@askalf/dario
Advanced tools
+12
-1
@@ -137,2 +137,5 @@ export interface AccountCredentials { | ||
| * credentials. Caller should reload pool state | ||
| * - 'creds-stale' : login.json is STRICTLY NEWER than credentials.json | ||
| * (the pool refreshed it; the legacy file is stale) — | ||
| * left login.json untouched. dario#805. | ||
| * | ||
@@ -147,2 +150,10 @@ * Why: the single-account path keeps refreshing `credentials.json` in | ||
| * | ||
| * BUT the divergence runs BOTH ways. In pool mode the pool's own refresh | ||
| * loop advances `login.json` while `credentials.json` stays frozen (the | ||
| * pool never writes it). Blindly overwriting login.json from credentials.json | ||
| * would then clobber a live token with the stale legacy one whose refresh | ||
| * Anthropic already rotated → invalid_grant on every startup → fleet-wide | ||
| * auth outage. So we reconcile by FRESHNESS, not by assuming credentials.json | ||
| * wins. dario#805 (the second outage of this class within 12h). | ||
| * | ||
| * Runs at any pool size ≥ 1: a lone `login` entry is a live pool member | ||
@@ -153,2 +164,2 @@ * since pool-at-one (dario#618) and can go stale exactly the same way — | ||
| */ | ||
| export declare function resyncLoginFromCredentialsIfStale(): Promise<'no-pool' | 'no-login' | 'no-creds' | 'in-sync' | 'resynced'>; | ||
| export declare function resyncLoginFromCredentialsIfStale(): Promise<'no-pool' | 'no-login' | 'no-creds' | 'in-sync' | 'resynced' | 'creds-stale'>; |
+24
-3
@@ -556,2 +556,5 @@ /** | ||
| * credentials. Caller should reload pool state | ||
| * - 'creds-stale' : login.json is STRICTLY NEWER than credentials.json | ||
| * (the pool refreshed it; the legacy file is stale) — | ||
| * left login.json untouched. dario#805. | ||
| * | ||
@@ -566,2 +569,10 @@ * Why: the single-account path keeps refreshing `credentials.json` in | ||
| * | ||
| * BUT the divergence runs BOTH ways. In pool mode the pool's own refresh | ||
| * loop advances `login.json` while `credentials.json` stays frozen (the | ||
| * pool never writes it). Blindly overwriting login.json from credentials.json | ||
| * would then clobber a live token with the stale legacy one whose refresh | ||
| * Anthropic already rotated → invalid_grant on every startup → fleet-wide | ||
| * auth outage. So we reconcile by FRESHNESS, not by assuming credentials.json | ||
| * wins. dario#805 (the second outage of this class within 12h). | ||
| * | ||
| * Runs at any pool size ≥ 1: a lone `login` entry is a live pool member | ||
@@ -589,5 +600,15 @@ * since pool-at-one (dario#618) and can go stale exactly the same way — | ||
| } | ||
| // Tokens diverged — credentials.json has refreshed since last back-fill. | ||
| // Overwrite the snapshot, preserving deviceId/accountUuid (they don't | ||
| // rotate with token refresh; they're pool-internal identity). | ||
| // Tokens diverged. Reconcile by FRESHNESS — a strictly-newer login.json is | ||
| // the pool having refreshed it (credentials.json is the stale legacy copy), | ||
| // and overwriting it from credentials.json would swap a live token for one | ||
| // whose refresh Anthropic already rotated → invalid_grant → outage (#805). | ||
| // Only the strict case is skipped; equal expiresAt keeps the #235 behaviour | ||
| // (overwrite), since a real refresh always advances expiresAt. | ||
| if (loginAcc.expiresAt > tok.expiresAt) { | ||
| return 'creds-stale'; | ||
| } | ||
| // credentials.json is the newer (or equal-age) token — the #235 case: the | ||
| // single-account path refreshed it and the pool snapshot is stale. Overwrite, | ||
| // preserving deviceId/accountUuid (they don't rotate with token refresh; | ||
| // they're pool-internal identity). | ||
| await saveAccount({ | ||
@@ -594,0 +615,0 @@ alias: MIGRATED_LOGIN_ALIAS, |
+1
-1
| { | ||
| "name": "@askalf/dario", | ||
| "version": "5.2.9", | ||
| "version": "5.2.10", | ||
| "description": "Use your Claude Pro/Max subscription in any tool — Cursor, Cline, Aider, the Agent SDK, your scripts — at subscription pricing, not per-token API bills. One local Anthropic + OpenAI-compatible endpoint.", | ||
@@ -5,0 +5,0 @@ "type": "module", |
Sorry, the diff of this file is too big to display
AI-detected potential code anomaly
Supply chain riskAI has identified unusual behaviors that may pose a security risk.
Found 2 instances
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
AI-detected potential code anomaly
Supply chain riskAI has identified unusual behaviors that may pose a security risk.
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
1424977
0.16%27554
0.13%124
0.81%