* docs: update contributors
* docs: update contributors
* feat: add China LLM providers guided login flow
Add a guided login experience for 4 domestic (China) LLM providers
in the /login command: DeepSeek, Zhipu GLM, Tongyi Qianwen, and
MiMo Xiaomi. Each provider includes model presets with pricing,
context windows, and optional Coding Plan integration.
- New file: src/utils/chinaLlmProviders.ts — provider preset configs
- Modified: src/components/ConsoleOAuthFlow.tsx — 4-step guided flow
(select provider → select mode → select model → enter API key)
All providers are OpenAI-compatible; credentials saved as
OPENAI_BASE_URL + OPENAI_API_KEY under modelType: 'openai'.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
* feat: add custom model input with suggestions and model listing links
---------
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
Extends the mode loader to accept .md files alongside .yaml/.yml in
~/.claude/modes/. Markdown files use YAML frontmatter for metadata
and the body as systemPrompt — the same format supported by
OpenCode, Claude Code agents, and Cursor rules.
.md data is normalized to the same shape as .yaml data, reusing
the existing CCBMode mapping with zero code duplication.
- Add kebabCase() helper for slug derivation from name
- Add parseMarkdownFrontmatter() helper (uses existing yaml package)
- .md: body → system_prompt, auto-slug if missing, icon default 🤖
- Add optional model field to CCBMode for cross-tool alignment
- Existing .yaml/.yml path: unchanged
* refactor(acp): make bridge SDK message handling type-safe
- Add BridgeSDKMessage type alias to eliminate 14 type errors from void-leaked IteratorResult
- Replace 18 scattered as-casts with a single uniform as BridgeSDKMessage
- Add 68 lines of unit tests covering bridge message handling
- Fixes docstring coverage to pass CI threshold
* fix(acp): restore IteratorResult return type to nextSdkMessageOrAbort
The simplified SDKMessage | undefined return type collapsed two distinct
states: generator truly done vs generator yielding undefined. This broke
forwardSessionUpdates which needs to distinguish the two — when the
generator yields null/undefined it should continue (calling next() again),
not break out of the loop.
Restored the original IteratorResult<SDKMessage, void> return type so
done and yielded-null are distinct again.
* fix: eliminate 8 as any in MCP handlers, structured output, and stream events
- Group A: Add : () => AnyObjectSchema type annotations to MCP notification
schema constants (useIdeSelection, useIdeLogging, usePrompts, channelNotification)
- Group B: Add isStructuredOutputAttachmentMessage type guard for structured
output attachment payloads (execAgentHook)
- Group C: Add isMessageDeltaStreamEvent type guard for message_delta
stream event usage extraction (forkedAgent)
These as any casts also exist in the upstream CCB source — this fix provides
real type safety without changing any runtime behavior.
* feat: wire mode persona injection — Claude Soul Document distilled into system prompt
- prompts.ts: add getModePersonaSection() → injects current mode's
systemPrompt as 'mode_persona' dynamic section (first in order,
before operational instructions). Previously modes had systemPrompt
fields but they were never sent to the model.
- modes/personas/claude.ts: 3KB distilled Claude persona from
Anthropic's leaked Claude 4.5 Opus Soul Document (70KB → operational
extract): core traits, 7 honesty principles, helpfulness/caution
balance, collaboration stance, identity stability.
- With custom mode YAML (~/.claude/modes/claude.yaml), 7 modes total
including the new Claude persona — fully operational at /mode claude.
Co-Authored-By: James Feng <47167674+GhostDragon124@users.noreply.github.com>
* fix: import path convention + reword persona source comment
- prompts.ts: use 'src/modes/store.js' alias instead of relative '../modes/store.js'
to match the file's existing import convention
- claude.ts: reword JSDoc to say 'based on publicly available reference document'
instead of 'leaked', addressing CodeRabbit review concern
* docs: add usage note to CLAUDE_PERSONA explaining it's a reference template for YAML config
CodeRabbit noted that CLAUDE_PERSONA has no direct imports. This is
intentional — it's a reference template for users defining custom modes
via ~/.claude/modes/claude.yaml, not a programmatically imported constant.
* fix: eliminate 8 as any in MCP handlers, structured output, and stream events
- Group A: Add : () => AnyObjectSchema type annotations to MCP notification
schema constants (useIdeSelection, useIdeLogging, usePrompts, channelNotification)
- Group B: Add isStructuredOutputAttachmentMessage type guard for structured
output attachment payloads (execAgentHook)
- Group C: Add isMessageDeltaStreamEvent type guard for message_delta
stream event usage extraction (forkedAgent)
These as any casts also exist in the upstream CCB source — this fix provides
real type safety without changing any runtime behavior.
* feat: wire mode persona injection — Claude Soul Document distilled into system prompt
- prompts.ts: add getModePersonaSection() → injects current mode's
systemPrompt as 'mode_persona' dynamic section (first in order,
before operational instructions). Previously modes had systemPrompt
fields but they were never sent to the model.
- modes/personas/claude.ts: 3KB distilled Claude persona from
Anthropic's leaked Claude 4.5 Opus Soul Document (70KB → operational
extract): core traits, 7 honesty principles, helpfulness/caution
balance, collaboration stance, identity stability.
- With custom mode YAML (~/.claude/modes/claude.yaml), 7 modes total
including the new Claude persona — fully operational at /mode claude.
Co-Authored-By: James Feng <47167674+GhostDragon124@users.noreply.github.com>
* fix: import path convention + reword persona source comment
- prompts.ts: use 'src/modes/store.js' alias instead of relative '../modes/store.js'
to match the file's existing import convention
- claude.ts: reword JSDoc to say 'based on publicly available reference document'
instead of 'leaked', addressing CodeRabbit review concern
* docs: update contributors
* docs: update contributors
* feat: add mode system with 6 AI personality presets
Add a /mode command that lets users switch between 6 interaction
modes, each with distinct system prompts, UI themes, permission
defaults, and response verbosity:
- Default (⚡) — balanced, everyday development
- Gentle (🌸) — patient explanations for learning
- Dr. Sharp (🔍) — strict 3-phase code review workflow
- Workhorse (🐴) — auto-execute, minimal confirmations
- Token Saver (💰) — minimal replies to save tokens
- Super AI (🧠) — deep analysis, proactive suggestions
Custom modes can be defined via YAML files in ~/.claude/modes/.
New files:
- src/modes/types.ts — CCBMode interface
- src/modes/defaults.ts — 6 built-in mode presets
- src/modes/store.ts — mode state management with useSyncExternalStore
- src/commands/mode/index.ts — command registration
- src/commands/mode/mode.tsx — mode picker UI
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
Node.js v22 undici internal calls performance.markResourceTiming() after
every fetch. The performance shim was missing this method, causing
TypeError crashes in ACP mode when running with Node.js.
searchSkills() called .trim() on query without null-guard. When
DiscoverSkills is invoked through ExecuteExtraTool with missing
description, query is undefined, causing 'Cannot read properties of
undefined (reading trim)'.
Fixed with optional chaining: !query.trim() → !query?.trim()
Co-Authored-By: deepseek-v4-pro <deepseek-ai@claude-code-best.win>
🔒 Security Discovery: Un-gated outbound connection bypasses privacy controls
Summary
-------
preconnectAnthropicApi() unconditionally sends a TCP+TLS handshake to
api.anthropic.com on every ccb startup — even when the user has explicitly
disabled all non-essential traffic via CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC=1
or DISABLE_TELEMETRY=1.
This is the LAST un-gated outbound connection in the entire startup path.
Every other telemetry sink (Sentry, Langfuse, OpenTelemetry, GrowthBook,
1P Event Logger, Datadog, BigQuery, etc.) already respects the
privacyLevel module's isEssentialTrafficOnly() gate. This one did not.
Impact
------
While the preconnect is a HEAD request with no payload, the connection
itself leaks the client's IP address and session timing to Anthropic's
infrastructure. For privacy-conscious users and enterprise deployments
that have disabled telemetry, this constitutes an unexpected data leak.
Fix
---
Add isEssentialTrafficOnly() check at the function entry, consistent
with every other privacy-gated code path in the codebase. The
privacyLevel module is already imported by init.ts and 12+ other
modules — no new dependencies.
Verification
------------
Reproduced and verified via strace on Linux (aarch64):
# Before fix
$ strace -f -e connect ccb -p <<< 'hello'
connect(16, sin_addr=inet_addr("160.79.104.10"), sin_port=htons(443)) = 0
# ↑ connector to api.anthropic.com despite CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC=1
# After fix
$ strace -f -e connect ccb -p <<< 'hello'
# ↑ zero remote TCP connections — all traffic to localhost only
Changes: 1 file, +5 lines (import + gate)
OpenAI's prompt_tokens includes cached tokens, but Anthropic's
input_tokens semantic excludes them. The adapter was mapping
prompt_tokens → input_tokens verbatim, causing downstream code
(cache hit rate, cost, autocompact) to double-count.
Real-world impact: DeepSeek returns prompt_tokens=34097 with
cached_tokens=34048, displayed as 50% hit rate instead of 99.86%.
Co-Authored-By: glm-5.1 <zai-org@claude-code-best.win>
