opencode-immune 1.0.37 → 1.0.38
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/plugin.js +28 -7
- package/package.json +1 -1
package/dist/plugin.js
CHANGED
|
@@ -11,7 +11,7 @@ const child_process_1 = require("child_process");
|
|
|
11
11
|
// ═══════════════════════════════════════════════════════════════════════════════
|
|
12
12
|
// PLUGIN VERSION CHECK
|
|
13
13
|
// ═══════════════════════════════════════════════════════════════════════════════
|
|
14
|
-
const PLUGIN_VERSION = "1.0.
|
|
14
|
+
const PLUGIN_VERSION = "1.0.38";
|
|
15
15
|
const PLUGIN_PACKAGE_NAME = "opencode-immune";
|
|
16
16
|
/**
|
|
17
17
|
* Read plugin version from package.json at runtime.
|
|
@@ -93,11 +93,11 @@ const ULTRAWORK_AGENT = "0-ultrawork";
|
|
|
93
93
|
const MANAGED_SESSION_TTL_MS = 7 * 24 * 60 * 60 * 1000;
|
|
94
94
|
const RATE_LIMIT_FALLBACK_MODEL = {
|
|
95
95
|
providerID: "externcash",
|
|
96
|
-
modelID: "gpt-5.
|
|
96
|
+
modelID: "gpt-5.5",
|
|
97
97
|
};
|
|
98
98
|
const CHILD_SESSION_FALLBACK_MODEL = {
|
|
99
99
|
providerID: "externcash",
|
|
100
|
-
modelID: "gpt-5.
|
|
100
|
+
modelID: "gpt-5.5",
|
|
101
101
|
};
|
|
102
102
|
function isManagedUltraworkSession(state, sessionID) {
|
|
103
103
|
return !!sessionID && state.managedUltraworkSessions.has(sessionID);
|
|
@@ -323,6 +323,26 @@ function isRateLimitApiError(error) {
|
|
|
323
323
|
const type = `${maybeError.data?.type ?? ""}`.toLowerCase();
|
|
324
324
|
return ((type.includes("rate_limit") || message.includes("too many requests") || message.includes("rate limit")));
|
|
325
325
|
}
|
|
326
|
+
function isCertificateApiError(error) {
|
|
327
|
+
if (!error || typeof error !== "object")
|
|
328
|
+
return false;
|
|
329
|
+
const maybeError = error;
|
|
330
|
+
const message = `${maybeError.message ?? ""} ${maybeError.data?.message ?? ""}`.toLowerCase();
|
|
331
|
+
const code = `${maybeError.code ?? ""} ${maybeError.data?.code ?? ""}`.toLowerCase();
|
|
332
|
+
const type = `${maybeError.data?.type ?? ""}`.toLowerCase();
|
|
333
|
+
return (message.includes("unknown certificate verification error") ||
|
|
334
|
+
message.includes("certificate has expired") ||
|
|
335
|
+
message.includes("certificate verification") ||
|
|
336
|
+
message.includes("tls") ||
|
|
337
|
+
message.includes("ssl") ||
|
|
338
|
+
code.includes("cert_has_expired") ||
|
|
339
|
+
code.includes("unable_to_verify_leaf_signature") ||
|
|
340
|
+
code.includes("self_signed_cert") ||
|
|
341
|
+
code.includes("tls") ||
|
|
342
|
+
type.includes("certificate") ||
|
|
343
|
+
type.includes("tls") ||
|
|
344
|
+
type.includes("ssl"));
|
|
345
|
+
}
|
|
326
346
|
async function setSessionFallbackModel(state, sessionID, model) {
|
|
327
347
|
const existing = state.managedUltraworkSessions.get(sessionID);
|
|
328
348
|
if (!existing)
|
|
@@ -1264,16 +1284,17 @@ function createEventHandler(state) {
|
|
|
1264
1284
|
if (count < MAX_RETRIES) {
|
|
1265
1285
|
const delay = Math.min(BASE_DELAY_MS * Math.pow(2, count), MAX_DELAY_MS);
|
|
1266
1286
|
state.sessionErrorRetryCount.set(sessionID, count + 1);
|
|
1267
|
-
// Pin fallback model: for child sessions always, for root
|
|
1287
|
+
// Pin fallback model: for child sessions always, for root provider-level failures.
|
|
1268
1288
|
if (isChild) {
|
|
1269
1289
|
await setSessionFallbackModel(state, sessionID, CHILD_SESSION_FALLBACK_MODEL);
|
|
1270
|
-
const errorType = isModelAccessError(error) ? "model access error" : isRateLimitApiError(error) ? "rate limit" : "retryable error";
|
|
1290
|
+
const errorType = isModelAccessError(error) ? "model access error" : isRateLimitApiError(error) ? "rate limit" : isCertificateApiError(error) ? "certificate error" : "retryable error";
|
|
1271
1291
|
console.log(`[opencode-immune] Child session ${sessionID}: ${errorType} detected. ` +
|
|
1272
1292
|
`Retry will use fallback model ${CHILD_SESSION_FALLBACK_MODEL.providerID}/${CHILD_SESSION_FALLBACK_MODEL.modelID}.`);
|
|
1273
1293
|
}
|
|
1274
|
-
else if (isRoot && isRateLimitApiError(error)) {
|
|
1294
|
+
else if (isRoot && (isRateLimitApiError(error) || isCertificateApiError(error))) {
|
|
1275
1295
|
await setSessionFallbackModel(state, sessionID, RATE_LIMIT_FALLBACK_MODEL);
|
|
1276
|
-
|
|
1296
|
+
const errorType = isCertificateApiError(error) ? "certificate error" : "rate limit";
|
|
1297
|
+
console.log(`[opencode-immune] ${errorType} detected for root session ${sessionID}. ` +
|
|
1277
1298
|
`Retry will use fallback model ${RATE_LIMIT_FALLBACK_MODEL.providerID}/${RATE_LIMIT_FALLBACK_MODEL.modelID}.`);
|
|
1278
1299
|
}
|
|
1279
1300
|
const scheduled = scheduleManagedSessionRetry(state, sessionID, {
|