14 Commits

  • feat: passthrough upstream response headers to clients
    CPA previously stripped ALL response headers from upstream AI provider
    APIs, preventing clients from seeing rate-limit info, request IDs,
    server-timing and other useful headers.
    
    Changes:
    - Add Headers field to Response and StreamResult structs
    - Add FilterUpstreamHeaders helper (hop-by-hop + security denylist)
    - Add WriteUpstreamHeaders helper (respects CPA-set headers)
    - ExecuteWithAuthManager/ExecuteCountWithAuthManager now return headers
    - ExecuteStreamWithAuthManager returns headers from initial connection
    - All 11 provider executors populate Response.Headers
    - All handler call sites write filtered upstream headers before response
    
    Filtered headers (not forwarded):
    - RFC 7230 hop-by-hop: Connection, Transfer-Encoding, Keep-Alive, etc.
    - Security: Set-Cookie
    - CPA-managed: Content-Length, Content-Encoding
  • feat(logging): make error-logs-max-files configurable
    - Add ErrorLogsMaxFiles config field with default value 10
    - Support hot-reload via config file changes
    - Add Management API: GET/PUT/PATCH /v0/management/error-logs-max-files
    - Maintain SDK backward compatibility with NewFileRequestLogger (3 params)
    - Add NewFileRequestLoggerWithOptions for custom error log retention
    
    When request logging is disabled, forced error logs are retained up to
    the configured limit. Set to 0 to disable cleanup.
  • Fixed: #607
    refactor(config): re-export internal configuration types for SDK consumers
  • feat: Add Amp CLI integration with comprehensive documentation
    Add full Amp CLI support to enable routing AI model requests through the proxy
    while maintaining Amp-specific features like thread management, user info, and
    telemetry. Includes complete documentation and pull bot configuration.
    
    Features:
    - Modular architecture with RouteModule interface for clean integration
    - Reverse proxy for Amp management routes (thread/user/meta/ads/telemetry)
    - Provider-specific route aliases (/api/provider/{provider}/*)
    - Secret management with precedence: config > env > file
    - 5-minute secret caching to reduce file I/O
    - Automatic gzip decompression for responses
    - Proper connection cleanup to prevent leaks
    - Localhost-only restriction for management routes (configurable)
    - CORS protection for management endpoints
    
    Documentation:
    - Complete setup guide (USING_WITH_FACTORY_AND_AMP.md)
    - OAuth setup for OpenAI (ChatGPT Plus/Pro) and Anthropic (Claude Pro/Max)
    - Factory CLI config examples with all model variants
    - Amp CLI/IDE configuration examples
    - tmux setup for remote server deployment
    - Screenshots and diagrams
    
    Configuration:
    - Pull bot disabled for this repo (manual rebase workflow)
    - Config fields: AmpUpstreamURL, AmpUpstreamAPIKey, AmpRestrictManagementToLocalhost
    - Compatible with upstream DisableCooling and other features
    
    Technical details:
    - internal/api/modules/amp/: Complete Amp routing module
    - sdk/api/httpx/: HTTP utilities for gzip/transport
    - 94.6% test coverage with 34 comprehensive test cases
    - Clean integration minimizes merge conflict risk
    
    Security:
    - Management routes restricted to localhost by default
    - Configurable via amp-restrict-management-to-localhost
    - Prevents drive-by browser attacks on user data
    
    This provides a production-ready foundation for Amp CLI integration while
    maintaining clean separation from upstream code for easy rebasing.
    
    Amp-Thread-ID: https://ampcode.com/threads/T-9e2befc5-f969-41c6-890c-5b779d58cf18
  • feat(translator): add built-in translator registry and helpers
    - Introduced `builtin` package exposing a default registry and pipeline for built-in translators.
    - Added format constants for common schemas (e.g., OpenAI, Gemini, Codex).
    - Implemented helper functions for schema translation using format name strings.
    - Provided example usage for integration with translator helpers.
  • Add support for dynamic model providers
    Implements functionality to parse model names with provider information in the format "provider://model" This allows dynamic provider selection rather than relying only on predefined mappings.
    
    The change affects all execution methods to properly handle these dynamic model specifications while maintaining compatibility with the existing approach for standard model names.
  • refactor(auth): replace TokenRecord with coreauth.Auth and migrate TokenStore to coreauth.Store
    - Replaced `TokenRecord` with `coreauth.Auth` for centralized and consistent authentication data structures.
    - Migrated `TokenStore` interface to `coreauth.Store` for alignment with core CLIProxy authentication.
    - Updated related login methods, token persistence logic, and file storage handling to use the new `coreauth.Auth` model.
  • refactor(auth): replace FileStore with FileTokenStore for unified token persistence
    - Removed `FileStore` in favor of the new `FileTokenStore`.
    - Centralized auth JSON handling and token operations through `FileTokenStore`.
    - Updated all components to utilize `FileTokenStore` for consistent storage operations.
    - Introduced `SetBaseDir` and directory locking mechanisms for flexible configurations.
    - Enhanced metadata management, including path resolution and deep JSON comparisons.
  • chore(docs): add and refine package-level comments across modules
    - Added detailed package-level comments to improve documentation coverage.
    - Clarified parameter descriptions, return types, and functionality of exported methods across packages.
    - Enhanced overall code readability and API documentation consistency.
  • feat: introduce custom provider example and remove redundant debug logs
    - Added `examples/custom-provider/main.go` showcasing custom executor and translator integration using the SDK.
    - Removed redundant debug logs from translator modules to enhance code cleanliness.
    - Updated SDK documentation with new usage and advanced examples.
    - Expanded the management API with new endpoints, including request logging and GPT-5 Codex features.