Upstream sync: CodexBar main through 1d39e0ca (v0.34.0 + 0.34.1 dev)#11
Merged
Conversation
* perf: avoid redundant storage menu invalidation Co-authored-by: Soohan Park <725psh@gmail.com> * test: isolate storage refresh observation * docs: order storage fix in changelog * ci: refresh exact-head checks --------- Co-authored-by: Peter Steinberger <steipete@gmail.com>
* fix: allow pricing catalog churn * fix: prevent pricing cache refreezes * fix: preserve refreshed pricing keys * fix: preserve exact pricing snapshots * build: refresh Codex parser hash * test: split pricing refresh coverage * fix: canonicalize default pricing aliases * fix: preserve pricing alias priority * fix: canonicalize pricing fallback aliases
* Add Antigravity CLI usage source * Fix Antigravity session record ownership * Scope ambient Antigravity probes to selected account In auto mode the local desktop and agy CLI probes report whichever account is signed into the local session, which can differ from a selected token account. Validate ambient snapshots against the selected account's identity and fall through to the account-scoped OAuth fetch on mismatch. Explicit cli/oauth source modes stay authoritative. * Scope desktop-local probe to IDE-only, keep serve agy session warm, add serve last-good cache Fixes three flakiness sources in the Antigravity pipeline and codexbar serve: 1. Desktop-local probe attached to any Antigravity process, including the agy CLI language server owned by AntigravityCLIHTTPSFetchStrategy. A stale/initializing agy accepts the connection but fails GetUserStatus, burning the probe timeout before the CLI strategy's readiness loop runs. Add AntigravityStatusProbe.ProcessScope and scope the local strategy to .ideOnly; it now only handles the running-desktop case and otherwise fails over to the CLI strategy. isRunning() keeps .ideAndCLI for status. 2. codexbar serve reset the warm agy session after every refresh because shouldResetSessionAfterFetch keyed only on runtime == .cli, which serve shares with one-shot CLI usage. Every 60s poll cold-started agy and raced its readiness deadline, timing out. Add ProviderFetchContext.persistsCLISessions (set true by serve via UsageCommandContext.persistCLISessions); shouldResetSessionAfterFetch now keeps the warm session for long-lived hosts and resets only for one-shot CLI. The 180s session idle window covers the 60s refresh. 3. serve discarded the last good payload on transient failures. CLIServeResponseCache now records the last good response per key and serves it for failed refreshes, bounded by serveStaleTTL (ten refresh intervals, five-minute floor; disabled when --refresh-interval 0). Tests: probe ideOnly scope (2), serve last-good fallback + TTL bounds (2), session reset honors persistsCLISessions (extended). * fix: harden Antigravity CLI fallback * fix: harden Antigravity helper process isolation * fix: prevent hidden Antigravity sign-in flows * fix: merge serve stale usage per account * Mark unknown Antigravity model usage * fix: render unknown Antigravity usage safely * fix: preserve Antigravity reset causes * fix: isolate CLI usage fallback by account * ci: refresh exact-head checks * fix: harden Antigravity fallback integration * fix: gate Antigravity CLI fallback on Linux * fix: preserve Antigravity plan debug session * fix: clean up CLI helpers on termination * refactor: split TTY shutdown helpers --------- Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: pickaxe <54486432+ProspectOre@users.noreply.github.com>
* feat: add reset time menu bar display Co-authored-by: Yuxin Qiao <104957188+Yuxin-Qiao@users.noreply.github.com> * fix: refresh reset countdown titles --------- Co-authored-by: Peter Steinberger <steipete@gmail.com>
* fix: honor extra usage percent display * fix: preserve Claude extra usage display * fix: support Cursor team extra usage
* perf: add debug main thread hang watchdog Co-authored-by: joshuavial <git@codewithjv.com> * test: gate hang watchdog tests to debug builds --------- Co-authored-by: Peter Steinberger <steipete@gmail.com>
Treat gRPC status 7 OAuth2 bad-credentials as an auth failure, try browser cookies with a bearer token before cookie-only, skip expired auth-file fallback, parse unframed protobuf billing payloads, and surface clearer grok.com reauth guidance in errors and the menu.
…uidance Fix Grok web billing status 7 auth and cookie bearer fetch
* perf: harden main thread hang diagnostics * fix: preserve watchdog samples after delayed polling * test: stabilize hang watchdog timing * fix: avoid retrospective hang samples
Clicking the persistent Refresh row (⌘R) gave no immediate feedback while the menu stayed open: the provider card kept showing "Updated …" and only changed after switching cards or reopening the menu, prompting repeat clicks. Add two in-place updates that work during NSMenu tracking without rebuilding the open menu (preserving the deferred parent-rebuild policy from #1001/#1196/ #1325): - Live card subtitle: a narrowly-scoped MenuCardRefreshMonitor wraps the @observable UsageStore and is injected via the environment. The header subtitle reads shouldShowRefreshingMenuCardIndicator(for:) so SwiftUI re-renders the single-line subtitle in place to "Refreshing…" while a refresh is in flight, converging to the next rebuild's state. The gate requires error == nil, so the multi-line error layout is never swapped and row height stays fixed. - Refresh row spinner: PersistentMenuActionItemView swaps its arrow.clockwise icon for a spinner occupying the same fixed 18pt slot (icon faded, not hidden, to avoid stack collapse). Forced on at click for instant feedback and reverted via the store observation on completion/failure. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
feat: show in-flight feedback on manual refresh
test(menu): stabilize refresh subtitle assertion
Add native Korean as a first-class language: - ko.lproj/Localizable.strings with all 1040 strings translated to native macOS-style Korean (placeholders/format specifiers preserved) - register `ko` in the AppLanguage enum + Settings language picker - add the localized "language_korean" name to every existing catalog - extend LocalizationLanguageCatalogTests parity list Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The provider-switcher shortcut monitor peeked the event queue with NSApp.nextEvent(matching:until:inMode:dequeue:) from a run-loop observer in .eventTracking mode. That call re-enters the event loop in the given mode, dispatching the menu session's own timers and sources mid-observer. When the reentry landed during menu setup (the opening click advances the HID counters, so the gate guaranteed a peek right then) or amid rapid claimed Cmd-number presses, it killed the tracking session and left a zombie menu on screen that no longer dequeued events: clicks sat at the queue head for tens of seconds while the cursor beach-balled, with Settings... the usual victim. A captured trace showed one click re-peeked 13 times over 21 seconds and a menu that stayed deaf for 92 seconds with the main thread idle in the normal run loop - no tracking session left at all. No passive delivery path exists for these events: local monitors, Carbon dispatcher handlers, RegisterEventHotKey (tracking pushes a hotkey-disable mode), and menuHasKeyEquivalent all go dark during NSMenu tracking, so the peek stays - but it is now isolated. Peeks run in a barren private run-loop mode with no sources or timers registered so the reentry cannot dispatch menu-session work, they start only once a block queued in the tracking mode proves the session is pumping, and mouse events are no longer monitored at all - ProviderSwitcherView already handles switcher clicks via its mouseDown/mouseUp overrides. Fixes the menu freezes reported in #1387, #1427, and #1329.
…ents Keep switcher shortcut peeks from killing menu tracking sessions
Fix shortcut menu toggle
* Add Kimi Code API usage source * Fix Kimi API fallback review comments * Fix Kimi API source routing review gaps * fix: secure Kimi API endpoint overrides * fix: normalize Kimi coding base paths * Prefer Kimi Code API key env var * fix: isolate Kimi Code API credentials * fix: harden Kimi Code API fallback * fix: clarify Kimi Code API authentication --------- Co-authored-by: kiranmagic7 <209323973+kiranmagic7@users.noreply.github.com> Co-authored-by: Peter Steinberger <steipete@gmail.com>
Fall back to the selected quota percentage when Pace mode cannot compute pace, preventing the status item from collapsing to icon-only near resets or with incomplete window metadata. Fixes #1462.
Run push CI only for main while retaining pull request CI, avoiding duplicate matrices for PR heads.
Make diagnostic probe timeouts return even when a provider operation ignores task cancellation, with regression coverage.
* test: scope Codex process cleanup to test stubs * test: require UUID cleanup targets
* Fix stale light Settings toolbar after dark mode switch The SwiftUI `Settings` scene's native toolbar (the tab bar) keeps a stale light appearance when the system theme switches while the window already exists, leaving a light toolbar over dark content. Pin the Settings window to the app's current `effectiveAppearance` on appear and whenever the SwiftUI color scheme changes so the toolbar redraws with the live theme. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * fix: preserve settings appearance inheritance * fix(settings): preserve accessibility appearance updates * fix(settings): coalesce duplicate appearance updates --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com> Co-authored-by: Peter Steinberger <steipete@gmail.com>
Sync steipete/CodexBar main (101 commits, 5cc8a24..1d39e0c) into QuotaKit. The range is overwhelmingly provider auth/quota-accuracy bugfixes: Cursor app-auth fallback hardening, Amp balance-API auth, Grok web-billing status-7 recovery, OpenAI Admin usage pagination, Copilot budget extras, Kimi Code API source, Antigravity CLI fallback, plus menu-bar tracking and main-thread hang diagnostics. Conflict resolution preserved QuotaKit identity and release config: - Kept QuotaKit versions of AGENTS.md, CHANGELOG.md, appcast.xml, docs/DEVELOPMENT.md, and the release scripts (lint.sh, package_app.sh, sign-and-notarize.sh). The upstream packaging refactor (#1473, package_product_paths.sh) is intentionally NOT wired into QuotaKit's env-driven release scripts here; left for a separate deliberate change. - version.env: kept QuotaKit MARKETING_VERSION/BUILD_NUMBER and UPSTREAM_VERSION (v0.33.0, not yet shipped); advanced UPSTREAM_MONITOR_BASE to 1d39e0c and UPSTREAM_SYNC_DATE to 2026-06-13. - Reverted upstream signing identity injected into .mac-release.env (Developer ID / managed-keychain values belonging to upstream). - SettingsStore.swift: kept QuotaKit iCloud-sync/push settings and adopted the upstream loadMultiAccountMenuLayoutRaw helper (legacy migration preserved). - Widget project.pbxproj: kept the QuotaKit product reference. - Localization: took upstream's new strings; added German/Korean/Turkish language support. Rebranded new-locale customer copy and new provider source literals (Amp/Kimi config path, Copilot User-Agent, hang-watchdog log dir and thread name) from CodexBar to QuotaKit per the branding audit. - Regenerated CodexParserHash.generated.swift for the merged parser source. Validated (Linux container, no Swift/Xcode): branding, provider-palette, and i18n audits pass; parser-hash --check passes. swift build/test, SwiftFormat, SwiftLint, and the iOS xcodebuild must run in CI.
The upstream-sync conflict resolution shortened loadDefaultsState (adopted the loadMultiAccountMenuLayoutRaw helper), so its swiftlint:disable:next no longer suppresses a real violation. SwiftLint --strict flagged it as superfluous.
The de.lproj install_cli_subtitle value told users to symlink QuotaKitCLI 'als Codexbar', a leftover from the upstream string. All other locales use 'quotakit'. The branding audit's regex (CodexBar|codexbar) is case-sensitive and does not match the 'Codexbar' casing, so neither the audit nor the locale rebrand caught it.
The German and Korean catalogs carried 3 keys under the upstream CodexBar-cased names (menu-bar icon, CLI symlink, Tahoe hint) while the app looks them up under the QuotaKit-cased keys, so those strings fell back to English despite having German/Korean translations. Rebrand the keys to match en (and the tr fix in d3a1723) so the existing translations display. Values were already QuotaKit- branded; mobile_* strings remain English fallback, consistent with fr/es/nl/ca/ja.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
19 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Resolves the upstream review in #10. Merges
steipete/CodexBarmain (5cc8a248..1d39e0ca, 101 commits) into QuotaKit. The original triage blocker — a dirty worktree — is gone (those widget/iOS changes are committed), and the range had grown from the 84 commits noted in triage to 101 by merge time.Result: 214 files changed, +20,099 / −993. Of the 223 differing files, only 22 conflicted; the rest auto-merged.
What's in the range
Overwhelmingly provider auth/quota-accuracy bugfixes (~51 of 101 commits), concentrated in Providers:
Conflict resolution — QuotaKit identity & release config preserved
AGENTS.md,CHANGELOG.md,appcast.xml,docs/DEVELOPMENT.md, and the release scripts (lint.sh,package_app.sh,sign-and-notarize.sh)..mac-release.env: reverted an auto-merged injection of upstream's signing identity (Peter Steinberger Developer ID, "Peekaboo Release Keychain", 1Password vault "Molty", managed-keychain flags). These must not live in QuotaKit's release config.version.env: kept QuotaKitMARKETING_VERSION(0.32.4.5) /BUILD_NUMBER(79.5) andUPSTREAM_VERSION(v0.33.0 — not yet shipped to users); advancedUPSTREAM_MONITOR_BASE→1d39e0caandUPSTREAM_SYNC_DATE→ 2026-06-13. No build-number bump (this isn't a release).SettingsStore.swift: kept QuotaKit's iCloud-sync / push-to-iOS settings and adopted upstream'sloadMultiAccountMenuLayoutRawhelper (verified the legacyshowAllTokenAccountsInMenumigration is preserved).project.pbxproj: kept the QuotaKit product reference..strings): took upstream's new keys; rebranded new-locale (de/ko/tr) customer copy and new provider source literals — Amp/Kimi config path (~/.codexbar→~/.quotakit), CopilotUser-Agent(CodexBar→QuotaKit), hang-watchdog log dir & thread name — to satisfy the QuotaKit branding audit.CodexParserHash.generated.swift: regenerated for the merged parser source (not hand-merged).StatusItemController+MergedMenuPresentation.swift,MergedMenuPositioningTests.swift) were propagated.Deliberately deferred
The upstream packaging refactor (#1473,
package_product_paths.sh) is not wired into QuotaKit's env-driven release scripts here — the new helper files land in the tree but are unused. Reconciling QuotaKit's parameterized signing/packaging with that refactor is release-critical and best done as a separate, deliberately-validated change.Validation
Ran what this Linux container allows — all green:
audit_customer_branding.py)--check.mac-release.envfixNot runnable here (no Swift/Xcode) — must pass in CI before merge:
swift build/swift test(focused provider/parser suites),swiftformat --lint,swiftlint --strict, and the iOSxcodebuild. Per repo policy, no live provider/Keychain validation was run.Generated by Claude Code