|
13 | 13 | - CI/tooling reliability improved via pinned lint tools, deterministic macOS test execution, and PTY timing test |
14 | 14 | stabilization plus Node 24-ready GitHub Actions upgrades (#292, #312, #290). |
15 | 15 |
|
16 | | -### Claude OAuth & Keychain (net result) |
17 | | -- Claude OAuth refresh ownership now keeps Claude CLI as the refresh-token owner for CLI-managed credentials; CodexBar |
18 | | - delegates a refresh handoff instead of rotating those tokens in its own cache. |
19 | | -- Claude Auto mode now performs at most one delegated Claude CLI refresh handoff and one OAuth retry before normal |
20 | | - `web -> cli` fallback. |
21 | | -- Claude OAuth-only mode now keeps strict OAuth semantics (no silent Web/CLI fallback) after delegated retry. |
22 | | -- Reduce repeated keychain prompts by preferring silent/non-interactive reads in background/availability paths and |
23 | | - respecting cooldown gates (#245, #305). Thanks @manikv12! |
24 | | -- Sync CodexBar's OAuth cache when Claude keychain credentials actually change, with fingerprint-based detection and |
25 | | - protections against regressing to stale/expired tokens (#305). |
26 | | -- Show the in-app Claude keychain pre-alert only when preflight suggests interaction is likely; suppress unnecessary |
27 | | - alerts on silent-success paths (#308). |
28 | | -- Distinguish terminal vs transient OAuth auth failures: |
29 | | - - `invalid_grant` and equivalent auth rejections are terminal-blocked until auth state changes. |
30 | | - - transient failures use bounded backoff and automatically unblock on successful auth/reauth (#309). |
31 | | -- Ensure usable Claude OAuth credentials are accepted in non-interactive scenarios and fix Claude auto debug pipeline |
32 | | - ordering follow-up. |
| 16 | +### Claude OAuth & Keychain (upgrade-relevant behavior) |
| 17 | +- Claude Auto mode prefers `oauth -> web -> cli` without triggering Keychain prompts during availability checks. |
| 18 | +- If Claude OAuth credentials are present but expired, CodexBar performs at most one delegated refresh handoff to the |
| 19 | + Claude CLI and one OAuth retry before falling back to Web/CLI in Auto mode. |
| 20 | +- Claude OAuth-only mode stays strict: OAuth failures do not silently fall back to Web/CLI. |
| 21 | +- Keychain prompting is hardened (cooldowns after denial/cancel + pre-alert only when interaction is likely) to reduce |
| 22 | + repeated prompts during background refresh. |
| 23 | +- CodexBar syncs its cached OAuth token when the Claude Code Keychain entry changes, so updated auth is picked up |
| 24 | + without requiring a restart. |
33 | 25 |
|
34 | 26 | ### Provider & Usage Fixes |
35 | 27 | - Cursor: compute usage against `plan.limit` rather than `breakdown.total` to avoid incorrect limit interpretation |
|
0 commit comments