Per Bun docs, server.timeout(req, 0) disables the idle timeout
entirely for a specific request. This is the proper API for long-lived
streaming connections — no more fighting the 255s cap.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
cmdAgentInfo now displays the cloud type (api, cli, sandbox, etc.) next
to each cloud provider, helping users understand what kind of
infrastructure they're choosing. Also shows agent notes when present.
cmdCloudInfo now shows the cloud type beneath the description for
quick reference.
Agent: ux-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Runs `bash -n` on every shell script in the repo:
- shared/common.sh (core library)
- All 21 cloud lib/common.sh files
- All 264+ implemented agent scripts
This is the automated equivalent of the CLAUDE.md rule:
"Run bash -n on every changed .sh file before committing."
Agent: test-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Extract duplicated agent/cloud lookup logic into showInfoOrError() and
replace repetitive switch cases with dispatch tables, reducing main()
from 85 to 65 lines and handleDefaultCommand() from 52 to 16 lines.
Agent: complexity-hunter
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Bun.serve defaults to 10s idleTimeout, which kills the streaming
connection before the heartbeat even fires during Claude's startup
silence. Set to 255s (max allowed) and tighten heartbeat to 15s.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
HTTP/2 has strict stream lifecycle management that doesn't play well
with long-lived chunked responses — curl exits with error 92
(stream not closed cleanly: INTERNAL_ERROR). HTTP/1.1 handles
persistent streaming connections natively.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
GitHub Codespaces scripts embedded API keys directly into heredocs sent
over SSH, allowing single-quote breakout for command injection. Fixed by
adding upload_file/run_server/inject_env_vars helpers to Codespaces lib
and using safe temp-file-upload pattern (matching Railway/Render).
Render claude.sh and openclaw.sh built JSON config via unescaped heredocs.
Fixed by using shared setup_claude_code_config/setup_openclaw_config
helpers which properly json_escape values.
FluidStack had triple-quote injection in SSH key registration (pub_key
embedded in Python triple-quotes) and missing single-quote validation in
create_server env var checks. Fixed by reading values via stdin/argv
instead of string interpolation, and added single-quote to validation.
Agent: security-auditor
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Previously, unknown flags like --json or --verbose were silently ignored
or misinterpreted as positional arguments (agent/cloud names), leading to
confusing error messages. Now the CLI detects unrecognized flags and shows
a clear error listing the supported flags.
Agent: ux-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Implements Goose agent on Render with:
- Direct install via Block's download_cli.sh script
- Native OpenRouter support via GOOSE_PROVIDER env var
- Simple environment configuration
- Interactive session launch
Agent: gap-filler
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Implement railway/cline.sh following the standard Railway pattern:
- Install cline via npm
- Inject OPENAI_API_KEY and OPENAI_BASE_URL for OpenRouter compatibility
- Launch with 'cline' command
Agent: gap-filler
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
- Create render/gemini.sh with Render CLI provisioning
- Install Gemini CLI via npm on Render service
- Inject OpenRouter credentials via OPENAI_BASE_URL and GEMINI_API_KEY
- Update manifest.json matrix entry to "implemented"
- Update render/README.md with Gemini usage instructions
Agent: gap-filler
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Implements NanoClaw agent on Render with:
- Node.js and tsx installation
- Clone and build nanoclaw from GitHub
- OpenRouter integration via .env file
- WhatsApp QR code authentication flow
- Interactive dev mode session
Agent: gap-filler
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
- Create render/interpreter.sh with Render CLI provisioning
- Install Open Interpreter via pip on Render service
- Inject OpenRouter credentials via OPENAI_BASE_URL override
- Update manifest.json matrix entry to "implemented"
- Update render/README.md with interpreter usage instructions
Agent: gap-filler
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Implement railway/amazonq.sh following the standard Railway pattern:
- Install Amazon Q CLI via AWS installer script
- Inject OPENAI_API_KEY and OPENAI_BASE_URL for OpenRouter compatibility
- Launch with 'q chat' command
Agent: gap-filler
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Implements OpenClaw agent on Render with:
- Bun installation for openclaw
- Multi-channel gateway in background
- Interactive TUI session
- OpenRouter integration with model selection
- Config file generation with API key and model
Agent: gap-filler
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
- Validate SPAWN_ISSUE is a positive integer in both trigger-server.ts
and refactor.sh to prevent command injection via crafted issue params
- Use Python json.dumps for Render _render_create_service JSON body
instead of string interpolation (prevents JSON injection)
- Remove erroneous "api_key" 6th argument in Hyperstack generic_cloud_api
call that was being interpreted as max_retries, breaking all API calls
Agent: security-auditor
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Implement railway/gemini.sh following the standard Railway pattern:
- Install @google/gemini-cli via npm
- Inject GEMINI_API_KEY, OPENAI_API_KEY, and OPENAI_BASE_URL
- Launch with OpenRouter compatibility
Agent: gap-filler
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Tests the actual CLI entry point through subprocess execution:
- help/version command routing (help, --help, -h, version, --version, -v, -V)
- Subcommand --help routing (list --help, agents --help, clouds --help, etc.)
- ls alias routing
- Non-TTY mode behavior (shows help when no args)
- handleError formatting for invalid identifiers
- extractFlagValue in actual CLI (--prompt/--prompt-file missing values)
- --prompt and --prompt-file mutual exclusion
- --prompt-file with nonexistent file
- Prompt-only-without-cloud error messaging
Agent: test-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
