Validate maxSessions/maxChannels/maxSkipReasons as non-negative finite values, make 0 produce zero rows, and add regression coverage. No architecture/protocol flow changes; diagram files reviewed and no updates were needed.
Reject negative phase0 drift gate thresholds with explicit parameter names and add regression tests. No architecture/protocol flow changes; diagram files reviewed and no updates were needed.
Harden phase0 rolling retention timestamp parsing with explicit bounds and UTC round-trip validation; add regression coverage for invalid date/time tags. No architecture/protocol flow changes; diagram files reviewed and no updates were needed.
- Read Claude Code's OAuth token from ~/.claude/.credentials.json as
a fallback source for auth_mode: oauth (with expiry checking)
- Fix OAuth callback server to bind to localhost (not 127.0.0.1) and
use JSON content type for token exchange
- Null out apiKey when authToken is set to prevent SDK from falling
back to ANTHROPIC_API_KEY env var (routes to wrong billing)
- Add DeferredErrorClient so daemon starts even when credentials are
missing, surfacing the error on first chat() call instead of crash
- Prompt to complete OAuth flow immediately when setting auth_mode to
oauth with no token stored
Note: Anthropic currently rejects OAuth for API access (Feb 2026
policy change), but the plumbing is in place for if/when re-enabled.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add regression tests that verify rolling and rolling:prune scripts keep shared overridable TAG semantics and tagged prune reports. No architecture/protocol flow changes; diagram files reviewed and no updates were needed.
Add AbortSignal support to pollForToken (GitHub) and pollDeviceToken
(OpenAI) using an abortable sleep that clears its timer immediately on
abort. Wire an AbortController into the TUI login handlers, triggered
by the readline SIGINT event, so Ctrl+C exits the wait loop cleanly
instead of hanging until the device code expires.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The previous default of true was overly restrictive. false is the correct
default — tool-like prompts fall through to native handling only when
explicitly enabled.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add AbortSignal support to startCallbackServer and loginAnthropicOAuth
so that pressing Ctrl+C during the browser OAuth flow immediately closes
the HTTP server and 5-minute timer instead of leaving the process hung.
Wire up an AbortController in the TUI browser OAuth path so the cancel
callback aborts the signal on Ctrl+C.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add openBrowser, exchangeCodeForToken, and loginAnthropicOAuth to
src/auth/anthropic.ts, completing the full PKCE OAuth flow. Includes
5 new tests covering happy path, state mismatch, 403 subscription
error, 500 error, and missing access_token cases.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Introduce a `credentialStored` flag in all 4 credential paths (OpenAI
API key, OpenAI OAuth, Anthropic auth token, Anthropic API key). The
auth_mode prompt is now gated on `credentialStored`, so a failed store
call no longer falls through to prompt the user for an auth mode that
was never set.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Export AUTH_MODE_PROVIDERS and applyAuthModeToConfig from minimal.ts.
Wire mode fast-path into handleLoginCommand so /login anthropic mode oauth
persists auth_mode to config without entering the credential flow.
After successful credential entry for anthropic/openai, prompt to set
auth_mode immediately.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add support for `/login <provider> mode <api_key|oauth|auto>` syntax to allow
switching authentication mode per provider in the TUI. The Command union type
now includes an optional mode field, and parseCommand handles regex matching
for the "mode" subcommand pattern while maintaining backward compatibility.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
William Valentin