tokentracker-cli 0.54.0 → 0.56.0

package/src/lib/rollout.js

@@ -4958,6 +4958,313 @@ async function parseCodebuddyIncremental({
   return { recordsProcessed, eventsAggregated, bucketsQueued };
 }
 
+// ─────────────────────────────────────────────────────────────────────────────
+// WorkBuddy — passive JSONL reader (~/.workbuddy/projects/<cwd>/**/*.jsonl)
+//
+// Tencent's WorkBuddy is a Claude-Code fork in the same "buddy" family as
+// CodeBuddy, but it differs from CodeBuddy's reader in three load-bearing ways
+// (each verified against real ~/.workbuddy logs, NOT assumed from CodeBuddy):
+//
+//   1. Usage lives on `function_call` records too — not only on
+//      `type=="message" && role=="assistant"`. Each LLM round-trip (whether it
+//      ends in a tool call or a text reply) carries its own providerData.rawUsage.
+//      We therefore aggregate EVERY record that has providerData.rawUsage and
+//      dedup per response id, instead of filtering by record type.
+//
+//   2. Sub-agent traffic is nested two levels deeper:
+//        ~/.workbuddy/projects/<cwd>/<sessionId>.jsonl                  (main)
+//        ~/.workbuddy/projects/<cwd>/<sessionId>/subagents/agent-*.jsonl (sub)
+//      CodeBuddy's resolver only globs the top level, so we recurse to pick up
+//      sub-agent usage (tool-results/*.txt are naturally skipped — not .jsonl).
+//
+//   3. rawUsage is OpenAI/DeepSeek-shaped and prompt_tokens is the FULL prompt
+//      (cache reads + cache writes + genuinely-new input). The cache split is
+//      mirrored two ways depending on which upstream the auto-router picked:
+//        • Anthropic-style: cache_read_input_tokens / cache_creation_input_tokens
+//        • DeepSeek/OpenAI-style: prompt_tokens_details.cached_tokens /
+//          prompt_cache_hit_tokens  (cache_creation_input_tokens then 0)
+//      Reasoning is reported inside completion_tokens (verified:
+//      rawUsage.total_tokens === prompt_tokens + completion_tokens).
+//
+//   Token math (matches the repo's queue convention; subtract BOTH cache reads
+//   AND cache writes from prompt_tokens — CodeBuddy's "prompt_tokens - cacheRead"
+//   only works because its cache_creation is always 0; WorkBuddy writes cache
+//   heavily, so the naive formula double-counts cache writes ~2x):
+//     cacheRead   = max(cache_read_input_tokens, prompt_tokens_details.cached_tokens,
+//                       prompt_cache_hit_tokens)
+//     cacheCreate = cache_creation_input_tokens
+//     input_tokens               = prompt_tokens - cacheRead - cacheCreate
+//     cached_input_tokens        = cacheRead
+//     cache_creation_input_tokens = cacheCreate
+//     reasoning_output_tokens    = completion_tokens_details.reasoning_tokens
+//     output_tokens              = completion_tokens - reasoning_output_tokens
+//     total_tokens               = sum of the above (== prompt_tokens + completion_tokens)
+//
+//   model is the auto-router placeholder ("auto") — WorkBuddy does not expose
+//   the underlying model in the log, so we emit it verbatim.
+// ─────────────────────────────────────────────────────────────────────────────
+
+function resolveWorkbuddyHome(env = process.env) {
+  const home = env.HOME || require("node:os").homedir();
+  return env.WORKBUDDY_HOME || path.join(home, ".workbuddy");
+}
+
+function resolveWorkbuddyDefaultModel(env = process.env) {
+  const fallback = "auto";
+  try {
+    const settingsPath = path.join(resolveWorkbuddyHome(env), "settings.json");
+    const raw = fssync.readFileSync(settingsPath, "utf8");
+    const parsed = JSON.parse(raw);
+    if (parsed && typeof parsed === "object" && typeof parsed.model === "string" && parsed.model.trim()) {
+      return parsed.model.trim();
+    }
+  } catch (_e) {
+    // settings missing or malformed — fall through
+  }
+  return fallback;
+}
+
+// Recursively collect every *.jsonl under ~/.workbuddy/projects so that
+// per-session conversation logs AND their nested subagents/agent-*.jsonl files
+// are both discovered. Non-.jsonl artefacts (tool-results/*.txt) are ignored.
+function resolveWorkbuddyProjectFiles(env = process.env) {
+  const projectsDir = path.join(resolveWorkbuddyHome(env), "projects");
+  if (!fssync.existsSync(projectsDir)) return [];
+  const files = [];
+  const walk = (dir) => {
+    let entries;
+    try { entries = fssync.readdirSync(dir, { withFileTypes: true }); } catch { return; }
+    for (const entry of entries) {
+      const full = path.join(dir, entry.name);
+      let isDir = entry.isDirectory();
+      let isFile = entry.isFile();
+      // Resolve symlinks defensively (Dirent flags are false for symlinks).
+      if (!isDir && !isFile) {
+        try {
+          const st = fssync.statSync(full);
+          isDir = st.isDirectory();
+          isFile = st.isFile();
+        } catch { continue; }
+      }
+      if (isDir) walk(full);
+      else if (isFile && entry.name.endsWith(".jsonl")) files.push(full);
+    }
+  };
+  walk(projectsDir);
+  files.sort((a, b) => a.localeCompare(b));
+  return files;
+}
+
+async function parseWorkbuddyIncremental({
+  projectFiles,
+  cursors,
+  queuePath,
+  onProgress,
+  env,
+  defaultModel,
+} = {}) {
+  await ensureDir(path.dirname(queuePath));
+  const workbuddyState =
+    cursors.workbuddy && typeof cursors.workbuddy === "object" ? cursors.workbuddy : {};
+  const seenIds = new Set(
+    Array.isArray(workbuddyState.seenIds) ? workbuddyState.seenIds : [],
+  );
+  const fileOffsets =
+    workbuddyState.fileOffsets && typeof workbuddyState.fileOffsets === "object"
+      ? { ...workbuddyState.fileOffsets }
+      : {};
+
+  const files = Array.isArray(projectFiles)
+    ? projectFiles
+    : resolveWorkbuddyProjectFiles(env || process.env);
+  const fallbackModel = defaultModel || resolveWorkbuddyDefaultModel(env || process.env);
+
+  if (files.length === 0) {
+    cursors.workbuddy = {
+      ...workbuddyState,
+      seenIds: Array.from(seenIds),
+      fileOffsets,
+      updatedAt: new Date().toISOString(),
+    };
+    return { recordsProcessed: 0, eventsAggregated: 0, bucketsQueued: 0 };
+  }
+
+  const hourlyState = normalizeHourlyState(cursors?.hourly);
+  const touchedBuckets = new Set();
+  const cb = typeof onProgress === "function" ? onProgress : null;
+  let recordsProcessed = 0;
+  let eventsAggregated = 0;
+
+  for (let fileIdx = 0; fileIdx < files.length; fileIdx++) {
+    const filePath = files[fileIdx];
+    let stat;
+    try { stat = fssync.statSync(filePath); } catch { continue; }
+
+    const prevEntry = fileOffsets[filePath] || {};
+    const prevSize = Number(prevEntry.size) || 0;
+    const prevIno = prevEntry.ino;
+    // Re-read from start if file shrunk (truncate/rewrite) or inode changed
+    // (file deleted + recreated). Otherwise pick up after the last read offset.
+    const inodeChanged = typeof prevIno === "number" && prevIno !== stat.ino;
+    const startOffset = stat.size < prevSize || inodeChanged ? 0 : prevSize;
+    if (stat.size <= startOffset) continue;
+
+    let stream;
+    try {
+      stream = fssync.createReadStream(filePath, {
+        encoding: "utf8",
+        start: startOffset,
+      });
+    } catch { continue; }
+    const rl = readline.createInterface({ input: stream, crlfDelay: Infinity });
+
+    for await (const line of rl) {
+      if (!line || !line.trim()) continue;
+      let entry;
+      try { entry = JSON.parse(line); } catch { continue; }
+      if (!entry || typeof entry !== "object") continue;
+
+      // Usage is carried on ANY record with providerData.rawUsage — assistant
+      // messages AND function_call records. Aggregate them all; dedup per id.
+      const provider = entry.providerData;
+      const rawUsage = provider && typeof provider === "object" ? provider.rawUsage : null;
+      if (!rawUsage || typeof rawUsage !== "object") continue;
+
+      const sessionId =
+        typeof entry.sessionId === "string" && entry.sessionId
+          ? entry.sessionId
+          : path.basename(filePath, ".jsonl");
+      const tsMs =
+        Number.isFinite(Number(entry.timestamp)) && Number(entry.timestamp) > 0
+          ? Number(entry.timestamp)
+          : null;
+      // One usage record per LLM round-trip; the response id is the most stable
+      // dedup key, then providerData.messageId, then session+timestamp.
+      const messageId =
+        typeof entry.id === "string" && entry.id
+          ? entry.id
+          : typeof provider.messageId === "string" && provider.messageId
+            ? provider.messageId
+            : tsMs != null
+              ? `${sessionId}:${tsMs}`
+              : null;
+      if (!messageId) continue;
+      if (seenIds.has(messageId)) continue;
+
+      recordsProcessed++;
+
+      const promptTokens = toNonNegativeInt(rawUsage.prompt_tokens);
+      const completionTokens = toNonNegativeInt(rawUsage.completion_tokens);
+      const promptDetails =
+        rawUsage.prompt_tokens_details && typeof rawUsage.prompt_tokens_details === "object"
+          ? rawUsage.prompt_tokens_details
+          : {};
+      const completionDetails =
+        rawUsage.completion_tokens_details && typeof rawUsage.completion_tokens_details === "object"
+          ? rawUsage.completion_tokens_details
+          : {};
+
+      // Cache reads are mirrored across up to three fields depending on which
+      // upstream the auto-router used; take the largest non-zero mirror.
+      const cacheRead = Math.max(
+        toNonNegativeInt(rawUsage.cache_read_input_tokens),
+        toNonNegativeInt(promptDetails.cached_tokens),
+        toNonNegativeInt(rawUsage.prompt_cache_hit_tokens),
+      );
+      const cacheCreation = toNonNegativeInt(rawUsage.cache_creation_input_tokens);
+      // prompt_tokens is the FULL prompt: subtract BOTH reads and writes so
+      // input_tokens is pure non-cached input (no double-counting cache writes).
+      const inputTokens = Math.max(0, promptTokens - cacheRead - cacheCreation);
+      // completion_tokens INCLUDES reasoning (verified: total == prompt+completion).
+      const reasoningTokens = Math.min(completionTokens, toNonNegativeInt(completionDetails.reasoning_tokens));
+      const outputTokens = Math.max(0, completionTokens - reasoningTokens);
+
+      if (
+        inputTokens === 0 &&
+        outputTokens === 0 &&
+        cacheRead === 0 &&
+        cacheCreation === 0 &&
+        reasoningTokens === 0
+      ) {
+        seenIds.add(messageId);
+        continue;
+      }
+
+      if (tsMs == null) {
+        seenIds.add(messageId);
+        continue;
+      }
+      const tsIso = new Date(tsMs).toISOString();
+      const bucketStart = toUtcHalfHourStart(tsIso);
+      if (!bucketStart) continue;
+
+      const model =
+        normalizeModelInput(provider.model) ||
+        normalizeModelInput(provider.requestModelId) ||
+        normalizeModelInput(entry.model) ||
+        fallbackModel;
+
+      const delta = {
+        input_tokens: inputTokens,
+        cached_input_tokens: cacheRead,
+        cache_creation_input_tokens: cacheCreation,
+        output_tokens: outputTokens,
+        reasoning_output_tokens: reasoningTokens,
+        total_tokens:
+          inputTokens + outputTokens + cacheRead + cacheCreation + reasoningTokens,
+        conversation_count: 1,
+      };
+
+      const bucket = getHourlyBucket(hourlyState, "workbuddy", model, bucketStart);
+      addTotals(bucket.totals, delta);
+      touchedBuckets.add(bucketKey("workbuddy", model, bucketStart));
+      seenIds.add(messageId);
+      eventsAggregated++;
+
+      if (cb) {
+        cb({
+          index: fileIdx + 1,
+          total: files.length,
+          recordsProcessed,
+          eventsAggregated,
+          bucketsQueued: touchedBuckets.size,
+        });
+      }
+    }
+
+    let postStat = stat;
+    try { postStat = fssync.statSync(filePath); } catch {}
+    fileOffsets[filePath] = {
+      size: postStat.size,
+      mtimeMs: postStat.mtimeMs,
+      ino: postStat.ino,
+    };
+  }
+
+  // Cap dedup set to last 10k IDs to bound cursor state size — same convention
+  // as CodeBuddy/Kimi/Copilot so cursors.json doesn't grow unbounded.
+  const seenArr = Array.from(seenIds);
+  const cappedSeen =
+    seenArr.length > 10_000 ? seenArr.slice(seenArr.length - 10_000) : seenArr;
+
+  const bucketsQueued = await enqueueTouchedBuckets({
+    queuePath,
+    hourlyState,
+    touchedBuckets,
+  });
+  const updatedAt = new Date().toISOString();
+  hourlyState.updatedAt = updatedAt;
+  cursors.hourly = hourlyState;
+  cursors.workbuddy = {
+    ...workbuddyState,
+    seenIds: cappedSeen,
+    fileOffsets,
+    updatedAt,
+  };
+
+  return { recordsProcessed, eventsAggregated, bucketsQueued };
+}
+
 // ─────────────────────────────────────────────────────────────────────────────
 // oh-my-pi (omp) — passive JSONL reader (~/.omp/agent/sessions/**/*.jsonl)
 //
@@ -6283,6 +6590,101 @@ function droidSessionIdFromPath(filePath) {
   return base.slice(0, -".settings.json".length);
 }
 
+// Resolve a Droid bucket model id. ccusage's chain: settings.model → sidecar
+// <id>.jsonl scrape → `<provider>-unknown` derived from providerLock or inferred
+// from the model fragment. Extracted so the dup-session repair migration can
+// reproduce the exact same bucket key a settings file would have emitted under.
+function resolveDroidModel(settings, filePath) {
+  let model = normalizeDroidModelName(settings.model);
+  if (!model) model = extractDroidModelFromSidecarJsonl(filePath);
+  if (!model) {
+    let provider = normalizeDroidProvider(settings.providerLock);
+    if (provider === "unknown") {
+      provider = inferDroidProviderFromModel(settings.model || "");
+    }
+    model = defaultDroidModelForProvider(provider);
+  }
+  return model;
+}
+
+// When the SAME Droid session id (the basename, which is the cursor key) appears
+// in more than one folder under ~/.factory/sessions, every such file shares one
+// sessionTotals[sessionId] entry. Processing them in a single parse loop makes the
+// lower-count file look like a session reset and re-emit the full cumulative on
+// every sync — unbounded inflation (issue #204). De-dupe to ONE canonical file per
+// session id BEFORE the loop. Canonical = the most complete cumulative snapshot:
+// largest max(five-field sum, totalTokens) (applyDroidTotalFallback already spills
+// totalTokens into the five fields, so summing the filled fields IS that max);
+// ties go to the newest mtime, then the lexicographically smaller path. A session
+// id with a single file passes through untouched (no disk read).
+function dedupeDroidSettingsFilesBySession(files) {
+  const list = Array.isArray(files) ? files : [];
+  const groups = new Map();
+  for (const filePath of list) {
+    if (typeof filePath !== "string") continue;
+    const sessionId = droidSessionIdFromPath(filePath);
+    if (!sessionId) continue;
+    if (!groups.has(sessionId)) groups.set(sessionId, []);
+    groups.get(sessionId).push(filePath);
+  }
+  const out = [];
+  for (const group of groups.values()) {
+    if (group.length === 1) {
+      out.push(group[0]);
+      continue;
+    }
+    let best = null;
+    let bestMetric = -1;
+    let bestMtime = -1;
+    for (const filePath of group) {
+      let mtimeMs = 0;
+      try {
+        mtimeMs = fssync.statSync(filePath).mtimeMs;
+      } catch {
+        continue;
+      }
+      let settings;
+      try {
+        settings = JSON.parse(fssync.readFileSync(filePath, "utf8"));
+      } catch {
+        continue;
+      }
+      const usage =
+        settings && typeof settings === "object" && settings.tokenUsage
+          ? settings.tokenUsage
+          : {};
+      const filled = applyDroidTotalFallback({
+        input: Math.max(0, Number(usage.inputTokens || 0)),
+        output: Math.max(0, Number(usage.outputTokens || 0)),
+        cacheCreation: Math.max(0, Number(usage.cacheCreationTokens || 0)),
+        cacheRead: Math.max(0, Number(usage.cacheReadTokens || 0)),
+        thinking: Math.max(0, Number(usage.thinkingTokens || 0)),
+        totalTokens: Math.max(0, Number(usage.totalTokens || 0)),
+      });
+      const metric =
+        filled.input +
+        filled.output +
+        filled.cacheCreation +
+        filled.cacheRead +
+        filled.thinking;
+      const better =
+        metric > bestMetric ||
+        (metric === bestMetric && mtimeMs > bestMtime) ||
+        (metric === bestMetric &&
+          mtimeMs === bestMtime &&
+          (best === null || filePath.localeCompare(best) < 0));
+      if (better) {
+        best = filePath;
+        bestMetric = metric;
+        bestMtime = mtimeMs;
+      }
+    }
+    out.push(best || group[0]);
+  }
+  out.sort((a, b) => a.localeCompare(b));
+  return out;
+}
+
 async function parseDroidIncremental({
   settingsFiles,
   cursors,
@@ -6304,9 +6706,11 @@ async function parseDroidIncremental({
       ? { ...droidState.sessionTotals }
       : {};
 
-  const files = Array.isArray(settingsFiles)
-    ? settingsFiles
-    : listDroidSettingsFiles(env || process.env);
+  const files = dedupeDroidSettingsFilesBySession(
+    Array.isArray(settingsFiles)
+      ? settingsFiles
+      : listDroidSettingsFiles(env || process.env),
+  );
 
   if (files.length === 0) {
     cursors.droid = {
@@ -6455,15 +6859,7 @@ async function parseDroidIncremental({
     // inferred from the model fragment we did find. Same fallback string set
     // (claude-unknown / gpt-unknown / gemini-unknown / grok-unknown) so
     // empty-model sessions bucket identically across both tools.
-    let model = normalizeDroidModelName(settings.model);
-    if (!model) model = extractDroidModelFromSidecarJsonl(filePath);
-    if (!model) {
-      let provider = normalizeDroidProvider(settings.providerLock);
-      if (provider === "unknown") {
-        provider = inferDroidProviderFromModel(settings.model || "");
-      }
-      model = defaultDroidModelForProvider(provider);
-    }
+    const model = resolveDroidModel(settings, filePath);
 
     // Token normalization: inputTokens already excludes cache reads (matches
     // Anthropic API convention), so cache columns slot in directly. Thinking
@@ -8663,6 +9059,10 @@ module.exports = {
   resolveCodebuddyProjectFiles,
   resolveCodebuddyDefaultModel,
   parseCodebuddyIncremental,
+  resolveWorkbuddyHome,
+  resolveWorkbuddyProjectFiles,
+  resolveWorkbuddyDefaultModel,
+  parseWorkbuddyIncremental,
   resolveKiroCliSessionFiles,
   resolveKiroCliDbPath,
   parseKiroCliIncremental,
@@ -8699,6 +9099,8 @@ module.exports = {
   droidSessionIdFromPath,
   extractDroidModelFromSidecarJsonl,
   applyDroidTotalFallback,
+  resolveDroidModel,
+  dedupeDroidSettingsFilesBySession,
   parseDroidIncremental,
   resolvePiHome,
   resolvePiAgentDir,
@@ -8719,6 +9121,7 @@ module.exports = {
   // Exposed so the queue-repair migration can mutate cursors state in the
   // same key format sync uses elsewhere.
   bucketKey,
+  toUtcHalfHourStart,
   totalsKey,
   claudeMessageDedupKey,
   groupBucketKey,

package/src/lib/usage-limits.js

@@ -5,6 +5,7 @@ const os = require("node:os");
 const path = require("node:path");
 const http = require("node:http");
 const https = require("node:https");
+const { performance } = require("node:perf_hooks");
 
 const {
   detectClaudeCodeSubscriptionDetails,
@@ -174,6 +175,8 @@ async function fetchClaudeUsageLimits(accessToken, { fetchImpl = fetch, maxAttem
 // reading mislabels it as "5h". Aligned with steipete/CodexBar's rate-window normalizer.
 const CODEX_SESSION_WINDOW_SECONDS = 18000;
 const CODEX_WEEKLY_WINDOW_SECONDS = 604800;
+const CODEX_RESET_CREDIT_LIST_TIMEOUT_MS = 3000;
+const CODEX_RESET_CREDIT_LIST_TIMEOUT_GUARD_MS = 25;
 
 function classifyCodexWindow(window) {
   if (!window || typeof window !== "object") return null;
@@ -291,9 +294,103 @@ function normalizeCodexSparkRateWindows(additionalRateLimits) {
   };
 }
 
+function normalizeCodexResetCreditCount(value) {
+  return Number.isInteger(value) && value >= 0 ? value : null;
+}
+
+function normalizeCodexResetCredit(row, nowMs) {
+  if (!row || typeof row !== "object" || Array.isArray(row)) return null;
+  if (row.status !== "available") return null;
+
+  const hasResetType = row.reset_type !== undefined && row.reset_type !== null;
+  if (hasResetType && row.reset_type !== "codex_rate_limits") return null;
+
+  const expiresAt = row.expires_at;
+  if (typeof expiresAt !== "string") return null;
+  const expiresAtMs = Date.parse(expiresAt);
+  if (!Number.isFinite(expiresAtMs) || expiresAtMs < nowMs) return null;
+
+  const credit = {
+    status: row.status,
+    expires_at: expiresAt,
+  };
+  if (typeof row.reset_type === "string") {
+    credit.reset_type = row.reset_type;
+  }
+  if (typeof row.granted_at === "string") {
+    credit.granted_at = row.granted_at;
+  }
+  return { credit, expiresAtMs };
+}
+
+function normalizeCodexResetCredits(resetCredits, nowMs = Date.now()) {
+  if (!resetCredits || typeof resetCredits !== "object" || Array.isArray(resetCredits)) return null;
+
+  const availableCount = normalizeCodexResetCreditCount(resetCredits.available_count);
+  const totalEarnedCount = normalizeCodexResetCreditCount(resetCredits.total_earned_count);
+  const normalized = [];
+  if (Array.isArray(resetCredits.credits) && availableCount !== 0) {
+    for (const row of resetCredits.credits) {
+      const entry = normalizeCodexResetCredit(row, nowMs);
+      if (entry) normalized.push(entry);
+    }
+  }
+
+  const credits = normalized
+    .sort((a, b) => a.expiresAtMs - b.expiresAtMs)
+    .slice(0, 50)
+    .map((entry) => entry.credit);
+
+  if (availableCount === null && totalEarnedCount === null && credits.length === 0) {
+    return null;
+  }
+
+  return {
+    available_count: availableCount,
+    total_earned_count: totalEarnedCount,
+    credits: availableCount === 0 ? [] : credits,
+  };
+}
+
+function codexResetCreditListTimeoutMs(remainingProviderBudgetMs) {
+  if (!Number.isFinite(remainingProviderBudgetMs)) {
+    return CODEX_RESET_CREDIT_LIST_TIMEOUT_MS;
+  }
+  if (remainingProviderBudgetMs <= 0) return 0;
+  const guardedBudgetMs = Math.floor(remainingProviderBudgetMs - CODEX_RESET_CREDIT_LIST_TIMEOUT_GUARD_MS);
+  if (guardedBudgetMs <= 0) return 0;
+  return Math.min(CODEX_RESET_CREDIT_LIST_TIMEOUT_MS, guardedBudgetMs);
+}
+
+async function fetchCodexResetCreditList(fetchImpl, headers, timeoutMs = CODEX_RESET_CREDIT_LIST_TIMEOUT_MS) {
+  let timer = null;
+  try {
+    const request = Promise.resolve()
+      .then(() => fetchImpl("https://chatgpt.com/backend-api/wham/rate-limit-reset-credits", {
+        method: "GET",
+        headers,
+      }))
+      .then(async (res) => {
+        if (!res.ok) return null;
+        return normalizeCodexResetCredits(await res.json());
+      });
+    if (!Number.isFinite(timeoutMs) || timeoutMs <= 0) {
+      return await request;
+    }
+    const timeout = new Promise((resolve) => {
+      timer = setTimeout(() => resolve(null), timeoutMs);
+    });
+    return await Promise.race([request, timeout]);
+  } catch (_err) {
+    return null;
+  } finally {
+    if (timer) clearTimeout(timer);
+  }
+}
+
 async function fetchCodexUsageLimits(
   accessToken,
-  { fetchImpl = fetch, accountId = null } = {},
+  { fetchImpl = fetch, accountId = null, providerTimeoutMs = DEFAULT_PROVIDER_TIMEOUT_MS } = {},
 ) {
   const headers = {
     Authorization: `Bearer ${accessToken}`,
@@ -305,27 +402,53 @@ async function fetchCodexUsageLimits(
     headers["ChatGPT-Account-Id"] = accountId;
   }
 
-  const res = await fetchImpl("https://chatgpt.com/backend-api/wham/usage", {
-    method: "GET",
-    headers,
-  });
-  // 401/403/404 from wham means "no usage data available for this auth state" — render
-  // a neutral empty state instead of a red "Fetch failed" error.
-  if (res.status === 401 || res.status === 403 || res.status === 404) {
+  const startedAtMs = performance.now();
+  const usage = await withProviderTimeout(Promise.resolve()
+    .then(() => fetchImpl("https://chatgpt.com/backend-api/wham/usage", {
+      method: "GET",
+      headers,
+    }))
+    .then(async (res) => {
+      // 401/403/404 from wham means "no usage data available for this auth state" — render
+      // a neutral empty state instead of a red "Fetch failed" error.
+      if (res.status === 401 || res.status === 403 || res.status === 404) {
+        return { body: null };
+      }
+      if (res.status !== 200) {
+        throw new Error(`Codex API returned ${res.status}`);
+      }
+      return { body: await res.json() };
+    }), "Codex", providerTimeoutMs);
+  if (!usage.body) {
     return {
       primary_window: null,
       secondary_window: null,
       spark_primary_window: null,
       spark_secondary_window: null,
+      reset_credits: null,
     };
   }
-  if (!res.ok) {
-    throw new Error(`Codex API returned ${res.status}`);
+  const body = usage.body;
+  let resetCredits = normalizeCodexResetCredits(body.rate_limit_reset_credits);
+  // This semi-private sibling endpoint is read-only; /wham/usage remains the stable count fallback.
+  const remainingProviderBudgetMs = Number.isFinite(providerTimeoutMs) && providerTimeoutMs > 0
+    ? providerTimeoutMs - (performance.now() - startedAtMs)
+    : CODEX_RESET_CREDIT_LIST_TIMEOUT_MS;
+  const resetCreditListTimeoutMs = codexResetCreditListTimeoutMs(remainingProviderBudgetMs);
+  if (resetCreditListTimeoutMs > 0) {
+    const resetCreditsList = await fetchCodexResetCreditList(
+      fetchImpl,
+      headers,
+      resetCreditListTimeoutMs,
+    );
+    if (resetCreditsList) {
+      resetCredits = resetCreditsList;
+    }
   }
-  const body = await res.json();
   return {
     ...normalizeCodexRateWindows(body.rate_limit || {}),
     ...normalizeCodexSparkRateWindows(body.additional_rate_limits),
+    reset_credits: resetCredits,
   };
 }
 
@@ -2174,11 +2297,11 @@ async function fetchUsageLimitsUncached({
         )
       : Promise.resolve(null),
     codexToken
-      ? withProviderTimeout(
-          fetchCodexUsageLimits(codexToken, { fetchImpl: providerFetch, accountId: codexAccountId }),
-          "Codex",
+      ? fetchCodexUsageLimits(codexToken, {
+          fetchImpl: providerFetch,
+          accountId: codexAccountId,
           providerTimeoutMs,
-        ).then(
+        }).then(
           (value) => ({ status: "fulfilled", value }),
           (reason) => ({ status: "rejected", reason }),
         )
@@ -2257,6 +2380,7 @@ async function fetchUsageLimitsUncached({
       secondary_window: codexResult.value.secondary_window,
       spark_primary_window: codexResult.value.spark_primary_window,
       spark_secondary_window: codexResult.value.spark_secondary_window,
+      reset_credits: codexResult.value.reset_credits,
     };
   }