opencode-immune 1.0.36 → 1.0.38
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/plugin.js +30 -7
- package/package.json +1 -1
package/dist/plugin.js
CHANGED
|
@@ -11,7 +11,7 @@ const child_process_1 = require("child_process");
|
|
|
11
11
|
// ═══════════════════════════════════════════════════════════════════════════════
|
|
12
12
|
// PLUGIN VERSION CHECK
|
|
13
13
|
// ═══════════════════════════════════════════════════════════════════════════════
|
|
14
|
-
const PLUGIN_VERSION = "1.0.
|
|
14
|
+
const PLUGIN_VERSION = "1.0.38";
|
|
15
15
|
const PLUGIN_PACKAGE_NAME = "opencode-immune";
|
|
16
16
|
/**
|
|
17
17
|
* Read plugin version from package.json at runtime.
|
|
@@ -93,11 +93,11 @@ const ULTRAWORK_AGENT = "0-ultrawork";
|
|
|
93
93
|
const MANAGED_SESSION_TTL_MS = 7 * 24 * 60 * 60 * 1000;
|
|
94
94
|
const RATE_LIMIT_FALLBACK_MODEL = {
|
|
95
95
|
providerID: "externcash",
|
|
96
|
-
modelID: "gpt-5.
|
|
96
|
+
modelID: "gpt-5.5",
|
|
97
97
|
};
|
|
98
98
|
const CHILD_SESSION_FALLBACK_MODEL = {
|
|
99
99
|
providerID: "externcash",
|
|
100
|
-
modelID: "gpt-5.
|
|
100
|
+
modelID: "gpt-5.5",
|
|
101
101
|
};
|
|
102
102
|
function isManagedUltraworkSession(state, sessionID) {
|
|
103
103
|
return !!sessionID && state.managedUltraworkSessions.has(sessionID);
|
|
@@ -263,6 +263,8 @@ function isRetryableApiError(error) {
|
|
|
263
263
|
const message = `${maybeError.message ?? ""} ${maybeError.data?.message ?? ""}`.toLowerCase();
|
|
264
264
|
if (message.includes("не разрешен") ||
|
|
265
265
|
message.includes("not allowed") ||
|
|
266
|
+
message.includes("internal error") ||
|
|
267
|
+
message.includes("internal server error") ||
|
|
266
268
|
message.includes("expected") ||
|
|
267
269
|
message.includes("to be a string") ||
|
|
268
270
|
message.includes("invalid_type") ||
|
|
@@ -321,6 +323,26 @@ function isRateLimitApiError(error) {
|
|
|
321
323
|
const type = `${maybeError.data?.type ?? ""}`.toLowerCase();
|
|
322
324
|
return ((type.includes("rate_limit") || message.includes("too many requests") || message.includes("rate limit")));
|
|
323
325
|
}
|
|
326
|
+
function isCertificateApiError(error) {
|
|
327
|
+
if (!error || typeof error !== "object")
|
|
328
|
+
return false;
|
|
329
|
+
const maybeError = error;
|
|
330
|
+
const message = `${maybeError.message ?? ""} ${maybeError.data?.message ?? ""}`.toLowerCase();
|
|
331
|
+
const code = `${maybeError.code ?? ""} ${maybeError.data?.code ?? ""}`.toLowerCase();
|
|
332
|
+
const type = `${maybeError.data?.type ?? ""}`.toLowerCase();
|
|
333
|
+
return (message.includes("unknown certificate verification error") ||
|
|
334
|
+
message.includes("certificate has expired") ||
|
|
335
|
+
message.includes("certificate verification") ||
|
|
336
|
+
message.includes("tls") ||
|
|
337
|
+
message.includes("ssl") ||
|
|
338
|
+
code.includes("cert_has_expired") ||
|
|
339
|
+
code.includes("unable_to_verify_leaf_signature") ||
|
|
340
|
+
code.includes("self_signed_cert") ||
|
|
341
|
+
code.includes("tls") ||
|
|
342
|
+
type.includes("certificate") ||
|
|
343
|
+
type.includes("tls") ||
|
|
344
|
+
type.includes("ssl"));
|
|
345
|
+
}
|
|
324
346
|
async function setSessionFallbackModel(state, sessionID, model) {
|
|
325
347
|
const existing = state.managedUltraworkSessions.get(sessionID);
|
|
326
348
|
if (!existing)
|
|
@@ -1262,16 +1284,17 @@ function createEventHandler(state) {
|
|
|
1262
1284
|
if (count < MAX_RETRIES) {
|
|
1263
1285
|
const delay = Math.min(BASE_DELAY_MS * Math.pow(2, count), MAX_DELAY_MS);
|
|
1264
1286
|
state.sessionErrorRetryCount.set(sessionID, count + 1);
|
|
1265
|
-
// Pin fallback model: for child sessions always, for root
|
|
1287
|
+
// Pin fallback model: for child sessions always, for root provider-level failures.
|
|
1266
1288
|
if (isChild) {
|
|
1267
1289
|
await setSessionFallbackModel(state, sessionID, CHILD_SESSION_FALLBACK_MODEL);
|
|
1268
|
-
const errorType = isModelAccessError(error) ? "model access error" : isRateLimitApiError(error) ? "rate limit" : "retryable error";
|
|
1290
|
+
const errorType = isModelAccessError(error) ? "model access error" : isRateLimitApiError(error) ? "rate limit" : isCertificateApiError(error) ? "certificate error" : "retryable error";
|
|
1269
1291
|
console.log(`[opencode-immune] Child session ${sessionID}: ${errorType} detected. ` +
|
|
1270
1292
|
`Retry will use fallback model ${CHILD_SESSION_FALLBACK_MODEL.providerID}/${CHILD_SESSION_FALLBACK_MODEL.modelID}.`);
|
|
1271
1293
|
}
|
|
1272
|
-
else if (isRoot && isRateLimitApiError(error)) {
|
|
1294
|
+
else if (isRoot && (isRateLimitApiError(error) || isCertificateApiError(error))) {
|
|
1273
1295
|
await setSessionFallbackModel(state, sessionID, RATE_LIMIT_FALLBACK_MODEL);
|
|
1274
|
-
|
|
1296
|
+
const errorType = isCertificateApiError(error) ? "certificate error" : "rate limit";
|
|
1297
|
+
console.log(`[opencode-immune] ${errorType} detected for root session ${sessionID}. ` +
|
|
1275
1298
|
`Retry will use fallback model ${RATE_LIMIT_FALLBACK_MODEL.providerID}/${RATE_LIMIT_FALLBACK_MODEL.modelID}.`);
|
|
1276
1299
|
}
|
|
1277
1300
|
const scheduled = scheduleManagedSessionRetry(state, sessionID, {
|