* Remove internal-only bundled skills and mock rate-limit behavior
This takes the next planned Phase C-lite slice by deleting bundled skills
that only ever registered for internal users and replacing the internal
mock rate-limit helper with a stable no-op external stub. The external
build keeps the same behavior while removing a concentrated block of
USER_TYPE-gated dead code.
Constraint: Limit this PR to isolated internal-only helpers and avoid bridge, oauth, or rebrand behavior
Rejected: Broad USER_TYPE cleanup across mixed runtime surfaces | too risky for the next medium-sized PR
Confidence: high
Scope-risk: moderate
Reversibility: clean
Directive: The next cleanup pass should continue with similarly isolated USER_TYPE helpers before touching main.tsx or protocol-heavy code
Tested: bun run build
Tested: bun run smoke
Tested: bun run verify:privacy
Tested: bun run test:provider
Tested: bun run test:provider-recommendation
Not-tested: Full repo typecheck (upstream baseline remains noisy)
* Align internal-only helper removal with remaining user guidance
This follow-up fixes the mock billing stub to be a true no-op and removes
stale user-facing references to /verify and /skillify from the same PR.
It also leaves a clearer paper trail for review: the deleted verify skill
was explicitly ant-gated before removal, and the remaining mock helper
callers still resolve to safe no-op returns in the external build.
Constraint: Keep the PR focused on consistency fixes and reviewer-requested evidence, not new cleanup scope
Rejected: Leave stale guidance for a later PR | would make this branch internally inconsistent after skill removal
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: When deleting gated features, always sweep user guidance and coordinator prompts in the same pass
Tested: bun run build
Tested: bun run smoke
Tested: bun run verify:privacy
Tested: bun run test:provider
Tested: bun run test:provider-recommendation
Not-tested: Full repo typecheck (upstream baseline remains noisy; changed-file scan still shows only pre-existing tipRegistry errors outside edited lines)
* Clarify generic workflow wording after skill removal
This removes the last generic verification-skill wording that could still
be read as pointing at a deleted bundled command. The guidance now talks
about project workflows rather than a specific bundled verify skill.
Constraint: Keep the follow-up limited to reviewer-facing wording cleanup on the same PR
Rejected: Leave generic wording as-is | still too easy to misread after the explicit /verify references were removed
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: When removing bundled commands, scrub both explicit and generic references in the same branch
Tested: bun run build
Tested: bun run smoke
Not-tested: Additional checks unchanged by wording-only follow-up
---------
Co-authored-by: anandh8x <test@example.com>
This follow-up Phase C-lite slice replaces purely internal helper modules
with stable external no-op surfaces and collapses internal elevated error
logging to a no-op. The change removes additional USER_TYPE-gated helper
behavior without touching product-facing runtime flows.
Constraint: Keep this PR limited to isolated helper modules that are already external no-ops in practice
Rejected: Pulling in broader speculation or logging sink changes | less isolated and easier to debate during review
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Continue Phase C with similarly isolated helpers before moving into mixed behavior files
Tested: bun run build
Tested: bun run smoke
Tested: bun run verify:privacy
Tested: bun run test:provider
Tested: bun run test:provider-recommendation
Not-tested: Full repo typecheck (upstream baseline remains noisy)
Co-authored-by: anandh8x <test@example.com>
This extends the label-only cleanup to the remaining internal-only command,
debug, and heading strings so the source tree no longer contains ANT-ONLY
markers. The pass still avoids logic changes and only renames labels shown
in internal or gated surfaces.
Constraint: Update the existing label-cleanup PR without widening scope into behavior changes
Rejected: Leave the last ANT-ONLY strings for a later pass | low-cost cleanup while the branch is already focused on labels
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: The next phase should move off label cleanup and onto a separately scoped logic or rebrand slice
Tested: bun run build
Tested: bun run smoke
Tested: bun run verify:privacy
Tested: bun run test:provider
Tested: bun run test:provider-recommendation
Not-tested: Full repo typecheck (upstream baseline remains noisy)
Co-authored-by: anandh8x <test@example.com>
This pass rewrites a small set of ant-only diagnostic and UI labels to
neutral internal wording while leaving command definitions, flags, and
runtime logic untouched. It focuses on internal debug output, dead UI
branches, and noninteractive headings rather than broader product text.
Constraint: Label cleanup only; do not change command semantics or ant-only logic gates
Rejected: Renaming ant-only command descriptions in main.tsx | broader UX surface better handled in a separate reviewed pass
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Remaining ANT-ONLY hits are mostly command descriptions and intentionally deferred user-facing strings
Tested: bun run build
Tested: bun run smoke
Tested: bun run verify:privacy
Tested: bun run test:provider
Tested: bun run test:provider-recommendation
Not-tested: Full repo typecheck (upstream baseline remains noisy)
Co-authored-by: anandh8x <test@example.com>
This is a small prose-only follow-up that rewrites clearly internal or
explanatory Anthropic comment language to neutral wording in a handful of
high-confidence files. It avoids runtime strings, flags, command labels,
protocol identifiers, and provider-facing references.
Constraint: Keep this pass narrowly scoped to comments/documentation only
Rejected: Broader Anthropic comment sweep across functional API/protocol references | too ambiguous for a safe prose-only PR
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Leave functional Anthropic references (API behavior, SDKs, URLs, provider labels, protocol docs) for separate reviewed passes
Tested: bun run build
Tested: bun run smoke
Tested: bun run verify:privacy
Tested: bun run test:provider
Tested: bun run test:provider-recommendation
Not-tested: Full repo typecheck (upstream baseline remains noisy)
Co-authored-by: anandh8x <test@example.com>
This pass rewrites comment-only ANT-ONLY markers to neutral internal-only
language across the source tree without changing runtime strings, flags,
commands, or protocol identifiers. The goal is to lower obvious internal
prose leakage while keeping the diff mechanically safe and easy to review.
Constraint: Phase B is limited to comments/prose only; runtime strings and user-facing labels remain deferred
Rejected: Broad search-and-replace across strings and command descriptions | too risky for a prose-only pass
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Remaining ANT-ONLY hits are mostly runtime/user-facing strings and should be handled separately from comment cleanup
Tested: bun run build
Tested: bun run smoke
Tested: bun run verify:privacy
Tested: bun run test:provider
Tested: bun run test:provider-recommendation
Not-tested: Full repo typecheck (upstream baseline remains noisy)
Co-authored-by: anandh8x <test@example.com>
* Remove internal-only tooling without changing external runtime contracts
This trims the lowest-risk internal-only surfaces first: deleted internal
modules are replaced by build-time no-op stubs, the bundled stuck skill is
removed, and the insights S3 upload path now stays local-only. The privacy
verifier is expanded and the remaining bundled internal Slack/Artifactory
strings are neutralized without broad repo-wide renames.
Constraint: Keep the first PR deletion-heavy and avoid mass rewrites of USER_TYPE, tengu, or claude_code identifiers
Rejected: One-shot DMCA cleanup branch | too much semantic risk for a first PR
Confidence: medium
Scope-risk: moderate
Reversibility: clean
Directive: Treat full-repo typecheck as a baseline issue on this upstream snapshot; do not claim this commit introduced the existing non-Phase-A errors without isolating them first
Tested: bun run build
Tested: bun run smoke
Tested: bun run verify:privacy
Not-tested: Full repo typecheck (currently fails on widespread pre-existing upstream errors outside this change set)
* Keep minimal source shims so CI can import Phase A cleanup paths
The first PR removed internal-only source files entirely, but CI provider
and context tests import those modules directly from source rather than
through the build-time no-telemetry stubs. This restores tiny no-op source
shims so tests and local source imports resolve while preserving the same
external runtime behavior.
Constraint: GitHub Actions runs source-level tests in addition to bundled build/privacy checks
Rejected: Revert the entire deletion pass | unnecessary once the import contract is satisfied by small shims
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: For later cleanup phases, treat build-time stubs and source-test imports as separate compatibility surfaces
Tested: bun run build
Tested: bun run smoke
Tested: bun run verify:privacy
Tested: bun run test:provider
Tested: bun run test:provider-recommendation
Not-tested: Full repo typecheck (still noisy on this upstream snapshot)
---------
Co-authored-by: anandh8x <test@example.com>
Remove debug systems, employee detection, and internal logging
that have no function in a community fork.
Changes:
- Remove logPermissionContextForAnts import and calls (main.tsx, compact.ts)
Reads Kubernetes namespace and container IDs from internal infra paths.
Dead code for all external users.
- Remove createDumpPromptsFetch import and gate (query.ts)
Internal prompt dump system for employee debugging.
Replace gate with unconditional undefined — normal fetch always used.
- Remove stripSignatureBlocks ant-only block (query.ts)
Was behind USER_TYPE === 'ant' guard, never ran for external users.
- Hardcode isAnt: false (query/config.ts)
Employee detection flag has no place in a community fork.
config.gates.isAnt had exactly one consumer (dumpPromptsFetch, now removed).
- Gut logClassifierResultForAnts body (bashPermissions.ts)
Replace with empty no-op. Still called from 4 sites, zero execution.
Remove ANT-ONLY comments describing internal security model.
- Gate status.anthropic.com behind firstParty check (errors.ts)
429 error hint now only shown when using Anthropic directly.
Third-party provider users see a generic capacity message.
Build: passes
Typecheck: clean (no new errors)
Tests: 196 pass, same 6 pre-existing failures unrelated to these changes
* fix: auto-allow safe read-only commands in acceptEdits mode
In acceptEdits mode, read-only commands like grep, cat, ls, find, head,
tail were still prompting for approval. This created unnecessary friction
since these commands cannot modify or delete files.
Add safe read-only commands to ACCEPT_EDITS_ALLOWED_COMMANDS:
grep, cat, ls, find, head, tail, echo, pwd, wc, sort, uniq, diff
These are all read-only — they cannot cause data loss or modify the
filesystem. Auto-allowing them reduces approval fatigue in acceptEdits
mode without introducing any safety risk.
Write commands (rm, rmdir, mv, cp, sed, mkdir, touch) are unchanged.
The dangerous path guard for rm/rmdir remains in place.
Fixes#251.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(bash): block unsafe acceptEdits auto-allow
Keep the new read-only acceptEdits commands behind the existing read-only validator and block shell redirection based on the original command text. This prevents commands like echo > file and find -delete from being silently auto-approved while preserving safe read-only commands.
Co-Authored-By: Claude <noreply@anthropic.com>
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
On Windows, shells can set OPENAI_BASE_URL to the literal string
"undefined" when the variable is referenced without quotes while unset.
The nullish-coalescing operator (??) does not catch this because
"undefined" is a truthy string, causing resolveProviderRequest() to
treat it as a real base URL. This broke the Codex transport check:
(!rawBaseUrl && isCodexAlias(model)) evaluated as (false || true) = false
so the transport was incorrectly set to chat_completions (issue #336).
Fix: introduce asEnvUrl() which trims the value and rejects both empty
strings and the sentinel string "undefined". Use it for all three
rawBaseUrl sources (options.baseUrl, OPENAI_BASE_URL, OPENAI_API_BASE).
Tests: add three new cases to the 'Codex provider config' describe block
covering the empty-string, "undefined"-string, and options-override
scenarios. Also add beforeEach/afterEach guards so individual tests
cannot contaminate each other via env var state.
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
In acceptEdits mode, filesystem commands (rm, rmdir, mv, cp, sed, mkdir,
touch) were returned as 'allow' before checkDangerousRemovalPaths ran.
This meant rm -rf ~ and rm -rf / bypassed the dangerous path guard entirely.
Fix:
- Export checkDangerousRemovalPaths from pathValidation.ts
- In modeValidation.ts, call it for rm/rmdir before returning allow
- Safe paths (rm file.txt) continue to auto-allow unchanged
- Dangerous paths (rm -rf ~) now return 'ask' requiring user approval
This is a defense-in-depth guard that matters most for 3P models (local
Ollama, DeepSeek etc.) that lack built-in refusal training and would
blindly execute destructive commands in acceptEdits mode.
Fixes finding 3 from issue #244.
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Inline base64 source maps had been checked into tracked src files. This strips those comments from the repository without changing runtime behavior or adding ongoing guardrails, per the requested one-time cleanup scope.
Constraint: Keep this change limited to tracked source cleanup only
Rejected: Add CI/source verification guard | user requested one-time cleanup only
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: If these directives reappear, fix the producing transform instead of reintroducing repo-side cleanup code
Tested: rg -n "sourceMappingURL" ., bun run smoke, bun run verify:privacy, bun run test:provider, npm run test:provider-recommendation
Not-tested: bun run typecheck (repository has many pre-existing unrelated failures)
Co-authored-by: anandh8x <test@example.com>
Keep normal prompt submissions during generation queued instead of interrupting the current turn. Add a visible next-turn banner in the prompt area so users can tell their follow-up guidance was accepted, and cover the new behavior with focused tests.
Fixes#328
Co-authored-by: Claude <noreply@anthropic.com>
Two provider routing bugs that cause silent wrong-model failures:
1. model.ts: getUserSpecifiedModelSetting() read ANTHROPIC_MODEL ||
GEMINI_MODEL || OPENAI_MODEL with no provider check. A user
switching from Anthropic to OpenAI with ANTHROPIC_MODEL still set
would silently send the Anthropic model name to the OpenAI API.
Now gates each env var behind the active provider from
getAPIProvider().
2. providers.ts: isCodexModel() maintained a hardcoded list of 8 model
names that was missing gpt-5.4-mini and gpt-5.2 from the canonical
CODEX_ALIAS_MODELS table in providerConfig.ts. This caused a
split-brain: getAPIProvider() returned 'openai' while
resolveProviderRequest() selected 'codex_responses' transport.
Now delegates to the exported isCodexAlias() to keep both detection
systems in sync.
* feat: fix open-source build and add Ollama model picker
- Fix build failures by stubbing 62+ missing Anthropic-internal modules
with a catch-all plugin in scripts/build.ts
- Add runtime shim exports (isReplBridgeActive, getReplBridgeHandle) in
bootstrap/state.ts for feature-gated code references
- Add /model picker support for Ollama: fetches available models from
Ollama server at startup and displays them in the model selection menu
- Add Ollama model validation against cached server model list
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: address PR review feedback for Ollama integration
- Move Ollama validation before enterprise allowlist check in validateModel
- Truncate model list in error messages to first 5 entries
- Fix isOllamaProvider() to detect OLLAMA_BASE_URL-only configurations
- Reuse getOllamaApiBaseUrl() from providerDiscovery instead of duplicating
- Reset fetchPromise on failure to allow retry in prefetchOllamaModels
- Include Default option in Ollama model picker, prevent Claude model fallthrough
- Add file existence check for src/tasks/ stubs in build script
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: use pre-scanned exact-match resolvers to avoid Bun bundler corruption
Bun's onResolve plugin corrupts the module graph even when returning null
for non-matching imports. This caused lodash-es memoize and zod's util
namespace to be incorrectly tree-shaken, producing runtime ReferenceErrors.
Replace all pattern-based onResolve hooks with a pre-build scan that
identifies missing modules upfront, then registers exact-match resolvers
only for confirmed missing imports. This avoids touching any valid module
resolution paths.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: move Ollama model prefetch outside startup throttle gate
prefetchOllamaModels() was inside the skipStartupPrefetches condition,
so it would be skipped on subsequent launches due to the bgRefresh
throttle timestamp. Ollama model fetch targets a local/remote server
and is fast & cheap, so it should always run at startup.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* fix: OAuth tokens secure storage for Windows & Linux
* fix: OAuth tokens secure storage for Windows & Linux #215
* fix: OAuth tokens secure storage for Windows & Linux #215
* fix: OAuth tokens secure storage for Windows & Linux #215
This sixth pass continues issue #314 with a message-focused micro-batch: three tiny message components that each only surfaced a single unused React import warning. The batch stays intentionally minimal and behavior-neutral.
Constraint: Keep pass 6 limited to one-line message-component cleanup with the same warning shape
Rejected: Mix in broader message component cleanup or unrelated typing fixes | would dilute the micro-pass and expand review scope unnecessarily
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Continue splitting by path + warning shape when easy one-line cleanups are available
Tested: bun run build; bun run smoke; targeted noUnused grep for touched files via bun x tsc --noEmit --noUnusedLocals --noUnusedParameters --pretty false
Not-tested: full repo typecheck (broader baseline noise remains outside this pass)
Co-authored-by: anandh8x <test@example.com>
This fifth cleanup pass follows issue #314 with another homogeneous, low-risk slice: three LogoV2 notice/upsell components that each only surfaced a single unused React import warning. Removing just those imports keeps the series moving without mixing in broader cleanup categories.
Constraint: Keep pass 5 to files with the same single-warning pattern
Rejected: Fold in unrelated LogoV2 files with wider warnings or other cleanup shapes | would make the pass less uniform and less reviewable
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Continue preferring single-pattern micro-passes when the compiler output presents them clearly
Tested: bun run build; bun run smoke; targeted noUnused grep for touched files via bun x tsc --noEmit --noUnusedLocals --noUnusedParameters --pretty false
Not-tested: full repo typecheck (broader baseline noise remains outside this pass)
Co-authored-by: anandh8x <test@example.com>
This fourth pass continues issue #314 with the smallest cleanup slice so far: six files that each surfaced the same single warning for an unused React import. Keeping the batch this focused improves review speed and removes noise without changing behavior or widening the cleanup scope.
Constraint: Limit this pass to single-warning files only so the intent stays obvious
Rejected: Combine this with broader typing or props-alias cleanup | unnecessary scope expansion for an already reviewable one-line pattern
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep using ultra-small homogeneous passes whenever the compiler output exposes them; they are cheap to review and easy to revert
Tested: bun run build; bun run smoke; targeted noUnused grep for touched files via bun x tsc --noEmit --noUnusedLocals --noUnusedParameters --pretty false
Not-tested: full repo typecheck (broader baseline noise remains outside this pass)
Co-authored-by: anandh8x <test@example.com>
This third pass continues the issue #314 cleanup series with four very small display-oriented components. The changes only remove unused React imports and reconnect existing Props aliases or parameter types where the files were otherwise surfacing straightforward compiler noise.
Constraint: Keep the pass limited to trivial display components with uniform low-risk cleanup shape
Rejected: Mix in files with unrelated missing-module or broader logic noise | weakens review focus and muddies verification
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Prefer these tiny homogeneous slices while the repo still has wider baseline no-unused noise
Tested: bun run build; bun run smoke; targeted noUnused grep for touched files via bun x tsc --noEmit --noUnusedLocals --noUnusedParameters --pretty false
Not-tested: full repo typecheck (broader baseline noise remains outside this pass)
Co-authored-by: anandh8x <test@example.com>
This follow-up pass continues the phased unused-code cleanup from issue #314 with four dialog components that shared the same low-risk pattern: avoidable unused imports, dormant Props aliases, and untyped callback plumbing that only existed as compiler noise. The changes keep behavior intact while reducing the next layer of cleanup friction.
Constraint: Keep the second pass narrowly scoped and homogeneous so it stays easy to review beside PR #316
Rejected: Fold in EffortCallout and wider component cleanup at the same time | larger surface area and less uniform risk profile
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Continue batching future passes by shared cleanup pattern; leave broader refactors and compatibility placeholders for separate PRs
Tested: bun run build; bun run smoke; targeted noUnused grep for touched files via bun x tsc --noEmit --noUnusedLocals --noUnusedParameters --pretty false
Not-tested: full repo typecheck (broader baseline noise remains outside this pass)
Co-authored-by: anandh8x <test@example.com>
This first cleanup pass removes clearly unused imports and dead locals from a small set of components, and reconnects a few existing Props aliases to their component signatures so they stop surfacing as avoidable noise. The scope stays intentionally narrow to make the follow-up cleanup series easier to review and lower risk.
Constraint: Follow issue #314 with a components-only, low-risk first pass
Rejected: Broader sweep across commands/hooks/utils in the same PR | too much review surface for an initial cleanup pass
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep subsequent unused-code cleanups narrowly batched; treat signature/compatibility placeholders separately from straightforward import/alias cleanup
Tested: bun run build; bun run smoke; targeted noUnused grep for touched files via bun x tsc --noEmit --noUnusedLocals --noUnusedParameters --pretty false
Not-tested: full repo typecheck (baseline repo noise remains outside this narrow pass)
Co-authored-by: anandh8x <test@example.com>
This seventh pass continues issue #314 with a two-file PromptInput micro-batch. Both files shared the same single-warning pattern for an unused React import, so the cleanup stays extremely small, behavior-neutral, and easy to review.
Constraint: Keep pass 7 to the exact two-file PromptInput pair with the same warning shape
Rejected: Fold in broader PromptInput cleanup or unrelated warnings | would expand scope beyond a simple micro-pass
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Continue harvesting paired file/test micro-batches when the compiler output exposes them cleanly
Tested: bun run build; bun run smoke; targeted noUnused grep for touched files via bun x tsc --noEmit --noUnusedLocals --noUnusedParameters --pretty false
Not-tested: full repo typecheck (broader baseline noise remains outside this pass)
Co-authored-by: anandh8x <test@example.com>
* added duck duck go for websearch tools that allowed free searching
* update readme
* Replace @phukon/duckduckgo-search with duck-duck-scrape and fix Firecrawl routing priority, and add DDG error handling
* refactor: streamline DuckDuckGo search fallback to use Firecrawl directly on rate limit
* docs: update README to clarify DuckDuckGo web search fallback and its limitations with TOS
* fix: disable experimental API betas by default to prevent 500 errors
Tool search (defer_loading), global cache scope, and context management
betas require internal Anthropic server-side support. External accounts
receive 500 Internal Server Error when these are sent.
Set CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS=true by default in the CLI
entrypoint. Users with internal access can opt back in with =false.
Also includes: cache key stability fixes (Sonnet 1M latch, system-before-
messages key ordering, resume fingerprint isMeta skip), sideQuery default
cleanup, and /dream command.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* refactor: standardize API headers to Headers type and enable tengu feature flags by default
* fix: address PR review — dream lock, MCP betas guard, redundant Partial
- Call recordConsolidation() programmatically in /dream instead of
delegating to model prompt (unreliable)
- Add CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS guard to MCP entrypoint
(was only in CLI entrypoint, causing 500s in MCP server mode)
- Remove redundant ? markers from SecretValueSource Partial<{}> type
---------
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Three compounding issues caused keyboard input to appear frozen or drop
characters on startup, particularly on Windows CMD/PowerShell and Mac
terminal environments.
Issue 1 — earlyInput disabled (cli.tsx):
The rebrand commit gated startCapturingEarlyInput() behind an opt-in
env flag (OPENCLAUDE_ENABLE_EARLY_INPUT=1), which meant any characters
typed before React finished mounting were silently dropped. Users who
type immediately after launch saw an empty input box with no indication
their keystrokes were lost. Flipped to an opt-out flag
(OPENCLAUDE_DISABLE_EARLY_INPUT=1) so early input capture is on by
default, matching the original upstream behaviour.
Issue 2 — stdin.resume() called before listener attached (App.tsx):
stdin.resume() put the stream into flowing mode before the data/readable
listener was registered. Any input arriving in that gap was queued and
delivered in a burst when the listener connected, which could flood
React's scheduler and stall input processing. Moved resume() to after
the listener is attached so the stream only flows once the handler is
ready.
Issue 3 — AnimatedAsterisk fires ~60 React re-renders in 3s (AnimatedAsterisk.tsx):
The startup screen colour sweep animation runs at 50ms intervals for
3000ms total. Each tick triggers a full re-render of the startup screen
subtree, which competes with stdin event processing in React's microtask
queue. On Windows, where the event loop scheduler is slower, this
reliably caused typing to lag or freeze for the first few seconds after
launch. The animation is now skipped on Windows (process.platform ===
'win32'), showing the icon in its settled state immediately. Mac and
Linux are unaffected.
Closes#228, #220, #205
Prevents collision with existing Claude Code installations that already
use ~/.claude for their own config, settings, and project data.
Migration compatibility: if ~/.openclaude does not yet exist but ~/.claude
does, the legacy path is kept automatically so existing openclaude users
don't lose their data on upgrade. New installs go straight to ~/.openclaude.
Users who need an explicit path can set CLAUDE_CONFIG_DIR.
Fixes#184
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
getPromptCachingEnabled() returned true for all providers including
Azure Foundry, OpenAI, Gemini, and GitHub. This caused cache_control
blocks to be injected into every request sent to 3P endpoints.
Azure Foundry's strict Responsible AI content filter treats unexpected
Anthropic-specific fields (cache_control: { type: "ephemeral" }) as
a jailbreak signal and rejects the request with a 400 error — even
for a simple prompt like "hi".
Fix: return false early when provider is not firstParty, bedrock, or
vertex — the only providers that understand and support prompt caching.
Fixes#273
Related: #267 (Finding 1)
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix: resolve keyboard freeze via sync render path and stable useAppState selectors
Two compounding React 19 defects caused keyboard input to freeze after
MCP notifications or rapid state updates:
Defect 2 (ink.tsx): The render() path used async updateContainer, which
batches updates across scheduler ticks. Keyboard events dispatched mid-render
drained faster than React processed them, causing input to appear frozen.
Fixed by switching to updateContainerSync + flushSyncWork (same pattern
already used in the unmount path).
Defect 4 (AppState.tsx): useAppState and useAppStateMaybeOutsideOfProvider
used React Compiler _c cache invalidation tied to selector identity. Inline
arrow selectors (new reference each render) invalidated the cache every cycle,
producing a new `get` function. useSyncExternalStore treats a new `get` as a
tearing signal, re-syncing state and re-rendering — causing a loop that
starved the input handler. Fixed with useRef + useCallback(fn, []) to give
useSyncExternalStore a permanently stable snapshot reference.
Note: AppState.tsx is React Compiler output. The _c bypass for these two
hooks is intentional — compiler cache invalidation on inline selectors is
the root cause of the tearing loop.
All 200 tests pass. Build and smoke test verified.
Closes#77, #220, #228
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix: update selector refs during render instead of useLayoutEffect
Addresses review feedback on PR #266. The previous useLayoutEffect approach
updated selectorRef.current after the render phase, meaning a changed selector
(e.g. s => s.tasks[attachment.taskId] when taskId changes) would still read
stale data during the render it changed in.
Fix: assign selectorRef.current and storeRef.current directly during render
before useSyncExternalStore calls get(). Ref mutation during render is safe
here — it's synchronous and happens before the snapshot is read. get()
identity stays stable via useCallback(fn, []) so useSyncExternalStore never
sees a new subscription function and won't trigger re-render loops.
This is the standard pattern used by zustand and jotai for selector stability.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
