bingyi/claw-code
1
0
Fork 0
mirror of https://github.com/ultraworkers/claw-code.git synced 2026-06-06 16:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
e93271356ffb0e8808db2e0d2f7a1bf50c5be35e
claw-code/rust/crates/api/src/error.rs

622 lines
22 KiB
Rust
Raw Normal View History

feat: Rust port of Claw Code CLI Crates: - api: Anthropic Messages API client with SSE streaming - tools: compatible tool implementations (Bash, Read, Write, Edit, Glob, Grep + extended suite) - runtime: conversation loop, session persistence, permissions, system prompt builder - claw-cli: terminal UI with markdown rendering, syntax highlighting, spinners - commands: subcommand definitions - compat-harness: upstream TS parity verification All crates pass cargo fmt/clippy/test.
2026-03-31 17:43:09 +00:00
use std::env::VarError;
use std::fmt::{Display, Formatter};
feat: merge 2nd round from all rcc/* sessions - api: tool_use parsing, message_delta, request_id tracking, retry logic - tools: extended tool suite (WebSearch, WebFetch, Agent, etc.) - cli: live streamed conversations, session restore, compact commands - runtime: config loading, system prompt builder, token usage, compaction
2026-03-31 17:43:25 +00:00
use std::time::Duration;
feat: Rust port of Claw Code CLI Crates: - api: Anthropic Messages API client with SSE streaming - tools: compatible tool implementations (Bash, Read, Write, Edit, Glob, Grep + extended suite) - runtime: conversation loop, session persistence, permissions, system prompt builder - claw-cli: terminal UI with markdown rendering, syntax highlighting, spinners - commands: subcommand definitions - compat-harness: upstream TS parity verification All crates pass cargo fmt/clippy/test.
2026-03-31 17:43:09 +00:00
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
const GENERIC_FATAL_WRAPPER_MARKERS: &[&str] = &[
"something went wrong while processing your request",
"please try again, or use /new to start a fresh session",
];
Turn oversized-context failures into recovery guidance Dogfood showed oversized requests still surfacing as raw hard errors, even when claw could tell the user exactly how to recover. This keeps context-window failures classified, recognizes the same failure when it comes back from a provider response, and renders recovery steps that point operators at the existing compaction and fresh-session paths instead of a provider-style dump. Constraint: Keep the failure class explicit so automation and operators can still distinguish context-window exhaustion from generic provider failures Constraint: Reuse existing /compact and session-reset UX instead of inventing a new recovery workflow Rejected: Auto-run compaction on failure | mutates session state on an error path the user may want to inspect first Rejected: Only prettify local preflight failures | provider-returned context-window errors would still leak raw failure text Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep provider-side context-window detection aligned with real oversized-request messages before broadening the marker list Tested: cargo fmt --all --check Tested: cargo test -p api Tested: cargo test -p rusty-claude-cli Tested: cargo clippy -p api -p rusty-claude-cli --all-targets -- -D warnings Not-tested: cargo test --workspace
2026-04-06 05:37:58 +00:00
const CONTEXT_WINDOW_ERROR_MARKERS: &[&str] = &[
"maximum context length",
"context window",
"context length",
"too many tokens",
"prompt is too long",
"input is too long",
Handle OpenAI token-limit errors as context-window failures
2026-05-03 18:44:03 +02:00
"input tokens exceed",
"configured limit",
"messages resulted in",
"completion tokens",
"prompt tokens",
Turn oversized-context failures into recovery guidance Dogfood showed oversized requests still surfacing as raw hard errors, even when claw could tell the user exactly how to recover. This keeps context-window failures classified, recognizes the same failure when it comes back from a provider response, and renders recovery steps that point operators at the existing compaction and fresh-session paths instead of a provider-style dump. Constraint: Keep the failure class explicit so automation and operators can still distinguish context-window exhaustion from generic provider failures Constraint: Reuse existing /compact and session-reset UX instead of inventing a new recovery workflow Rejected: Auto-run compaction on failure | mutates session state on an error path the user may want to inspect first Rejected: Only prettify local preflight failures | provider-returned context-window errors would still leak raw failure text Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep provider-side context-window detection aligned with real oversized-request messages before broadening the marker list Tested: cargo fmt --all --check Tested: cargo test -p api Tested: cargo test -p rusty-claude-cli Tested: cargo clippy -p api -p rusty-claude-cli --all-targets -- -D warnings Not-tested: cargo test --workspace
2026-04-06 05:37:58 +00:00
"request is too large",
];
feat: Rust port of Claw Code CLI Crates: - api: Anthropic Messages API client with SSE streaming - tools: compatible tool implementations (Bash, Read, Write, Edit, Glob, Grep + extended suite) - runtime: conversation loop, session persistence, permissions, system prompt builder - claw-cli: terminal UI with markdown rendering, syntax highlighting, spinners - commands: subcommand definitions - compat-harness: upstream TS parity verification All crates pass cargo fmt/clippy/test.
2026-03-31 17:43:09 +00:00
#[derive(Debug)]
pub enum ApiError {
auto: save WIP progress from rcc session
2026-04-01 04:01:37 +00:00
MissingCredentials {
provider: &'static str,
env_vars: &'static [&'static str],
fix(api): auth-provider error copy — prefix-routing hints + sk-ant-* bearer detection — closes ROADMAP #28 Two live users in #claw-code on 2026-04-08 hit adjacent auth confusion: varleg set OPENAI_API_KEY for OpenRouter but prefix routing didn't activate without openai/ model prefix, and stanley078852 put sk-ant-* in ANTHROPIC_AUTH_TOKEN (Bearer path) instead of ANTHROPIC_API_KEY (x-api-key path) and got 401 Invalid bearer token. Changes: 1. ApiError::MissingCredentials gained optional hint field (error.rs) 2. anthropic_missing_credentials_hint() sniffs OPENAI/XAI/DASHSCOPE env vars and suggests prefix routing when present (providers/mod.rs) 3. All 4 Anthropic auth paths wire the hint helper (anthropic.rs) 4. 401 + sk-ant-* in bearer token detected and hint appended 5. 'Which env var goes where' section added to USAGE.md Tests: unit tests for all three improvements (no HTTP calls needed). Workspace: all tests green, fmt clean, clippy warnings-only. Source: live users varleg + stanley078852 in #claw-code 2026-04-08. Co-authored-by: gaebal-gajae <gaebal-gajae@layofflabs.com>
2026-04-08 16:29:03 +09:00
/// Optional, runtime-computed hint appended to the error Display
/// output. Populated when the provider resolver can infer what the
Remove the deprecated Claude subscription login path and restore a green Rust workspace ROADMAP #37 was still open even though several earlier backlog items were already closed. This change removes the local login/logout surface, stops startup auth resolution from treating saved OAuth credentials as a supported path, and updates diagnostics/help to point users at ANTHROPIC_API_KEY or ANTHROPIC_AUTH_TOKEN only. While proving the change with the user-requested workspace gates, clippy surfaced additional pre-existing warning failures across the Rust workspace. Those were cleaned up in-place so the required `cargo fmt`, `cargo clippy --workspace --all-targets -- -D warnings`, and `cargo test --workspace` sequence now passes end to end. Constraint: User explicitly required full-workspace fmt/clippy/test before commit/push Constraint: Existing dirty leader worktree had to be stashed before attempted OMX team worktree launch Rejected: Keep login/logout but hide them from help | left unsupported auth flow and saved OAuth fallback intact Rejected: Stop after ROADMAP #37 targeted tests | did not satisfy required full-workspace verification gate Confidence: medium Scope-risk: moderate Reversibility: clean Directive: Do not reintroduce saved OAuth as a silent Anthropic startup fallback without an explicit supported auth policy Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace Not-tested: Remote push effects beyond origin/main update
2026-04-11 17:24:44 +00:00
/// user probably intended (e.g. an `OpenAI` key is set but Anthropic
fix(api): auth-provider error copy — prefix-routing hints + sk-ant-* bearer detection — closes ROADMAP #28 Two live users in #claw-code on 2026-04-08 hit adjacent auth confusion: varleg set OPENAI_API_KEY for OpenRouter but prefix routing didn't activate without openai/ model prefix, and stanley078852 put sk-ant-* in ANTHROPIC_AUTH_TOKEN (Bearer path) instead of ANTHROPIC_API_KEY (x-api-key path) and got 401 Invalid bearer token. Changes: 1. ApiError::MissingCredentials gained optional hint field (error.rs) 2. anthropic_missing_credentials_hint() sniffs OPENAI/XAI/DASHSCOPE env vars and suggests prefix routing when present (providers/mod.rs) 3. All 4 Anthropic auth paths wire the hint helper (anthropic.rs) 4. 401 + sk-ant-* in bearer token detected and hint appended 5. 'Which env var goes where' section added to USAGE.md Tests: unit tests for all three improvements (no HTTP calls needed). Workspace: all tests green, fmt clean, clippy warnings-only. Source: live users varleg + stanley078852 in #claw-code 2026-04-08. Co-authored-by: gaebal-gajae <gaebal-gajae@layofflabs.com>
2026-04-08 16:29:03 +09:00
/// was selected because no Anthropic credentials exist).
hint: Option<String>,
auto: save WIP progress from rcc session
2026-04-01 04:01:37 +00:00
},
Block oversized requests before providers hard-fail The runtime already tracked rough token estimates for compaction, but provider-bound requests still relied on naive model output limits and could be sent upstream even when the selected model could not fit the estimated prompt plus requested output. This adds a small model token/context registry in the API layer, estimates request size from the serialized prompt payload, and fails locally with a dedicated context-window error before Anthropic or xAI calls are made. Focused integration coverage asserts the preflight fires before any HTTP request leaves the process. Constraint: Keep the first pass minimal and reusable across both Anthropic and OpenAI-compatible providers Rejected: Auto-compact-and-retry in the same patch | broader control-flow change than the requested minimal preflight Confidence: medium Scope-risk: narrow Reversibility: clean Directive: Expand the model registry before enabling preflight for additional providers or aliases Tested: cargo build -p api -p tools -p rusty-claude-cli; cargo test -p api Not-tested: End-to-end CLI auto-compaction or retry behavior after a local context_window_blocked failure
2026-04-05 16:39:58 +00:00
ContextWindowExceeded {
model: String,
estimated_input_tokens: u32,
requested_output_tokens: u32,
estimated_total_tokens: u32,
context_window_tokens: u32,
},
Enable OAuth login without requiring API keys This adds an end-to-end OAuth PKCE login/logout path to the Rust CLI, persists OAuth credentials under the config home, and teaches the API client to use persisted bearer credentials with refresh support when env-based API credentials are absent. Constraint: Reuse existing runtime OAuth primitives and keep browser/callback orchestration in the CLI Constraint: Preserve auth precedence as API key, then auth-token env, then persisted OAuth credentials Rejected: Put browser launch and token exchange entirely in runtime | caused boundary creep across shared crates Rejected: Duplicate credential parsing in CLI and api | increased drift and refresh inconsistency Confidence: medium Scope-risk: moderate Reversibility: clean Directive: Keep logout non-destructive to unrelated credentials.json fields and do not silently fall back to stale expired tokens Tested: cargo fmt; cargo clippy --workspace --all-targets -- -D warnings; cargo test Not-tested: Manual live Anthropic OAuth browser flow against real authorize/token endpoints
2026-03-31 23:38:05 +00:00
ExpiredOAuthToken,
Auth(String),
feat: Rust port of Claw Code CLI Crates: - api: Anthropic Messages API client with SSE streaming - tools: compatible tool implementations (Bash, Read, Write, Edit, Glob, Grep + extended suite) - runtime: conversation loop, session persistence, permissions, system prompt builder - claw-cli: terminal UI with markdown rendering, syntax highlighting, spinners - commands: subcommand definitions - compat-harness: upstream TS parity verification All crates pass cargo fmt/clippy/test.
2026-03-31 17:43:09 +00:00
InvalidApiKeyEnv(VarError),
Http(reqwest::Error),
Io(std::io::Error),
fix(api): enrich JSON parse errors with response body, provider, and model Raw 'json_error: no field X' now includes truncated response body, provider name, and model ID for debugging context.
2026-04-07 14:21:52 +09:00
Json {
provider: String,
model: String,
body_snippet: String,
source: serde_json::Error,
},
feat: merge 2nd round from all rcc/* sessions - api: tool_use parsing, message_delta, request_id tracking, retry logic - tools: extended tool suite (WebSearch, WebFetch, Agent, etc.) - cli: live streamed conversations, session restore, compact commands - runtime: config loading, system prompt builder, token usage, compaction
2026-03-31 17:43:25 +00:00
Api {
feat: Rust port of Claw Code CLI Crates: - api: Anthropic Messages API client with SSE streaming - tools: compatible tool implementations (Bash, Read, Write, Edit, Glob, Grep + extended suite) - runtime: conversation loop, session persistence, permissions, system prompt builder - claw-cli: terminal UI with markdown rendering, syntax highlighting, spinners - commands: subcommand definitions - compat-harness: upstream TS parity verification All crates pass cargo fmt/clippy/test.
2026-03-31 17:43:09 +00:00
status: reqwest::StatusCode,
feat: merge 2nd round from all rcc/* sessions - api: tool_use parsing, message_delta, request_id tracking, retry logic - tools: extended tool suite (WebSearch, WebFetch, Agent, etc.) - cli: live streamed conversations, session restore, compact commands - runtime: config loading, system prompt builder, token usage, compaction
2026-03-31 17:43:25 +00:00
error_type: Option<String>,
message: Option<String>,
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
request_id: Option<String>,
feat: Rust port of Claw Code CLI Crates: - api: Anthropic Messages API client with SSE streaming - tools: compatible tool implementations (Bash, Read, Write, Edit, Glob, Grep + extended suite) - runtime: conversation loop, session persistence, permissions, system prompt builder - claw-cli: terminal UI with markdown rendering, syntax highlighting, spinners - commands: subcommand definitions - compat-harness: upstream TS parity verification All crates pass cargo fmt/clippy/test.
2026-03-31 17:43:09 +00:00
body: String,
feat: merge 2nd round from all rcc/* sessions - api: tool_use parsing, message_delta, request_id tracking, retry logic - tools: extended tool suite (WebSearch, WebFetch, Agent, etc.) - cli: live streamed conversations, session restore, compact commands - runtime: config loading, system prompt builder, token usage, compaction
2026-03-31 17:43:25 +00:00
retryable: bool,
Implement US-022: Enhanced error context for API failures Add structured error context to API failures: - Request ID tracking across retries with full context in error messages - Provider-specific error code mapping with actionable suggestions - Suggested user actions for common error types (401, 403, 413, 429, 500, 502-504) - Added suggested_action field to ApiError::Api variant - Updated enrich_bearer_auth_error to preserve suggested_action Files changed: - rust/crates/api/src/error.rs: Add suggested_action field, update Display - rust/crates/api/src/providers/openai_compat.rs: Add suggested_action_for_status() - rust/crates/api/src/providers/anthropic.rs: Update error handling All tests pass, clippy clean. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-16 19:15:00 +00:00
/// Suggested user action based on error type (e.g., "Reduce prompt size" for 413)
suggested_action: Option<String>,
feat: merge 2nd round from all rcc/* sessions - api: tool_use parsing, message_delta, request_id tracking, retry logic - tools: extended tool suite (WebSearch, WebFetch, Agent, etc.) - cli: live streamed conversations, session restore, compact commands - runtime: config loading, system prompt builder, token usage, compaction
2026-03-31 17:43:25 +00:00
},
RetriesExhausted {
attempts: u32,
last_error: Box<ApiError>,
feat: Rust port of Claw Code CLI Crates: - api: Anthropic Messages API client with SSE streaming - tools: compatible tool implementations (Bash, Read, Write, Edit, Glob, Grep + extended suite) - runtime: conversation loop, session persistence, permissions, system prompt builder - claw-cli: terminal UI with markdown rendering, syntax highlighting, spinners - commands: subcommand definitions - compat-harness: upstream TS parity verification All crates pass cargo fmt/clippy/test.
2026-03-31 17:43:09 +00:00
},
InvalidSseFrame(&'static str),
feat: merge 2nd round from all rcc/* sessions - api: tool_use parsing, message_delta, request_id tracking, retry logic - tools: extended tool suite (WebSearch, WebFetch, Agent, etc.) - cli: live streamed conversations, session restore, compact commands - runtime: config loading, system prompt builder, token usage, compaction
2026-03-31 17:43:25 +00:00
BackoffOverflow {
attempt: u32,
base_delay: Duration,
},
US-021: Add request body size pre-flight check for OpenAI-compatible provider
2026-04-16 17:41:57 +00:00
RequestBodySizeExceeded {
estimated_bytes: usize,
max_bytes: usize,
provider: &'static str,
},
feat: merge 2nd round from all rcc/* sessions - api: tool_use parsing, message_delta, request_id tracking, retry logic - tools: extended tool suite (WebSearch, WebFetch, Agent, etc.) - cli: live streamed conversations, session restore, compact commands - runtime: config loading, system prompt builder, token usage, compaction
2026-03-31 17:43:25 +00:00
}
impl ApiError {
auto: save WIP progress from rcc session
2026-04-01 04:01:37 +00:00
#[must_use]
pub const fn missing_credentials(
provider: &'static str,
env_vars: &'static [&'static str],
) -> Self {
fix(api): auth-provider error copy — prefix-routing hints + sk-ant-* bearer detection — closes ROADMAP #28 Two live users in #claw-code on 2026-04-08 hit adjacent auth confusion: varleg set OPENAI_API_KEY for OpenRouter but prefix routing didn't activate without openai/ model prefix, and stanley078852 put sk-ant-* in ANTHROPIC_AUTH_TOKEN (Bearer path) instead of ANTHROPIC_API_KEY (x-api-key path) and got 401 Invalid bearer token. Changes: 1. ApiError::MissingCredentials gained optional hint field (error.rs) 2. anthropic_missing_credentials_hint() sniffs OPENAI/XAI/DASHSCOPE env vars and suggests prefix routing when present (providers/mod.rs) 3. All 4 Anthropic auth paths wire the hint helper (anthropic.rs) 4. 401 + sk-ant-* in bearer token detected and hint appended 5. 'Which env var goes where' section added to USAGE.md Tests: unit tests for all three improvements (no HTTP calls needed). Workspace: all tests green, fmt clean, clippy warnings-only. Source: live users varleg + stanley078852 in #claw-code 2026-04-08. Co-authored-by: gaebal-gajae <gaebal-gajae@layofflabs.com>
2026-04-08 16:29:03 +09:00
Self::MissingCredentials {
provider,
env_vars,
hint: None,
}
}
/// Build a `MissingCredentials` error carrying an extra, runtime-computed
/// hint string that the Display impl appends after the canonical "missing
/// <provider> credentials" message. Used by the provider resolver to
/// suggest the likely fix when the user has credentials for a different
/// provider already in the environment.
#[must_use]
pub fn missing_credentials_with_hint(
provider: &'static str,
env_vars: &'static [&'static str],
hint: impl Into<String>,
) -> Self {
Self::MissingCredentials {
provider,
env_vars,
hint: Some(hint.into()),
}
auto: save WIP progress from rcc session
2026-04-01 04:01:37 +00:00
}
fix(api): enrich JSON parse errors with response body, provider, and model Raw 'json_error: no field X' now includes truncated response body, provider name, and model ID for debugging context.
2026-04-07 14:21:52 +09:00
/// Build a `Self::Json` enriched with the provider name, the model that
/// was requested, and the first 200 characters of the raw response body so
/// that callers can diagnose deserialization failures without re-running
/// the request.
#[must_use]
pub fn json_deserialize(
provider: impl Into<String>,
model: impl Into<String>,
body: &str,
source: serde_json::Error,
) -> Self {
Self::Json {
provider: provider.into(),
model: model.into(),
body_snippet: truncate_body_snippet(body, 200),
source,
}
}
feat: merge 2nd round from all rcc/* sessions - api: tool_use parsing, message_delta, request_id tracking, retry logic - tools: extended tool suite (WebSearch, WebFetch, Agent, etc.) - cli: live streamed conversations, session restore, compact commands - runtime: config loading, system prompt builder, token usage, compaction
2026-03-31 17:43:25 +00:00
#[must_use]
pub fn is_retryable(&self) -> bool {
match self {
Self::Http(error) => error.is_connect() || error.is_timeout() || error.is_request(),
Self::Api { retryable, .. } => *retryable,
Self::RetriesExhausted { last_error, .. } => last_error.is_retryable(),
auto: save WIP progress from rcc session
2026-04-01 04:01:37 +00:00
Self::MissingCredentials { .. }
Block oversized requests before providers hard-fail The runtime already tracked rough token estimates for compaction, but provider-bound requests still relied on naive model output limits and could be sent upstream even when the selected model could not fit the estimated prompt plus requested output. This adds a small model token/context registry in the API layer, estimates request size from the serialized prompt payload, and fails locally with a dedicated context-window error before Anthropic or xAI calls are made. Focused integration coverage asserts the preflight fires before any HTTP request leaves the process. Constraint: Keep the first pass minimal and reusable across both Anthropic and OpenAI-compatible providers Rejected: Auto-compact-and-retry in the same patch | broader control-flow change than the requested minimal preflight Confidence: medium Scope-risk: narrow Reversibility: clean Directive: Expand the model registry before enabling preflight for additional providers or aliases Tested: cargo build -p api -p tools -p rusty-claude-cli; cargo test -p api Not-tested: End-to-end CLI auto-compaction or retry behavior after a local context_window_blocked failure
2026-04-05 16:39:58 +00:00
| Self::ContextWindowExceeded { .. }
Enable OAuth login without requiring API keys This adds an end-to-end OAuth PKCE login/logout path to the Rust CLI, persists OAuth credentials under the config home, and teaches the API client to use persisted bearer credentials with refresh support when env-based API credentials are absent. Constraint: Reuse existing runtime OAuth primitives and keep browser/callback orchestration in the CLI Constraint: Preserve auth precedence as API key, then auth-token env, then persisted OAuth credentials Rejected: Put browser launch and token exchange entirely in runtime | caused boundary creep across shared crates Rejected: Duplicate credential parsing in CLI and api | increased drift and refresh inconsistency Confidence: medium Scope-risk: moderate Reversibility: clean Directive: Keep logout non-destructive to unrelated credentials.json fields and do not silently fall back to stale expired tokens Tested: cargo fmt; cargo clippy --workspace --all-targets -- -D warnings; cargo test Not-tested: Manual live Anthropic OAuth browser flow against real authorize/token endpoints
2026-03-31 23:38:05 +00:00
| Self::ExpiredOAuthToken
| Self::Auth(_)
feat: merge 2nd round from all rcc/* sessions - api: tool_use parsing, message_delta, request_id tracking, retry logic - tools: extended tool suite (WebSearch, WebFetch, Agent, etc.) - cli: live streamed conversations, session restore, compact commands - runtime: config loading, system prompt builder, token usage, compaction
2026-03-31 17:43:25 +00:00
| Self::InvalidApiKeyEnv(_)
| Self::Io(_)
fix(api): enrich JSON parse errors with response body, provider, and model Raw 'json_error: no field X' now includes truncated response body, provider name, and model ID for debugging context.
2026-04-07 14:21:52 +09:00
| Self::Json { .. }
feat: merge 2nd round from all rcc/* sessions - api: tool_use parsing, message_delta, request_id tracking, retry logic - tools: extended tool suite (WebSearch, WebFetch, Agent, etc.) - cli: live streamed conversations, session restore, compact commands - runtime: config loading, system prompt builder, token usage, compaction
2026-03-31 17:43:25 +00:00
| Self::InvalidSseFrame(_)
US-021: Add request body size pre-flight check for OpenAI-compatible provider
2026-04-16 17:41:57 +00:00
| Self::BackoffOverflow { .. }
| Self::RequestBodySizeExceeded { .. } => false,
feat: merge 2nd round from all rcc/* sessions - api: tool_use parsing, message_delta, request_id tracking, retry logic - tools: extended tool suite (WebSearch, WebFetch, Agent, etc.) - cli: live streamed conversations, session restore, compact commands - runtime: config loading, system prompt builder, token usage, compaction
2026-03-31 17:43:25 +00:00
}
}
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
#[must_use]
pub fn request_id(&self) -> Option<&str> {
match self {
Self::Api { request_id, .. } => request_id.as_deref(),
Self::RetriesExhausted { last_error, .. } => last_error.request_id(),
Self::MissingCredentials { .. }
| Self::ContextWindowExceeded { .. }
| Self::ExpiredOAuthToken
| Self::Auth(_)
| Self::InvalidApiKeyEnv(_)
| Self::Http(_)
| Self::Io(_)
fix(api): enrich JSON parse errors with response body, provider, and model Raw 'json_error: no field X' now includes truncated response body, provider name, and model ID for debugging context.
2026-04-07 14:21:52 +09:00
| Self::Json { .. }
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
| Self::InvalidSseFrame(_)
US-021: Add request body size pre-flight check for OpenAI-compatible provider
2026-04-16 17:41:57 +00:00
| Self::BackoffOverflow { .. }
| Self::RequestBodySizeExceeded { .. } => None,
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
}
}
#[must_use]
pub fn safe_failure_class(&self) -> &'static str {
match self {
Make repeated provider crashes self-identifying after retry exhaustion Generic fatal wrapper handling already preserved safe classes and trace ids for single provider failures, but repeated retry exhaustion still surfaced as provider_internal. Classify generic wrapped RetriesExhausted failures as provider_retry_exhausted so Jobdori-style repeat failures stay distinguishable from one-off provider crashes, and keep the display logic clippy-clean. Constraint: Keep the change minimal and preserve existing user-visible error wording outside retry-exhaustion classification Rejected: Broadly rework all provider error taxonomy | unnecessary for the targeted opaque-wrapper regression Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep retry exhaustion distinct from single-shot provider_internal wrappers when the nested error is the same generic fatal wrapper Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal Tested: cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class Tested: cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace Tested: cargo test -p rusty-claude-cli retry_exhaustion_uses_retry_failure_class_for_generic_provider_wrapper Tested: cargo test --workspace Tested: cargo fmt --check Tested: cargo clippy --workspace --all-targets -- -D warnings Not-tested: Live OpenClaw/Anthropic service failure telemetry outside the local test harness
2026-04-06 00:13:12 +00:00
Self::RetriesExhausted { .. } if self.is_context_window_failure() => "context_window",
Self::RetriesExhausted { .. } if self.is_generic_fatal_wrapper() => {
"provider_retry_exhausted"
}
Self::RetriesExhausted { last_error, .. } => last_error.safe_failure_class(),
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
Self::MissingCredentials { .. } | Self::ExpiredOAuthToken | Self::Auth(_) => {
"provider_auth"
}
Self::Api { status, .. } if matches!(status.as_u16(), 401 | 403) => "provider_auth",
Self::ContextWindowExceeded { .. } => "context_window",
Turn oversized-context failures into recovery guidance Dogfood showed oversized requests still surfacing as raw hard errors, even when claw could tell the user exactly how to recover. This keeps context-window failures classified, recognizes the same failure when it comes back from a provider response, and renders recovery steps that point operators at the existing compaction and fresh-session paths instead of a provider-style dump. Constraint: Keep the failure class explicit so automation and operators can still distinguish context-window exhaustion from generic provider failures Constraint: Reuse existing /compact and session-reset UX instead of inventing a new recovery workflow Rejected: Auto-run compaction on failure | mutates session state on an error path the user may want to inspect first Rejected: Only prettify local preflight failures | provider-returned context-window errors would still leak raw failure text Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep provider-side context-window detection aligned with real oversized-request messages before broadening the marker list Tested: cargo fmt --all --check Tested: cargo test -p api Tested: cargo test -p rusty-claude-cli Tested: cargo clippy -p api -p rusty-claude-cli --all-targets -- -D warnings Not-tested: cargo test --workspace
2026-04-06 05:37:58 +00:00
Self::Api { .. } if self.is_context_window_failure() => "context_window",
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
Self::Api { status, .. } if status.as_u16() == 429 => "provider_rate_limit",
Fix retry exhaustion failure classification
2026-04-06 01:08:23 +00:00
Self::Api { .. } if self.is_generic_fatal_wrapper() => "provider_internal",
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
Self::Api { .. } => "provider_error",
Self::Http(_) | Self::InvalidSseFrame(_) | Self::BackoffOverflow { .. } => {
"provider_transport"
}
fix(api): enrich JSON parse errors with response body, provider, and model Raw 'json_error: no field X' now includes truncated response body, provider name, and model ID for debugging context.
2026-04-07 14:21:52 +09:00
Self::InvalidApiKeyEnv(_) | Self::Io(_) | Self::Json { .. } => "runtime_io",
US-021: Add request body size pre-flight check for OpenAI-compatible provider
2026-04-16 17:41:57 +00:00
Self::RequestBodySizeExceeded { .. } => "request_size",
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
}
}
#[must_use]
pub fn is_generic_fatal_wrapper(&self) -> bool {
match self {
Self::Api { message, body, .. } => {
message
.as_deref()
.is_some_and(looks_like_generic_fatal_wrapper)
|| looks_like_generic_fatal_wrapper(body)
}
Self::RetriesExhausted { last_error, .. } => last_error.is_generic_fatal_wrapper(),
Self::MissingCredentials { .. }
| Self::ContextWindowExceeded { .. }
| Self::ExpiredOAuthToken
| Self::Auth(_)
| Self::InvalidApiKeyEnv(_)
| Self::Http(_)
| Self::Io(_)
fix(api): enrich JSON parse errors with response body, provider, and model Raw 'json_error: no field X' now includes truncated response body, provider name, and model ID for debugging context.
2026-04-07 14:21:52 +09:00
| Self::Json { .. }
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
| Self::InvalidSseFrame(_)
US-021: Add request body size pre-flight check for OpenAI-compatible provider
2026-04-16 17:41:57 +00:00
| Self::BackoffOverflow { .. }
| Self::RequestBodySizeExceeded { .. } => false,
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
}
}
Turn oversized-context failures into recovery guidance Dogfood showed oversized requests still surfacing as raw hard errors, even when claw could tell the user exactly how to recover. This keeps context-window failures classified, recognizes the same failure when it comes back from a provider response, and renders recovery steps that point operators at the existing compaction and fresh-session paths instead of a provider-style dump. Constraint: Keep the failure class explicit so automation and operators can still distinguish context-window exhaustion from generic provider failures Constraint: Reuse existing /compact and session-reset UX instead of inventing a new recovery workflow Rejected: Auto-run compaction on failure | mutates session state on an error path the user may want to inspect first Rejected: Only prettify local preflight failures | provider-returned context-window errors would still leak raw failure text Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep provider-side context-window detection aligned with real oversized-request messages before broadening the marker list Tested: cargo fmt --all --check Tested: cargo test -p api Tested: cargo test -p rusty-claude-cli Tested: cargo clippy -p api -p rusty-claude-cli --all-targets -- -D warnings Not-tested: cargo test --workspace
2026-04-06 05:37:58 +00:00
#[must_use]
pub fn is_context_window_failure(&self) -> bool {
match self {
Self::ContextWindowExceeded { .. } => true,
Self::Api {
status,
message,
body,
..
} => {
matches!(status.as_u16(), 400 | 413 | 422)
&& (message
.as_deref()
.is_some_and(looks_like_context_window_error)
|| looks_like_context_window_error(body))
}
Self::RetriesExhausted { last_error, .. } => last_error.is_context_window_failure(),
Self::MissingCredentials { .. }
| Self::ExpiredOAuthToken
| Self::Auth(_)
| Self::InvalidApiKeyEnv(_)
| Self::Http(_)
| Self::Io(_)
fix(api): enrich JSON parse errors with response body, provider, and model Raw 'json_error: no field X' now includes truncated response body, provider name, and model ID for debugging context.
2026-04-07 14:21:52 +09:00
| Self::Json { .. }
Turn oversized-context failures into recovery guidance Dogfood showed oversized requests still surfacing as raw hard errors, even when claw could tell the user exactly how to recover. This keeps context-window failures classified, recognizes the same failure when it comes back from a provider response, and renders recovery steps that point operators at the existing compaction and fresh-session paths instead of a provider-style dump. Constraint: Keep the failure class explicit so automation and operators can still distinguish context-window exhaustion from generic provider failures Constraint: Reuse existing /compact and session-reset UX instead of inventing a new recovery workflow Rejected: Auto-run compaction on failure | mutates session state on an error path the user may want to inspect first Rejected: Only prettify local preflight failures | provider-returned context-window errors would still leak raw failure text Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep provider-side context-window detection aligned with real oversized-request messages before broadening the marker list Tested: cargo fmt --all --check Tested: cargo test -p api Tested: cargo test -p rusty-claude-cli Tested: cargo clippy -p api -p rusty-claude-cli --all-targets -- -D warnings Not-tested: cargo test --workspace
2026-04-06 05:37:58 +00:00
| Self::InvalidSseFrame(_)
US-021: Add request body size pre-flight check for OpenAI-compatible provider
2026-04-16 17:41:57 +00:00
| Self::BackoffOverflow { .. }
| Self::RequestBodySizeExceeded { .. } => false,
Turn oversized-context failures into recovery guidance Dogfood showed oversized requests still surfacing as raw hard errors, even when claw could tell the user exactly how to recover. This keeps context-window failures classified, recognizes the same failure when it comes back from a provider response, and renders recovery steps that point operators at the existing compaction and fresh-session paths instead of a provider-style dump. Constraint: Keep the failure class explicit so automation and operators can still distinguish context-window exhaustion from generic provider failures Constraint: Reuse existing /compact and session-reset UX instead of inventing a new recovery workflow Rejected: Auto-run compaction on failure | mutates session state on an error path the user may want to inspect first Rejected: Only prettify local preflight failures | provider-returned context-window errors would still leak raw failure text Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep provider-side context-window detection aligned with real oversized-request messages before broadening the marker list Tested: cargo fmt --all --check Tested: cargo test -p api Tested: cargo test -p rusty-claude-cli Tested: cargo clippy -p api -p rusty-claude-cli --all-targets -- -D warnings Not-tested: cargo test --workspace
2026-04-06 05:37:58 +00:00
}
}
feat: Rust port of Claw Code CLI Crates: - api: Anthropic Messages API client with SSE streaming - tools: compatible tool implementations (Bash, Read, Write, Edit, Glob, Grep + extended suite) - runtime: conversation loop, session persistence, permissions, system prompt builder - claw-cli: terminal UI with markdown rendering, syntax highlighting, spinners - commands: subcommand definitions - compat-harness: upstream TS parity verification All crates pass cargo fmt/clippy/test.
2026-03-31 17:43:09 +00:00
}
impl Display for ApiError {
Implement US-022: Enhanced error context for API failures Add structured error context to API failures: - Request ID tracking across retries with full context in error messages - Provider-specific error code mapping with actionable suggestions - Suggested user actions for common error types (401, 403, 413, 429, 500, 502-504) - Added suggested_action field to ApiError::Api variant - Updated enrich_bearer_auth_error to preserve suggested_action Files changed: - rust/crates/api/src/error.rs: Add suggested_action field, update Display - rust/crates/api/src/providers/openai_compat.rs: Add suggested_action_for_status() - rust/crates/api/src/providers/anthropic.rs: Update error handling All tests pass, clippy clean. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-16 19:15:00 +00:00
#[allow(clippy::too_many_lines)]
feat: Rust port of Claw Code CLI Crates: - api: Anthropic Messages API client with SSE streaming - tools: compatible tool implementations (Bash, Read, Write, Edit, Glob, Grep + extended suite) - runtime: conversation loop, session persistence, permissions, system prompt builder - claw-cli: terminal UI with markdown rendering, syntax highlighting, spinners - commands: subcommand definitions - compat-harness: upstream TS parity verification All crates pass cargo fmt/clippy/test.
2026-03-31 17:43:09 +00:00
fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
match self {
fix(api): auth-provider error copy — prefix-routing hints + sk-ant-* bearer detection — closes ROADMAP #28 Two live users in #claw-code on 2026-04-08 hit adjacent auth confusion: varleg set OPENAI_API_KEY for OpenRouter but prefix routing didn't activate without openai/ model prefix, and stanley078852 put sk-ant-* in ANTHROPIC_AUTH_TOKEN (Bearer path) instead of ANTHROPIC_API_KEY (x-api-key path) and got 401 Invalid bearer token. Changes: 1. ApiError::MissingCredentials gained optional hint field (error.rs) 2. anthropic_missing_credentials_hint() sniffs OPENAI/XAI/DASHSCOPE env vars and suggests prefix routing when present (providers/mod.rs) 3. All 4 Anthropic auth paths wire the hint helper (anthropic.rs) 4. 401 + sk-ant-* in bearer token detected and hint appended 5. 'Which env var goes where' section added to USAGE.md Tests: unit tests for all three improvements (no HTTP calls needed). Workspace: all tests green, fmt clean, clippy warnings-only. Source: live users varleg + stanley078852 in #claw-code 2026-04-08. Co-authored-by: gaebal-gajae <gaebal-gajae@layofflabs.com>
2026-04-08 16:29:03 +09:00
Self::MissingCredentials {
provider,
env_vars,
hint,
} => {
fix(api): Windows env hint + .env file loading fallback When API key missing on Windows, hint about setx. Load .env from CWD as fallback with simple key=value parser.
2026-04-07 14:21:53 +09:00
write!(
f,
"missing {provider} credentials; export {} before calling the {provider} API",
env_vars.join(" or ")
)?;
if cfg!(target_os = "windows") {
if let Some(primary) = env_vars.first() {
write!(
f,
" (on Windows, environment variables set in PowerShell only persist for the current session; use `setx {primary} <value>` to make it permanent, then open a new terminal, or place a `.env` file containing `{primary}=<value>` in the current working directory)"
)?;
} else {
write!(
f,
" (on Windows, environment variables set in PowerShell only persist for the current session; use `setx` to make them permanent, then open a new terminal, or place a `.env` file in the current working directory)"
)?;
}
}
fix(api): auth-provider error copy — prefix-routing hints + sk-ant-* bearer detection — closes ROADMAP #28 Two live users in #claw-code on 2026-04-08 hit adjacent auth confusion: varleg set OPENAI_API_KEY for OpenRouter but prefix routing didn't activate without openai/ model prefix, and stanley078852 put sk-ant-* in ANTHROPIC_AUTH_TOKEN (Bearer path) instead of ANTHROPIC_API_KEY (x-api-key path) and got 401 Invalid bearer token. Changes: 1. ApiError::MissingCredentials gained optional hint field (error.rs) 2. anthropic_missing_credentials_hint() sniffs OPENAI/XAI/DASHSCOPE env vars and suggests prefix routing when present (providers/mod.rs) 3. All 4 Anthropic auth paths wire the hint helper (anthropic.rs) 4. 401 + sk-ant-* in bearer token detected and hint appended 5. 'Which env var goes where' section added to USAGE.md Tests: unit tests for all three improvements (no HTTP calls needed). Workspace: all tests green, fmt clean, clippy warnings-only. Source: live users varleg + stanley078852 in #claw-code 2026-04-08. Co-authored-by: gaebal-gajae <gaebal-gajae@layofflabs.com>
2026-04-08 16:29:03 +09:00
if let Some(hint) = hint {
write!(f, " — hint: {hint}")?;
}
fix(api): Windows env hint + .env file loading fallback When API key missing on Windows, hint about setx. Load .env from CWD as fallback with simple key=value parser.
2026-04-07 14:21:53 +09:00
Ok(())
}
Block oversized requests before providers hard-fail The runtime already tracked rough token estimates for compaction, but provider-bound requests still relied on naive model output limits and could be sent upstream even when the selected model could not fit the estimated prompt plus requested output. This adds a small model token/context registry in the API layer, estimates request size from the serialized prompt payload, and fails locally with a dedicated context-window error before Anthropic or xAI calls are made. Focused integration coverage asserts the preflight fires before any HTTP request leaves the process. Constraint: Keep the first pass minimal and reusable across both Anthropic and OpenAI-compatible providers Rejected: Auto-compact-and-retry in the same patch | broader control-flow change than the requested minimal preflight Confidence: medium Scope-risk: narrow Reversibility: clean Directive: Expand the model registry before enabling preflight for additional providers or aliases Tested: cargo build -p api -p tools -p rusty-claude-cli; cargo test -p api Not-tested: End-to-end CLI auto-compaction or retry behavior after a local context_window_blocked failure
2026-04-05 16:39:58 +00:00
Self::ContextWindowExceeded {
model,
estimated_input_tokens,
requested_output_tokens,
estimated_total_tokens,
context_window_tokens,
} => write!(
f,
"context_window_blocked for {model}: estimated input {estimated_input_tokens} + requested output {requested_output_tokens} = {estimated_total_tokens} tokens exceeds the {context_window_tokens}-token context window; compact the session or reduce request size before retrying"
),
Enable OAuth login without requiring API keys This adds an end-to-end OAuth PKCE login/logout path to the Rust CLI, persists OAuth credentials under the config home, and teaches the API client to use persisted bearer credentials with refresh support when env-based API credentials are absent. Constraint: Reuse existing runtime OAuth primitives and keep browser/callback orchestration in the CLI Constraint: Preserve auth precedence as API key, then auth-token env, then persisted OAuth credentials Rejected: Put browser launch and token exchange entirely in runtime | caused boundary creep across shared crates Rejected: Duplicate credential parsing in CLI and api | increased drift and refresh inconsistency Confidence: medium Scope-risk: moderate Reversibility: clean Directive: Keep logout non-destructive to unrelated credentials.json fields and do not silently fall back to stale expired tokens Tested: cargo fmt; cargo clippy --workspace --all-targets -- -D warnings; cargo test Not-tested: Manual live Anthropic OAuth browser flow against real authorize/token endpoints
2026-03-31 23:38:05 +00:00
Self::ExpiredOAuthToken => {
write!(
f,
"saved OAuth token is expired and no refresh token is available"
)
}
Self::Auth(message) => write!(f, "auth error: {message}"),
feat: Rust port of Claw Code CLI Crates: - api: Anthropic Messages API client with SSE streaming - tools: compatible tool implementations (Bash, Read, Write, Edit, Glob, Grep + extended suite) - runtime: conversation loop, session persistence, permissions, system prompt builder - claw-cli: terminal UI with markdown rendering, syntax highlighting, spinners - commands: subcommand definitions - compat-harness: upstream TS parity verification All crates pass cargo fmt/clippy/test.
2026-03-31 17:43:09 +00:00
Self::InvalidApiKeyEnv(error) => {
auto: save WIP progress from rcc session
2026-04-01 04:01:37 +00:00
write!(f, "failed to read credential environment variable: {error}")
feat: Rust port of Claw Code CLI Crates: - api: Anthropic Messages API client with SSE streaming - tools: compatible tool implementations (Bash, Read, Write, Edit, Glob, Grep + extended suite) - runtime: conversation loop, session persistence, permissions, system prompt builder - claw-cli: terminal UI with markdown rendering, syntax highlighting, spinners - commands: subcommand definitions - compat-harness: upstream TS parity verification All crates pass cargo fmt/clippy/test.
2026-03-31 17:43:09 +00:00
}
Self::Http(error) => write!(f, "http error: {error}"),
Self::Io(error) => write!(f, "io error: {error}"),
fix(api): enrich JSON parse errors with response body, provider, and model Raw 'json_error: no field X' now includes truncated response body, provider name, and model ID for debugging context.
2026-04-07 14:21:52 +09:00
Self::Json {
provider,
model,
body_snippet,
source,
} => write!(
f,
"failed to parse {provider} response for model {model}: {source}; first 200 chars of body: {body_snippet}"
),
feat: merge 2nd round from all rcc/* sessions - api: tool_use parsing, message_delta, request_id tracking, retry logic - tools: extended tool suite (WebSearch, WebFetch, Agent, etc.) - cli: live streamed conversations, session restore, compact commands - runtime: config loading, system prompt builder, token usage, compaction
2026-03-31 17:43:25 +00:00
Self::Api {
status,
error_type,
message,
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
request_id,
feat: merge 2nd round from all rcc/* sessions - api: tool_use parsing, message_delta, request_id tracking, retry logic - tools: extended tool suite (WebSearch, WebFetch, Agent, etc.) - cli: live streamed conversations, session restore, compact commands - runtime: config loading, system prompt builder, token usage, compaction
2026-03-31 17:43:25 +00:00
body,
..
Fix retry exhaustion failure classification
2026-04-06 01:08:23 +00:00
} => {
if let (Some(error_type), Some(message)) = (error_type, message) {
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
write!(f, "api returned {status} ({error_type})")?;
if let Some(request_id) = request_id {
write!(f, " [trace {request_id}]")?;
}
write!(f, ": {message}")
Fix retry exhaustion failure classification
2026-04-06 01:08:23 +00:00
} else {
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
write!(f, "api returned {status}")?;
if let Some(request_id) = request_id {
write!(f, " [trace {request_id}]")?;
}
write!(f, ": {body}")
feat: merge 2nd round from all rcc/* sessions - api: tool_use parsing, message_delta, request_id tracking, retry logic - tools: extended tool suite (WebSearch, WebFetch, Agent, etc.) - cli: live streamed conversations, session restore, compact commands - runtime: config loading, system prompt builder, token usage, compaction
2026-03-31 17:43:25 +00:00
}
Fix retry exhaustion failure classification
2026-04-06 01:08:23 +00:00
}
feat: merge 2nd round from all rcc/* sessions - api: tool_use parsing, message_delta, request_id tracking, retry logic - tools: extended tool suite (WebSearch, WebFetch, Agent, etc.) - cli: live streamed conversations, session restore, compact commands - runtime: config loading, system prompt builder, token usage, compaction
2026-03-31 17:43:25 +00:00
Self::RetriesExhausted {
attempts,
last_error,
auto: save WIP progress from rcc session
2026-04-01 04:01:37 +00:00
} => write!(f, "api failed after {attempts} attempts: {last_error}"),
feat: Rust port of Claw Code CLI Crates: - api: Anthropic Messages API client with SSE streaming - tools: compatible tool implementations (Bash, Read, Write, Edit, Glob, Grep + extended suite) - runtime: conversation loop, session persistence, permissions, system prompt builder - claw-cli: terminal UI with markdown rendering, syntax highlighting, spinners - commands: subcommand definitions - compat-harness: upstream TS parity verification All crates pass cargo fmt/clippy/test.
2026-03-31 17:43:09 +00:00
Self::InvalidSseFrame(message) => write!(f, "invalid sse frame: {message}"),
feat: merge 2nd round from all rcc/* sessions - api: tool_use parsing, message_delta, request_id tracking, retry logic - tools: extended tool suite (WebSearch, WebFetch, Agent, etc.) - cli: live streamed conversations, session restore, compact commands - runtime: config loading, system prompt builder, token usage, compaction
2026-03-31 17:43:25 +00:00
Self::BackoffOverflow {
attempt,
base_delay,
} => write!(
f,
"retry backoff overflowed on attempt {attempt} with base delay {base_delay:?}"
),
US-021: Add request body size pre-flight check for OpenAI-compatible provider
2026-04-16 17:41:57 +00:00
Self::RequestBodySizeExceeded {
estimated_bytes,
max_bytes,
provider,
} => write!(
f,
Implement US-022: Enhanced error context for API failures Add structured error context to API failures: - Request ID tracking across retries with full context in error messages - Provider-specific error code mapping with actionable suggestions - Suggested user actions for common error types (401, 403, 413, 429, 500, 502-504) - Added suggested_action field to ApiError::Api variant - Updated enrich_bearer_auth_error to preserve suggested_action Files changed: - rust/crates/api/src/error.rs: Add suggested_action field, update Display - rust/crates/api/src/providers/openai_compat.rs: Add suggested_action_for_status() - rust/crates/api/src/providers/anthropic.rs: Update error handling All tests pass, clippy clean. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-16 19:15:00 +00:00
"request body size ({estimated_bytes} bytes) exceeds {provider} limit ({max_bytes} bytes); reduce prompt length or context before retrying"
US-021: Add request body size pre-flight check for OpenAI-compatible provider
2026-04-16 17:41:57 +00:00
),
feat: Rust port of Claw Code CLI Crates: - api: Anthropic Messages API client with SSE streaming - tools: compatible tool implementations (Bash, Read, Write, Edit, Glob, Grep + extended suite) - runtime: conversation loop, session persistence, permissions, system prompt builder - claw-cli: terminal UI with markdown rendering, syntax highlighting, spinners - commands: subcommand definitions - compat-harness: upstream TS parity verification All crates pass cargo fmt/clippy/test.
2026-03-31 17:43:09 +00:00
}
}
}
impl std::error::Error for ApiError {}
impl From<reqwest::Error> for ApiError {
fn from(value: reqwest::Error) -> Self {
Self::Http(value)
}
}
impl From<std::io::Error> for ApiError {
fn from(value: std::io::Error) -> Self {
Self::Io(value)
}
}
impl From<serde_json::Error> for ApiError {
fn from(value: serde_json::Error) -> Self {
fix(api): enrich JSON parse errors with response body, provider, and model Raw 'json_error: no field X' now includes truncated response body, provider name, and model ID for debugging context.
2026-04-07 14:21:52 +09:00
Self::Json {
provider: "unknown".to_string(),
model: "unknown".to_string(),
body_snippet: String::new(),
source: value,
}
feat: Rust port of Claw Code CLI Crates: - api: Anthropic Messages API client with SSE streaming - tools: compatible tool implementations (Bash, Read, Write, Edit, Glob, Grep + extended suite) - runtime: conversation loop, session persistence, permissions, system prompt builder - claw-cli: terminal UI with markdown rendering, syntax highlighting, spinners - commands: subcommand definitions - compat-harness: upstream TS parity verification All crates pass cargo fmt/clippy/test.
2026-03-31 17:43:09 +00:00
}
}
impl From<VarError> for ApiError {
fn from(value: VarError) -> Self {
Self::InvalidApiKeyEnv(value)
}
}
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
fn looks_like_generic_fatal_wrapper(text: &str) -> bool {
let lowered = text.to_ascii_lowercase();
GENERIC_FATAL_WRAPPER_MARKERS
.iter()
.any(|marker| lowered.contains(marker))
}
Turn oversized-context failures into recovery guidance Dogfood showed oversized requests still surfacing as raw hard errors, even when claw could tell the user exactly how to recover. This keeps context-window failures classified, recognizes the same failure when it comes back from a provider response, and renders recovery steps that point operators at the existing compaction and fresh-session paths instead of a provider-style dump. Constraint: Keep the failure class explicit so automation and operators can still distinguish context-window exhaustion from generic provider failures Constraint: Reuse existing /compact and session-reset UX instead of inventing a new recovery workflow Rejected: Auto-run compaction on failure | mutates session state on an error path the user may want to inspect first Rejected: Only prettify local preflight failures | provider-returned context-window errors would still leak raw failure text Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep provider-side context-window detection aligned with real oversized-request messages before broadening the marker list Tested: cargo fmt --all --check Tested: cargo test -p api Tested: cargo test -p rusty-claude-cli Tested: cargo clippy -p api -p rusty-claude-cli --all-targets -- -D warnings Not-tested: cargo test --workspace
2026-04-06 05:37:58 +00:00
fn looks_like_context_window_error(text: &str) -> bool {
let lowered = text.to_ascii_lowercase();
CONTEXT_WINDOW_ERROR_MARKERS
.iter()
.any(|marker| lowered.contains(marker))
}
fix(api): enrich JSON parse errors with response body, provider, and model Raw 'json_error: no field X' now includes truncated response body, provider name, and model ID for debugging context.
2026-04-07 14:21:52 +09:00
/// Truncate `body` so the resulting snippet contains at most `max_chars`
/// characters (counted by Unicode scalar values, not bytes), preserving the
/// leading slice of the body that the caller most often needs to inspect.
fn truncate_body_snippet(body: &str, max_chars: usize) -> String {
let mut taken_chars = 0;
let mut byte_end = 0;
for (offset, character) in body.char_indices() {
if taken_chars >= max_chars {
break;
}
taken_chars += 1;
byte_end = offset + character.len_utf8();
}
if taken_chars >= max_chars && byte_end < body.len() {
format!("{}", &body[..byte_end])
} else {
body[..byte_end].to_string()
}
}
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
#[cfg(test)]
mod tests {
fix(api): enrich JSON parse errors with response body, provider, and model Raw 'json_error: no field X' now includes truncated response body, provider name, and model ID for debugging context.
2026-04-07 14:21:52 +09:00
use super::{truncate_body_snippet, ApiError};
#[test]
fn json_deserialize_error_includes_provider_model_and_truncated_body_snippet() {
let raw_body = format!("{}{}", "x".repeat(190), "_TAIL_PAST_200_CHARS_MARKER_");
let source = serde_json::from_str::<serde_json::Value>("{not json")
.expect_err("invalid json should fail to parse");
let error = ApiError::json_deserialize("Anthropic", "claude-opus-4-6", &raw_body, source);
let rendered = error.to_string();
assert!(
rendered.starts_with("failed to parse Anthropic response for model claude-opus-4-6: "),
"rendered error should lead with provider and model: {rendered}"
);
assert!(
rendered.contains("first 200 chars of body: "),
"rendered error should label the body snippet: {rendered}"
);
let snippet = rendered
.split("first 200 chars of body: ")
.nth(1)
.expect("snippet section should be present");
assert!(
snippet.starts_with(&"x".repeat(190)),
"snippet should preserve the leading characters of the body: {snippet}"
);
assert!(
snippet.ends_with('…'),
"snippet should signal truncation with an ellipsis: {snippet}"
);
assert!(
!snippet.contains("_TAIL_PAST_200_CHARS_MARKER_"),
"snippet should drop characters past the 200-char cap: {snippet}"
);
assert_eq!(error.safe_failure_class(), "runtime_io");
assert_eq!(error.request_id(), None);
assert!(!error.is_retryable());
}
#[test]
fn truncate_body_snippet_keeps_short_bodies_intact() {
assert_eq!(truncate_body_snippet("hello", 200), "hello");
assert_eq!(truncate_body_snippet("", 200), "");
}
#[test]
fn truncate_body_snippet_caps_long_bodies_at_max_chars() {
let body = "a".repeat(250);
let snippet = truncate_body_snippet(&body, 200);
assert_eq!(snippet.chars().count(), 201, "200 chars + ellipsis");
assert!(snippet.ends_with('…'));
assert!(snippet.starts_with(&"a".repeat(200)));
}
#[test]
fn truncate_body_snippet_does_not_split_multibyte_characters() {
let body = "한글한글한글한글한글한글";
let snippet = truncate_body_snippet(body, 4);
assert_eq!(snippet, "한글한글…");
}
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
#[test]
fn detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal() {
let error = ApiError::Api {
status: reqwest::StatusCode::INTERNAL_SERVER_ERROR,
error_type: Some("api_error".to_string()),
message: Some(
"Something went wrong while processing your request. Please try again, or use /new to start a fresh session."
.to_string(),
),
request_id: Some("req_jobdori_123".to_string()),
body: String::new(),
retryable: true,
Implement US-022: Enhanced error context for API failures Add structured error context to API failures: - Request ID tracking across retries with full context in error messages - Provider-specific error code mapping with actionable suggestions - Suggested user actions for common error types (401, 403, 413, 429, 500, 502-504) - Added suggested_action field to ApiError::Api variant - Updated enrich_bearer_auth_error to preserve suggested_action Files changed: - rust/crates/api/src/error.rs: Add suggested_action field, update Display - rust/crates/api/src/providers/openai_compat.rs: Add suggested_action_for_status() - rust/crates/api/src/providers/anthropic.rs: Update error handling All tests pass, clippy clean. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-16 19:15:00 +00:00
suggested_action: None,
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
};
assert!(error.is_generic_fatal_wrapper());
assert_eq!(error.safe_failure_class(), "provider_internal");
assert_eq!(error.request_id(), Some("req_jobdori_123"));
assert!(error.to_string().contains("[trace req_jobdori_123]"));
}
#[test]
fn retries_exhausted_preserves_nested_request_id_and_failure_class() {
let error = ApiError::RetriesExhausted {
attempts: 3,
last_error: Box::new(ApiError::Api {
status: reqwest::StatusCode::BAD_GATEWAY,
error_type: Some("api_error".to_string()),
message: Some(
"Something went wrong while processing your request. Please try again, or use /new to start a fresh session."
.to_string(),
),
request_id: Some("req_nested_456".to_string()),
body: String::new(),
retryable: true,
Implement US-022: Enhanced error context for API failures Add structured error context to API failures: - Request ID tracking across retries with full context in error messages - Provider-specific error code mapping with actionable suggestions - Suggested user actions for common error types (401, 403, 413, 429, 500, 502-504) - Added suggested_action field to ApiError::Api variant - Updated enrich_bearer_auth_error to preserve suggested_action Files changed: - rust/crates/api/src/error.rs: Add suggested_action field, update Display - rust/crates/api/src/providers/openai_compat.rs: Add suggested_action_for_status() - rust/crates/api/src/providers/anthropic.rs: Update error handling All tests pass, clippy clean. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-16 19:15:00 +00:00
suggested_action: None,
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
}),
};
assert!(error.is_generic_fatal_wrapper());
Fix retry exhaustion failure classification
2026-04-06 01:08:23 +00:00
assert_eq!(error.safe_failure_class(), "provider_retry_exhausted");
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
assert_eq!(error.request_id(), Some("req_nested_456"));
}
Turn oversized-context failures into recovery guidance Dogfood showed oversized requests still surfacing as raw hard errors, even when claw could tell the user exactly how to recover. This keeps context-window failures classified, recognizes the same failure when it comes back from a provider response, and renders recovery steps that point operators at the existing compaction and fresh-session paths instead of a provider-style dump. Constraint: Keep the failure class explicit so automation and operators can still distinguish context-window exhaustion from generic provider failures Constraint: Reuse existing /compact and session-reset UX instead of inventing a new recovery workflow Rejected: Auto-run compaction on failure | mutates session state on an error path the user may want to inspect first Rejected: Only prettify local preflight failures | provider-returned context-window errors would still leak raw failure text Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep provider-side context-window detection aligned with real oversized-request messages before broadening the marker list Tested: cargo fmt --all --check Tested: cargo test -p api Tested: cargo test -p rusty-claude-cli Tested: cargo clippy -p api -p rusty-claude-cli --all-targets -- -D warnings Not-tested: cargo test --workspace
2026-04-06 05:37:58 +00:00
#[test]
fn classifies_provider_context_window_errors() {
let error = ApiError::Api {
status: reqwest::StatusCode::BAD_REQUEST,
error_type: Some("invalid_request_error".to_string()),
message: Some(
"This model's maximum context length is 200000 tokens, but your request used 230000 tokens."
.to_string(),
),
request_id: Some("req_ctx_123".to_string()),
body: String::new(),
retryable: false,
Implement US-022: Enhanced error context for API failures Add structured error context to API failures: - Request ID tracking across retries with full context in error messages - Provider-specific error code mapping with actionable suggestions - Suggested user actions for common error types (401, 403, 413, 429, 500, 502-504) - Added suggested_action field to ApiError::Api variant - Updated enrich_bearer_auth_error to preserve suggested_action Files changed: - rust/crates/api/src/error.rs: Add suggested_action field, update Display - rust/crates/api/src/providers/openai_compat.rs: Add suggested_action_for_status() - rust/crates/api/src/providers/anthropic.rs: Update error handling All tests pass, clippy clean. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-16 19:15:00 +00:00
suggested_action: None,
Turn oversized-context failures into recovery guidance Dogfood showed oversized requests still surfacing as raw hard errors, even when claw could tell the user exactly how to recover. This keeps context-window failures classified, recognizes the same failure when it comes back from a provider response, and renders recovery steps that point operators at the existing compaction and fresh-session paths instead of a provider-style dump. Constraint: Keep the failure class explicit so automation and operators can still distinguish context-window exhaustion from generic provider failures Constraint: Reuse existing /compact and session-reset UX instead of inventing a new recovery workflow Rejected: Auto-run compaction on failure | mutates session state on an error path the user may want to inspect first Rejected: Only prettify local preflight failures | provider-returned context-window errors would still leak raw failure text Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep provider-side context-window detection aligned with real oversized-request messages before broadening the marker list Tested: cargo fmt --all --check Tested: cargo test -p api Tested: cargo test -p rusty-claude-cli Tested: cargo clippy -p api -p rusty-claude-cli --all-targets -- -D warnings Not-tested: cargo test --workspace
2026-04-06 05:37:58 +00:00
};
assert!(error.is_context_window_failure());
assert_eq!(error.safe_failure_class(), "context_window");
assert_eq!(error.request_id(), Some("req_ctx_123"));
Handle OpenAI token-limit errors as context-window failures
2026-05-03 18:44:03 +02:00
}
#[test]
fn classifies_openai_configured_limit_errors_as_context_window_failures() {
let error = ApiError::Api {
status: reqwest::StatusCode::BAD_REQUEST,
error_type: Some("invalid_request_error".to_string()),
message: Some(
"Input tokens exceed the configured limit of 922000 tokens. Your messages resulted in 1860900 tokens. Please reduce the length of the messages."
.to_string(),
),
request_id: Some("req_ctx_openai_123".to_string()),
body: String::new(),
retryable: false,
suggested_action: None,
};
assert!(error.is_context_window_failure());
assert_eq!(error.safe_failure_class(), "context_window");
assert_eq!(error.request_id(), Some("req_ctx_openai_123"));
Turn oversized-context failures into recovery guidance Dogfood showed oversized requests still surfacing as raw hard errors, even when claw could tell the user exactly how to recover. This keeps context-window failures classified, recognizes the same failure when it comes back from a provider response, and renders recovery steps that point operators at the existing compaction and fresh-session paths instead of a provider-style dump. Constraint: Keep the failure class explicit so automation and operators can still distinguish context-window exhaustion from generic provider failures Constraint: Reuse existing /compact and session-reset UX instead of inventing a new recovery workflow Rejected: Auto-run compaction on failure | mutates session state on an error path the user may want to inspect first Rejected: Only prettify local preflight failures | provider-returned context-window errors would still leak raw failure text Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep provider-side context-window detection aligned with real oversized-request messages before broadening the marker list Tested: cargo fmt --all --check Tested: cargo test -p api Tested: cargo test -p rusty-claude-cli Tested: cargo clippy -p api -p rusty-claude-cli --all-targets -- -D warnings Not-tested: cargo test --workspace
2026-04-06 05:37:58 +00:00
}
fix(api): auth-provider error copy — prefix-routing hints + sk-ant-* bearer detection — closes ROADMAP #28 Two live users in #claw-code on 2026-04-08 hit adjacent auth confusion: varleg set OPENAI_API_KEY for OpenRouter but prefix routing didn't activate without openai/ model prefix, and stanley078852 put sk-ant-* in ANTHROPIC_AUTH_TOKEN (Bearer path) instead of ANTHROPIC_API_KEY (x-api-key path) and got 401 Invalid bearer token. Changes: 1. ApiError::MissingCredentials gained optional hint field (error.rs) 2. anthropic_missing_credentials_hint() sniffs OPENAI/XAI/DASHSCOPE env vars and suggests prefix routing when present (providers/mod.rs) 3. All 4 Anthropic auth paths wire the hint helper (anthropic.rs) 4. 401 + sk-ant-* in bearer token detected and hint appended 5. 'Which env var goes where' section added to USAGE.md Tests: unit tests for all three improvements (no HTTP calls needed). Workspace: all tests green, fmt clean, clippy warnings-only. Source: live users varleg + stanley078852 in #claw-code 2026-04-08. Co-authored-by: gaebal-gajae <gaebal-gajae@layofflabs.com>
2026-04-08 16:29:03 +09:00
#[test]
fn missing_credentials_without_hint_renders_the_canonical_message() {
// given
let error = ApiError::missing_credentials(
"Anthropic",
&["ANTHROPIC_AUTH_TOKEN", "ANTHROPIC_API_KEY"],
);
// when
let rendered = error.to_string();
// then
assert!(
rendered.starts_with(
"missing Anthropic credentials; export ANTHROPIC_AUTH_TOKEN or ANTHROPIC_API_KEY before calling the Anthropic API"
),
"rendered error should lead with the canonical missing-credential message: {rendered}"
);
assert!(
!rendered.contains(" — hint: "),
"no hint should be appended when none is supplied: {rendered}"
);
}
#[test]
fn missing_credentials_with_hint_appends_the_hint_after_base_message() {
// given
let error = ApiError::missing_credentials_with_hint(
"Anthropic",
&["ANTHROPIC_AUTH_TOKEN", "ANTHROPIC_API_KEY"],
"I see OPENAI_API_KEY is set — if you meant to use the OpenAI-compat provider, prefix your model name with `openai/` so prefix routing selects it.",
);
// when
let rendered = error.to_string();
// then
assert!(
rendered.starts_with("missing Anthropic credentials;"),
"hint should be appended, not replace the base message: {rendered}"
);
let hint_marker = " — hint: I see OPENAI_API_KEY is set — if you meant to use the OpenAI-compat provider, prefix your model name with `openai/` so prefix routing selects it.";
assert!(
rendered.ends_with(hint_marker),
"rendered error should end with the hint: {rendered}"
);
// Classification semantics are unaffected by the presence of a hint.
assert_eq!(error.safe_failure_class(), "provider_auth");
assert!(!error.is_retryable());
assert_eq!(error.request_id(), None);
}
Expose actionable ids for opaque provider failures Issue #22 was triggered by generic upstream fatal wrappers that only surfaced 'Something went wrong', which left repeated Jobdori-style failures opaque in the CLI. Capture provider request ids on error responses, classify the known generic wrapper as provider_internal, and prefix the user-visible runtime error with the failure class plus session/trace identifiers so operators can correlate the failure quickly. Constraint: Keep the fix small and user-safe without redesigning the broader runtime error taxonomy Constraint: Preserve existing non-generic error text unless the wrapper is the known opaque fatal surface Rejected: Broadly rewriting every runtime error into classified envelopes | unnecessary scope expansion for issue #22 Confidence: high Scope-risk: narrow Reversibility: clean Directive: If more opaque wrappers appear, extend the marker list and classification helper rather than reintroducing raw wrapper text alone Tested: cargo test -p api detects_generic_fatal_wrapper_and_classifies_it_as_provider_internal -- --nocapture; cargo test -p api retries_exhausted_preserves_nested_request_id_and_failure_class -- --nocapture; cargo test -p rusty-claude-cli opaque_provider_wrapper_surfaces_failure_class_session_and_trace -- --nocapture; cargo test -p rusty-claude-cli retry_exhaustion_preserves_internal_failure_class_for_generic_provider_wrapper -- --nocapture; cargo test --workspace Not-tested: Live upstream reproduction of the Jobdori failure against a real provider session
2026-04-06 00:10:24 +00:00
}
Reference in New Issue Copy Permalink