omniroute 2.8.3 → 2.8.5

package/app/docs/i18n/zh-CN/VM_DEPLOYMENT_GUIDE.md

@@ -1,73 +1,71 @@
-🌐 **Languages:** 🇺🇸 [English](../../README.md) · 🇧🇷 [pt-BR](../pt-BR/VM_DEPLOYMENT_GUIDE.md) · 🇪🇸 [es](../es/VM_DEPLOYMENT_GUIDE.md) · 🇫🇷 [fr](../fr/VM_DEPLOYMENT_GUIDE.md) · 🇩🇪 [de](../de/VM_DEPLOYMENT_GUIDE.md) · 🇮🇹 [it](../it/VM_DEPLOYMENT_GUIDE.md) · 🇷🇺 [ru](../ru/VM_DEPLOYMENT_GUIDE.md) · 🇨🇳 [zh-CN](../zh-CN/VM_DEPLOYMENT_GUIDE.md) · 🇯🇵 [ja](../ja/VM_DEPLOYMENT_GUIDE.md) · 🇰🇷 [ko](../ko/VM_DEPLOYMENT_GUIDE.md) · 🇸🇦 [ar](../ar/VM_DEPLOYMENT_GUIDE.md) · 🇮🇳 [in](../in/VM_DEPLOYMENT_GUIDE.md) · 🇹🇭 [th](../th/VM_DEPLOYMENT_GUIDE.md) · 🇻🇳 [vi](../vi/VM_DEPLOYMENT_GUIDE.md) · 🇮🇩 [id](../id/VM_DEPLOYMENT_GUIDE.md) · 🇲🇾 [ms](../ms/VM_DEPLOYMENT_GUIDE.md) · 🇳🇱 [nl](../nl/VM_DEPLOYMENT_GUIDE.md) · 🇵🇱 [pl](../pl/VM_DEPLOYMENT_GUIDE.md) · 🇸🇪 [sv](../sv/VM_DEPLOYMENT_GUIDE.md) · 🇳🇴 [no](../no/VM_DEPLOYMENT_GUIDE.md) · 🇩🇰 [da](../da/VM_DEPLOYMENT_GUIDE.md) · 🇫🇮 [fi](../fi/VM_DEPLOYMENT_GUIDE.md) · 🇵🇹 [pt](../pt/VM_DEPLOYMENT_GUIDE.md) · 🇷🇴 [ro](../ro/VM_DEPLOYMENT_GUIDE.md) · 🇭🇺 [hu](../hu/VM_DEPLOYMENT_GUIDE.md) · 🇧🇬 [bg](../bg/VM_DEPLOYMENT_GUIDE.md) · 🇸🇰 [sk](../sk/VM_DEPLOYMENT_GUIDE.md) · 🇺🇦 [uk-UA](../uk-UA/VM_DEPLOYMENT_GUIDE.md) · 🇮🇱 [he](../he/VM_DEPLOYMENT_GUIDE.md) · 🇵🇭 [phi](../phi/VM_DEPLOYMENT_GUIDE.md)
+# OmniRoute — 使用 Cloudflare 在虚拟机上部署指南
 
----
-
-# OmniRoute — Guia de Deploy em VM com Cloudflare
+🌐 **Languages:** 🇺🇸 [English](../../VM_DEPLOYMENT_GUIDE.md) | 🇧🇷 [Português (Brasil)](../pt-BR/VM_DEPLOYMENT_GUIDE.md) | 🇪🇸 [Español](../es/VM_DEPLOYMENT_GUIDE.md) | 🇫🇷 [Français](../fr/VM_DEPLOYMENT_GUIDE.md) | 🇮🇹 [Italiano](../it/VM_DEPLOYMENT_GUIDE.md) | 🇷🇺 [Русский](../ru/VM_DEPLOYMENT_GUIDE.md) | 🇨🇳 [中文 (简体)](../zh-CN/VM_DEPLOYMENT_GUIDE.md) | 🇩🇪 [Deutsch](../de/VM_DEPLOYMENT_GUIDE.md) | 🇮🇳 [हिन्दी](../in/VM_DEPLOYMENT_GUIDE.md) | 🇹🇭 [ไทย](../th/VM_DEPLOYMENT_GUIDE.md) | 🇺🇦 [Українська](../uk-UA/VM_DEPLOYMENT_GUIDE.md) | 🇸🇦 [العربية](../ar/VM_DEPLOYMENT_GUIDE.md) | 🇯🇵 [日本語](../ja/VM_DEPLOYMENT_GUIDE.md) | 🇻🇳 [Tiếng Việt](../vi/VM_DEPLOYMENT_GUIDE.md) | 🇧🇬 [Български](../bg/VM_DEPLOYMENT_GUIDE.md) | 🇩🇰 [Dansk](../da/VM_DEPLOYMENT_GUIDE.md) | 🇫🇮 [Suomi](../fi/VM_DEPLOYMENT_GUIDE.md) | 🇮🇱 [עברית](../he/VM_DEPLOYMENT_GUIDE.md) | 🇭🇺 [Magyar](../hu/VM_DEPLOYMENT_GUIDE.md) | 🇮🇩 [Bahasa Indonesia](../id/VM_DEPLOYMENT_GUIDE.md) | 🇰🇷 [한국어](../ko/VM_DEPLOYMENT_GUIDE.md) | 🇲🇾 [Bahasa Melayu](../ms/VM_DEPLOYMENT_GUIDE.md) | 🇳🇱 [Nederlands](../nl/VM_DEPLOYMENT_GUIDE.md) | 🇳🇴 [Norsk](../no/VM_DEPLOYMENT_GUIDE.md) | 🇵🇹 [Português (Portugal)](../pt/VM_DEPLOYMENT_GUIDE.md) | 🇷🇴 [Română](../ro/VM_DEPLOYMENT_GUIDE.md) | 🇵🇱 [Polski](../pl/VM_DEPLOYMENT_GUIDE.md) | 🇸🇰 [Slovenčina](../sk/VM_DEPLOYMENT_GUIDE.md) | 🇸🇪 [Svenska](../sv/VM_DEPLOYMENT_GUIDE.md) | 🇵🇭 [Filipino](../phi/VM_DEPLOYMENT_GUIDE.md) | 🇨🇿 [Čeština](../cs/VM_DEPLOYMENT_GUIDE.md)
 
-Guia completo para instalar e configurar o OmniRoute em uma VM (VPS) com domínio gerenciado via Cloudflare.
+在通过 Cloudflare 管理域的 VM (VPS) 上安装和配置 OmniRoute 的完整指南。
 
 ---
 
-## Pré-Requisitos
+## 先决条件
 
-| Item        | Mínimo                   | Recomendado      |
-| ----------- | ------------------------ | ---------------- |
-| **CPU**     | 1 vCPU                   | 2 vCPU           |
-| **RAM**     | 1 GB                     | 2 GB             |
-| **Disco**   | 10 GB SSD                | 25 GB SSD        |
-| **SO**      | Ubuntu 22.04 LTS         | Ubuntu 24.04 LTS |
-| **Domínio** | Registrado no Cloudflare | —                |
-| **Docker**  | Docker Engine 24+        | Docker 27+       |
+| 项目         | 最低                 | 推荐                              |
+| ------------ | -------------------- | --------------------------------- | ---------------- |
+| **CPU**      | 1 个虚拟CPU          | 2 个虚拟CPU                       |
+| **内存**     | 1 GB                 | 2GB                               |
+| **磁盘**     | 10 GB 固态硬盘       | 25 GB 固态硬盘                    |
+| **操作系统** | Ubuntu 22.04 LTS     | Ubuntu 22.04 LTS Ubuntu 24.04 LTS | Ubuntu 24.04 LTS |
+| **域名**     | 在 Cloudflare 上注册 | —                                 |
+| **码头工人** | Docker 引擎 24+      | Docker 27+                        |
 
-**Providers testados**: Akamai (Linode), DigitalOcean, Vultr, Hetzner, AWS Lightsail.
+**经过测试的提供商**：Akamai (Linode)、DigitalOcean、Vultr、Hetzner、AWS Lightsail。
 
 ---
 
-## 1. Configurar a VM
+## 1.配置虚拟机
 
-### 1.1 Criar a instância
+### 1.1 创建实例
 
-No seu provider de VPS preferido:
+在您首选的 VPS 提供商上：
 
-- Escolha Ubuntu 24.04 LTS
-- Selecione o plano mínimo (1 vCPU / 1 GB RAM)
-- Defina uma senha forte para root ou configure SSH key
-- Anote o **IP público** (ex: `203.0.113.10`)
+- 选择 Ubuntu 24.04 LTS
+- 选择最低计划（1 vCPU / 1 GB RAM）
+- 设置强root密码或配置SSH密钥
+- 记下 **公共 IP**（例如 `203.0.113.10`）
 
-### 1.2 Conectar via SSH
+### 1.2 通过 SSH 连接
 
 ```bash
 ssh root@203.0.113.10
 ```
 
-### 1.3 Atualizar o sistema
+### 1.3 更新系统
 
 ```bash
 apt update && apt upgrade -y
 ```
 
-### 1.4 Instalar Docker
+### 1.4 安装 Docker
 
 ```bash
-# Instalar dependências
+# Install dependencies
 apt install -y ca-certificates curl gnupg
 
-# Adicionar repositório oficial do Docker
+# Add official Docker repository
 install -m 0755 -d /etc/apt/keyrings
 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
 chmod a+r /etc/apt/keyrings/docker.gpg
-echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
+echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $ (. /etc/os-release && echo “$VERSION_CODENAME”) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
 apt update
 apt install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
 ```
 
-### 1.5 Instalar nginx
+### 1.5 安装nginx
 
 ```bash
 apt install -y nginx
 ```
 
-### 1.6 Configurar Firewall (UFW)
+### 1.6 配置防火墙（UFW）
 
 ```bash
 ufw default deny incoming
@@ -78,29 +76,29 @@ ufw allow 443/tcp   # HTTPS
 ufw enable
 ```
 
-> **Dica**: Para segurança máxima, restrinja as portas 80 e 443 apenas para IPs da Cloudflare. Veja a seção [Segurança Avançada](#segurança-avançada).
+> **提示**：为了获得最大的安全性，请将端口 80 和 443 仅限制为 Cloudflare IP。请参阅 [Advanced Security](#advanced-security) 部分。
 
 ---
 
-## 2. Instalar o OmniRoute
+## 2. 安装 OmniRoute
 
-### 2.1 Criar diretório de configuração
+### 2.1 创建配置目录
 
 ```bash
 mkdir -p /opt/omniroute
 ```
 
-### 2.2 Criar arquivo de variáveis de ambiente
+### 2.2 创建环境变量文件
 
 ```bash
-cat > /opt/omniroute/.env << 'EOF'
-# === Segurança ===
-JWT_SECRET=ALTERE-PARA-CHAVE-SECRETA-UNICA-64-CHARS
-INITIAL_PASSWORD=SuaSenhaSegura123!
-API_KEY_SECRET=ALTERE-PARA-OUTRA-CHAVE-SECRETA
-STORAGE_ENCRYPTION_KEY=ALTERE-PARA-TERCEIRA-CHAVE-SECRETA
+cat > /opt/omniroute/.env << ‘EOF’
+# === Security ===
+JWT_SECRET=CHANGE-TO-A-UNIQUE-64-CHAR-SECRET-KEY
+INITIAL_PASSWORD=YourSecurePassword123!
+API_KEY_SECRET=REPLACE-WITH-ANOTHER-SECRET-KEY
+STORAGE_ENCRYPTION_KEY=REPLACE-WITH-THIRD-SECRET-KEY
 STORAGE_ENCRYPTION_KEY_VERSION=v1
-MACHINE_ID_SALT=ALTERE-PARA-SALT-UNICO
+MACHINE_ID_SALT=CHANGE-TO-A-UNIQUE-SALT
 
 # === App ===
 PORT=20128
@@ -112,19 +110,19 @@ ENABLE_REQUEST_LOGS=true
 AUTH_COOKIE_SECURE=false
 REQUIRE_API_KEY=false
 
-# === Domain (altere para seu domínio) ===
+# === Domain (change to your domain) ===
 BASE_URL=https://llms.seudominio.com
 NEXT_PUBLIC_BASE_URL=https://llms.seudominio.com
 
-# === Cloud Sync (opcional) ===
+# === Cloud Sync (optional) ===
 # CLOUD_URL=https://cloud.omniroute.online
 # NEXT_PUBLIC_CLOUD_URL=https://cloud.omniroute.online
 EOF
 ```
 
-> ⚠️ **IMPORTANTE**: Gere chaves secretas únicas! Use `openssl rand -hex 32` para cada chave.
+> ⚠️ **重要**：生成唯一的密钥！对每个密钥使用 `openssl rand -hex 32`。
 
-### 2.3 Iniciar o container
+### 2.3 启动容器
 
 ```bash
 docker pull diegosouzapw/omniroute:latest
@@ -138,45 +136,45 @@ docker run -d \
   diegosouzapw/omniroute:latest
 ```
 
-### 2.4 Verificar se está rodando
+### 2.4 验证其是否正在运行
 
 ```bash
 docker ps | grep omniroute
 docker logs omniroute --tail 20
 ```
 
-Deve exibir: `[DB] SQLite database ready` e `listening on port 20128`.
+它应显示：`[DB] SQLite database ready` 和 `listening on port 20128`。
 
 ---
 
-## 3. Configurar nginx (Reverse Proxy)
+## 3.配置nginx（反向代理）
 
-### 3.1 Gerar certificado SSL (Cloudflare Origin)
+### 3.1 生成 SSL 证书（Cloudflare Origin）
 
-No painel da Cloudflare:
+在 Cloudflare 仪表板中：
 
-1. Vá em **SSL/TLS → Origin Server**
-2. Clique **Create Certificate**
-3. Deixe os padrões (15 anos, \*.seudominio.com)
-4. Copie o **Origin Certificate** e a **Private Key**
+1. 转到 **SSL/TLS → 源服务器**
+2. 单击**创建证书**
+3. 保留默认值（15 年，\*.yourdomain.com）
+4. 复制**原始证书**和**私钥**
 
 ```bash
 mkdir -p /etc/nginx/ssl
 
-# Colar o certificado
+# Paste the certificate
 nano /etc/nginx/ssl/origin.crt
 
-# Colar a chave privada
+# Paste the private key
 nano /etc/nginx/ssl/origin.key
 
 chmod 600 /etc/nginx/ssl/origin.key
 ```
 
-### 3.2 Configuração do nginx
+### 3.2 Nginx 配置
 
 ```bash
-cat > /etc/nginx/sites-available/omniroute << 'NGINX'
-# Default server — bloqueia acesso direto por IP
+cat > /etc/nginx/sites-available/omniroute << ‘NGINX’
+# Default server — blocks direct access via IP
 server {
     listen 80 default_server;
     listen [::]:80 default_server;
@@ -192,7 +190,7 @@ server {
 server {
     listen 443 ssl;
     listen [::]:443 ssl;
-    server_name llms.seudominio.com;  # Altere para seu domínio
+    server_name llms.yourdomain.com;  # Change to your domain
 
     ssl_certificate     /etc/nginx/ssl/origin.crt;
     ssl_certificate_key /etc/nginx/ssl/origin.key;
@@ -210,7 +208,7 @@ server {
         # WebSocket support
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection "upgrade";
+        proxy_set_header Connection “upgrade”;
 
         # SSE (Server-Sent Events) — streaming AI responses
         proxy_buffering off;
@@ -224,61 +222,61 @@ server {
 server {
     listen 80;
     listen [::]:80;
-    server_name llms.seudominio.com;
+    server_name llms.yourdomain.com;
     return 301 https://$server_name$request_uri;
 }
 NGINX
 ```
 
-### 3.3 Ativar e testar
+### 3.3 启用和测试
 
 ```bash
-# Remover config padrão
+# Remove default configuration
 rm -f /etc/nginx/sites-enabled/default
 
-# Ativar OmniRoute
+# Enable OmniRoute
 ln -sf /etc/nginx/sites-available/omniroute /etc/nginx/sites-enabled/omniroute
 
-# Testar e recarregar
+# Test and reload
 nginx -t && systemctl reload nginx
 ```
 
 ---
 
-## 4. Configurar Cloudflare DNS
+## 4.配置 Cloudflare DNS
 
-### 4.1 Adicionar registro DNS
+### 4.1 添加DNS记录
 
-No painel da Cloudflare → DNS:
+在 Cloudflare 仪表板 → DNS 中：
 
-| Type | Name   | Content                   | Proxy      |
-| ---- | ------ | ------------------------- | ---------- |
-| A    | `llms` | `203.0.113.10` (IP da VM) | ✅ Proxied |
+| 类型 | 名称   | 内容                        | 代理    |
+| ---- | ------ | --------------------------- | ------- |
+| 一个 | `llms` | `203.0.113.10`（虚拟机 IP） | ✅ 代理 |
 
-### 4.2 Configurar SSL
+### 4.2 配置SSL
 
-Em **SSL/TLS → Overview**:
+在 **SSL/TLS → 概述** 下：
 
-- Modo: **Full (Strict)**
+- 模式：**完全（严格）**
 
-Em **SSL/TLS → Edge Certificates**:
+在**SSL/TLS → 边缘证书**下：
 
-- Always Use HTTPS: ✅ On
-- Minimum TLS Version: TLS 1.2
-- Automatic HTTPS Rewrites: ✅ On
+- 始终使用 HTTPS： ✅ 打开
+- 最低 TLS 版本：TLS 1.2
+- 自动 HTTPS 重写： ✅ 开启
 
-### 4.3 Testar
+### 4.3 测试
 
 ```bash
 curl -sI https://llms.seudominio.com/health
-# Deve retornar HTTP/2 200
+# Should return HTTP/2 200
 ```
 
 ---
 
-## 5. Operações e Manutenção
+## 5. 操作与维护
 
-### Atualizar para nova versão
+### 升级到新版本
 
 ```bash
 docker pull diegosouzapw/omniroute:latest
@@ -290,42 +288,42 @@ docker run -d --name omniroute --restart unless-stopped \
   diegosouzapw/omniroute:latest
 ```
 
-### Ver logs
+### 查看日志
 
 ```bash
-docker logs -f omniroute          # Stream em tempo real
-docker logs omniroute --tail 50   # Últimas 50 linhas
+docker logs -f omniroute          # Real-time stream
+docker logs omniroute --tail 50   # Last 50 lines
 ```
 
-### Backup manual do banco
+### 手动数据库备份
 
 ```bash
-# Copiar dados do volume para o host
+# Copy data from the volume to the host
 docker cp omniroute:/app/data ./backup-$(date +%F)
 
-# Ou comprimir todo o volume
+# Or compress the entire volume
 docker run --rm -v omniroute-data:/data -v $(pwd):/backup \
   alpine tar czf /backup/omniroute-data-$(date +%F).tar.gz /data
 ```
 
-### Restaurar de backup
+### 从备份恢复
 
 ```bash
 docker stop omniroute
 docker run --rm -v omniroute-data:/data -v $(pwd):/backup \
-  alpine sh -c "rm -rf /data/* && tar xzf /backup/omniroute-data-YYYY-MM-DD.tar.gz -C /"
+  alpine sh -c “rm -rf /data/* && tar xzf /backup/omniroute-data-YYYY-MM-DD.tar.gz -C /”
 docker start omniroute
 ```
 
 ---
 
-## 6. Segurança Avançada
+## 6. 高级安全性
 
-### Restringir nginx para Cloudflare IPs
+### 将 nginx 限制为 Cloudflare IP
 
 ```bash
-cat > /etc/nginx/cloudflare-ips.conf << 'CF'
-# Cloudflare IPv4 ranges — atualizar periodicamente
+cat > /etc/nginx/cloudflare-ips.conf << ‘CF’
+# Cloudflare IPv4 ranges — update periodically
 # https://www.cloudflare.com/ips-v4/
 set_real_ip_from 173.245.48.0/20;
 set_real_ip_from 103.21.244.0/22;
@@ -346,58 +344,58 @@ real_ip_header CF-Connecting-IP;
 CF
 ```
 
-Adicionar no `nginx.conf` dentro do bloco `http {}`:
+将以下内容添加到 `http {}` 块内的 `nginx.conf` 中：
 
 ```nginx
 include /etc/nginx/cloudflare-ips.conf;
 ```
 
-### Install fail2ban
+### 安装fail2ban
 
 ```bash
 apt install -y fail2ban
 systemctl enable fail2ban
 systemctl start fail2ban
 
-# Verificar status
+# Check status
 fail2ban-client status sshd
 ```
 
-### Bloquear acesso direto na porta do Docker
+### 阻止直接访问 Docker 端口
 
 ```bash
-# Impedir acesso externo direto à porta 20128
+# Prevent direct external access to port 20128
 iptables -I DOCKER-USER -p tcp --dport 20128 -j DROP
 iptables -I DOCKER-USER -i lo -p tcp --dport 20128 -j ACCEPT
 
-# Persistir as regras
+# Persist the rules
 apt install -y iptables-persistent
 netfilter-persistent save
 ```
 
 ---
 
-## 7. Deploy do Cloud Worker (Opcional)
+## 7. 部署到 Cloudflare Workers（可选）
 
-Para acesso remoto via Cloudflare Workers (sem expor a VM diretamente):
+对于通过 Cloudflare Workers 进行远程访问（无需直接公开 VM）：
 
 ```bash
-# No repositório local
+# In the local repository
 cd omnirouteCloud
 npm install
 npx wrangler login
 npx wrangler deploy
 ```
 
-Ver documentação completa em [omnirouteCloud/README.md](../omnirouteCloud/README.md).
+请参阅 [omnirouteCloud/README.md](../omnirouteCloud/README.md) 处的完整文档。
 
 ---
 
-## Resumo de Portas
+## 端口总结
 
-| Porta | Serviço     | Acesso                        |
-| ----- | ----------- | ----------------------------- |
-| 22    | SSH         | Público (com fail2ban)        |
-| 80    | nginx HTTP  | Redirect → HTTPS              |
-| 443   | nginx HTTPS | Via Cloudflare Proxy          |
-| 20128 | OmniRoute   | Somente localhost (via nginx) |
+| 港口  | 服务            | 访问                     |
+| ----- | --------------- | ------------------------ |
+| 22    | 22 SSH          | 公共（带有fail2ban）     |
+| 80    | nginx HTTP      | 重定向 → HTTPS           |
+| 443   | 443 nginx HTTPS | 通过 Cloudflare 代理     |
+| 20128 | 20128全方位路线 | 仅本地主机（通过 nginx） |

package/app/docs/openapi.yaml

@@ -1,7 +1,7 @@
 openapi: 3.1.0
 info:
   title: OmniRoute API
-  version: 2.8.3
+  version: 2.8.5
   description: |
     OmniRoute is a local-first AI API proxy router. It provides an OpenAI-compatible
     endpoint that routes requests to multiple AI providers with load balancing,

package/app/open-sse/config/constants.ts

@@ -4,9 +4,9 @@ import { loadProviderCredentials } from "./credentialLoader.ts";
 export const FETCH_TIMEOUT_MS = parseInt(process.env.FETCH_TIMEOUT_MS || "120000", 10);
 
 // Idle timeout for SSE streams (ms). Closes stream if no data for this duration.
-// Default: 300s to support extended-thinking models (claude-opus-4-6, o3, etc.)
-// that may pause for >60s during deep reasoning phases. Override with STREAM_IDLE_TIMEOUT_MS env var.
-export const STREAM_IDLE_TIMEOUT_MS = parseInt(process.env.STREAM_IDLE_TIMEOUT_MS || "300000", 10);
+// Default: 120s balances deep-reasoning pauses with fast zombie stream detection (#473).
+// Extended-thinking models rarely pause >90s between chunks. Override with STREAM_IDLE_TIMEOUT_MS env var.
+export const STREAM_IDLE_TIMEOUT_MS = parseInt(process.env.STREAM_IDLE_TIMEOUT_MS || "120000", 10);
 
 // Provider configurations
 // OAuth credentials read from env vars with hardcoded fallbacks for backward compatibility.

package/app/open-sse/services/comboAgentMiddleware.ts

@@ -52,7 +52,15 @@ export function injectModelTag(messages: Message[], providerModel: string): Mess
 
   // Find last assistant message with string content
   const lastAssistantIdx = cleaned.map((m) => m.role).lastIndexOf("assistant");
-  if (lastAssistantIdx === -1) return cleaned;
+
+  // #474: If no assistant message exists yet (first turn), append a synthetic one
+  // so the tag is present when the client sends the next request with the response.
+  if (lastAssistantIdx === -1) {
+    return [
+      ...cleaned,
+      { role: "assistant", content: `\n<omniModel>${providerModel}</omniModel>` },
+    ];
+  }
 
   const msg = cleaned[lastAssistantIdx];
   if (typeof msg.content !== "string") return cleaned;

package/app/package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "omniroute",
-  "version": "2.8.3",
+  "version": "2.8.5",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "omniroute",
-      "version": "2.8.3",
+      "version": "2.8.5",
       "hasInstallScript": true,
       "license": "MIT",
       "workspaces": [
@@ -6707,9 +6707,9 @@
       }
     },
     "node_modules/flatted": {
-      "version": "3.3.3",
-      "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.3.tgz",
-      "integrity": "sha512-GX+ysw4PBCz0PzosHDepZGANEuFCMLrnRTiEy9McGjmkCQYwRq4A/X786G/fjM/+OjsWSU1ZrY5qyARZmO/uwg==",
+      "version": "3.4.2",
+      "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.4.2.tgz",
+      "integrity": "sha512-PjDse7RzhcPkIJwy5t7KPWQSZ9cAbzQXcafsetQoD7sOJRQlGikNbx7yZp2OotDnJyrDcbyRq3Ttb18iYOqkxA==",
       "dev": true,
       "license": "ISC"
     },

package/app/package.json

@@ -1,6 +1,6 @@
 {
   "name": "omniroute",
-  "version": "2.8.3",
+  "version": "2.8.5",
   "description": "Smart AI Router with auto fallback — route to FREE & cheap models, zero downtime. Works with Cursor, Cline, Claude Desktop, Codex, and any OpenAI-compatible tool.",
   "type": "module",
   "bin": {

package/app/scripts/i18n/generate-multilang.mjs

@@ -15,6 +15,7 @@ const DOC_SOURCE_FILES = [
   "FEATURES.md",
   "TROUBLESHOOTING.md",
   "USER_GUIDE.md",
+  "VM_DEPLOYMENT_GUIDE.md",
 ];
 
 const LOCALE_SPECS = [

package/app/src/shared/constants/cliTools.ts

@@ -193,8 +193,8 @@ export const CLI_TOOLS = {
     image: "/providers/kiro.png",
     icon: "psychology_alt",
     color: "#FF6B35",
-    description: "Amazon Kiro — AI-powered IDE",
-    configType: "guide",
+    description: "Amazon Kiro — AI-powered IDE with MITM",
+    configType: "mitm",
     guideSteps: [
       { step: 1, title: "Open Kiro Settings", desc: "Go to Settings → AI Provider" },
       { step: 2, title: "Base URL", value: "{{baseUrl}}", copyable: true },

package/app/src/shared/constants/providers.ts

@@ -10,6 +10,9 @@ export const FREE_PROVIDERS = {
     name: "Gemini CLI",
     icon: "terminal",
     color: "#4285F4",
+    deprecated: true,
+    deprecationReason:
+      "Google restricts third-party OAuth usage for Gemini CLI (Mar 2026). Pro models require paid plans. Use 'gemini' (API key) provider instead.",
   },
   kiro: { id: "kiro", alias: "kr", name: "Kiro AI", icon: "psychology_alt", color: "#FF6B35" },
 };

package/app/src/shared/validation/providerSchema.ts

@@ -19,6 +19,12 @@ export const ProviderSchema = z.object({
   textIcon: z.string().optional(),
   website: z.string().url().optional(),
   passthroughModels: z.boolean().optional(),
+  deprecated: z.boolean().optional(),
+  deprecationReason: z.string().optional(),
+  hasFree: z.boolean().optional(),
+  freeNote: z.string().optional(),
+  authHint: z.string().optional(),
+  apiHint: z.string().optional(),
 });
 
 export const ProvidersMapSchema = z.record(z.string(), ProviderSchema);

package/app/tests/e2e/providers-bailian-coding-plan.spec.ts

@@ -63,6 +63,13 @@ test.describe("Bailian Coding Plan Provider", () => {
     const redirectedToLogin = page.url().includes("/login");
     test.skip(redirectedToLogin, "Authentication enabled without a login fixture.");
 
+    // Dismiss any pre-existing dialog/overlay that may appear on page load
+    const preExistingDialog = page.getByRole("dialog").first();
+    if (await preExistingDialog.isVisible({ timeout: 2000 }).catch(() => false)) {
+      await page.keyboard.press("Escape");
+      await preExistingDialog.waitFor({ state: "hidden", timeout: 3000 }).catch(() => {});
+    }
+
     const addKeyButton = page.getByRole("button", {
       name: /add.*api.*key|add.*key|add.*connection|connect/i,
     });
@@ -175,6 +182,13 @@ test.describe("Bailian Coding Plan Provider", () => {
     const redirectedToLogin = page.url().includes("/login");
     test.skip(redirectedToLogin, "Authentication enabled without a login fixture.");
 
+    // Dismiss any pre-existing dialog/overlay that may appear on page load
+    const preExistingDialog = page.getByRole("dialog").first();
+    if (await preExistingDialog.isVisible({ timeout: 2000 }).catch(() => false)) {
+      await page.keyboard.press("Escape");
+      await preExistingDialog.waitFor({ state: "hidden", timeout: 3000 }).catch(() => {});
+    }
+
     const addKeyButton = page.getByRole("button", {
       name: /add.*api.*key|add.*key|add.*connection|connect/i,
     });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "omniroute",
-  "version": "2.8.3",
+  "version": "2.8.5",
   "description": "Smart AI Router with auto fallback — route to FREE & cheap models, zero downtime. Works with Cursor, Cline, Claude Desktop, Codex, and any OpenAI-compatible tool.",
   "type": "module",
   "bin": {