Skip to content

Preserve Claude usage source after login#1971

Open
Chipagosfinest wants to merge 4 commits into
steipete:mainfrom
Chipagosfinest:codex/claude-login-auto-source
Open

Preserve Claude usage source after login#1971
Chipagosfinest wants to merge 4 commits into
steipete:mainfrom
Chipagosfinest:codex/claude-login-auto-source

Conversation

@Chipagosfinest

@Chipagosfinest Chipagosfinest commented Jul 7, 2026

Copy link
Copy Markdown

Fixes #1970.

Summary

  • Preserve Claude's selected usage source after a successful Claude login flow instead of pinning it to oauth.
  • Add a focused regression test for the post-login source policy.
  • Update Claude provider docs so the documented login behavior matches the selected-source policy.

Current-main verification

  • Re-fetched steipete/CodexBar main on 2026-07-07; latest checked SHA: aa401f1d8b7412b6a71abb6d13f57f5efc64d2ad.
  • Sources/CodexBar/Providers/Claude/ClaudeLoginFlow.swift still forces .oauth after successful login on current main.
  • The settings UI still documents Auto as fallback-capable: "Auto falls back to the next source if the preferred one fails."
  • SettingsStoreTests still expects the default Claude source to be .auto.
  • A dry merge / git merge-tree into refreshed upstream/main has no conflict and leaves the PR scoped to the Claude login source policy, focused test, and Claude docs.

Why

CodexBar defaults Claude to Auto, and Auto is the fallback-capable source mode. The login flow currently persists oauth after the runner reports success. If OAuth credentials are not readable afterward, that removes the fallback path and can leave the app repeatedly asking for Claude credentials.

Preserving the selected source keeps the default setup resilient: default Auto remains Auto, so OAuth can still be preferred when available, but CLI/Web fallback remains available when OAuth is not usable. Explicit source choices remain explicit.

After-fix proof

Verified on 2026-07-07 at PR head c98779b7b2b03bc95da8fac409492d8a8faa559e (origin/codex/claude-login-auto-source).

What the stronger proof covers:

  • The production entry point runClaudeLoginFlow() still calls ClaudeLoginRunner.run(timeout:onPhaseChange:) unchanged.
  • The shared success branch is now callable with an injected runner, so the focused test executes the actual StatusItemController.runClaudeLoginFlow post-login code path instead of stopping at the policy helper.
  • The controller-flow test constructs real SettingsStore, UsageStore, and StatusItemController instances, simulates Claude login phases plus a successful runner result, then asserts:
    • the login returns true,
    • loginPhase returns to .idle,
    • Claude is enabled through settings.setProviderEnabled, and
    • every existing ClaudeUsageDataSource case (auto, api, oauth, web, cli) is preserved after successful login.
  • The test transcript shows the app logger recording Claude login with outcome=success for each source, followed by Provider mode updated provider=claude value=auto/api/oauth/web/cli, proving the patched success path leaves the intended source intact.
  • No external fork code was downloaded or used.

Relevant source anchors:

Command output:

$ swift test --filter ClaudeLoginFlowPolicyTests
◇ Suite ClaudeLoginFlowPolicyTests started.
✔ Test "successful Claude login preserves selected source so auto fallback remains available" passed after 0.001 seconds.
✔ Test "successful Claude login controller flow preserves selected source and enables provider" passed after 0.304 seconds.
✔ Suite ClaudeLoginFlowPolicyTests passed after 0.305 seconds.
✔ Test run with 2 tests in 1 suite passed after 0.305 seconds.

$ make check
SwiftFormat completed in 0.51s.
0/1289 files require formatting.
Done linting! Found 0 violations, 0 serious in 1288 files.

Commands run

  • swift test --filter ClaudeLoginFlowPolicyTests
  • swift test --filter ClaudeSourcePlannerTests
  • swift test --filter ClaudeOAuthTests
  • make check
  • make test (exits on the existing unrelated AdaptiveRefreshTimerTests.swift:117 failure noted below)

Existing unrelated test failures observed

  • make test fails in AdaptiveRefreshTimerTests.swift:117, test manual mode performs the initial refresh but no recurring ticks: expected completed refresh count 1, got 2.
  • swift test --no-parallel --filter AdaptiveRefreshTimerTests reproduces the same failure outside this PR.
  • swift test --filter SettingsStoreTests also fails in SettingsStoreTests.swift:1236, test menu observation token ignores merged switcher selection churn: expected didChange.get() to be false but it was true.
  • swift test --no-parallel --filter "menu observation token ignores merged switcher selection churn" reproduces the same failure.

Live-provider proof

Attempted on 2026-07-07 at PR head c98779b7b2b03bc95da8fac409492d8a8faa559e after explicit live/browser proof escalation.

What could be verified live without exposing credentials:

  • Installed Claude CLI: 2.1.201 (Claude Code).
  • claude auth status reports a real claude.ai login with loggedIn: true, apiProvider: firstParty, and subscriptionType: max (email/org redacted from PR text).
  • A live patched-branch Auto usage probe succeeds and resolves through the real Claude CLI source, showing fallback remains available when the selected source is Auto:
$ .build/debug/CodexBarCLI usage --provider claude --source auto --format json --pretty --status
[
  {
    "provider" : "claude",
    "source" : "claude",
    "status" : {
      "description" : "All Systems Operational",
      "indicator" : "none",
      "url" : "https://status.claude.com/"
    },
    "version" : "2.1.201"
  }
]

Live OAuth login attempt result:

  • claude auth login --claudeai launched a real OAuth flow and waited for a code.
  • Opening the auth URL in agent-browser reached Claude/Cloudflare Performing security verification and could not advance past human verification.
  • Retrying with Codex CI environment variables removed opened normal Google Chrome with the user profile, but the page was Sign in - Claude; completing it would require interactive credentials/human browser verification. The waiting CLI was stopped; no token, cookie, authorization code, or Keychain payload was captured or posted.

What this proves:

  • The real local Claude provider can fetch through Auto using the installed Claude CLI (source: claude).
  • The committed controller-flow test proves the patched successful-login branch preserves auto instead of forcing oauth.
  • Together, preserving Auto after successful login leaves the observed real fallback path available.

Remaining proof gap:

  • A full live OAuth login completion from automation is blocked by Claude/Cloudflare/sign-in. This now needs either a maintainer proof override or a maintainer-run redacted browser login transcript.

Screenshots

Not applicable; this is a provider settings/source policy and docs change with no UI changes.

@clawsweeper

clawsweeper Bot commented Jul 7, 2026

Copy link
Copy Markdown

Codex review: needs real behavior proof before merge. Reviewed July 7, 2026, 8:21 PM ET / 00:21 UTC.

Summary
The PR preserves the selected Claude usage source after successful Claude login, adds focused login-flow policy tests, and updates Claude provider docs.

Reproducibility: yes. source-level: current main unconditionally assigns .oauth after successful Claude login, while Auto mode is the only mode that keeps OAuth-to-CLI-to-Web fallback. I did not run live OAuth/Keychain validation because repository policy requires explicit request for that class of probe.

Review metrics: 1 noteworthy metric.

  • Diff surface: 3 files changed, 78 additions, 3 deletions. The patch is narrow, but it spans auth-provider behavior, focused tests, and user-facing provider docs.

Root-cause cluster
Relationship: fixed_by_candidate
Canonical: #1970
Summary: This PR is the candidate fix for the linked open issue about Claude login pinning the source to OAuth and disabling Auto fallback.

Members:

Proposal only: this assessment does not dispatch repair, suppress jobs, mutate sibling items, close, or merge anything.

Merge readiness
Overall: 🦪 silver shellfish
Proof: 🦪 silver shellfish
Patch quality: 🐚 platinum hermit
Result: blocked until stronger real behavior proof is added.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

  • [P1] Add a redacted completed OAuth/Keychain login transcript showing the selected source after success, or get an explicit maintainer proof override.
  • Redact private details such as tokens, emails, organization names, local paths, authorization codes, and keychain payloads from posted proof.

Proof guidance:

  • [P1] Needs stronger real behavior proof before merge: The PR includes focused controller-flow test output and a redacted live Auto CLI fallback transcript, but it still does not show a completed real Claude OAuth login preserving the selected source; contributor or maintainer action is needed unless a maintainer grants a proof override. After adding proof, update the PR body; ClawSweeper should re-review automatically. If it does not, the PR author or someone with repository write access can comment @clawsweeper re-review.

Risk before merge

  • [P1] Changing the post-login source assignment alters persisted provider behavior for users who expect a successful Claude login to pin OAuth.
  • [P1] The posted proof does not show a completed real Claude OAuth/Keychain login followed by source preservation, so maintainers must either accept the source-level proof or run that path themselves.

Maintainer options:

  1. Accept Current Proof As Override (recommended)
    A maintainer can explicitly accept the injected-runner coverage plus redacted live fallback transcript for this narrow auth-provider behavior change.
  2. Require Completed OAuth Proof
    Ask for a maintainer-run redacted OAuth/Keychain login transcript before merge so the real login path and source persistence are proven together.
  3. Pause The Policy Change
    Pause or close this PR if maintainers want successful Claude login to continue selecting OAuth as the explicit source.

Next step before merge

  • [P1] Manual review is needed because the remaining blocker is maintainer proof acceptance for a Claude OAuth/Keychain path, not a mechanical code repair.

Maintainer decision needed

  • Question: Is the injected-runner controller-flow test plus redacted live Auto fallback transcript sufficient proof for this Claude OAuth/source-policy PR, or should merge wait for a completed maintainer-run OAuth/Keychain login transcript?
  • Rationale: The remaining blocker is not a mechanical code defect; it is whether maintainers accept source-level and partial live proof for an auth-provider path that the contributor could not fully exercise because Claude/Cloudflare sign-in blocked automation.
  • Likely owner: steipete — The decision is about CodexBar's Claude auth/provider UX and the repository's policy for accepting proof on live account validation.
  • Options:
    • Accept Proof Override (recommended): Treat the controller-flow test and redacted live Auto fallback transcript as sufficient for this narrow source-policy change and continue normal maintainer review.
    • Require OAuth Transcript: Keep the PR blocked until a maintainer runs the completed Claude OAuth login path and posts redacted evidence that the selected source is preserved afterward.
    • Keep OAuth Pinning: Decline or re-scope the PR if maintainers prefer successful login to keep selecting OAuth despite Auto fallback behavior.

Security
Cleared: The diff does not add dependencies, scripts, downloads, secrets handling, or new keychain reads; the security-sensitive surface is limited to preserving the existing Claude source value after login.

Review details

Best possible solution:

Land the narrow source-preservation behavior only after a maintainer accepts the current proof as sufficient or provides a redacted completed OAuth/Keychain login transcript.

Do we have a high-confidence way to reproduce the issue?

Yes, source-level: current main unconditionally assigns .oauth after successful Claude login, while Auto mode is the only mode that keeps OAuth-to-CLI-to-Web fallback. I did not run live OAuth/Keychain validation because repository policy requires explicit request for that class of probe.

Is this the best way to solve the issue?

Unclear until maintainer proof acceptance is settled. The code change is a narrow maintainable fix for the fallback-hostile login state, but the auth-provider path still needs either a proof override or a completed redacted OAuth/Keychain transcript.

AGENTS.md: found and applied where relevant.

Codex review notes: model internal, reasoning high; reviewed against aa401f1d8b74.

Label changes

Label justifications:

  • P0: The linked user path can leave Claude provider setup stuck in repeated credential prompts with recovery requiring config-file edits and restart rather than in-product recovery.
  • merge-risk: 🚨 compatibility: Changing the post-login source assignment can alter persisted behavior for users who currently rely on login pinning Claude to OAuth.
  • merge-risk: 🚨 auth-provider: The diff changes Claude OAuth login success handling and provider source persistence, which directly affects auth/provider routing.
  • rating: 🦪 silver shellfish: Overall readiness is 🦪 silver shellfish; proof is 🦪 silver shellfish and patch quality is 🐚 platinum hermit.
  • status: 📣 needs proof: The PR needs real behavior proof before ClawSweeper can clear the contributor ask. Needs stronger real behavior proof before merge: The PR includes focused controller-flow test output and a redacted live Auto CLI fallback transcript, but it still does not show a completed real Claude OAuth login preserving the selected source; contributor or maintainer action is needed unless a maintainer grants a proof override. After adding proof, update the PR body; ClawSweeper should re-review automatically. If it does not, the PR author or someone with repository write access can comment @clawsweeper re-review.
Evidence reviewed

What I checked:

Likely related people:

  • steipete: Blame ties the current Claude login flow and forced OAuth assignment to the v0.41.0 release commit, and recent Claude source-planning history also shows Peter Steinberger on adjacent provider work. (role: recent area contributor and likely decision owner; confidence: high; commits: a83a83fa4131, aa8977ef994d; files: Sources/CodexBar/Providers/Claude/ClaudeLoginFlow.swift, Sources/CodexBarCore/Providers/Claude/ClaudeSourcePlanner.swift, docs/claude.md)
  • Yuxin-Qiao: A related merged PR fixed adjacent Claude OAuth/keychain delegated-refresh behavior that the linked issue and PR discuss as neighboring work. (role: recent adjacent auth/keychain contributor; confidence: medium; commits: a27c9b094e61; files: Sources/CodexBarCore/Providers/Claude, Tests/CodexBarTests/ClaudeOAuthTests.swift)
  • Ratul Sarna: Git history for Claude source planning includes earlier consolidation and CLI fallback restoration commits in the same source-selection area. (role: feature-history contributor; confidence: medium; commits: 468950d5b8f8, c841f2a54028; files: Sources/CodexBarCore/Providers/Claude/ClaudeSourcePlanner.swift)
What the crustacean ranks mean
  • 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
  • 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
  • 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
  • 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
  • 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
  • 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
  • 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works
  • ClawSweeper keeps one durable marker-backed review comment per issue or PR.
  • Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
  • A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
  • PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
  • Maintainers can also comment @clawsweeper review to request a fresh review only.
  • Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
  • Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
  • Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.
Review history (9 earlier review cycles; latest 8 shown)
  • reviewed 2026-07-07T16:27:00.189Z sha e5b551e :: needs real behavior proof before merge. :: none
  • reviewed 2026-07-07T16:52:45.901Z sha e5b551e :: needs real behavior proof before merge. :: none
  • reviewed 2026-07-07T17:02:30.460Z sha e5b551e :: needs real behavior proof before merge. :: none
  • reviewed 2026-07-07T23:17:05.571Z sha e5b551e :: needs real behavior proof before merge. :: none
  • reviewed 2026-07-07T23:21:45.327Z sha e5b551e :: needs real behavior proof before merge. :: none
  • reviewed 2026-07-07T23:54:13.223Z sha c98779b :: needs real behavior proof before merge. :: none
  • reviewed 2026-07-07T23:59:26.804Z sha c98779b :: needs real behavior proof before merge. :: none
  • reviewed 2026-07-08T00:10:46.212Z sha c98779b :: needs real behavior proof before merge. :: none

@clawsweeper clawsweeper Bot added rating: 🧂 unranked krab Not merge-ready due to missing proof or serious correctness/safety concerns. status: 📣 needs proof The PR needs real behavior proof before ClawSweeper can clear the contributor ask. P2 Normal priority bug or improvement with limited blast radius. merge-risk: 🚨 compatibility 🚨 Merging this PR could break existing users, config, migrations, defaults, or upgrades. merge-risk: 🚨 auth-provider 🚨 Merging this PR could break OAuth, tokens, provider routing, model choice, or credentials. labels Jul 7, 2026
@Chipagosfinest Chipagosfinest changed the title Keep Claude login on Auto source after setup Preserve Claude usage source after login Jul 7, 2026
@Chipagosfinest

Copy link
Copy Markdown
Author

@clawsweeper re-review

@clawsweeper

clawsweeper Bot commented Jul 7, 2026

Copy link
Copy Markdown

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

@clawsweeper clawsweeper Bot added rating: 🦐 gold shrimp Decent PR readiness signal, but merge confidence is limited. status: 📣 needs proof The PR needs real behavior proof before ClawSweeper can clear the contributor ask. P0 Emergency: data loss, security bypass, crash loop, or unusable core runtime. merge-risk: 🚨 compatibility 🚨 Merging this PR could break existing users, config, migrations, defaults, or upgrades. merge-risk: 🚨 auth-provider 🚨 Merging this PR could break OAuth, tokens, provider routing, model choice, or credentials. and removed rating: 🧂 unranked krab Not merge-ready due to missing proof or serious correctness/safety concerns. status: 📣 needs proof The PR needs real behavior proof before ClawSweeper can clear the contributor ask. merge-risk: 🚨 compatibility 🚨 Merging this PR could break existing users, config, migrations, defaults, or upgrades. merge-risk: 🚨 auth-provider 🚨 Merging this PR could break OAuth, tokens, provider routing, model choice, or credentials. P2 Normal priority bug or improvement with limited blast radius. labels Jul 7, 2026
@Chipagosfinest

Chipagosfinest commented Jul 7, 2026

Copy link
Copy Markdown
Author

Maintainer decision requested.

This PR is now scoped to the narrow fix ClawSweeper recommended:

  • Default Claude Auto stays Auto after login, so fallback remains available.
  • Explicit source choices stay explicit.
  • Claude docs and the focused regression test were updated.
  • make check, ClaudeLoginFlowPolicyTests, ClaudeSourcePlannerTests, and ClaudeOAuthTests pass.

The remaining ClawSweeper blocker is not another code issue. It wants either:

  1. maintainer approval that source-level proof is enough for this auth-provider change, or
  2. a maintainer-approved redacted proof format for running the live Claude login/OAuth/Keychain path.

I am not running live Claude/OAuth/Keychain proof unprompted because AGENTS.md says those probes can display macOS Keychain prompts and require explicit request.

@Chipagosfinest Chipagosfinest marked this pull request as ready for review July 7, 2026 16:48
@Chipagosfinest

Copy link
Copy Markdown
Author

Updated the PR body with clean-worktree after-fix proof at e5b551e29fe4b6a8399fbf522fcf0eb8cbde0f25.

Proof added:

  • Clean detached worktree from origin/codex/claude-login-auto-source, no local modifications.
  • make check passed there: SwiftFormat reported 0/1289 files require formatting; SwiftLint reported 0 violations, 0 serious in 1288 files.
  • swift test --filter ClaudeLoginFlowPolicyTests passed there: the test covers every ClaudeUsageDataSource case and proves successful login preserves the selected source instead of forcing oauth.
  • No live Claude/OAuth/Keychain probe was run; this stays within AGENTS.md by using the policy seam and focused regression test instead of prompting a real account.

@clawsweeper re-review

@Chipagosfinest

Chipagosfinest commented Jul 7, 2026

Copy link
Copy Markdown
Author

Added stronger behavior proof in c98779b7b2b03bc95da8fac409492d8a8faa559e and updated the PR body.

This no longer stops at the policy helper:

  • Production runClaudeLoginFlow() still calls the real ClaudeLoginRunner.run(timeout:onPhaseChange:) path.
  • The shared success branch now has an injected-runner seam so the focused test can execute the actual StatusItemController.runClaudeLoginFlow post-login path with a successful Claude runner result.
  • The new controller-flow test constructs real SettingsStore, UsageStore, and StatusItemController instances and loops every Claude source: auto, api, oauth, web, cli.
  • For each source it verifies successful login returns true, loginPhase == .idle, Claude becomes enabled, and settings.claudeUsageDataSource == source after the login success branch runs.
  • The transcript shows Claude login outcome=success followed by Provider mode updated provider=claude value=auto/api/oauth/web/cli, proving the patched login/source path leaves the intended source intact.

Verified:

$ swift test --filter ClaudeLoginFlowPolicyTests
✔ Test "successful Claude login preserves selected source so auto fallback remains available" passed after 0.001 seconds.
✔ Test "successful Claude login controller flow preserves selected source and enables provider" passed after 0.304 seconds.
✔ Test run with 2 tests in 1 suite passed after 0.305 seconds.

$ make check
SwiftFormat completed in 0.51s.
0/1289 files require formatting.
Done linting! Found 0 violations, 0 serious in 1288 files.

No external fork code was downloaded or used.

@clawsweeper re-review

@clawsweeper

clawsweeper Bot commented Jul 7, 2026

Copy link
Copy Markdown

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

@clawsweeper clawsweeper Bot removed the rating: 🦐 gold shrimp Decent PR readiness signal, but merge confidence is limited. label Jul 8, 2026
@clawsweeper clawsweeper Bot added the rating: 🦪 silver shellfish Thin PR readiness signal; proof, validation, or implementation needs work. label Jul 8, 2026
@Chipagosfinest

Copy link
Copy Markdown
Author

Live proof attempt added to the PR body.

What I could verify without exposing secrets:

  • Installed Claude CLI is 2.1.201 (Claude Code).
  • claude auth status reports a real claude.ai login with loggedIn: true, apiProvider: firstParty, and subscriptionType: max; email/org are redacted from PR text.
  • Patched-branch live Auto usage succeeds through the real Claude CLI source:
$ .build/debug/CodexBarCLI usage --provider claude --source auto --format json --pretty --status
[
  {
    "provider" : "claude",
    "source" : "claude",
    "status" : {
      "description" : "All Systems Operational",
      "indicator" : "none",
      "url" : "https://status.claude.com/"
    },
    "version" : "2.1.201"
  }
]

Live OAuth completion is blocked externally:

  • claude auth login --claudeai opened the OAuth flow and waited for a code.
  • agent-browser reached Claude/Cloudflare Performing security verification and could not advance past human verification.
  • Retrying with Codex CI env vars removed opened normal Google Chrome with the user profile, but the page was Sign in - Claude; completing it would require interactive credentials/human verification.
  • I stopped the waiting CLI and did not post any token, cookie, auth code, private path, or Keychain payload.

So the proof state is now:

  • committed controller-flow proof shows the patched successful-login branch preserves auto instead of forcing oauth;
  • live provider proof shows auto can fetch through the real Claude CLI source on this machine;
  • full live OAuth-login completion is not automatable here because Claude/Cloudflare/sign-in blocks it.

@steipete could you accept this as the proof override ClawSweeper asks for, or provide/run a maintainer-side redacted live OAuth transcript?

@clawsweeper re-review

@Chipagosfinest

Copy link
Copy Markdown
Author

Current maintainer action needed after the latest ClawSweeper rerun:

  1. Accept the current proof as the proof override ClawSweeper lists as the recommended path, or run/post a maintainer-side redacted completed Claude OAuth/Keychain transcript.
  2. Approve the fork CI workflow run. The visible code check is GitGuardian passing; the CI run is action_required with no jobs, and GitHub rejects contributor-side approval with Must have admin rights to Repository.

The current branch head is c98779b7b2b03bc95da8fac409492d8a8faa559e. Code-side validation is already posted in the PR body/comment: controller-flow source preservation test, swift test --filter ClaudeLoginFlowPolicyTests, make check, and redacted live Auto CLI fallback proof. No external fork code was downloaded or used.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

merge-risk: 🚨 auth-provider 🚨 Merging this PR could break OAuth, tokens, provider routing, model choice, or credentials. merge-risk: 🚨 compatibility 🚨 Merging this PR could break existing users, config, migrations, defaults, or upgrades. P0 Emergency: data loss, security bypass, crash loop, or unusable core runtime. rating: 🦪 silver shellfish Thin PR readiness signal; proof, validation, or implementation needs work. status: 📣 needs proof The PR needs real behavior proof before ClawSweeper can clear the contributor ask.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Claude login pins usage source to OAuth and disables Auto fallback

1 participant