Improve DeepSeek detailed usage#2135
Conversation
|
Codex review: needs maintainer review before merge. Reviewed July 16, 2026, 10:44 PM ET / July 17, 2026, 02:44 UTC. Summary Reproducibility: not applicable. this is a feature PR. The supplied screenshots and described multi-profile local run demonstrate the added behavior rather than reproduce a broken established contract. Review metrics: 3 noteworthy metrics.
Root-cause cluster Members:
Proposal only: this assessment does not dispatch repair, suppress jobs, mutate sibling items, close, or merge anything. Merge readiness Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch. Rank-up moves:
Risk before merge
Maintainer options:
Next step before merge
Maintainer decision needed
Security Review detailsBest possible solution: Keep the documented API balance authoritative and make Platform enrichment optional, bounded, memory-only, and fail-closed to the active credential scope, with a clear profile re-selection path when legacy state cannot be associated safely. Do we have a high-confidence way to reproduce the issue? Not applicable; this is a feature PR. The supplied screenshots and described multi-profile local run demonstrate the added behavior rather than reproduce a broken established contract. Is this the best way to solve the issue? Yes. Keeping required API balance separate from optional, bounded, account-scoped Platform enrichment is the narrowest maintainable design, and failing closed is safer than guessing how legacy sessions map to credentials. AGENTS.md: found and applied where relevant. Codex review notes: model internal, reasoning high; reviewed against a264acaddab9. Label changesLabel changes:
Label justifications:
Evidence reviewedWhat I checked:
Likely related people:
What the crustacean ranks mean
Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics. How this review workflow works
Review history (7 earlier review cycles)
|
178b354 to
fc76f8a
Compare
fc76f8a to
f27decf
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 10b9a00c59
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| if let platformToken = DeepSeekSettingsReader.platformToken(environment: context.env) { | ||
| return try await operations.fetchUsage(apiKey, platformToken, true).toUsageSnapshot() | ||
| } |
There was a problem hiding this comment.
Require account scope for platform-token enrichment
When a legacy/saved DEEPSEEK_PLATFORM_TOKEN or cookieHeader is present, this branch bypasses the scoped Chrome-profile selection entirely and enriches whichever active API key was used for the balance with the same unscoped Platform token. For users with multiple DeepSeek token accounts, switching from Personal to Work changes the balance API key but can still render Personal detailed usage beside the Work balance, defeating the account-siloing added elsewhere for profile selections.
Useful? React with 👍 / 👎.
…ed-usage # Conflicts: # Sources/CodexBar/UsageStore+BackgroundRefresh.swift
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 489410645b
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| let profileSelection = DeepSeekSettingsReader.profileSelection( | ||
| environment: context.env, | ||
| selectedTokenAccountID: nil, | ||
| apiKey: nil) |
There was a problem hiding this comment.
Preserve account scope in web-mode profile lookup
When DeepSeek is forced to the web strategy while an API key or saved token account is active (for example, CLI --source web), this lookup always uses nil for both the selected account and API key. Profile choices are saved with DeepSeekSettingsReader.profileScope(selectedTokenAccountID:apiKey:) using the active key, so the stored scope will not match the browser-only scope here; with multiple valid Chrome profiles the fetch ignores the user's saved selection and returns profileSelectionRequired again. Pass the current account ID/API key into this profileSelection call as the API path does.
Useful? React with 👍 / 👎.
|
@clawsweeper re-review |
|
🦞🧹 I asked ClawSweeper to review this item again. Re-review progress:
|
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 5b88e65f87
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| if lookup.freshStatus == nil || candidate.id == selection.profileID { | ||
| candidatesToValidate.append(candidate) |
There was a problem hiding this comment.
Don't block selected profile on unrelated validation
When a profile is already selected and the validation cache has expired (or a new Chrome profile appears), this still adds every uncached profile to the same blocking validation batch. Since validate only returns after the whole task group drains, one slow or stuck unselected profile can make the API path hit its 5-second join grace and publish balance-only data even if the selected profile's detailed usage already succeeded. Consider prioritizing/returning the selected profile result independently from background catalog validation.
Useful? React with 👍 / 👎.
|
@clawsweeper re-review |
|
🦞👀 Command router queued. I will update this comment with the next step. |
|
@clawsweeper re-review |
|
🦞🧹 I asked ClawSweeper to review this item again. Re-review progress:
|
|
@clawsweeper re-review |
|
🦞🧹 I asked ClawSweeper to review this item again. Re-review progress:
|
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 0f7731294e
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| }, | ||
| set: { profileID in | ||
| guard !profileID.isEmpty else { return } | ||
| context.store.beginDeepSeekProfileTransition(preservingBalance: apiKey != nil) |
There was a problem hiding this comment.
Do not preserve web-profile balances across profile changes
When DeepSeek is forced to the web source while an API key or token account is still configured, apiKey != nil makes the transition preserve the old primary balance even though web-mode balances come from the selected Platform/Chrome profile, not from the API key. If the user switches from one Chrome profile to another and the refresh is slow or fails, the UI can keep showing the previous profile's balance under the new profile selection; use the active source/last source instead of API-key presence before preserving the balance.
Useful? React with 👍 / 👎.
|
@clawsweeper re-review |
|
🦞🧹 I asked ClawSweeper to review this item again. |
|
Merged as Verification:
Live DeepSeek Platform credentials were unavailable, so verification was source-level, stub/focused-test, and CI based; no live account probe was performed. Thanks @Zihao-Qi for the implementation, and @joeVenner for the rebase help from #2216. |
Summary
Why
DeepSeek's documented API exposes the account balance but not the detailed usage visible at
platform.deepseek.com/usage. The Platform dashboard uses private endpoints for that data.This change keeps the documented balance fetch authoritative and required. Platform usage is optional enrichment: failures, invalid sessions, and timeouts preserve the balance instead of failing the provider.
Compared with #1910
This builds on the same general idea of reading DeepSeek Platform usage, but uses a narrower and more defensive session path:
userTokenfrom live Chrome local storage instead of relying on cookies or persisting a manual browser tokenReference: #1910
Privacy and reliability
cookieHeadervalues are removed during config normalizationValidation
swift test --filter DeepSeek— 91 tests passedswift test --filter ProviderSettingsDescriptorTests— 34 tests passedmake check— passed with 0 lint violationsgit diff --check— passedUI verification
Validated locally with multiple Chrome profiles:
Refreshingwhile disabledScreenshots