import { listModels, listModelsUnion } from "../../models/discovery.js";
+import { buildCodexCatalog } from "../codexSchema.js";
+import { buildAnthropicModelsResponse } from "../anthropicModelsResponse.js";
+import { safeSendJson } from "../requestLifecycle.js";
+export async function handleModels(res, routeKind, config, tokenManager, githubToken) {
+    try {
+        await tokenManager.ensureToken(false);
+        if (!githubToken) {
+            safeSendJson(res, 503, { error: "github_token_unavailable" });
+            return;
+        }
+        const result = routeKind === "codex_models" || routeKind === "anthropic_models"
+            ? await listModelsUnion(config.accountType, githubToken, 3)
+            : await listModels(config.accountType, githubToken);
+        if (routeKind === "codex_models") {
+            safeSendJson(res, 200, buildCodexCatalog(result.models));
+            return;
+        }
+        if (routeKind === "anthropic_models") {
+            safeSendJson(res, 200, buildAnthropicModelsResponse(result.models));
+            return;
+        }
+        safeSendJson(res, 200, {
+            models: result.models,
+            discovery: {
+                source: result.source,
+                stale: result.stale,
+                cache_age_seconds: result.cacheAgeSeconds,
+                warning: result.warning
+            }
+        });
+    }
+    catch (error) {
+        if (error instanceof CopilotTokenManagerError) {
+            safeSendJson(res, 503, { error: "token_refresh_failed" });
+            return;
+        }
+        throw error;
+    }
+}

package/dist/server/routes/proxyForward.js

@@ -0,0 +1,108 @@
+import { resolveModelId } from "../../models/discovery.js";
+import { CopilotTokenManagerError } from "../../auth/copilotToken.js";
+import { anthropicToOpenAI } from "../../translation/openaiAnthropic.js";
+import { writeAnthropicPrelude } from "../../translation/streamingOpenAIToAnthropic.js";
+import { isBenignSocketError, safeEnd, safeSendJson } from "../requestLifecycle.js";
+import { InvalidRequestShapeError, writeAnthropicSseError } from "../errors.js";
+import { postToCopilot } from "../upstream/copilotClient.js";
+import { beginAnthropicSseResponse, forwardResponse, isStreamingRequestBody } from "../upstream/streaming.js";
+import { normaliseAliasedModelInPlace, readJson, readRequestedModel, rewriteRequestedModel, summarizeUpstreamPayload } from "./shared.js";
+function translateRequestBody(routeKind, body) {
+    if (routeKind !== "anthropic") {
+        return normaliseAliasedModelInPlace(body);
+    }
+    try {
+        return anthropicToOpenAI(body);
+    }
+    catch (error) {
+        if (error instanceof Error) {
+            throw new InvalidRequestShapeError(error.message);
+        }
+        throw new InvalidRequestShapeError("Invalid Anthropic request body.");
+    }
+}
+export async function handleProxyForward(input) {
+    const { req, res, route, config, tokenManager, logger, requestId, signal } = input;
+    const requestBody = await readJson(req);
+    const translatedBody = translateRequestBody(route.kind, requestBody);
+    const requestedModel = readRequestedModel(translatedBody);
+    if (config.selectedModels.length > 0 && !requestedModel) {
+        safeSendJson(res, 400, {
+            error: "model_not_selected",
+            detail: "Requested model is not enabled in local selection."
+        });
+        return;
+    }
+    let resolvedModel = null;
+    try {
+        resolvedModel = requestedModel ? resolveModelId(requestedModel, config.selectedModels) : null;
+    }
+    catch (error) {
+        const detail = error instanceof Error ? error.message : "Model resolution failed.";
+        safeSendJson(res, 400, { error: "ambiguous_model_selection", detail });
+        return;
+    }
+    if (config.selectedModels.length > 0 && !resolvedModel) {
+        safeSendJson(res, 400, {
+            error: "model_not_selected",
+            detail: "Requested model is not enabled in local selection."
+        });
+        return;
+    }
+    const upstreamBody = resolvedModel ? rewriteRequestedModel(translatedBody, resolvedModel.id) : translatedBody;
+    const upstreamPath = route.kind === "codex_responses" ? "/responses" : "/chat/completions";
+    const isAnthropicStreaming = route.anthroShape && isStreamingRequestBody(translatedBody);
+    let prelude = null;
+    if (isAnthropicStreaming) {
+        beginAnthropicSseResponse(res, req);
+        prelude = writeAnthropicPrelude(res, requestedModel ?? "");
+    }
+    logger.debug({
+        event: "request_prepared",
+        request_id: requestId,
+        route: route.kind,
+        anthro_shape: route.anthroShape,
+        requested_model: requestedModel,
+        upstream_model: readRequestedModel(upstreamBody),
+        model_resolution_rule: resolvedModel?.rule ?? null,
+        upstream_path: upstreamPath,
+        ...summarizeUpstreamPayload(upstreamBody)
+    }, "prepared upstream request");
+    try {
+        const upstream = await postToCopilot({
+            tokenManager,
+            accountType: config.accountType,
+            body: upstreamBody,
+            requestId,
+            logger,
+            upstreamPath,
+            signal
+        });
+        await forwardResponse(upstream, route.anthroShape, res, {
+            requestedModel: requestedModel ?? undefined,
+            prelude,
+            logger,
+            requestId
+        });
+    }
+    catch (error) {
+        if (isBenignSocketError(error)) {
+            logger.debug({ event: "upstream_aborted", request_id: requestId, err: error }, "upstream request aborted (client disconnected)");
+            safeEnd(res);
+            return;
+        }
+        if (error instanceof CopilotTokenManagerError) {
+            if (prelude) {
+                writeAnthropicSseError(res, prelude, "token_refresh_failed");
+                return;
+            }
+            safeSendJson(res, 503, { error: "token_refresh_failed" });
+            return;
+        }
+        if (prelude) {
+            writeAnthropicSseError(res, prelude, "internal_error");
+            return;
+        }
+        throw error;
+    }
+}

package/dist/server/routes/shared.js

@@ -0,0 +1,161 @@
+import { stripOneMillionAlias } from "../../translation/openaiAnthropic.js";
+import { JsonRequestParseError } from "../errors.js";
+export async function readJson(req) {
+    const chunks = [];
+    for await (const chunk of req) {
+        chunks.push(typeof chunk === "string" ? Buffer.from(chunk) : chunk);
+    }
+    if (chunks.length === 0) {
+        return {};
+    }
+    const text = Buffer.concat(chunks).toString("utf8");
+    try {
+        return JSON.parse(text);
+    }
+    catch (error) {
+        if (error instanceof SyntaxError) {
+            throw new JsonRequestParseError("Failed to parse JSON body.");
+        }
+        throw error;
+    }
+}
+export function readRequestedModel(payload) {
+    if (!payload || typeof payload !== "object") {
+        return null;
+    }
+    const maybeModel = payload.model;
+    return typeof maybeModel === "string" ? maybeModel : null;
+}
+export function rewriteRequestedModel(payload, model) {
+    if (!payload || typeof payload !== "object" || Array.isArray(payload)) {
+        return payload;
+    }
+    return {
+        ...payload,
+        model
+    };
+}
+/**
+ * Defensive strip of the `[1m]` alias for pass-through routes (OpenAI chat
+ * completions, Codex responses). The Anthropic route already strips inside
+ * `anthropicToOpenAI`; this catches anything that might land on the
+ * pass-through paths with a hand-pasted aliased id so upstream Copilot
+ * always receives the canonical model id.
+ */
+export function normaliseAliasedModelInPlace(body) {
+    if (body && typeof body === "object" && !Array.isArray(body)) {
+        const record = body;
+        if (typeof record.model === "string") {
+            const stripped = stripOneMillionAlias(record.model);
+            if (stripped !== record.model) {
+                record.model = stripped;
+            }
+        }
+    }
+    return body;
+}
+export function summarizeUpstreamPayload(payload) {
+    let requestBytes = null;
+    try {
+        requestBytes = Buffer.byteLength(JSON.stringify(payload), "utf8");
+    }
+    catch {
+        requestBytes = null;
+    }
+    if (!payload || typeof payload !== "object" || Array.isArray(payload)) {
+        return { upstream_request_bytes: requestBytes };
+    }
+    const record = payload;
+    const messages = Array.isArray(record.messages) ? record.messages : null;
+    const input = Array.isArray(record.input) ? record.input : null;
+    return {
+        upstream_request_bytes: requestBytes,
+        stream: record.stream === true,
+        max_tokens: typeof record.max_tokens === "number" ? record.max_tokens : null,
+        message_count: messages?.length ?? null,
+        input_item_count: input?.length ?? null,
+        tool_count: Array.isArray(record.tools) ? record.tools.length : 0,
+        text_characters: sumTextCharacters(payload)
+    };
+}
+function sumTextCharacters(value) {
+    if (typeof value === "string") {
+        return value.length;
+    }
+    if (!value || typeof value !== "object") {
+        return 0;
+    }
+    if (Array.isArray(value)) {
+        return value.reduce((total, item) => total + sumTextCharacters(item), 0);
+    }
+    let total = 0;
+    const record = value;
+    for (const [key, nested] of Object.entries(record)) {
+        if (key === "text" || key === "content" || key === "arguments" || key === "input") {
+            total += sumTextCharacters(nested);
+        }
+        else if (nested && typeof nested === "object" && key !== "data" && key !== "image_url" && key !== "source") {
+            total += sumTextCharacters(nested);
+        }
+    }
+    return total;
+}
+export function isLocalRequest(req) {
+    const remote = req.socket.remoteAddress ?? "";
+    const local = req.socket.localAddress ?? "";
+    return isLoopbackAddress(remote) && (local.length === 0 || isLoopbackAddress(local));
+}
+function isLoopbackAddress(value) {
+    return value === "127.0.0.1" || value === "::1" || value === "::ffff:127.0.0.1";
+}
+export function safePathname(rawUrl) {
+    if (!rawUrl) {
+        return "/";
+    }
+    try {
+        return new URL(rawUrl, "http://127.0.0.1").pathname;
+    }
+    catch {
+        return "/";
+    }
+}
+export function resolveRoute(method, rawUrl) {
+    if (!method || !rawUrl) {
+        return { kind: "not_found", anthroShape: false };
+    }
+    let pathname;
+    try {
+        pathname = new URL(rawUrl, "http://127.0.0.1").pathname;
+    }
+    catch {
+        return { kind: "not_found", anthroShape: false };
+    }
+    if (method === "GET" && pathname === "/livez") {
+        return { kind: "livez", anthroShape: false };
+    }
+    if (method === "GET" && pathname === "/healthz") {
+        return { kind: "healthz", anthroShape: false };
+    }
+    if (method === "GET" && (pathname === "/models" || pathname === "/v1/models")) {
+        return { kind: "models", anthroShape: false };
+    }
+    if (method === "GET" && pathname === "/codex/v1/models") {
+        return { kind: "codex_models", anthroShape: false };
+    }
+    if (method === "GET" && pathname === "/anthropic/v1/models") {
+        return { kind: "anthropic_models", anthroShape: false };
+    }
+    if (method === "POST" && pathname === "/codex/v1/responses") {
+        return { kind: "codex_responses", anthroShape: false };
+    }
+    if (method === "GET" && pathname === "/_debug") {
+        return { kind: "debug", anthroShape: false };
+    }
+    if (method === "POST" && pathname === "/v1/chat/completions") {
+        return { kind: "openai", anthroShape: false };
+    }
+    if (method === "POST" && (pathname === "/anthropic/v1/messages" || pathname === "/v1/messages")) {
+        return { kind: "anthropic", anthroShape: true };
+    }
+    return { kind: "not_found", anthroShape: false };
+}

package/dist/server/upstream/copilotClient.js

@@ -0,0 +1,137 @@
+import { setTimeout as sleep } from "node:timers/promises";
+import { accountBaseUrl } from "../../models/discovery.js";
+import { isBenignSocketError } from "../requestLifecycle.js";
+const COPILOT_HEADERS = {
+    "Content-Type": "application/json",
+    "Copilot-Integration-Id": "vscode-chat",
+    "Editor-Version": "vscode/1.95.0",
+    "Editor-Plugin-Version": "copilot-chat/0.26.7",
+    "User-Agent": "GitHubCopilotChat/0.26.7",
+    "Openai-Intent": "conversation-panel",
+    "X-GitHub-Api-Version": "2025-04-01",
+    "X-VScode-User-Agent-Library-Version": "electron-fetch",
+    // Disable gzip/br on the upstream response. Compressed SSE streams get
+    // buffered at gzip flush boundaries by undici's decoder, which causes
+    // visible "freeze then dump a paragraph" behaviour in Claude Code and
+    // other Anthropic-shape clients. Identity encoding lets each SSE event
+    // flow through immediately.
+    "Accept-Encoding": "identity"
+};
+const RETRYABLE_UPSTREAM_STATUSES = new Set([408, 409, 425, 429, 500, 502, 503, 504]);
+const MAX_UPSTREAM_ATTEMPTS = 3;
+const BASE_BACKOFF_MS = 200;
+export async function postToCopilot(input) {
+    let forceRefresh = false;
+    let authRefreshRetried = false;
+    for (let attempt = 1; attempt <= MAX_UPSTREAM_ATTEMPTS; attempt += 1) {
+        if (input.signal?.aborted) {
+            throw abortErrorFromSignal(input.signal);
+        }
+        try {
+            const attemptStartedAt = Date.now();
+            input.logger.debug({
+                event: "upstream_request",
+                request_id: input.requestId,
+                attempt,
+                upstream_path: input.upstreamPath,
+                force_refresh: forceRefresh
+            }, "posting upstream request");
+            const response = await postWithCurrentBearer(input.tokenManager, input.accountType, input.body, forceRefresh, input.requestId, input.upstreamPath, input.signal);
+            input.logger.debug({
+                event: "upstream_response",
+                request_id: input.requestId,
+                attempt,
+                upstream_path: input.upstreamPath,
+                status_code: response.status,
+                duration_ms: Date.now() - attemptStartedAt,
+                content_type: response.headers.get("content-type"),
+                retry_after: response.headers.get("retry-after")
+            }, "received upstream response");
+            forceRefresh = false;
+            if (response.status === 401 && !authRefreshRetried && attempt < MAX_UPSTREAM_ATTEMPTS) {
+                authRefreshRetried = true;
+                forceRefresh = true;
+                input.logger.warn({ event: "upstream_retry", request_id: input.requestId, attempt, reason: "upstream_auth_401" }, "retrying upstream request after forced token refresh");
+                await discardUpstreamBody(response);
+                continue;
+            }
+            if (isRetryableStatus(response.status) && attempt < MAX_UPSTREAM_ATTEMPTS) {
+                input.logger.warn({ event: "upstream_retry", request_id: input.requestId, attempt, status_code: response.status }, "retrying upstream request");
+                await discardUpstreamBody(response);
+                await sleep(retryDelayMs(attempt));
+                continue;
+            }
+            return response;
+        }
+        catch (error) {
+            if (isBenignSocketError(error)) {
+                // Client disconnected — propagate so the request handler can clean up.
+                throw error;
+            }
+            if (!isRetryableTransportError(error) || attempt >= MAX_UPSTREAM_ATTEMPTS) {
+                throw error;
+            }
+            input.logger.warn({ event: "upstream_retry", request_id: input.requestId, attempt, reason: "transport_error" }, "retrying upstream request after transport error");
+            await sleep(retryDelayMs(attempt));
+        }
+    }
+    throw new Error("Upstream retry budget exhausted unexpectedly.");
+}
+async function postWithCurrentBearer(tokenManager, accountType, body, forceRefresh, requestId, upstreamPath, signal) {
+    const bearer = await tokenManager.ensureToken({ forceRefresh });
+    return fetch(`${accountBaseUrl(accountType)}${upstreamPath}`, {
+        method: "POST",
+        headers: {
+            ...COPILOT_HEADERS,
+            Authorization: `Bearer ${bearer}`,
+            "X-Request-Id": requestId
+        },
+        body: JSON.stringify(body),
+        signal
+    });
+}
+function abortErrorFromSignal(signal) {
+    const reason = signal.reason;
+    if (reason instanceof Error) {
+        return reason;
+    }
+    const err = new Error("Request aborted by client");
+    err.name = "AbortError";
+    return err;
+}
+function isRetryableStatus(status) {
+    return RETRYABLE_UPSTREAM_STATUSES.has(status);
+}
+function retryDelayMs(attempt) {
+    return BASE_BACKOFF_MS * Math.pow(2, Math.max(0, attempt - 1));
+}
+function isRetryableTransportError(error) {
+    if (!error || typeof error !== "object") {
+        return false;
+    }
+    const typedError = error;
+    const directCode = typedError.code?.toUpperCase();
+    const causeCode = typedError.cause?.code?.toUpperCase();
+    if (directCode === "ECONNRESET" || directCode === "ECONNREFUSED" || directCode === "ETIMEDOUT") {
+        return true;
+    }
+    if (causeCode === "ECONNRESET" || causeCode === "ECONNREFUSED" || causeCode === "ETIMEDOUT") {
+        return true;
+    }
+    if (!(typedError instanceof Error)) {
+        return false;
+    }
+    const message = typedError.message.toLowerCase();
+    if (message.includes("timed out") || message.includes("timeout")) {
+        return true;
+    }
+    return message.includes("econnreset") || message.includes("econnrefused") || message.includes("enotfound");
+}
+async function discardUpstreamBody(response) {
+    try {
+        await response.arrayBuffer();
+    }
+    catch {
+        // ignore body drain failures
+    }
+}